def handle(self, tree, msg, lastRetVal=None):
iq = tree
id = iq.get('id')
if id:
bind = iq[0]
if len(bind) > 0:
resource = bind[0].text
else:
# generate an id
resource = generateId()[:6]
# TODO: check that we don't already have such a resource
jid = msg.conn.data['user']['jid']
bindResource(msg, resource)
res = Element('iq', {'type' : 'result', 'id' : id})
bind = Element('bind', {'xmlns' : 'urn:ietf:params:xml:ns:xmpp-bind'})
jidEl = Element('jid')
jidEl.text = '%s/%s' % (jid, resource)
bind.append(jidEl)
res.append(bind)
return chainOutput(lastRetVal, res)
else:
logging.warning("[%s] No id in <iq>:\n%s", self.__class__, tostring(iq))
return lastRetVal
def handle(self, tree, msg, lastRetVal=None):
iq = tree
id = iq.get("id")
if id:
bind = iq[0]
if len(bind) > 0:
resource = bind[0].text
else:
# generate an id
resource = generateId()[:6]
# TODO: check that we don't already have such a resource
jid = msg.conn.data["user"]["jid"]
bindResource(msg, resource)
res = Element("iq", {"type": "result", "id": id})
bind = Element("bind", {"xmlns": "urn:ietf:params:xml:ns:xmpp-bind"})
jidEl = Element("jid")
jidEl.text = "%s/%s" % (jid, resource)
bind.append(jidEl)
res.append(bind)
return chainOutput(lastRetVal, res)
else:
logging.warning("[%s] No id in <iq>:\n%s", self.__class__, tostring(iq))
return lastRetVal
def createRosterQuery(cjid,
subName,
name=None,
groups=None,
itemArgs=None):
"""Creates and returns a <query> item for sending in an <iq> in a
roster push.
cjid -- jid as a str for the contact in a roster item.
subName -- name of the subscription as a str.
name -- name for the contact. Can be None.
groups -- list of group names as strings.
"""
itemArgs = itemArgs or {}
query = Element('query', {'xmlns': 'jabber:iq:roster'})
d = {
'jid': cjid,
'subscription': subName,
}
if name:
d['name'] = name
d.update(itemArgs)
item = SubElement(query, 'item', d)
for groupName in groups:
if groupName: # don't want empty groups
group = Element('group')
group.text = groupName
item.append(group)
return query
def createRosterQuery(cjid, subName, name=None, groups=None, itemArgs=None):
"""Creates and returns a <query> item for sending in an <iq> in a
roster push.
cjid -- jid as a str for the contact in a roster item.
subName -- name of the subscription as a str.
name -- name for the contact. Can be None.
groups -- list of group names as strings.
"""
itemArgs = itemArgs or {}
query = Element('query', {'xmlns' : 'jabber:iq:roster'})
d = {
'jid' : cjid,
'subscription' : subName,
}
if name:
d['name'] = name
d.update(itemArgs)
item = SubElement(query, 'item', d)
for groupName in groups:
if groupName: # don't want empty groups
group = Element('group')
group.text = groupName
item.append(group)
return query
def handle(self, tree, msg, lastRetVal=None):
iq = tree
id = iq.get('id')
if id:
bind = iq[0]
if len(bind) > 0:
resource = bind[0].text
else:
# generate an id
resource = generateId()[:6]
# TODO: check that we don't already have such a resource
jid = msg.conn.data['user']['jid']
bindResource(msg, resource)
res = Element('iq', {'type': 'result', 'id': id})
bind = Element('bind',
{'xmlns': 'urn:ietf:params:xml:ns:xmpp-bind'})
jidEl = Element('jid')
jidEl.text = '%s/%s' % (jid, resource)
bind.append(jidEl)
res.append(bind)
return chainOutput(lastRetVal, res)
else:
logging.warning("[%s] No id in <iq>:\n%s", self.__class__,
tostring(iq))
return lastRetVal
def act():
d = msg.conn.data
retVal = lastRetVal
jid = d['user']['jid']
resource = d['user']['resource']
roster = Roster(jid)
presTree = deepcopy(tree)
presTree.set('from', '%s/%s' % (jid, resource))
probes = []
init_rosters = []
offline_msgs = []
