libtransport.git Changeset - 7619b9e2b2cb

Changeset - 7619b9e2b2cb

Parent rev.

Child rev.

[Not reviewed]

0 3 0

Dominik - 14 years ago 2012-01-27 18:33:18
meyerd@mytum.de

- check local_username against configured server
- TODO: improve really crappy and hacky Swiften password check solution

3 files changed with 51 insertions and 2 deletions:

spectrum/src/sample2.cfg

src/config.cpp

src/userregistration.cpp

0 comments (0 inline, 0 general)

spectrum/src/sample2.cfg

➞

Show inline comments

@@ @@ -86,12 +86,29 @@ type = none @@
 # Port.
 #port = 0
 # User.
 #user = spectrum
 # Paasword.
 #password = secret
 # Prefix used for tables
 #prefix = jabber_
 [registration]
 # Enable public registrations
 enable_public_registration=1
 # Text to display upon user registration form
 username_label=Jabber JID (e.g. user@server.tld):
 instructions=Enter your remote jabber JID and password as well as your local username and password
 # If True a local jabber account on <local_account_server> is needed
 # for transport registration, the idea is to enable public registration
 # from other servers, but only for users, who have already local accounts
 require_local_account=1
 local_username_label=Local username (without @server.tld):
 local_account_server=localhost
 local_account_server_timeout=10000

src/config.cpp

➞

Show inline comments

 		("vhosts.vhost", value<std::vector<std::string> >()->multitoken(), "")
 		("identity.name", value<std::string>()->default_value("Spectrum 2 Transport"), "Name showed in service discovery.")
 		("identity.category", value<std::string>()->default_value("gateway"), "Disco#info identity category. 'gateway' by default.")
 		("identity.type", value<std::string>()->default_value(""), "Type of transport ('icq','msn','gg','irc', ...)")
 		("registration.enable_public_registration", value<bool>()->default_value(true), "True if users should be able to register.")
 		("registration.language", value<std::string>()->default_value("en"), "Default language for registration form")
 		("registration.instructions", value<std::string>()->default_value("Enter your legacy network username and password."), "Instructions showed to user in registration form")
 		("registration.username_label", value<std::string>()->default_value("Legacy network username:"), "Label for username field")
 		("registration.username_mask", value<std::string>()->default_value(""), "Username mask")
 		("registration.encoding", value<std::string>()->default_value("utf8"), "Default encoding in registration form")
 		("registration.require_local_account", value<bool>()->default_value(false), "True if users have to have a local account to register to this transport from remote servers.")
 		("registration.local_username_label", value<std::string>()->default_value("Local username:"), "Label for local usernme field")
 		("registration.local_account_server", value<std::string>()->default_value("localhost"), "The server on which the local accounts will be checked for validity")
 		("registration.local_account_server_timeout", value<int>()->default_value(10000), "Timeout when checking local user on local_account_server (msecs)")
 		("database.type", value<std::string>()->default_value("none"), "Database type.")
 		("database.database", value<std::string>()->default_value(""), "Database used to store data")
 		("database.server", value<std::string>()->default_value("localhost"), "Database server.")
 		("database.user", value<std::string>()->default_value(""), "Database user.")
 		("database.password", value<std::string>()->default_value(""), "Database Password.")
 		("database.port", value<int>()->default_value(0), "Database port.")
 		("database.prefix", value<std::string>()->default_value(""), "Prefix of tables in database")
 		("database.encryption_key", value<std::string>()->default_value(""), "Encryption key.")
 		("logging.config", value<std::string>()->default_value(""), "Path to log4cxx config file which is used for Spectrum 2 instance")
 		("logging.backend_config", value<std::string>()->default_value(""), "Path to log4cxx config file which is used for backends")
 		("backend.default_avatar", value<std::string>()->default_value(""), "Full path to default avatar")
 		("backend.avatars_directory", value<std::string>()->default_value(""), "Path to directory with avatars")

src/userregistration.cpp

➞

Show inline comments

@@ @@ -17,24 +17,26 @@ @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02111-1301  USA
  */
 #include "transport/userregistration.h"
 #include "transport/usermanager.h"
 #include "transport/storagebackend.h"
 #include "transport/transport.h"
 #include "transport/rostermanager.h"
 #include "transport/user.h"
 #include "Swiften/Elements/ErrorPayload.h"
 #include <boost/shared_ptr.hpp>
 #include <boost/thread.hpp>
 #include <boost/date_time/posix_time/posix_time.hpp>
 #include "log4cxx/logger.h"
 using namespace Swift;
 using namespace log4cxx;
 namespace Transport {
 static LoggerPtr logger = Logger::getLogger("UserRegistration");
 UserRegistration::UserRegistration(Component *component, UserManager *userManager, StorageBackend *storageBackend) : Swift::Responder<Swift::InBandRegistrationPayload>(component->m_iqRouter) {
 	m_component = component;
 	m_config = m_component->m_config;
 		unregisterUser(barejid);
 		sendResponse(from, id, InBandRegistrationPayload::ref());
 		return true;
+	}
 	if (CONFIG_BOOL(m_config,"registration.require_local_account")) {
 	/*	if (!local_username || !local_password) {
 			sendResponse(from, id, InBandRegistrationPayload::ref());
 			return true
 		} else */ if (local_username == "" || local_password == "") {
 			sendResponse(from, id, InBandRegistrationPayload::ref());
 			return true;
 		} else if (local_username != "heinz" || local_password != "heinz") {
 			// TODO: Check local password and username
+		}
 		Swift::logging = true;
 		bool validLocal = false;
 		std::string localLookupServer = CONFIG_STRING(m_config, "registration.local_account_server");
 		std::string localLookupJID = local_username + std::string("@") + localLookupServer;
 		SimpleEventLoop localLookupEventLoop;
 		BoostNetworkFactories localLookupNetworkFactories(&localLookupEventLoop);
 		Client localLookupClient(localLookupJID, local_password, &localLookupNetworkFactories);
 		// TODO: this is neccessary on my server ... but should maybe omitted
 		localLookupClient.setAlwaysTrustCertificates();
 		localLookupClient.connect();
 		class SimpleLoopRunner {
 			public:
 				SimpleLoopRunner() {};
 				static void run(SimpleEventLoop * loop) {
 					loop->run();
 				};
 		};
 		// TODO: Really ugly and hacky solution, any other ideas more than welcome!
 		boost::thread thread(boost::bind(&(SimpleLoopRunner::run), &localLookupEventLoop));
 		thread.timed_join(boost::posix_time::millisec(CONFIG_INT(m_config, "registration.local_account_server_timeout")));
 		localLookupEventLoop.stop();
 		thread.join();
 		validLocal = localLookupClient.isAvailable();
 		localLookupClient.disconnect();
 		if (!validLocal) {
 			sendError(from, id, ErrorPayload::NotAuthorized, ErrorPayload::Modify);
 			return true;
+		}
+	}
 	printf("here\n");
 	if (!payload->getUsername() || !payload->getPassword()) {
 		sendError(from, id, ErrorPayload::NotAcceptable, ErrorPayload::Modify);
 		return true;
+	}

0 comments (0 inline, 0 general)