Mercurial > libervia-backend
annotate libervia/backend/core/patches.py @ 4304:92a886f31581
doc (components): new Email gateway documentation:
fix 449
author | Goffi <goffi@goffi.org> |
---|---|
date | Fri, 06 Sep 2024 18:07:44 +0200 |
parents | c14e904eee13 |
children |
rev | line source |
---|---|
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
1 import base64 |
2809
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
2 import copy |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
3 import secrets |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
4 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
5 from cryptography.hazmat.backends import default_backend |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
6 from cryptography.hazmat.primitives import hashes, hmac |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
7 from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
8 from twisted.words.protocols.jabber import ( |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
9 client as tclient, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
10 jid, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
11 sasl, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
12 sasl_mechanisms, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
13 xmlstream, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
14 ) |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 from wokkel import client |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
16 from zope.interface import implementer |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
17 |
4071
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
18 from libervia.backend.core.constants import Const as C |
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
19 from libervia.backend.core.log import getLogger |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
21 log = getLogger(__name__) |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 |
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
23 """This module applies monkey patches to Twisted and Wokkel |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
24 First part handle certificate validation during XMPP connectionand are temporary |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
25 (until merged upstream). |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
26 Second part add a trigger point to send and onElement method of XmlStream |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
27 """ |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
28 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
29 |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
30 # SCRAM-SHA implementation |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
31 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
32 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
33 @implementer(sasl_mechanisms.ISASLMechanism) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
34 class ScramSha: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
35 """Implements the SCRAM-SHA SASL authentication mechanism. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
36 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
37 This mechanism is defined in RFC 5802. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
38 """ |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
39 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
40 ALLOWED_ALGORITHMS = ("SHA-1", "SHA-256", "SHA-512") |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
41 backend = default_backend() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
42 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
43 def __init__(self, username: str, password: str, algorithm: str) -> None: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
44 """Initialize SCRAM-SHA mechanism with user credentials. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
45 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
46 @param username: The user's username. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
47 @param password: The user's password. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
48 """ |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
49 if algorithm not in self.ALLOWED_ALGORITHMS: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
50 raise ValueError(f"Invalid algorithm: {algorithm!r}") |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
51 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
52 self.username = username |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
53 self.password = password |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
54 self.algorithm = getattr(hashes, algorithm.replace("-", "", 1))() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
55 self.name = f"SCRAM-{algorithm}" |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
56 self.client_nonce = base64.b64encode(secrets.token_bytes(24)).decode() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
57 self.server_nonce = None |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
58 self.salted_password = None |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
59 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
60 def digest(self, data: bytes) -> bytes: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
61 hasher = hashes.Hash(self.algorithm) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
62 hasher.update(data) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
63 return hasher.finalize() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
64 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
65 def _hmac(self, key: bytes, msg: bytes) -> bytes: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
66 """Compute HMAC-SHA""" |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
67 h = hmac.HMAC(key, self.algorithm, backend=self.backend) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
68 h.update(msg) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
69 return h.finalize() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
70 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
71 def _hi(self, password: str, salt: bytes, iterations: int) -> bytes: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
72 kdf = PBKDF2HMAC( |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
73 algorithm=self.algorithm, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
74 length=self.algorithm.digest_size, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
75 salt=salt, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
76 iterations=iterations, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
77 backend=default_backend(), |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
78 ) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
79 return kdf.derive(password.encode()) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
80 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
81 def getInitialResponse(self) -> bytes: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
82 """Builds the initial client response message.""" |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
83 return f"n,,n={self.username},r={self.client_nonce}".encode() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
84 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
85 def getResponse(self, challenge: bytes) -> bytes: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
86 """SCRAM-SHA authentication final step. Building proof of having the password. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
87 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
88 @param challenge: Challenge string from the server. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
89 @return: Client proof. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
90 """ |
4256
c14e904eee13
core: fix SCRAM challenge parsing.
Goffi <goffi@goffi.org>
parents:
4237
diff
changeset
|
91 challenge_parts = dict( |
c14e904eee13
core: fix SCRAM challenge parsing.
Goffi <goffi@goffi.org>
parents:
4237
diff
changeset
|
92 item.split("=", 1) for item in challenge.decode().split(",") |
c14e904eee13
core: fix SCRAM challenge parsing.
