diff options
author | Patrick Okraku <patrick@okraku.com> | 2023-11-01 17:15:23 +0100 |
---|---|---|
committer | Patrick Griffis <tingping@tingping.se> | 2023-11-05 07:11:23 -0600 |
commit | 50ca0d5b09db31a88f4798c87d9be71894edcfca (patch) | |
tree | 32668d55f86492f88ce1b663149c512d68c2117b /src | |
parent | 44d14a436bf33c76288ca22bd9a787aca8120dd0 (diff) |
Moved SASL PLAIN authentication to own function
Diffstat (limited to 'src')
-rw-r--r-- | src/common/inbound.c | 64 |
1 files changed, 34 insertions, 30 deletions
diff --git a/src/common/inbound.c b/src/common/inbound.c index a591dc48..78a126f7 100644 --- a/src/common/inbound.c +++ b/src/common/inbound.c @@ -1901,6 +1901,38 @@ inbound_cap_list (server *serv, char *nick, char *extensions, NULL, NULL, 0, tags_data->timestamp); } +static void +plain_authenticate(server *serv, char *user, char *password) +{ + char *pass = encode_sasl_pass_plain (user, password); + + if (pass == NULL) + { + /* something went wrong abort */ + tcp_sendf (serv, "AUTHENTICATE *\r\n"); + return; + } + + /* long SASL passwords must be split into 400-byte chunks + https://ircv3.net/specs/extensions/sasl-3.1#the-authenticate-command */ + size_t pass_len = strlen (pass); + if (pass_len <= 400) + tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass); + else + { + size_t sent = 0; + while (sent < pass_len) + { + char *pass_chunk = g_strndup (pass + sent, 400); + tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass_chunk); + sent += 400; + g_free (pass_chunk); + } + } + if (pass_len % 400 == 0) + tcp_sendf (serv, "AUTHENTICATE +\r\n"); +} + void inbound_sasl_authenticate (server *serv, char *data) { @@ -1921,43 +1953,15 @@ inbound_sasl_authenticate (server *serv, char *data) switch (serv->sasl_mech) { case MECH_PLAIN: - pass = encode_sasl_pass_plain (user, serv->password); + plain_authenticate(serv, user, serv->password); break; #ifdef USE_OPENSSL case MECH_EXTERNAL: - pass = g_strdup ("+"); + tcp_sendf (serv, "AUTHENTICATE +\r\n"); break; #endif } - if (pass == NULL) - { - /* something went wrong abort */ - tcp_sendf (serv, "AUTHENTICATE *\r\n"); - return; - } - - /* long SASL passwords must be split into 400-byte chunks - https://ircv3.net/specs/extensions/sasl-3.1#the-authenticate-command */ - size_t pass_len = strlen (pass); - if (pass_len <= 400) - tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass); - else - { - size_t sent = 0; - while (sent < pass_len) - { - char *pass_chunk = g_strndup (pass + sent, 400); - tcp_sendf (serv, "AUTHENTICATE %s\r\n", pass_chunk); - sent += 400; - g_free (pass_chunk); - } - } - if (pass_len % 400 == 0) - tcp_sendf (serv, "AUTHENTICATE +\r\n"); - g_free (pass); - - EMIT_SIGNAL_TIMESTAMP (XP_TE_SASLAUTH, serv->server_session, user, (char*)mech, NULL, NULL, 0, 0); } |