diff --git a/include/Swiften/Server/ServerFromClientSession.cpp b/include/Swiften/Server/ServerFromClientSession.cpp new file mode 100644 index 0000000000000000000000000000000000000000..1f1dee0981f94f111f4fb4fa7ae5f90094d08b6e --- /dev/null +++ b/include/Swiften/Server/ServerFromClientSession.cpp @@ -0,0 +1,172 @@ +/* + * Copyright (c) 2010 Remko Tronçon + * Licensed under the GNU General Public License v3. + * See Documentation/Licenses/GPLv3.txt for more information. + */ + +#include + +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +namespace Swift { + +ServerFromClientSession::ServerFromClientSession( + const std::string& id, + boost::shared_ptr connection, + PayloadParserFactoryCollection* payloadParserFactories, + PayloadSerializerCollection* payloadSerializers, + UserRegistry* userRegistry) : + Session(connection, payloadParserFactories, payloadSerializers), + id_(id), + userRegistry_(userRegistry), + authenticated_(false), + initialized(false), + allowSASLEXTERNAL(false), + tlsLayer(0), + tlsConnected(false) { + userRegistry->onPasswordValid.connect(boost::bind(&ServerFromClientSession::handlePasswordValid, this, _1)); + userRegistry->onPasswordInvalid.connect(boost::bind(&ServerFromClientSession::handlePasswordInvalid, this, _1)); +} + +ServerFromClientSession::~ServerFromClientSession() { + if (tlsLayer) { + delete tlsLayer; + } +} + +void ServerFromClientSession::handlePasswordValid(const std::string &user) { + if (user != JID(user_, getLocalJID().getDomain()).toString()) + return; + getXMPPLayer()->writeElement(boost::shared_ptr(new AuthSuccess())); + authenticated_ = true; + getXMPPLayer()->resetParser(); +} + +void ServerFromClientSession::handlePasswordInvalid(const std::string &user) { + if (user != JID(user_, getLocalJID().getDomain()).toString() || authenticated_) + return; + getXMPPLayer()->writeElement(boost::shared_ptr(new AuthFailure)); + finishSession(AuthenticationFailedError); +} + +void ServerFromClientSession::handleElement(boost::shared_ptr element) { + if (isInitialized()) { + onElementReceived(element); + } + else { + if (AuthRequest* authRequest = dynamic_cast(element.get())) { + if (authRequest->getMechanism() == "PLAIN" || (allowSASLEXTERNAL && authRequest->getMechanism() == "EXTERNAL")) { + if (authRequest->getMechanism() == "EXTERNAL") { + getXMPPLayer()->writeElement(boost::shared_ptr(new AuthSuccess())); + authenticated_ = true; + getXMPPLayer()->resetParser(); + } + else { + PLAINMessage plainMessage(authRequest->getMessage() ? *authRequest->getMessage() : createSafeByteArray("")); + if (userRegistry_->isValidUserPassword(JID(plainMessage.getAuthenticationID(), getLocalJID().getDomain()), plainMessage.getPassword())) { + user_ = plainMessage.getAuthenticationID(); + // we're waiting for usermanager signal now +// authenticated_ = true; +// getXMPPLayer()->resetParser(); + } + else { + getXMPPLayer()->writeElement(boost::shared_ptr(new AuthFailure)); + finishSession(AuthenticationFailedError); + } + } + } + else { + getXMPPLayer()->writeElement(boost::shared_ptr(new AuthFailure)); + finishSession(NoSupportedAuthMechanismsError); + } + } + else if (dynamic_cast(element.get()) != NULL) { + getXMPPLayer()->writeElement(boost::shared_ptr(new TLSProceed)); + getStreamStack()->addLayer(tlsLayer); + tlsLayer->connect(); + getXMPPLayer()->resetParser(); + } + else if (IQ* iq = dynamic_cast(element.get())) { + if (boost::shared_ptr resourceBind = iq->getPayload()) { + setRemoteJID(JID(user_, getLocalJID().getDomain(), resourceBind->getResource())); + boost::shared_ptr resultResourceBind(new ResourceBind()); + resultResourceBind->setJID(getRemoteJID()); + getXMPPLayer()->writeElement(IQ::createResult(JID(), iq->getID(), resultResourceBind)); + } + else if (iq->getPayload()) { + getXMPPLayer()->writeElement(IQ::createResult(getRemoteJID(), iq->getID())); + setInitialized(); + } + } + } +} + +void ServerFromClientSession::handleStreamStart(const ProtocolHeader& incomingHeader) { + setLocalJID(JID("", incomingHeader.getTo())); + ProtocolHeader header; + header.setFrom(incomingHeader.getTo()); + header.setID(id_); + getXMPPLayer()->writeHeader(header); + + boost::shared_ptr features(new StreamFeatures()); + + if (!authenticated_) { + if (tlsLayer && !tlsConnected) { + features->setHasStartTLS(); + } + features->addAuthenticationMechanism("PLAIN"); + if (allowSASLEXTERNAL) { + features->addAuthenticationMechanism("EXTERNAL"); + } + } + else { + features->setHasResourceBind(); + features->setHasSession(); + } + getXMPPLayer()->writeElement(features); +} + +void ServerFromClientSession::setInitialized() { + initialized = true; + onSessionStarted(); +} + +void ServerFromClientSession::setAllowSASLEXTERNAL() { + allowSASLEXTERNAL = true; +} + +void ServerFromClientSession::addTLSEncryption(TLSServerContextFactory* tlsContextFactory, const PKCS12Certificate& cert) { + tlsLayer = new TLSServerLayer(tlsContextFactory); + if (!tlsLayer->setServerCertificate(cert)) { +// std::cout << "error\n"; + // TODO: +// onClosed(boost::shared_ptr(new Error(Error::InvalidTLSCertificateError))); + } + else { + tlsLayer->onError.connect(boost::bind(&ServerFromClientSession::handleTLSError, this)); + tlsLayer->onConnected.connect(boost::bind(&ServerFromClientSession::handleTLSConnected, this)); +// getStreamStack()->addLayer(tlsLayer); +// tlsLayer->onError.connect(boost::bind(&BasicSessionStream::handleTLSError, this)); +// tlsLayer->onConnected.connect(boost::bind(&BasicSessionStream::handleTLSConnected, this)); +// tlsLayer->connect(); + } +} + +}