Goffi <goffi@goffi.org>
parents:
4237
diff
changeset
|
93 ) |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
94 self.server_nonce = challenge_parts["r"] |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
95 salt = base64.b64decode(challenge_parts["s"]) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
96 iterations = int(challenge_parts["i"]) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
97 self.salted_password = self._hi(self.password, salt, iterations) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
98 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
99 client_key = self._hmac(self.salted_password, b"Client Key") |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
100 stored_key = self.digest(client_key) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
101 auth_message = ( |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
102 f"n={self.username},r={self.client_nonce},{challenge.decode()},c=biws," |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
103 f"r={self.server_nonce}" |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
104 ).encode() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
105 client_signature = self._hmac(stored_key, auth_message) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
106 client_proof = bytes(a ^ b for a, b in zip(client_key, client_signature)) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
107 client_final_message = ( |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
108 f"c=biws,r={self.server_nonce},p={base64.b64encode(client_proof).decode()}" |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
109 ) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
110 return client_final_message.encode() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
111 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
112 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
113 class SASLInitiatingInitializer(sasl.SASLInitiatingInitializer): |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
114 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
115 def setMechanism(self): |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
116 """ |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
117 Select and setup authentication mechanism. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
118 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
119 Uses the authenticator's C{jid} and C{password} attribute for the |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
120 authentication credentials. If no supported SASL mechanisms are |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
121 advertized by the receiving party, a failing deferred is returned with |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
122 a L{SASLNoAcceptableMechanism} exception. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
123 """ |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
124 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
125 jid = self.xmlstream.authenticator.jid |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
126 password = self.xmlstream.authenticator.password |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
127 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
128 mechanisms = sasl.get_mechanisms(self.xmlstream) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
129 if jid.user is not None: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
130 if "SCRAM-SHA-512" in mechanisms: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
131 self.mechanism = ScramSha(jid.user, password, algorithm="SHA-512") |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
132 elif "SCRAM-SHA-256" in mechanisms: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
133 self.mechanism = ScramSha(jid.user, password, algorithm="SHA-256") |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
134 elif "SCRAM-SHA-1" in mechanisms: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
135 self.mechanism = ScramSha(jid.user, password, algorithm="SHA-1") |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
136 # FIXME: PLAIN should probably be disabled. |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
137 elif "PLAIN" in mechanisms: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
138 self.mechanism = sasl_mechanisms.Plain(None, jid.user, password) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
139 else: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
140 raise sasl.SASLNoAcceptableMechanism() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
141 else: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
142 if "ANONYMOUS" in mechanisms: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
143 self.mechanism = sasl_mechanisms.Anonymous() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
144 else: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
145 raise sasl.SASLNoAcceptableMechanism() |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
146 |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
147 |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
148 ## certificate validation patches |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
149 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
150 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
151 class XMPPClient(client.XMPPClient): |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
152 |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
153 def __init__( |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
154 self, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
155 jid, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
156 password, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
157 host=None, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
158 port=5222, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
159 tls_required=True, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
160 configurationForTLS=None, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
161 ): |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
162 self.jid = jid |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
163 self.domain = jid.host.encode("idna") |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
164 self.host = host |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
165 self.port = port |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
166 |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
167 factory = HybridClientFactory( |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
168 jid, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
169 password, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
170 tls_required=tls_required, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
171 configurationForTLS=configurationForTLS, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
172 ) |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
173 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
174 client.StreamManager.__init__(self, factory) |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
175 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
176 |
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
177 def HybridClientFactory(jid, password, tls_required=True, configurationForTLS=None): |
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
178 a = HybridAuthenticator(jid, password, tls_required, configurationForTLS) |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
179 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
180 return xmlstream.XmlStreamFactory(a) |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
181 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
182 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
183 class HybridAuthenticator(client.HybridAuthenticator): |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
184 res_binding = True |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
185 |
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
186 def __init__(self, jid, password, tls_required=True, configurationForTLS=None): |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
187 xmlstream.ConnectAuthenticator.__init__(self, jid.host) |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
188 self.jid = jid |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
189 self.password = password |
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
190 self.tls_required = tls_required |
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
191 self.configurationForTLS = configurationForTLS |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
192 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
193 def associateWithStream(self, xs): |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
194 xmlstream.ConnectAuthenticator.associateWithStream(self, xs) |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
195 |
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
196 tlsInit = xmlstream.TLSInitiatingInitializer( |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
197 xs, required=self.tls_required, configurationForTLS=self.configurationForTLS |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
