Mercurial > libervia-backend
annotate libervia/backend/core/patches.py @ 4242:8acf46ed7f36
frontends: remote control implementation:
This is the frontends common part of remote control implementation. It handle the creation
of WebRTC session, and management of inputs. For now the reception use freedesktop.org
Desktop portal, and works mostly with Wayland based Desktop Environments.
rel 436
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sat, 11 May 2024 13:52:43 +0200 |
| parents | a1e7e82a8921 |
| children | c14e904eee13 |
| rev | line source |
|---|---|
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
1 import base64 |
|
2809
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
2 import copy |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
3 import secrets |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
4 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
5 from cryptography.hazmat.backends import default_backend |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
6 from cryptography.hazmat.primitives import hashes, hmac |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
7 from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
8 from twisted.words.protocols.jabber import ( |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
9 client as tclient, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
10 jid, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
11 sasl, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
12 sasl_mechanisms, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
13 xmlstream, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
14 ) |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 from wokkel import client |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
16 from zope.interface import implementer |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
17 |
|
4071
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
18 from libervia.backend.core.constants import Const as C |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
19 from libervia.backend.core.log import getLogger |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
21 log = getLogger(__name__) |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 |
|
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
23 """This module applies monkey patches to Twisted and Wokkel |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
24 First part handle certificate validation during XMPP connectionand are temporary |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
25 (until merged upstream). |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
26 Second part add a trigger point to send and onElement method of XmlStream |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
27 """ |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
28 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
29 |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
30 # SCRAM-SHA implementation |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
31 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
32 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
33 @implementer(sasl_mechanisms.ISASLMechanism) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
34 class ScramSha: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
35 """Implements the SCRAM-SHA SASL authentication mechanism. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
36 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
37 This mechanism is defined in RFC 5802. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
38 """ |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
39 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
40 ALLOWED_ALGORITHMS = ("SHA-1", "SHA-256", "SHA-512") |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
41 backend = default_backend() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
42 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
43 def __init__(self, username: str, password: str, algorithm: str) -> None: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
44 """Initialize SCRAM-SHA mechanism with user credentials. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
45 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
46 @param username: The user's username. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
47 @param password: The user's password. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
48 """ |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
49 if algorithm not in self.ALLOWED_ALGORITHMS: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
50 raise ValueError(f"Invalid algorithm: {algorithm!r}") |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
51 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
52 self.username = username |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
53 self.password = password |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
54 self.algorithm = getattr(hashes, algorithm.replace("-", "", 1))() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
55 self.name = f"SCRAM-{algorithm}" |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
56 self.client_nonce = base64.b64encode(secrets.token_bytes(24)).decode() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
57 self.server_nonce = None |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
58 self.salted_password = None |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
59 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
60 def digest(self, data: bytes) -> bytes: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
61 hasher = hashes.Hash(self.algorithm) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
62 hasher.update(data) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
63 return hasher.finalize() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
64 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
65 def _hmac(self, key: bytes, msg: bytes) -> bytes: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
66 """Compute HMAC-SHA""" |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
67 h = hmac.HMAC(key, self.algorithm, backend=self.backend) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
68 h.update(msg) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
69 return h.finalize() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
70 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
71 def _hi(self, password: str, salt: bytes, iterations: int) -> bytes: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
72 kdf = PBKDF2HMAC( |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
73 algorithm=self.algorithm, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
74 length=self.algorithm.digest_size, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
75 salt=salt, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
76 iterations=iterations, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
77 backend=default_backend(), |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
78 ) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
79 return kdf.derive(password.encode()) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
80 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
81 def getInitialResponse(self) -> bytes: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
82 """Builds the initial client response message.""" |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
83 return f"n,,n={self.username},r={self.client_nonce}".encode() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
84 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
85 def getResponse(self, challenge: bytes) -> bytes: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
86 """SCRAM-SHA authentication final step. Building proof of having the password. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
87 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
88 @param challenge: Challenge string from the server. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
89 @return: Client proof. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
90 """ |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
91 challenge_parts = dict(item.split("=") for item in challenge.decode().split(",")) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
92 self.server_nonce = challenge_parts["r"] |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
93 salt = base64.b64decode(challenge_parts["s"]) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
94 iterations = int(challenge_parts["i"]) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
95 self.salted_password = self._hi(self.password, salt, iterations) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
