diff --git a/ChangeLog b/ChangeLog index 4d5e64392..7ad1e9bc2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +2009-01-19 Jean-Sébastien Pédron + + * src/cyrsasl_digest.erl: Replace hijacked usage of xml:get_attr_s/2 + by proper calls to proplists:get_value/3. Replace a call to + stringprep:tolower/1 by exmpp_stringprep:to_lower/1. + + * src/ejabberd_service.erl: Replace a call to xml:crypt/1 by + exmpp_xml:escape_using_entities/1. + 2009-01-19 Jean-Sébastien Pédron Merge from trunk (r1804 to r1829). diff --git a/src/cyrsasl_digest.erl b/src/cyrsasl_digest.erl index 533fc4265..aec10c0b6 100644 --- a/src/cyrsasl_digest.erl +++ b/src/cyrsasl_digest.erl @@ -43,22 +43,22 @@ mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) -> bad -> {error, 'bad-protocol'}; KeyVals -> - DigestURI = xml:get_attr_s("digest-uri", KeyVals), - UserName = xml:get_attr_s("username", KeyVals), + DigestURI = prolists:get_value("digest-uri", KeyVals, ""), + UserName = proplists:get_value("username", KeyVals, ""), case is_digesturi_valid(DigestURI, State#state.host) of false -> ?DEBUG("User login not authorized because digest-uri " "seems invalid: ~p", [DigestURI]), {error, 'not-authorized', UserName}; true -> - AuthzId = xml:get_attr_s("authzid", KeyVals), + AuthzId = proplists:get_value("authzid", KeyVals, ""), case (State#state.get_password)(UserName) of {false, _} -> {error, 'not-authorized', UserName}; {Passwd, AuthModule} -> Response = response(KeyVals, UserName, Passwd, Nonce, AuthzId, "AUTHENTICATE"), - case xml:get_attr_s("response", KeyVals) of + case proplists:get_value("response", KeyVals, "") of Response -> RspAuth = response(KeyVals, UserName, Passwd, @@ -135,7 +135,7 @@ parse4([], Key, Val, Ts) -> %% then digest-uri can be like xmpp/server3.example.org/jabber.example.org %% In that case, ejabberd only checks the service name, not the host. is_digesturi_valid(DigestURICase, JabberHost) -> - DigestURI = stringprep:tolower(DigestURICase), + DigestURI = exmpp_stringprep:to_lower(DigestURICase), case catch string:tokens(DigestURI, "/") of ["xmpp", Host] when Host == JabberHost -> true; @@ -164,11 +164,11 @@ hex([N | Ns], Res) -> response(KeyVals, User, Passwd, Nonce, AuthzId, A2Prefix) -> - Realm = xml:get_attr_s("realm", KeyVals), - CNonce = xml:get_attr_s("cnonce", KeyVals), - DigestURI = xml:get_attr_s("digest-uri", KeyVals), - NC = xml:get_attr_s("nc", KeyVals), - QOP = xml:get_attr_s("qop", KeyVals), + Realm = proplists:get_value("realm", KeyVals, ""), + CNonce = proplists:get_value("cnonce", KeyVals, ""), + DigestURI = proplists:get_value("digest-uri", KeyVals, ""), + NC = proplists:get_value("nc", KeyVals, ""), + QOP = proplists:get_value("qop", KeyVals, ""), A1 = case AuthzId of "" -> binary_to_list( diff --git a/src/ejabberd_service.erl b/src/ejabberd_service.erl index 591d0d0ed..2ff624ae2 100644 --- a/src/ejabberd_service.erl +++ b/src/ejabberd_service.erl @@ -155,7 +155,7 @@ wait_for_stream({xmlstreamstart, #xmlel{ns = NS, attrs = Attrs}}, StateData) -> %% However several transports don't respect that, %% so ejabberd doesn't check 'to' attribute (EJAB-717) To = binary_to_list(exmpp_stanza:get_recipient_from_attrs(Attrs)), - Opening_Reply = exmpp_stream:opening_reply(xml:crypt(To), + Opening_Reply = exmpp_stream:opening_reply(exmpp_xml:escape_using_entities(To), ?NS_COMPONENT_ACCEPT, {0, 0}, StateData#state.streamid), send_element(StateData, Opening_Reply),