198 ) |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
199 xs.initializers = [ |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
200 client.client.CheckVersionInitializer(xs), |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
201 tlsInit, |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
202 CheckAuthInitializer(xs, self.res_binding), |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
203 ] |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
204 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
205 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
206 # XmlStream triggers |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
207 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
208 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
209 class XmlStream(xmlstream.XmlStream): |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
210 """XmlStream which allows to add hooks""" |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
211 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
212 def __init__(self, authenticator): |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
213 xmlstream.XmlStream.__init__(self, authenticator) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
214 # hooks at this level should not modify content |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
215 # so it's not needed to handle priority as with triggers |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
216 self._onElementHooks = [] |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
217 self._sendHooks = [] |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
218 |
4037
524856bd7b19
massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents:
3044
diff
changeset
|
219 def add_hook(self, hook_type, callback): |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
220 """Add a send or receive hook""" |
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
221 conflict_msg = f"Hook conflict: can't add {hook_type} hook {callback}" |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
222 if hook_type == C.STREAM_HOOK_RECEIVE: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
223 if callback not in self._onElementHooks: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
224 self._onElementHooks.append(callback) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
225 else: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
226 log.warning(conflict_msg) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
227 elif hook_type == C.STREAM_HOOK_SEND: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
228 if callback not in self._sendHooks: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
229 self._sendHooks.append(callback) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
230 else: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
231 log.warning(conflict_msg) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
232 else: |
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
233 raise ValueError(f"Invalid hook type: {hook_type}") |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
234 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
235 def onElement(self, element): |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
236 for hook in self._onElementHooks: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
237 hook(element) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
238 xmlstream.XmlStream.onElement(self, element) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
239 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
240 def send(self, obj): |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
241 for hook in self._sendHooks: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
242 hook(obj) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
243 xmlstream.XmlStream.send(self, obj) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
244 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
245 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
246 # Binding activation (needed for stream management, XEP-0198) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
247 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
248 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
249 class CheckAuthInitializer(client.CheckAuthInitializer): |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
250 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
251 def __init__(self, xs, res_binding): |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
252 super(CheckAuthInitializer, self).__init__(xs) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
253 self.res_binding = res_binding |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
254 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
255 def initialize(self): |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
256 # XXX: modification of client.CheckAuthInitializer which has optional |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
257 # resource binding, and which doesn't do deprecated |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
258 # SessionInitializer |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
259 if (sasl.NS_XMPP_SASL, "mechanisms") in self.xmlstream.features: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
260 inits = [(SASLInitiatingInitializer, True)] |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
261 if self.res_binding: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
262 inits.append((tclient.BindInitializer, True)), |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
263 |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
264 for initClass, required in inits: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
265 init = initClass(self.xmlstream) |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
266 init.required = required |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
267 self.xmlstream.initializers.append(init) |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
268 elif (tclient.NS_IQ_AUTH_FEATURE, "auth") in self.xmlstream.features: |
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
269 self.xmlstream.initializers.append(tclient.IQAuthInitializer(self.xmlstream)) |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
270 else: |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
271 raise Exception("No available authentication method found") |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
272 |
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
273 |
2809
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
274 # jid fix |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
275 |
4237
a1e7e82a8921
core: implement SCRAM-SHA auth algorithm:
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
276 |
2809
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
277 def internJID(jidstring): |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
278 """ |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
279 Return interned JID. |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
280 |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
281 @rtype: L{JID} |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
282 """ |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
283 # XXX: this interJID return a copy of the cached jid |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
284 # this avoid modification of cached jid as JID is mutable |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
285 # TODO: propose this upstream |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
286 |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
287 if jidstring in jid.__internJIDs: |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
288 return copy.copy(jid.__internJIDs[jidstring]) |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
289 else: |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
290 j = jid.JID(jidstring) |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
291 jid.__internJIDs[jidstring] = j |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
292 return copy.copy(j) |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
293 |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
294 |
2687
e9cd473a2f46
core (xmpp): server certificate validation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
295 def apply(): |
3044
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
296 # certificate validation |
691283719bb2
core (patches): updated TLS patches:
Goffi <goffi@goffi.org>
parents:
3028
diff
changeset
|
297 client.XMPPClient = XMPPClient |
2691
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
298 # XmlStream triggers |
1ecceac3df96
plugin XEP-0198: Stream Management implementation:
Goffi <goffi@goffi.org>
parents:
2687
diff
changeset
|
299 xmlstream.XmlStreamFactory.protocol = XmlStream |
2809
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
300 # jid fix |
00d905e1b0ef
core (patches): partially fixed jid caching:
Goffi <goffi@goffi.org>
parents:
2691
diff
changeset
|
301 jid.internJID = internJID |