if tree.get('to') is None and not d['user']['active']:
# initial presence
# TODO: we don't need to do it every time. we can cache the
# data after the first resource is active and just resend
# that to all new resources
d['user']['active'] = True
# get jids of the contacts whose status we're interested in
cjids = roster.getPresenceSubscriptions()
probeTree = Element('presence', {
'type': 'probe',
'from' : '%s/%s' \
% (jid, resource)
})
# TODO: replace this with a more efficient router handler
for cjid in cjids:
probeTree.set('to', cjid)
probeRouteData = {
'to' : cjid,
'data' : deepcopy(probeTree)
}
probes.append(probeRouteData)
# they're sent first. see below
# send initial roster list to this user
rosterTree = Element('presence', {
'type': 'unavailable',
'to' : '%s/%s' \
% (jid, resource)
})
for cjid in cjids:
rosterTree.set('from', cjid)
rosterRouterData = {
'to' : '%s/%s' % (jid, resource),
'data' : deepcopy(rosterTree)
}
init_rosters.append(rosterRouterData)
# send offline message to this user
try:
con = DB()
result = []
to_jid = JID(jid)
with closing(con.cursor()) as cursor:
cursor.execute("SELECT fromid, time, content FROM offline WHERE toid = %d ORDER BY time DESC" %
(to_jid.getNumId()))
con.commit()
result = cursor.fetchall()
with closing(con.cursor()) as cursor:
cursor.execute("DELETE FROM offline WHERE toid = %d" %
(to_jid.getNumId()))
con.commit()
for fromid, time, content in result:
fromJID = JID(fromid, True).getBare()
toJID = '%s/%s' % (jid, resource)
reply = Element('message', {
'to': toJID,
'from': fromJID,
'type': 'chat'
})
body = Element('body')
body.text = content
reply.append(body)
delay = Element('delay', {
'xmlns': 'urn:xmpp:delay',
'from': fromJID,
'stamp': time.strftime("%Y-%m-%dT%H:%M:%SZ")
})
reply.append(delay)
routeData = {
'to' : toJID,
'data': reply
}
offline_msgs.append(routeData)
logging.debug("[%s] Sending %d offline messages to %s", self.__class__, len(offline_msgs), to_jid.getBare())
except Exception as e:
logging.warning("[%s] Failed to read offline messages: %s", self.__class__, str(e))
# broadcast to other resources of this user
retVal = self.broadcastToOtherResources(presTree, msg, retVal, jid, resource)
elif tree.get('to') is not None:
# TODO: directed presence
return
elif tree.get('type') == 'unavailable':
# broadcast to other resources of this user
d['user']['active'] = False
retVal = self.broadcastToOtherResources(presTree, msg, retVal, jid, resource)
# record this stanza as the last presence sent from this client
lastPresence = deepcopy(tree)
lastPresence.set('from', '%s/%s' % (jid, resource))
d['user']['lastPresence'] = lastPresence
# lookup contacts interested in presence
cjids = roster.getPresenceSubscribers()
# TODO: replace this with another router handler that would send
# it out to all cjids in a batch instead of queuing a handler
# for each
for cjid in cjids:
presTree.set('to', cjid)
presRouteData = {
'to' : cjid,
'data' : deepcopy(presTree)
}
retVal = chainOutput(retVal, presRouteData)
msg.setNextHandler('route-server')
# send the probes first
for probe in probes:
msg.setNextHandler('route-server')
retVal = chainOutput(retVal, probe)
# send initial rosters
for init_roster in init_rosters:
msg.setNextHandler('route-client')
retVal = chainOutput(retVal, init_roster)
# send offline messages
for offline_msg in offline_msgs:
msg.setNextHandler('route-client')
retVal = chainOutput(retVal, offline_msg)
return retVal
def handle(self, data=None):
"""Performs DIGEST-MD5 auth based on current state.
data -- either None for initial challenge, base64-encoded text when
the client responds to challenge 1, or the tree when the client
responds to challenge 2.
