22 #include <stringprep.h>
25 #define LIBRARY_DIR "."
42 const char *modules_path;
55 if (modules_path != NULL)
56 log_write(c2s->
log, LOG_NOTICE,
"modules search path: %s", modules_path);
58 log_write(c2s->
log, LOG_NOTICE,
"modules search path undefined, using default: "LIBRARY_DIR);
60 log_write(c2s->
log, LOG_INFO,
"loading '%s' authreg module", name);
62 if (modules_path != NULL)
63 snprintf(mod_fullpath,
PATH_MAX,
"%s/authreg_%s.so", modules_path, name);
65 snprintf(mod_fullpath,
PATH_MAX,
"%s/authreg_%s.so", LIBRARY_DIR, name);
66 handle = dlopen(mod_fullpath, RTLD_LAZY);
68 init_fn = dlsym(handle,
"ar_init");
70 if (modules_path != NULL)
71 snprintf(mod_fullpath,
PATH_MAX,
"%s\\authreg_%s.dll", modules_path, name);
73 snprintf(mod_fullpath,
PATH_MAX,
"authreg_%s.dll", name);
74 handle = (
void*) LoadLibrary(mod_fullpath);
79 if (handle != NULL && init_fn != NULL) {
80 log_debug(
ZONE,
"preloaded module '%s' (not initialized yet)", name);
83 log_write(c2s->
log, LOG_ERR,
"failed loading authreg module '%s' (%s)", name, dlerror());
87 log_write(c2s->
log, LOG_ERR,
"failed loading authreg module '%s' (errcode: %x)", name, GetLastError());
89 FreeLibrary((HMODULE) handle);
97 log_write(c2s->
log, LOG_ERR,
"cannot allocate memory for new authreg, aborting");
106 if((init_fn)(ar) != 0)
108 log_write(c2s->
log, LOG_ERR,
"failed to initialize auth module '%s'", name);
116 log_write(c2s->
log, LOG_ERR,
"auth module '%s' has no check for user existence", name);
123 log_write(c2s->
log, LOG_NOTICE,
"initialized auth module '%s'", name);
131 if(ar->
free != NULL) (ar->
free)(ar);
137 log_write(c2s->
log, LOG_NOTICE,
"[%d] %s authentication %s: %s@%s/%s %s:%d %s",
138 sess->
s->
tag, method, success ?
"succeeded" :
"failed",
146 int ns, elem, attr, err;
147 char username[1024],
id[128];
169 if(stringprep_xmpp_nodeprep(username, 1024) != 0) {
170 log_debug(
ZONE,
"auth get username failed nodeprep, bouncing it");
246 int ns, elem, attr, authd = 0;
247 char username[1024], resource[1024], str[1024], hash[280];
270 if(stringprep_xmpp_nodeprep(username, 1024) != 0) {
271 log_debug(
ZONE,
"auth set username failed nodeprep, bouncing it");
288 if(stringprep_xmpp_resourceprep(resource, 1024) != 0) {
289 log_debug(
ZONE,
"auth set resource failed resourceprep, bouncing it");
295 if (sess->
s->
ssf > 0)
336 snprintf(hash, 280,
"%s%s", sess->
s->
id, str);
362 _authreg_auth_log(c2s, sess,
"traditional.plain(compare)", username, resource, TRUE);
364 _authreg_auth_log(c2s, sess,
"traditional.plain(compare)", username, resource, FALSE);
489 int ns = 0, elem, attr;
490 char username[1024], password[1024];
555 log_debug(
ZONE,
"register set with no username, bouncing it");
561 if(stringprep_xmpp_nodeprep(username, 1024) != 0) {
562 log_debug(
ZONE,
"register set username failed nodeprep, bouncing it");
570 log_debug(
ZONE,
"register set with no password, bouncing it");
596 log_debug(
ZONE,
"attempt to register %s, but they already exist", username);
680 int ns, query, type, authreg = -1, getset = -1;
727 }
else if(getset == 1) {
737 }
else if(getset == 1) {
int(* check_password)(authreg_t ar, sess_t sess, const char *username, const char *realm, char password[257])
check the given password against the stored password, 0 if equal, !0 if not equal (password auth) ...
