2017-06-05 23:29:20 +00:00
|
|
|
use std::mem::replace;
|
2018-08-02 23:11:55 +00:00
|
|
|
use std::str::FromStr;
|
2018-08-01 23:01:41 +00:00
|
|
|
use futures::{Future, Poll, Async, sink, Stream};
|
2017-06-05 23:29:20 +00:00
|
|
|
use tokio_io::{AsyncRead, AsyncWrite};
|
|
|
|
use sasl::common::Credentials;
|
2017-07-18 20:54:10 +00:00
|
|
|
use sasl::common::scram::{Sha1, Sha256};
|
2017-06-05 23:29:20 +00:00
|
|
|
use sasl::client::Mechanism;
|
2017-07-18 20:54:10 +00:00
|
|
|
use sasl::client::mechanisms::{Scram, Plain, Anonymous};
|
2018-08-01 23:01:41 +00:00
|
|
|
use minidom::Element;
|
2018-08-02 16:12:41 +00:00
|
|
|
use xmpp_parsers::sasl::{Auth, Challenge, Response, Success, Failure, Mechanism as XMPPMechanism};
|
|
|
|
use try_from::TryFrom;
|
2017-06-05 23:29:20 +00:00
|
|
|
|
2017-07-18 20:54:10 +00:00
|
|
|
use xmpp_codec::Packet;
|
|
|
|
use xmpp_stream::XMPPStream;
|
|
|
|
use stream_start::StreamStart;
|
2018-09-06 15:46:06 +00:00
|
|
|
use {Error, AuthError, ProtocolError};
|
2017-06-05 23:29:20 +00:00
|
|
|
|
|
|
|
const NS_XMPP_SASL: &str = "urn:ietf:params:xml:ns:xmpp-sasl";
|
|
|
|
|
2018-09-06 15:46:06 +00:00
|
|
|
|
2017-06-05 23:29:20 +00:00
|
|
|
pub struct ClientAuth<S: AsyncWrite> {
|
|
|
|
state: ClientAuthState<S>,
|
|
|
|
mechanism: Box<Mechanism>,
|
|
|
|
}
|
|
|
|
|
|
|
|
enum ClientAuthState<S: AsyncWrite> {
|
|
|
|
WaitSend(sink::Send<XMPPStream<S>>),
|
|
|
|
WaitRecv(XMPPStream<S>),
|
2017-06-05 23:38:48 +00:00
|
|
|
Start(StreamStart<S>),
|
2017-06-05 23:29:20 +00:00
|
|
|
Invalid,
|
|
|
|
}
|
|
|
|
|
|
|
|
impl<S: AsyncWrite> ClientAuth<S> {
|
2018-09-06 15:46:06 +00:00
|
|
|
pub fn new(stream: XMPPStream<S>, creds: Credentials) -> Result<Self, Error> {
|
2018-08-02 23:11:55 +00:00
|
|
|
let mechs: Vec<Box<Mechanism>> = vec![
|
|
|
|
Box::new(Scram::<Sha256>::from_credentials(creds.clone()).unwrap()),
|
|
|
|
Box::new(Scram::<Sha1>::from_credentials(creds.clone()).unwrap()),
|
|
|
|
Box::new(Plain::from_credentials(creds).unwrap()),
|
|
|
|
Box::new(Anonymous::new()),
|
2017-06-05 23:29:20 +00:00
|
|
|
];
|
|
|
|
|
|
|
|
let mech_names: Vec<String> =
|
2018-09-06 21:57:42 +00:00
|
|
|
stream.stream_features.get_child("mechanisms", NS_XMPP_SASL)
|
|
|
|
.ok_or(AuthError::NoMechanism)?
|
|
|
|
.children()
|
|
|
|
.filter(|child| child.is("mechanism", NS_XMPP_SASL))
|
|
|
|
.map(|mech_el| mech_el.text())
|
|
|
|
.collect();
|
2018-08-02 23:14:21 +00:00
|
|
|
// println!("SASL mechanisms offered: {:?}", mech_names);
|
2017-06-05 23:29:20 +00:00
|
|
|
|
2018-08-02 23:11:55 +00:00
|
|
|
for mut mech in mechs {
|
2017-06-05 23:29:20 +00:00
|
|
|
let name = mech.name().to_owned();
|
|
|
|
if mech_names.iter().any(|name1| *name1 == name) {
|
2018-08-02 23:14:21 +00:00
|
|
|
// println!("SASL mechanism selected: {:?}", name);
|
2018-09-06 21:57:42 +00:00
|
|
|
let initial = mech.initial()
|
|
|
|
.map_err(AuthError::Sasl)?;
|
2017-06-05 23:29:20 +00:00
|
|
|
let mut this = ClientAuth {
|
|
|
|
state: ClientAuthState::Invalid,
|
|
|
|
mechanism: mech,
|
|
|
|
};
|
2018-09-06 21:57:42 +00:00
|
|
|
let mechanism = XMPPMechanism::from_str(&name)
|
|
|
|
.map_err(ProtocolError::Parsers)?;
|
2017-06-05 23:29:20 +00:00
|
|
|
this.send(
|
|
|
|
stream,
|
2018-08-01 23:44:48 +00:00
|
|
|
Auth {
|
|
|
|
mechanism,
|
|
|
|
data: initial,
|
|
|
|
}
|
2017-06-05 23:29:20 +00:00
|
|
|
);
|
|
|
|
return Ok(this);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-09-06 21:57:42 +00:00
|
|
|
Err(AuthError::NoMechanism)?
