Changeset - 7619b9e2b2cb
Parent rev.
Child rev.
[Not reviewed]
0 3 0
Dominik - 13 years ago 2012-01-27 18:33:18
meyerd@mytum.de
- check local_username against configured server
- TODO: improve really crappy and hacky Swiften password check solution
3 files changed with 51 insertions and 2 deletions:
spectrum/src/sample2.cfg
17
src/config.cpp
2
src/userregistration.cpp
32
2
0 comments (0 inline, 0 general)
spectrum/src/sample2.cfg
Show inline comments
 
@@ -95,3 +95,20 @@ type = none
 

			




	
	
	
		
 
# Prefix used for tables

			




	
	
	
		
 
#prefix = jabber_

			




	
	
	
		
 

			




	
	
	
		
 
[registration]

			




	
	
	
		
 
# Enable public registrations

			




	
	
	
		
 
enable_public_registration=1

			




	
	
	
		
 

			




	
	
	
		
 
# Text to display upon user registration form

			




	
	
	
		
 
username_label=Jabber JID (e.g. user@server.tld):

			




	
	
	
		
 
instructions=Enter your remote jabber JID and password as well as your local username and password

			




	
	
	
		
 

			




	
	
	
		
 
# If True a local jabber account on <local_account_server> is needed 

			




	
	
	
		
 
# for transport registration, the idea is to enable public registration

			




	
	
	
		
 
# from other servers, but only for users, who have already local accounts

			




	
	
	
		
 
require_local_account=1

			




	
	
	
		
 
local_username_label=Local username (without @server.tld):

			




	
	
	
		
 
local_account_server=localhost

			




	
	
	
		
 
local_account_server_timeout=10000

			




	
	
	
		
 

			




        

    


    
    

    

        

                

                    src/config.cpp
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -89,6 +89,8 @@ bool Config::load(std::istream &ifs, boost::program_options::options_description

			




	
	
	
		
 
		("registration.encoding", value<std::string>()->default_value("utf8"), "Default encoding in registration form")

			




	
	
	
		
 
		("registration.require_local_account", value<bool>()->default_value(false), "True if users have to have a local account to register to this transport from remote servers.")

			




	
	
	
		
 
		("registration.local_username_label", value<std::string>()->default_value("Local username:"), "Label for local usernme field")

			




	
	
	
		
 
		("registration.local_account_server", value<std::string>()->default_value("localhost"), "The server on which the local accounts will be checked for validity")

			




	
	
	
		
 
		("registration.local_account_server_timeout", value<int>()->default_value(10000), "Timeout when checking local user on local_account_server (msecs)")

			




	
	
	
		
 
		("database.type", value<std::string>()->default_value("none"), "Database type.")

			




	
	
	
		
 
		("database.database", value<std::string>()->default_value(""), "Database used to store data")

			




	
	
	
		
 
		("database.server", value<std::string>()->default_value("localhost"), "Database server.")

			




        

    


    
    

    

        

                

                    src/userregistration.cpp
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -26,6 +26,8 @@

			




	
	
	
		
 
#include "transport/user.h"

			




	
	
	
		
 
#include "Swiften/Elements/ErrorPayload.h"

			




	
	
	
		
 
#include <boost/shared_ptr.hpp>

			




	
	
	
		
 
#include <boost/thread.hpp>

			




	
	
	
		
 
#include <boost/date_time/posix_time/posix_time.hpp>

			




	
	
	
		
 
#include "log4cxx/logger.h"

			




	
	
	
		
 

			




	
	
	
		
 
using namespace Swift;

			




	
	
		
 
@@ -360,8 +362,36 @@ bool UserRegistration::handleSetRequest(const Swift::JID& from, const Swift::JID

			




	
	
	
		
 
		} else */ if (local_username == "" || local_password == "") {

			




	
	
	
		
 
			sendResponse(from, id, InBandRegistrationPayload::ref());

			




	
	
	
		
 
			return true;

			




	
	
	
		
 
		} else if (local_username != "heinz" || local_password != "heinz") {

			




	
	
	
		
 
			// TODO: Check local password and username

			




	
	
	
		
 
		} 

			




	
	
	
		
 
		Swift::logging = true;

			




	
	
	
		
 
		bool validLocal = false;

			




	
	
	
		
 
		std::string localLookupServer = CONFIG_STRING(m_config, "registration.local_account_server");

			




	
	
	
		
 
		std::string localLookupJID = local_username + std::string("@") + localLookupServer;

			




	
	
	
		
 
		SimpleEventLoop localLookupEventLoop;

			




	
	
	
		
 
		BoostNetworkFactories localLookupNetworkFactories(&localLookupEventLoop);

			




	
	
	
		
 
		Client localLookupClient(localLookupJID, local_password, &localLookupNetworkFactories);

			




	
	
	
		
 
		

			




	
	
	
		
 
		// TODO: this is neccessary on my server ... but should maybe omitted

			




	
	
	
		
 
		localLookupClient.setAlwaysTrustCertificates();

			




	
	
	
		
 
		localLookupClient.connect();

			




	
	
	
		
 

			




	
	
	
		
 
		class SimpleLoopRunner {

			




	
	
	
		
 
			public:

			




	
	
	
		
 
				SimpleLoopRunner() {};

			




	
	
	
		
 

			




	
	
	
		
 
				static void run(SimpleEventLoop * loop) {

			




	
	
	
		
 
					loop->run();

			




	
	
	
		
 
				};

			




	
	
	
		
 
		};

			




	
	
	
		
 

			




	
	
	
		
 
		// TODO: Really ugly and hacky solution, any other ideas more than welcome!

			




	
	
	
		
 
		boost::thread thread(boost::bind(&(SimpleLoopRunner::run), &localLookupEventLoop));

			




	
	
	
		
 
		thread.timed_join(boost::posix_time::millisec(CONFIG_INT(m_config, "registration.local_account_server_timeout")));

			




	
	
	
		
 
		localLookupEventLoop.stop();

			




	
	
	
		
 
		thread.join();

			




	
	
	
		
 
		validLocal = localLookupClient.isAvailable();

			




	
	
	
		
 
		localLookupClient.disconnect();

			




	
	
	
		
 
		if (!validLocal) {

			




	
	
	
		
 
			sendError(from, id, ErrorPayload::NotAuthorized, ErrorPayload::Modify);

			




	
	
	
		
 
			return true;

			




	
	
	
		
 
		}

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: srv01-28608
    
    
        This site is powered by
            Kallithea,
        which is
        © 2010–2021 by various authors & licensed under GPLv3.
            – Support