Ejemplo n.º 1
0
// Authenticate implements the Mechanism interface for PlainMech
func (pm plainMech) Authenticate(data string, props stream.Properties) ([]element.Element, stream.Properties, bool) {
	decoded, err := base64.StdEncoding.DecodeString(data)
	if err != nil {
		return []element.Element{element.SASLFailure.MalformedRequest}, props, false
	}

	res := strings.Split(string(decoded), "\000")
	if len(res) != 3 {
		return []element.Element{element.SASLFailure.MalformedRequest}, props, false
	}
	identity, user, password := res[0], res[1], res[2]
	err = pm.auth.Authenticate(identity, user, password)
	// TODO: Handle different types of errors
	if err != nil {
		return []element.Element{element.SASLFailure.NotAuthorized}, props, false
	}
	if identity != "" {
		user = identity
	} else {
		// TODO: Add a way to determine the address of the server for the domain
		// part of the jid (do it better than this.)
		user += "@" + props.Domain
	}

	j := jid.New(user)
	props.Header.To = j.String()
	props.Status = props.Status | stream.Restart | stream.Auth
	return []element.Element{element.SASLSuccess}, props, false
}
Ejemplo n.º 2
0
func (h Handler) HandleIQ(iq stanza.IQ, props stream.Properties) ([]stanza.Stanza, stream.Properties) {
	var sts []stanza.Stanza
	// ensure we have a bind request
	req, err := stanza.TransformBindRequest(iq)
	if err != nil {
		// TODO: Should this return an error?
		return sts, props
	}
	if req.Resource == "" {
		// TODO: Create a random resource generator
		req.Resource = genResourceID()
	}

	// Should do some resource validation here.
	// TODO: Need to use proper jids here.
	props.Header.To += "/" + req.Resource

	j := jid.New(props.Header.To)
	res := stanza.NewBindResult(iq, j)
	sts = append(sts, res.TransformStanza())

	props.Status = props.Status | stream.Bind
	return sts, props
}
Ejemplo n.º 3
0
// Start starts or restarts the stream.
//
// In recieving mode, the transport will wait to recieve a stream header
// from the initiating entity, then sends its own header and the stream
// features. This transport will add the starttls feature under certain
// conditions.
func (t *TCP) Start(props stream.Properties) (stream.Properties, error) {
	if t.mode == stream.Initiating {
		if props.Header == (stream.Header{}) {
			return props, stream.ErrHeaderNotSet
		}
		b := props.Header.WriteBytes()
		_, err := t.Write(b)
		return props, err
	}

	// We're in recieving mode
	if props.Domain == "" {
		return props, stream.ErrDomainNotSet
	}
	var el element.Element
	var h stream.Header
	var err error

	el, err = t.Next()
	if err != nil {
		return props, err
	}

	h, err = stream.NewHeader(el)
	if err != nil {
		return props, err
	}

	h.ID = genStreamID()

	if h.To != props.Domain {
		h.To, h.From = h.From, props.Domain
		b := h.WriteBytes()
		t.Write(b)
		err = t.WriteElement(element.StreamError.HostUnknown)
		props.Status = stream.Closed
		return props, err
	}

	h.From, h.To = props.Domain, h.From
	if props.To != "" {
		h.To = props.To
	}

	props.Header = h

	b := props.Header.WriteBytes()
	_, err = t.Write(b)
	if err != nil {
		return props, err
	}

	ftrs := element.StreamFeatures
	for _, f := range props.Features {
		ftrs = ftrs.AddChild(f)
	}
	// Stream features
	if t.conf != nil && !t.secure {
		tlsFeature := element.StartTLS
		if t.tlsRequired {
			tlsFeature = tlsFeature.AddChild(element.Required)
		}
		// Overwrite any other features
		ftrs.Child = []element.Token{tlsFeature}
	}
	err = t.WriteElement(ftrs)
	return props, err
}