22 #include <stringprep.h>
25 #define LIBRARY_DIR "."
42 const char *modules_path;
49 if (modules_path != NULL)
50 log_write(c2s->
log, LOG_NOTICE,
"modules search path: %s", modules_path);
52 log_write(c2s->
log, LOG_NOTICE,
"modules search path undefined, using default: "LIBRARY_DIR);
54 log_write(c2s->
log, LOG_INFO,
"loading '%s' authreg module", name);
56 if (modules_path != NULL)
57 snprintf(mod_fullpath,
PATH_MAX,
"%s/authreg_%s.so", modules_path, name);
59 snprintf(mod_fullpath,
PATH_MAX,
"%s/authreg_%s.so", LIBRARY_DIR, name);
60 handle = dlopen(mod_fullpath, RTLD_LAZY);
62 init_fn = dlsym(handle,
"ar_init");
64 if (modules_path != NULL)
65 snprintf(mod_fullpath,
PATH_MAX,
"%s\\authreg_%s.dll", modules_path, name);
67 snprintf(mod_fullpath,
PATH_MAX,
"authreg_%s.dll", name);
68 handle = (
void*) LoadLibrary(mod_fullpath);
73 if (handle != NULL && init_fn != NULL) {
74 log_debug(
ZONE,
"preloaded module '%s' (not initialized yet)", name);
77 log_write(c2s->
log, LOG_ERR,
"failed loading authreg module '%s' (%s)", name, dlerror());
81 log_write(c2s->
log, LOG_ERR,
"failed loading authreg module '%s' (errcode: %x)", name, GetLastError());
83 FreeLibrary((HMODULE) handle);
94 if((init_fn)(ar) != 0)
96 log_write(c2s->
log, LOG_ERR,
"failed to initialize auth module '%s'", name);
104 log_write(c2s->
log, LOG_ERR,
"auth module '%s' has no check for user existence", name);
110 log_write(c2s->
log, LOG_NOTICE,
"initialized auth module '%s'", name);
118 if(ar->
free != NULL) (ar->
free)(ar);
125 log_write(c2s->
log, LOG_NOTICE,
"[%d] %s authentication %s: %s@%s/%s %s:%d%s%s",
126 sess->
s->
tag, method, success ?
"succeeded" :
"failed",
135 int ns, elem, attr, err;
136 char username[1024],
id[128];
158 if(stringprep_xmpp_nodeprep(username, 1024) != 0) {
159 log_debug(
ZONE,
"auth get username failed nodeprep, bouncing it");
235 int ns, elem, attr, authd = 0;
236 char username[1024], resource[1024], str[1024], hash[280];
259 if(stringprep_xmpp_nodeprep(username, 1024) != 0) {
260 log_debug(
ZONE,
"auth set username failed nodeprep, bouncing it");
277 if(stringprep_xmpp_resourceprep(resource, 1024) != 0) {
278 log_debug(
ZONE,
"auth set resource failed resourceprep, bouncing it");
284 if (sess->
s->
ssf > 0)
325 snprintf(hash, 280,
"%s%s", sess->
s->
id, str);
351 _authreg_auth_log(c2s, sess,
"traditional.plain(compare)", username, resource, TRUE);
353 _authreg_auth_log(c2s, sess,
"traditional.plain(compare)", username, resource, FALSE);
478 int ns = 0, elem, attr;
479 char username[1024], password[1024];
544 log_debug(
ZONE,
"register set with no username, bouncing it");
550 if(stringprep_xmpp_nodeprep(username, 1024) != 0) {
551 log_debug(
ZONE,
"register set username failed nodeprep, bouncing it");
559 log_debug(
ZONE,
"register set with no password, bouncing it");
585 log_debug(
ZONE,
"attempt to register %s, but they already exist", username);
669 int ns, query, type, authreg = -1, getset = -1;
716 }
else if(getset == 1) {
726 }
else if(getset == 1) {
int(* check_password)(authreg_t ar, sess_t sess, const char *username, const char *realm, char password[257])
check the given password against the stored password, 0 if equal, !0 if not equal (password auth) ...