C2S_API void sm_create(sess_t sess, bres_t res)
nad_t nad_new(void)
create a new nad
int nad_append_attr(nad_t nad, int ns, const char *name, const char *val)
attach new attr to the last elem
#define NAD_CDATA_L(N, E)
#define sx_nad_write(s, nad)
xht ar_modules
loaded auth/reg modules
#define stanza_err_JID_MALFORMED
int ar_register_enable
registration
const char * jid_user(jid_t jid)
expand and return the user
const char * jid_full(jid_t jid)
expand and return the full
jid_t jid_new(const char *id, int len)
make a new jid
int(* get_password)(authreg_t ar, sess_t sess, const char *username, const char *realm, char password[257])
return this users cleartext password in the array (digest auth, password auth)
int(* create_challenge)(authreg_t ar, sess_t sess, const char *username, const char *realm, char *challenge, int maxlen)
Apple extensions for challenge/response authentication methods.
int nad_find_elem(nad_t nad, int elem, int ns, const char *name, int depth)
locate the next elem at a given depth with an optional matching name
void nad_append_cdata(nad_t nad, const char *cdata, int len, int depth)
append new cdata to the last elem
int(* user_exists)(authreg_t ar, sess_t sess, const char *username, const char *realm)
returns 1 if the user exists, 0 if not
static void _authreg_auth_log(c2s_t c2s, sess_t sess, const char *method, const char *username, const char *resource, int success)
auth logger
void log_write(log_t log, int level, const char *msgfmt,...)
int(* ar_module_init_fn)(authreg_t)
type for the module init function
#define AR_MECH_TRAD_DIGEST
static void _authreg_auth_set(c2s_t c2s, sess_t sess, nad_t nad)
auth set handler
void shahash_r(const char *str, char hashbuf[41])
convenience (originally by Thomas Muldowney)
list of resources bound to session
int nad_add_namespace(nad_t nad, const char *uri, const char *prefix)
bring a new namespace into scope
int ar_mechanisms
allowed mechanisms
#define stanza_err_CONFLICT
#define stanza_err_FORBIDDEN
struct _authreg_error_st * authreg_error_t
int nad_append_elem(nad_t nad, int ns, const char *name, int depth)
create a new elem on the list
void nad_free(nad_t nad)
free that nad
int(* set_password)(authreg_t ar, sess_t sess, const char *username, const char *realm, char password[257])
store this password (register)
#define AR_MECH_TRAD_CRAMMD5
#define AR_MECH_TRAD_PLAIN
void nad_set_attr(nad_t nad, int elem, int ns, const char *name, const char *val, int vallen)
create, update, or zap any matching attr on this elem
int authreg_process(c2s_t c2s, sess_t sess, nad_t nad)
processor for iq:auth and iq:register packets return 0 if handled, 1 if not handled ...
jid_t jid_reset_components(jid_t jid, const char *node, const char *domain, const char *resource)
build a jid from components
const char * ar_register_instructions
void * pmalloco(pool_t p, int size)
easy safety utility (for creating blank mem for structs, etc)
#define NAD_ENAME_L(N, E)
const char * realm
our realm (SASL)
void xhash_put(xht h, const char *key, void *val)
#define stanza_err_BAD_REQUEST
host_t host
host this session belongs to
nad_t stanza_tofrom(nad_t nad, int elem)
flip the to and from attributes on this elem
struct authreg_st * authreg_t
#define stanza_err_NOT_ALLOWED
char c2s_id[44]
session id for this jid for us and them
nad_t stanza_error(nad_t nad, int elem, int err)
error the packet
C2S_API void sm_start(sess_t sess, bres_t res)
static void _authreg_register_get(c2s_t c2s, sess_t sess, nad_t nad)
register get handler
There is one instance of this struct per user who is logged in to this c2s instance.
static void _authreg_register_set(c2s_t c2s, sess_t sess, nad_t nad)
register set handler
int(* create_user)(authreg_t ar, sess_t sess, const char *username, const char *realm)
make or break the user (register / register remove)
pool_t xhash_pool(xht h)
get our pool
char auth_challenge[65]
Apple: session challenge for challenge-response authentication.
void * xhash_get(xht h, const char *key)
void authreg_free(authreg_t ar)
shutdown the authreg system
const char * config_get_one(config_t c, const char *key, int num)
get config value n for this key
const char * ar_register_oob
int nad_find_attr(nad_t nad, int elem, int ns, const char *name, const char *val)
get a matching attr on this elem, both name and optional val
static void _authreg_auth_get(c2s_t c2s, sess_t sess, nad_t nad)
auth get handler
#define stanza_err_OLD_UNAUTH
int(* check_response)(authreg_t ar, sess_t sess, const char *username, const char *realm, const char *challenge, const char *response)
authreg_t authreg_init(c2s_t c2s, const char *name)
get a handle for the named module
#define stanza_err_INTERNAL_SERVER_ERROR
void(* free)(authreg_t ar)
called prior to authreg shutdown
C2S_API void sm_delete(sess_t sess, bres_t res)
int(* delete_user)(authreg_t ar, sess_t sess, const char *username, const char *realm)
int nad_find_scoped_namespace(nad_t nad, const char *uri, const char *prefix)
find a namespace in scope
char * _sx_flags(sx_t s)
show sx flags as string - for logging