|
2017-06-05 23:29:20 +00:00
|
|
|
}
|
|
|
|
|
2018-08-01 23:44:48 +00:00
|
|
|
fn send<N: Into<Element>>(&mut self, stream: XMPPStream<S>, nonza: N) {
|
2018-08-01 22:19:06 +00:00
|
|
|
let send = stream.send_stanza(nonza);
|
2017-06-05 23:29:20 +00:00
|
|
|
|
|
|
|
self.state = ClientAuthState::WaitSend(send);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl<S: AsyncRead + AsyncWrite> Future for ClientAuth<S> {
|
|
|
|
type Item = XMPPStream<S>;
|
2018-09-06 15:46:06 +00:00
|
|
|
type Error = Error;
|
2017-06-05 23:29:20 +00:00
|
|
|
|
|
|
|
fn poll(&mut self) -> Poll<Self::Item, Self::Error> {
|
|
|
|
let state = replace(&mut self.state, ClientAuthState::Invalid);
|
|
|
|
|
|
|
|
match state {
|
|
|
|
ClientAuthState::WaitSend(mut send) =>
|
|
|
|
match send.poll() {
|
|
|
|
Ok(Async::Ready(stream)) => {
|
|
|
|
self.state = ClientAuthState::WaitRecv(stream);
|
|
|
|
self.poll()
|
|
|
|
},
|
|
|
|
Ok(Async::NotReady) => {
|
|
|
|
self.state = ClientAuthState::WaitSend(send);
|
|
|
|
Ok(Async::NotReady)
|
|
|
|
},
|
|
|
|
Err(e) =>
|
2018-09-06 21:57:42 +00:00
|
|
|
Err(e)?,
|
2017-06-05 23:29:20 +00:00
|
|
|
},
|
|
|
|
ClientAuthState::WaitRecv(mut stream) =>
|
|
|
|
match stream.poll() {
|
2018-08-02 16:12:41 +00:00
|
|
|
Ok(Async::Ready(Some(Packet::Stanza(stanza)))) => {
|
|
|
|
if let Ok(challenge) = Challenge::try_from(stanza.clone()) {
|
2018-09-06 15:46:06 +00:00
|
|
|
let response = self.mechanism.response(&challenge.data)
|
|
|
|
.map_err(AuthError::Sasl)?;
|
2018-08-02 16:12:41 +00:00
|
|
|
self.send(stream, Response { data: response });
|
|
|
|
self.poll()
|
|
|
|
} else if let Ok(_) = Success::try_from(stanza.clone()) {
|
|
|
|
let start = stream.restart();
|
|
|
|
self.state = ClientAuthState::Start(start);
|
|
|
|
self.poll()
|
|
|
|
} else if let Ok(failure) = Failure::try_from(stanza) {
|
2018-09-06 21:57:42 +00:00
|
|
|
Err(AuthError::Fail(failure.defined_condition))?
|
2018-08-02 16:12:41 +00:00
|
|
|
} else {
|
|
|
|
Ok(Async::NotReady)
|
|
|
|
}
|
|
|
|
}
|
2018-08-02 23:14:21 +00:00
|
|
|
Ok(Async::Ready(_event)) => {
|
|
|
|
// println!("ClientAuth ignore {:?}", _event);
|
2017-06-05 23:29:20 +00:00
|
|
|
Ok(Async::NotReady)
|
|
|
|
},
|
|
|
|
Ok(_) => {
|
|
|
|
self.state = ClientAuthState::WaitRecv(stream);
|
|
|
|
Ok(Async::NotReady)
|
|
|
|
},
|
|
|
|
Err(e) =>
|
2018-09-06 21:57:42 +00:00
|
|
|
Err(ProtocolError::Parser(e))?
|
2017-06-05 23:29:20 +00:00
|
|
|
},
|
2017-06-05 23:38:48 +00:00
|
|
|
ClientAuthState::Start(mut start) =>
|
|
|
|
match start.poll() {
|
|
|
|
Ok(Async::Ready(stream)) =>
|
|
|
|
Ok(Async::Ready(stream)),
|
|
|
|
Ok(Async::NotReady) => {
|
|
|
|
self.state = ClientAuthState::Start(start);
|
|
|
|
Ok(Async::NotReady)
|
|
|
|
},
|
|
|
|
Err(e) =>
|
2018-09-06 21:57:42 +00:00
|
|
|
Err(e)
|
2017-06-05 23:38:48 +00:00
|
|
|
},
|
2017-06-05 23:29:20 +00:00
|
|
|
ClientAuthState::Invalid =>
|
|
|
|
unreachable!(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|