Ejemplo n.º 1
0
    def _handle_sasl_auth(self, features):
        """
        Handle authenticating using SASL.

        Arguments:
            features -- The stream features stanza.
        """
        if 'mechanisms' in self.xmpp.features:
            # SASL authentication has already succeeded, but the
            # server has incorrectly offered it again.
            return False

        mech_list = features['mechanisms']
        self.mech = self.sasl.choose_mechanism(mech_list)

        if self.mech is not None:
            resp = stanza.Auth(self.xmpp)
            resp['mechanism'] = self.mech.name
            resp['value'] = self.mech.process()
            resp.send(now=True)
        else:
            log.error("No appropriate login method.")
            self.xmpp.event("no_auth", direct=True)
            self.xmpp.disconnect()
        return True
Ejemplo n.º 2
0
    def _send_auth(self):
        mech_list = self.mech_list - self.attempted_mechs
        self.mech = self.sasl.choose_mechanism(mech_list)

        if mech_list and self.mech is not None:
            resp = stanza.Auth(self.xmpp)
            resp['mechanism'] = self.mech.name
            try:
                resp['value'] = self.mech.process()
            except SASLCancelled:
                self.attempted_mechs.add(self.mech.name)
                self._send_auth()
            except SASLError:
                self.attempted_mechs.add(self.mech.name)
                self._send_auth()
            except SASLPrepFailure:
                log.exception("A credential value did not pass SASLprep.")
                self.xmpp.disconnect()
            else:
                resp.send(now=True)
        else:
            log.error("No appropriate login method.")
            self.xmpp.event("no_auth", direct=True)
            self.attempted_mechs = set()
            self.xmpp.disconnect()
        return True
Ejemplo n.º 3
0
    def _send_auth(self):
        mech_list = self.mech_list - self.attempted_mechs
        try:
            self.mech = sasl.choose(mech_list,
                                    self.sasl_callback,
                                    self.security_callback,
                                    limit=self.use_mechs,
                                    min_mech=self.min_mech)
        except sasl.SASLNoAppropriateMechanism:
            log.error("No appropriate login method.")
            self.xmpp.event("no_auth", direct=True)
            self.xmpp.event("failed_auth", direct=True)
            self.attempted_mechs = set()
            return self.xmpp.disconnect()
        except StringPrepError:
            log.exception("A credential value did not pass SASLprep.")
            self.xmpp.disconnect()

        resp = stanza.Auth(self.xmpp)
        resp['mechanism'] = self.mech.name
        try:
            resp['value'] = self.mech.process()
        except sasl.SASLCancelled:
            self.attempted_mechs.add(self.mech.name)
            self._send_auth()
        except sasl.SASLFailed:
            self.attempted_mechs.add(self.mech.name)
            self._send_auth()
        except sasl.SASLMutualAuthFailed:
            log.error("Mutual authentication failed! " + \
                      "A security breach is possible.")
            self.attempted_mechs.add(self.mech.name)
            self.xmpp.disconnect()
        else:
            resp.send(now=True)

        return True