Changeset - 7619b9e2b2cb
[Not reviewed]
0 3 0
Dominik - 13 years ago 2012-01-27 18:33:18
meyerd@mytum.de
- check local_username against configured server
- TODO: improve really crappy and hacky Swiften password check solution
3 files changed with 51 insertions and 2 deletions:
0 comments (0 inline, 0 general)
spectrum/src/sample2.cfg
Show inline comments
 
@@ -95,3 +95,20 @@ type = none
 

	
 
# Prefix used for tables
 
#prefix = jabber_
 

	
 
[registration]
 
# Enable public registrations
 
enable_public_registration=1
 

	
 
# Text to display upon user registration form
 
username_label=Jabber JID (e.g. user@server.tld):
 
instructions=Enter your remote jabber JID and password as well as your local username and password
 

	
 
# If True a local jabber account on <local_account_server> is needed 
 
# for transport registration, the idea is to enable public registration
 
# from other servers, but only for users, who have already local accounts
 
require_local_account=1
 
local_username_label=Local username (without @server.tld):
 
local_account_server=localhost
 
local_account_server_timeout=10000
 

	
src/config.cpp
Show inline comments
 
@@ -89,6 +89,8 @@ bool Config::load(std::istream &ifs, boost::program_options::options_description
 
		("registration.encoding", value<std::string>()->default_value("utf8"), "Default encoding in registration form")
 
		("registration.require_local_account", value<bool>()->default_value(false), "True if users have to have a local account to register to this transport from remote servers.")
 
		("registration.local_username_label", value<std::string>()->default_value("Local username:"), "Label for local usernme field")
 
		("registration.local_account_server", value<std::string>()->default_value("localhost"), "The server on which the local accounts will be checked for validity")
 
		("registration.local_account_server_timeout", value<int>()->default_value(10000), "Timeout when checking local user on local_account_server (msecs)")
 
		("database.type", value<std::string>()->default_value("none"), "Database type.")
 
		("database.database", value<std::string>()->default_value(""), "Database used to store data")
 
		("database.server", value<std::string>()->default_value("localhost"), "Database server.")
src/userregistration.cpp
Show inline comments
 
@@ -26,6 +26,8 @@
 
#include "transport/user.h"
 
#include "Swiften/Elements/ErrorPayload.h"
 
#include <boost/shared_ptr.hpp>
 
#include <boost/thread.hpp>
 
#include <boost/date_time/posix_time/posix_time.hpp>
 
#include "log4cxx/logger.h"
 

	
 
using namespace Swift;
 
@@ -360,8 +362,36 @@ bool UserRegistration::handleSetRequest(const Swift::JID& from, const Swift::JID
 
		} else */ if (local_username == "" || local_password == "") {
 
			sendResponse(from, id, InBandRegistrationPayload::ref());
 
			return true;
 
		} else if (local_username != "heinz" || local_password != "heinz") {
 
			// TODO: Check local password and username
 
		} 
 
		Swift::logging = true;
 
		bool validLocal = false;
 
		std::string localLookupServer = CONFIG_STRING(m_config, "registration.local_account_server");
 
		std::string localLookupJID = local_username + std::string("@") + localLookupServer;
 
		SimpleEventLoop localLookupEventLoop;
 
		BoostNetworkFactories localLookupNetworkFactories(&localLookupEventLoop);
 
		Client localLookupClient(localLookupJID, local_password, &localLookupNetworkFactories);
 
		
 
		// TODO: this is neccessary on my server ... but should maybe omitted
 
		localLookupClient.setAlwaysTrustCertificates();
 
		localLookupClient.connect();
 

	
 
		class SimpleLoopRunner {
 
			public:
 
				SimpleLoopRunner() {};
 

	
 
				static void run(SimpleEventLoop * loop) {
 
					loop->run();
 
				};
 
		};
 

	
 
		// TODO: Really ugly and hacky solution, any other ideas more than welcome!
 
		boost::thread thread(boost::bind(&(SimpleLoopRunner::run), &localLookupEventLoop));
 
		thread.timed_join(boost::posix_time::millisec(CONFIG_INT(m_config, "registration.local_account_server_timeout")));
 
		localLookupEventLoop.stop();
 
		thread.join();
 
		validLocal = localLookupClient.isAvailable();
 
		localLookupClient.disconnect();
 
		if (!validLocal) {
 
			sendError(from, id, ErrorPayload::NotAuthorized, ErrorPayload::Modify);
 
			return true;
 
		}
0 comments (0 inline, 0 general)