96 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
97 client_key = self._hmac(self.salted_password, b"Client Key") |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
98 stored_key = self.digest(client_key) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
99 auth_message = ( |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
100 f"n={self.username},r={self.client_nonce},{challenge.decode()},c=biws," |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
101 f"r={self.server_nonce}" |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
102 ).encode() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
103 client_signature = self._hmac(stored_key, auth_message) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
104 client_proof = bytes(a ^ b for a, b in zip(client_key, client_signature)) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
105 client_final_message = ( |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
106 f"c=biws,r={self.server_nonce},p={base64.b64encode(client_proof).decode()}" |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
107 ) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
108 return client_final_message.encode() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
109 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
110 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
111 class SASLInitiatingInitializer(sasl.SASLInitiatingInitializer): |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
112 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
113 def setMechanism(self): |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
114 """ |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
115 Select and setup authentication mechanism. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
116 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
117 Uses the authenticator's C{jid} and C{password} attribute for the |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
118 authentication credentials. If no supported SASL mechanisms are |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
119 advertized by the receiving party, a failing deferred is returned with |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
120 a L{SASLNoAcceptableMechanism} exception. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
121 """ |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
122 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
123 jid = self.xmlstream.authenticator.jid |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
124 password = self.xmlstream.authenticator.password |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
125 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
126 mechanisms = sasl.get_mechanisms(self.xmlstream) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
127 if jid.user is not None: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
128 if "SCRAM-SHA-512" in mechanisms: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
129 self.mechanism = ScramSha(jid.user, password, algorithm="SHA-512") |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
130 elif "SCRAM-SHA-256" in mechanisms: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
131 self.mechanism = ScramSha(jid.user, password, algorithm="SHA-256") |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
132 elif "SCRAM-SHA-1" in mechanisms: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
133 self.mechanism = ScramSha(jid.user, password, algorithm="SHA-1") |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
134 # FIXME: PLAIN should probably be disabled. |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
135 elif "PLAIN" in mechanisms: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
136 self.mechanism = sasl_mechanisms.Plain(None, jid.user, password) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
137 else: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
138 raise sasl.SASLNoAcceptableMechanism() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
139 else: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
140 if "ANONYMOUS" in mechanisms: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
141 self.mechanism = sasl_mechanisms.Anonymous() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
142 else: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
143 raise sasl.SASLNoAcceptableMechanism() |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
144 |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
145 |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
146 ## certificate validation patches |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
147 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
148 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
149 class XMPPClient(client.XMPPClient): |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
150 |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
151 def __init__( |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
152 self, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
153 jid, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
154 password, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
155 host=None, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
156 port=5222, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
157 tls_required=True, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
158 configurationForTLS=None, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
159 ): |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
160 self.jid = jid |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
161 self.domain = jid.host.encode("idna") |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
162 self.host = host |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
163 self.port = port |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
164 |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
165 factory = HybridClientFactory( |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
166 jid, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
167 password, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
168 tls_required=tls_required, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
169 configurationForTLS=configurationForTLS, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
170 ) |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
171 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
172 client.StreamManager.__init__(self, factory) |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
173 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
174 |
|
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
175 def HybridClientFactory(jid, password, tls_required=True, configurationForTLS=None): |
|
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
176 a = HybridAuthenticator(jid, password, tls_required, configurationForTLS) |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
177 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
178 return xmlstream.XmlStreamFactory(a) |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
179 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
180 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
181 class HybridAuthenticator(client.HybridAuthenticator): |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
182 res_binding = True |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
183 |
|
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
184 def __init__(self, jid, password, tls_required=True, configurationForTLS=None): |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
185 xmlstream.ConnectAuthenticator.__init__(self, jid.host) |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
186 self.jid = jid |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
187 self.password = password |
|
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
188 self.tls_required = tls_required |
|
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
189 self.configurationForTLS = configurationForTLS |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
190 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
191 def associateWithStream(self, xs): |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
192 xmlstream.ConnectAuthenticator.associateWithStream(self, xs) |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
193 |
|
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
194 tlsInit = xmlstream.TLSInitiatingInitializer( |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
195 xs, required=self.tls_required, configurationForTLS=self.configurationForTLS |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
196 ) |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