"""
# TODO: authz
# TODO: subsequent auth
qop = 'qop="auth"'
charset = 'charset=utf-8'
algo = 'algorithm=md5-sess'
if self.state == SASLDigestMD5.INIT: # initial challenge
self.nonce = generateId()
self.state = SASLDigestMD5.SENT_CHALLENGE1
nonce = 'nonce="%s"' % self.nonce
realm = 'realm="%s"' % self.realm
res = Element('challenge',
{'xmlns': 'urn:ietf:params:xml:ns:xmpp-sasl'})
res.text = base64.b64encode(','.join(
[realm, qop, nonce, charset, algo]))
return res
elif self.state == SASLDigestMD5.SENT_CHALLENGE1 and data:
# response to client's reponse (ie. challenge 2)
try:
text = fromBase64(data)
except:
raise SASLIncorrectEncodingError
pairs = self._parse(text)
try:
username = pairs['username']
nonce = pairs['nonce']
realm = pairs['realm']
cnonce = pairs['cnonce']
nc = pairs['nc']
qop = pairs['qop']
response = pairs['response']
digest_uri = pairs['digest-uri']
except KeyError:
self._handleFailure()
raise SASLAuthError
self.username = username
# authz is ignored for now
if nonce != self.nonce or realm != self.realm \
or int(nc, 16) != 1 or qop[0] != 'auth' or not response\
or not digest_uri:
self._handleFailure()
raise SASLAuthError
# fetch the password now
con = DBautocommit()
c = con.cursor()
c.execute(
"SELECT password FROM jids WHERE \
jid = ?", (username + '@%s' % self.msg.conn.server.hostname, ))
for row in c:
password = row['password']
break
else:
self._handleFailure()
c.close()
con.close()
raise SASLAuthError
c.close()
con.close()
# compute the digest as per RFC 2831
a1 = "%s:%s:%s" % (H("%s:%s:%s" %
(username, realm, password)), nonce, cnonce)
a2 = ":%s" % digest_uri
a2client = "AUTHENTICATE:%s" % digest_uri
digest = HEX(
KD(
HEX(H(a1)), "%s:%s:%s:%s:%s" %
(nonce, nc, cnonce, "auth", HEX(H(a2client)))))
if digest == response:
rspauth = HEX(
KD(
HEX(H(a1)), "%s:%s:%s:%s:%s" %
(nonce, nc, cnonce, "auth", HEX(H(a2)))))
self.state = SASLDigestMD5.SENT_CHALLENGE2
res = Element('challenge',
{'xmlns': 'urn:ietf:params:xml:ns:xmpp-sasl'})
res.text = base64.b64encode(u"rspauth=%s" % rspauth)
return res
else:
self._handleFailure()
raise SASLAuthError
elif self.state == SASLDigestMD5.SENT_CHALLENGE2 and isinstance(
data, Element):
# expect to get <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
respInd = data.tag.find(
'{urn:ietf:params:xml:ns:xmpp-sasl}response')
d = self.msg.conn.data
if respInd != -1 and len(data) == 0:
self.state = SASLDigestMD5.INIT
d['sasl']['complete'] = True
d['sasl']['in-progress'] = False
d['user']['jid'] = '%s@%s' % (self.username,
self.msg.conn.server.hostname)
# record the JID for local delivery
self.msg.conn.server.conns[self.msg.conn.id] = (JID(
d['user']['jid']), self.msg.conn)
self.msg.conn.parser.resetParser()
res = Element('success',
{'xmlns': 'urn:ietf:params:xml:ns:xmpp-sasl'})
return res
else:
self._handleFailure()
raise SASLAuthError
else:
self._handleFailure()
raise SASLAuthError
def handle(self, data=None):
"""Performs DIGEST-MD5 auth based on current state.
data -- either None for initial challenge, base64-encoded text when
the client responds to challenge 1, or the tree when the client
responds to challenge 2.
