diff options
Diffstat (limited to 'sleekxmpp/features/feature_mechanisms')
-rw-r--r-- | sleekxmpp/features/feature_mechanisms/mechanisms.py | 31 | ||||
-rw-r--r-- | sleekxmpp/features/feature_mechanisms/stanza/auth.py | 2 |
2 files changed, 15 insertions, 18 deletions
diff --git a/sleekxmpp/features/feature_mechanisms/mechanisms.py b/sleekxmpp/features/feature_mechanisms/mechanisms.py index b480d5be..ca94bce1 100644 --- a/sleekxmpp/features/feature_mechanisms/mechanisms.py +++ b/sleekxmpp/features/feature_mechanisms/mechanisms.py @@ -6,7 +6,6 @@ See the file LICENSE for copying permission. """ -import sys import ssl import logging @@ -44,15 +43,16 @@ class FeatureMechanisms(BasePlugin): } def plugin_init(self): - if not self.use_mech and not self.xmpp.requested_jid.user: - self.use_mech = 'ANONYMOUS' - if self.sasl_callback is None: self.sasl_callback = self._default_credentials if self.security_callback is None: self.security_callback = self._default_security + creds = self.sasl_callback(set(['username']), set()) + if not self.use_mech and not creds['username']: + self.use_mech = 'ANONYMOUS' + self.mech = None self.mech_list = set() self.attempted_mechs = set() @@ -92,27 +92,23 @@ class FeatureMechanisms(BasePlugin): values = required_values.union(optional_values) for value in values: if value == 'username': - result[value] = self.xmpp.requested_jid.user - elif value == 'password': - result[value] = creds['password'] - elif value == 'authzid': - result[value] = creds.get('authzid', '') + result[value] = creds.get('username', self.xmpp.requested_jid.user) elif value == 'email': jid = self.xmpp.requested_jid.bare result[value] = creds.get('email', jid) elif value == 'channel_binding': - if sys.version_info >= (3, 3): + if hasattr(self.xmpp.socket, 'get_channel_binding'): result[value] = self.xmpp.socket.get_channel_binding() else: result[value] = None elif value == 'host': - result[value] = self.xmpp.requested_jid.domain + result[value] = creds.get('host', self.xmpp.requested_jid.domain) elif value == 'realm': - result[value] = self.xmpp.requested_jid.domain + result[value] = creds.get('realm', self.xmpp.requested_jid.domain) elif value == 'service-name': - result[value] = self.xmpp._service_name + result[value] = creds.get('service-name', self.xmpp._service_name) elif value == 'service': - result[value] = 'xmpp' + result[value] = creds.get('service', 'xmpp') elif value in creds: result[value] = creds[value] return result @@ -174,8 +170,12 @@ class FeatureMechanisms(BasePlugin): except sasl.SASLNoAppropriateMechanism: log.error("No appropriate login method.") self.xmpp.event("no_auth", direct=True) + self.xmpp.event("failed_auth", direct=True) self.attempted_mechs = set() return self.xmpp.disconnect() + except StringPrepError: + log.exception("A credential value did not pass SASLprep.") + self.xmpp.disconnect() resp = stanza.Auth(self.xmpp) resp['mechanism'] = self.mech.name @@ -192,9 +192,6 @@ class FeatureMechanisms(BasePlugin): "A security breach is possible.") self.attempted_mechs.add(self.mech.name) self.xmpp.disconnect() - except StringPrepError: - log.exception("A credential value did not pass SASLprep.") - self.xmpp.disconnect() else: resp.send(now=True) diff --git a/sleekxmpp/features/feature_mechanisms/stanza/auth.py b/sleekxmpp/features/feature_mechanisms/stanza/auth.py index 7b665345..6b6f85a3 100644 --- a/sleekxmpp/features/feature_mechanisms/stanza/auth.py +++ b/sleekxmpp/features/feature_mechanisms/stanza/auth.py @@ -40,7 +40,7 @@ class Auth(StanzaBase): if not self['mechanism'] in self.plain_mechs: if values: self.xml.text = bytes(base64.b64encode(values)).decode('utf-8') - else: + elif values == b'': self.xml.text = '=' else: self.xml.text = bytes(values).decode('utf-8') |