197 xs.initializers = [ |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
198 client.client.CheckVersionInitializer(xs), |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
199 tlsInit, |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
200 CheckAuthInitializer(xs, self.res_binding), |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
201 ] |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
202 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
203 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
204 # XmlStream triggers |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
205 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
206 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
207 class XmlStream(xmlstream.XmlStream): |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
208 """XmlStream which allows to add hooks""" |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
209 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
210 def __init__(self, authenticator): |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
211 xmlstream.XmlStream.__init__(self, authenticator) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
212 # hooks at this level should not modify content |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
213 # so it's not needed to handle priority as with triggers |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
214 self._onElementHooks = [] |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
215 self._sendHooks = [] |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
216 |
|
4037
524856bd7b19
massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents:
3044
diff
changeset
|
217 def add_hook(self, hook_type, callback): |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
218 """Add a send or receive hook""" |
|
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
219 conflict_msg = f"Hook conflict: can't add {hook_type} hook {callback}" |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
220 if hook_type == C.STREAM_HOOK_RECEIVE: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
221 if callback not in self._onElementHooks: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
222 self._onElementHooks.append(callback) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
223 else: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
224 log.warning(conflict_msg) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
225 elif hook_type == C.STREAM_HOOK_SEND: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
226 if callback not in self._sendHooks: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
227 self._sendHooks.append(callback) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
228 else: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
229 log.warning(conflict_msg) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
230 else: |
|
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
231 raise ValueError(f"Invalid hook type: {hook_type}") |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
232 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
233 def onElement(self, element): |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
234 for hook in self._onElementHooks: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
235 hook(element) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
236 xmlstream.XmlStream.onElement(self, element) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
237 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
238 def send(self, obj): |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
239 for hook in self._sendHooks: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
240 hook(obj) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
241 xmlstream.XmlStream.send(self, obj) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
242 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
243 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
244 # Binding activation (needed for stream management, XEP-0198) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
245 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
246 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
247 class CheckAuthInitializer(client.CheckAuthInitializer): |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
248 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
249 def __init__(self, xs, res_binding): |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
250 super(CheckAuthInitializer, self).__init__(xs) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
251 self.res_binding = res_binding |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
252 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
253 def initialize(self): |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
254 # XXX: modification of client.CheckAuthInitializer which has optional |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
255 # resource binding, and which doesn't do deprecated |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
256 # SessionInitializer |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
257 if (sasl.NS_XMPP_SASL, "mechanisms") in self.xmlstream.features: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
258 inits = [(SASLInitiatingInitializer, True)] |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
259 if self.res_binding: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
260 inits.append((tclient.BindInitializer, True)), |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
261 |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
262 for initClass, required in inits: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
263 init = initClass(self.xmlstream) |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
264 init.required = required |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
265 self.xmlstream.initializers.append(init) |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
266 elif (tclient.NS_IQ_AUTH_FEATURE, "auth") in self.xmlstream.features: |
|
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
267 self.xmlstream.initializers.append(tclient.IQAuthInitializer(self.xmlstream)) |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
268 else: |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
269 raise Exception("No available authentication method found") |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
270 |
|
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
271 |
|
2809
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
272 # jid fix |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
273 |
|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
274 |
|
2809
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
275 def internJID(jidstring): |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
276 """ |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
277 Return interned JID. |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
278 |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
279 @rtype: L{JID} |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
280 """ |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
281 # XXX: this interJID return a copy of the cached jid |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
282 # this avoid modification of cached jid as JID is mutable |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
283 # TODO: propose this upstream |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
284 |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
285 if jidstring in jid.__internJIDs: |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
286 return copy.copy(jid.__internJIDs[jidstring]) |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
287 else: |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
288 j = jid.JID(jidstring) |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
289 jid.__internJIDs[jidstring] = j |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
290 return copy.copy(j) |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
291 |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
292 |
|
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
293 def apply(): |
|
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
294 # certificate validation |
|
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
295 client.XMPPClient = XMPPClient |
|
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
296 # XmlStream triggers |
|
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
297 xmlstream.XmlStreamFactory.protocol = XmlStream |
|
2809
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
298 # jid fix |
|
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
299 jid.internJID = internJID |