diff options
| author | Marius Halden <marius.h@lden.org> | 2016-06-20 18:20:11 +0200 | 
|---|---|---|
| committer | Marius Halden <marius.h@lden.org> | 2016-06-20 18:20:11 +0200 | 
| commit | c3fdf0ff66e8f991e28a6cf0a2ea3298f3668cd7 (patch) | |
| tree | bc2f8a6047cad0596847a551ec7d5c4ca280b9ad | |
| parent | 16c3ee33798ae48a28222dbd538da94c777081cb (diff) | |
Disable SCRAM if username/password contains non-ascii characters as saslprep is not yet used
| -rw-r--r-- | protocols/jabber/sasl.c | 19 | 
1 files changed, 19 insertions, 0 deletions
| diff --git a/protocols/jabber/sasl.c b/protocols/jabber/sasl.c index de91034b..b60bdc7e 100644 --- a/protocols/jabber/sasl.c +++ b/protocols/jabber/sasl.c @@ -40,6 +40,20 @@ const struct oauth2_service oauth2_service_google =  	"6C-Zgf7Tr7gEQTPlBhMUgo7R",  }; +static int is_ascii(const char *str) +{ +	if (!str) { +		return 0; +	} + +	while (*str) { +		if (*str++ & 0x80) +			return 0; +	} + +	return 1; +} +  xt_status sasl_pkt_mechanisms(struct xt_node *node, gpointer data)  {  	struct im_connection *ic = data; @@ -92,6 +106,11 @@ xt_status sasl_pkt_mechanisms(struct xt_node *node, gpointer data)  		c = c->next;  	} +	if (sup_scram && (!is_ascii(jd->username) || !is_ascii(ic->acc->pass))) { +		imcb_log(ic, "Username/password contains non-ascii characters, SCRAM authentication disabled"); +		sup_scram = 0; +	} +  	if (!want_oauth && !want_anonymous && !sup_plain && !sup_digest && !sup_scram) {  		if (sup_gtalk) {  			imcb_error(ic, "This server requires OAuth " | 