C2S_API void sm_create(sess_t sess, bres_t res)
nad_t nad_new(void)
create a new nad
int nad_append_attr(nad_t nad, int ns, const char *name, const char *val)
attach new attr to the last elem
#define NAD_CDATA_L(N, E)
#define sx_nad_write(s, nad)
#define stanza_err_JID_MALFORMED
int ar_register_enable
registration
const char * jid_user(jid_t jid)
expand and return the user
const char * jid_full(jid_t jid)
expand and return the full
jid_t jid_new(const char *id, int len)
make a new jid
int(* get_password)(authreg_t ar, sess_t sess, const char *username, const char *realm, char password[257])
return this users cleartext password in the array (digest auth, password auth)
int(* create_challenge)(authreg_t ar, sess_t sess, const char *username, const char *realm, char *challenge, int maxlen)
Apple extensions for challenge/response authentication methods.
int nad_find_elem(nad_t nad, int elem, int ns, const char *name, int depth)
locate the next elem at a given depth with an optional matching name
void nad_append_cdata(nad_t nad, const char *cdata, int len, int depth)
append new cdata to the last elem
int(* user_exists)(authreg_t ar, sess_t sess, const char *username, const char *realm)
returns 1 if the user exists, 0 if not
static void _authreg_auth_log(c2s_t c2s, sess_t sess, const char *method, const char *username, const char *resource, int success)
auth logger
void log_write(log_t log, int level, const char *msgfmt,...)
int(* ar_module_init_fn)(authreg_t)
type for the module init function
#define AR_MECH_TRAD_DIGEST
static void _authreg_auth_set(c2s_t c2s, sess_t sess, nad_t nad)
auth set handler
void shahash_r(const char *str, char hashbuf[41])
convenience (originally by Thomas Muldowney)
list of resources bound to session
int nad_add_namespace(nad_t nad, const char *uri, const char *prefix)
bring a new namespace into scope
int ar_mechanisms
allowed mechanisms
#define stanza_err_CONFLICT
#define stanza_err_FORBIDDEN
struct _authreg_error_st * authreg_error_t
int nad_append_elem(nad_t nad, int ns, const char *name, int depth)
create a new elem on the list
void nad_free(nad_t nad)
free that nad
int(* set_password)(authreg_t ar, sess_t sess, const char *username, const char *realm, char password[257])
store this password (register)
#define AR_MECH_TRAD_CRAMMD5
#define AR_MECH_TRAD_PLAIN
void nad_set_attr(nad_t nad, int elem, int ns, const char *name, const char *val, int vallen)
create, update, or zap any matching attr on this elem
int authreg_process(c2s_t c2s, sess_t sess, nad_t nad)
processor for iq:auth and iq:register packets return 0 if handled, 1 if not handled ...
jid_t jid_reset_components(jid_t jid, const char *node, const char *domain, const char *resource)
build a jid from components
const char * ar_register_instructions
#define NAD_ENAME_L(N, E)
const char * realm
our realm (SASL)
#define stanza_err_BAD_REQUEST
host_t host
host this session belongs to
nad_t stanza_tofrom(nad_t nad, int elem)
flip the to and from attributes on this elem
struct authreg_st * authreg_t
#define stanza_err_NOT_ALLOWED
char c2s_id[44]
session id for this jid for us and them
nad_t stanza_error(nad_t nad, int elem, int err)
error the packet
C2S_API void sm_start(sess_t sess, bres_t res)
static void _authreg_register_get(c2s_t c2s, sess_t sess, nad_t nad)
register get handler
There is one instance of this struct per user who is logged in to this c2s instance.
static void _authreg_register_set(c2s_t c2s, sess_t sess, nad_t nad)
register set handler
int(* create_user)(authreg_t ar, sess_t sess, const char *username, const char *realm)
make or break the user (register / register remove)
char auth_challenge[65]
Apple: session challenge for challenge-response authentication.
void authreg_free(authreg_t ar)
shutdown the authreg system
const char * config_get_one(config_t c, const char *key, int num)
get config value n for this key
const char * ar_register_oob
int nad_find_attr(nad_t nad, int elem, int ns, const char *name, const char *val)
get a matching attr on this elem, both name and optional val
static void _authreg_auth_get(c2s_t c2s, sess_t sess, nad_t nad)
auth get handler
#define stanza_err_OLD_UNAUTH
int(* check_response)(authreg_t ar, sess_t sess, const char *username, const char *realm, const char *challenge, const char *response)
authreg_t authreg_init(c2s_t c2s, const char *name)
get a handle for the named module
#define stanza_err_INTERNAL_SERVER_ERROR
void(* free)(authreg_t ar)
called prior to authreg shutdown
C2S_API void sm_delete(sess_t sess, bres_t res)
int(* delete_user)(authreg_t ar, sess_t sess, const char *username, const char *realm)
int nad_find_scoped_namespace(nad_t nad, const char *uri, const char *prefix)
find a namespace in scope