Changeset 3fbce97 for protocols/jabber/sasl.c
- Timestamp:
- 2016-09-24T20:14:34Z (8 years ago)
- Children:
- ba52ac5
- Parents:
- 63cad66 (diff), 82cb190 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)links above to see all the changes relative to each parent. - File:
-
- 1 edited
-
protocols/jabber/sasl.c (modified) (7 diffs)
Legend:
- Unmodified
- Added
- Removed
-
protocols/jabber/sasl.c
r63cad66 r3fbce97 38 38 "6C-Zgf7Tr7gEQTPlBhMUgo7R", 39 39 }; 40 const struct oauth2_service oauth2_service_facebook =41 {42 "https://www.facebook.com/dialog/oauth",43 "https://graph.facebook.com/oauth/access_token",44 "https://www.bitlbee.org/main.php/Facebook/oauth2.html",45 "offline_access,xmpp_login",46 "126828914005625",47 "4b100f0f244d620bf3f15f8b217d4c32",48 };49 40 50 41 xt_status sasl_pkt_mechanisms(struct xt_node *node, gpointer data) … … 54 45 struct xt_node *c, *reply; 55 46 char *s; 56 int sup_plain = 0, sup_digest = 0, sup_gtalk = 0, sup_ fb = 0, sup_anonymous = 0;47 int sup_plain = 0, sup_digest = 0, sup_gtalk = 0, sup_anonymous = 0; 57 48 int want_oauth = FALSE, want_hipchat = FALSE, want_anonymous = FALSE; 58 49 GString *mechs; … … 89 80 } else if (c->text && g_strcasecmp(c->text, "X-OAUTH2") == 0) { 90 81 sup_gtalk = 1; 91 } else if (c->text && g_strcasecmp(c->text, "X-FACEBOOK-PLATFORM") == 0) {92 sup_fb = 1;93 82 } 94 83 … … 101 90 102 91 if (!want_oauth && !sup_plain && !sup_digest) { 103 if (!sup_gtalk && !sup_fb) {92 if (!sup_gtalk) { 104 93 imcb_error(ic, "This server requires OAuth " 105 94 "(supported schemes:%s)", mechs->str); … … 137 126 reply->text_len = strlen(reply->text); 138 127 g_free(s); 139 } else if (sup_fb && want_oauth) {140 xt_add_attr(reply, "mechanism", "X-FACEBOOK-PLATFORM");141 jd->flags |= JFLAG_SASL_FB;142 128 } else if (want_oauth) { 143 129 imcb_error(ic, "OAuth requested, but not supported by server"); … … 154 140 xt_free_node(reply); 155 141 return XT_ABORT; 156 } else if (sup_digest) { 142 } else if (sup_digest && !(jd->ssl && sup_plain)) { 143 /* Only try DIGEST-MD5 if there's no SSL/TLS or if PLAIN isn't supported. 144 * Which in practice means "don't bother with DIGEST-MD5 most of the time". 145 * It's weak, pointless over TLS, and often breaks with some servers (hi openfire) */ 146 157 147 xt_add_attr(reply, "mechanism", "DIGEST-MD5"); 158 148 … … 295 285 dec = frombase64(node->text); 296 286 297 if (jd->flags & JFLAG_SASL_FB) { 298 /* New-style Facebook OAauth2 support. Instead of sending a refresh 299 token, they just send an access token that should never expire. */ 300 GSList *p_in = NULL, *p_out = NULL; 301 char time[33]; 302 303 oauth_params_parse(&p_in, dec); 304 oauth_params_add(&p_out, "nonce", oauth_params_get(&p_in, "nonce")); 305 oauth_params_add(&p_out, "method", oauth_params_get(&p_in, "method")); 306 oauth_params_free(&p_in); 307 308 g_snprintf(time, sizeof(time), "%lld", (long long) (gettime() * 1000)); 309 oauth_params_add(&p_out, "call_id", time); 310 oauth_params_add(&p_out, "api_key", oauth2_service_facebook.consumer_key); 311 oauth_params_add(&p_out, "v", "1.0"); 312 oauth_params_add(&p_out, "format", "XML"); 313 oauth_params_add(&p_out, "access_token", jd->oauth2_access_token); 314 315 reply = oauth_params_string(p_out); 316 oauth_params_free(&p_out); 317 } else if (!(s = sasl_get_part(dec, "rspauth"))) { 287 if (!(s = sasl_get_part(dec, "rspauth"))) { 318 288 /* See RFC 2831 for for information. */ 319 289 md5_state_t A1, A2, H;
Note: See TracChangeset
for help on using the changeset viewer.