"""
# TODO: authz
# TODO: subsequent auth
qop = 'qop="auth"'
charset = 'charset=utf-8'
algo = 'algorithm=md5-sess'
if self.state == SASLDigestMD5.INIT: # initial challenge
self.nonce = generateId()
self.state = SASLDigestMD5.SENT_CHALLENGE1
nonce = 'nonce="%s"' % self.nonce
realm = 'realm="%s"' % self.realm
res = Element('challenge',
{'xmlns' : 'urn:ietf:params:xml:ns:xmpp-sasl'})
res.text = base64.b64encode(','.join([realm, qop, nonce, charset, algo]))
return res
elif self.state == SASLDigestMD5.SENT_CHALLENGE1 and data:
# response to client's reponse (ie. challenge 2)
try:
text = fromBase64(data)
except:
raise SASLIncorrectEncodingError
pairs = self._parse(text)
try:
username = pairs['username']
nonce = pairs['nonce']
realm = pairs['realm']
cnonce = pairs['cnonce']
nc = pairs['nc']
qop = pairs['qop']
response = pairs['response']
digest_uri = pairs['digest-uri']
except KeyError:
self._handleFailure()
raise SASLAuthError
self.username = username
# authz is ignored for now
if nonce != self.nonce or realm != self.realm \
or int(nc, 16) != 1 or qop[0] != 'auth' or not response\
or not digest_uri:
self._handleFailure()
raise SASLAuthError
# fetch the password now
con = DBautocommit()
c = con.cursor()
c.execute("SELECT password FROM jids WHERE \
jid = ?", (username + '@%s' % self.msg.conn.server.hostname,))
for row in c:
password = row['password']
break
else:
self._handleFailure()
c.close()
con.close()
raise SASLAuthError
c.close()
con.close()
# compute the digest as per RFC 2831
a1 = "%s:%s:%s" % (H("%s:%s:%s" % (username, realm, password)),
nonce, cnonce)
a2 = ":%s" % digest_uri
a2client = "AUTHENTICATE:%s" % digest_uri
digest = HEX(KD(HEX(H(a1)),
"%s:%s:%s:%s:%s" % (nonce, nc,
cnonce, "auth",
HEX(H(a2client)))))
if digest == response:
rspauth = HEX(KD(HEX(H(a1)),
"%s:%s:%s:%s:%s" % (nonce, nc,
cnonce, "auth",
HEX(H(a2)))))
self.state = SASLDigestMD5.SENT_CHALLENGE2
res = Element('challenge',
{'xmlns' : 'urn:ietf:params:xml:ns:xmpp-sasl'})
res.text = base64.b64encode(u"rspauth=%s" % rspauth)
return res
else:
self._handleFailure()
raise SASLAuthError
elif self.state == SASLDigestMD5.SENT_CHALLENGE2 and isinstance(data, Element):
# expect to get <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
respInd = data.tag.find('{urn:ietf:params:xml:ns:xmpp-sasl}response')
d = self.msg.conn.data
if respInd != -1 and len(data) == 0:
self.state = SASLDigestMD5.INIT
d['sasl']['complete'] = True
d['sasl']['in-progress'] = False
d['user']['jid'] = '%s@%s' % (self.username,
self.msg.conn.server.hostname)
# record the JID for local delivery
self.msg.conn.server.conns[self.msg.conn.id] = (JID(d['user']['jid']),
self.msg.conn)
self.msg.conn.parser.resetParser()
res = Element('success',
{'xmlns' : 'urn:ietf:params:xml:ns:xmpp-sasl'})
return res
else:
self._handleFailure()
raise SASLAuthError
else:
self._handleFailure()
raise SASLAuthError
