mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-26 16:26:24 +01:00
Replace remaining calls to deprecated API:
o In src/cyrsasl_digest.erl, replace hijacked usage of xml:get_attr_s/2 by proper calls to proplists:get_value/3. o Still in src/cyrsasl_digest.erl, replace a call to stringprep:tolower/1 by exmpp_stringprep:to_lower/1. o In src/ejabberd_service.erl, replace a call to xml:crypt/1 by exmpp_xml:escape_using_entities/1. PR: EJABP-1 SVN Revision: 1832
This commit is contained in:
parent
4d95ac08dd
commit
38c0f3cdc8
@ -1,3 +1,12 @@
|
||||
2009-01-19 Jean-Sébastien Pédron <js.pedron@meetic-corp.com>
|
||||
|
||||
* src/cyrsasl_digest.erl: Replace hijacked usage of xml:get_attr_s/2
|
||||
by proper calls to proplists:get_value/3. Replace a call to
|
||||
stringprep:tolower/1 by exmpp_stringprep:to_lower/1.
|
||||
|
||||
* src/ejabberd_service.erl: Replace a call to xml:crypt/1 by
|
||||
exmpp_xml:escape_using_entities/1.
|
||||
|
||||
2009-01-19 Jean-Sébastien Pédron <js.pedron@meetic-corp.com>
|
||||
|
||||
Merge from trunk (r1804 to r1829).
|
||||
|
@ -43,22 +43,22 @@ mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) ->
|
||||
bad ->
|
||||
{error, 'bad-protocol'};
|
||||
KeyVals ->
|
||||
DigestURI = xml:get_attr_s("digest-uri", KeyVals),
|
||||
UserName = xml:get_attr_s("username", KeyVals),
|
||||
DigestURI = prolists:get_value("digest-uri", KeyVals, ""),
|
||||
UserName = proplists:get_value("username", KeyVals, ""),
|
||||
case is_digesturi_valid(DigestURI, State#state.host) of
|
||||
false ->
|
||||
?DEBUG("User login not authorized because digest-uri "
|
||||
"seems invalid: ~p", [DigestURI]),
|
||||
{error, 'not-authorized', UserName};
|
||||
true ->
|
||||
AuthzId = xml:get_attr_s("authzid", KeyVals),
|
||||
AuthzId = proplists:get_value("authzid", KeyVals, ""),
|
||||
case (State#state.get_password)(UserName) of
|
||||
{false, _} ->
|
||||
{error, 'not-authorized', UserName};
|
||||
{Passwd, AuthModule} ->
|
||||
Response = response(KeyVals, UserName, Passwd,
|
||||
Nonce, AuthzId, "AUTHENTICATE"),
|
||||
case xml:get_attr_s("response", KeyVals) of
|
||||
case proplists:get_value("response", KeyVals, "") of
|
||||
Response ->
|
||||
RspAuth = response(KeyVals,
|
||||
UserName, Passwd,
|
||||
@ -135,7 +135,7 @@ parse4([], Key, Val, Ts) ->
|
||||
%% then digest-uri can be like xmpp/server3.example.org/jabber.example.org
|
||||
%% In that case, ejabberd only checks the service name, not the host.
|
||||
is_digesturi_valid(DigestURICase, JabberHost) ->
|
||||
DigestURI = stringprep:tolower(DigestURICase),
|
||||
DigestURI = exmpp_stringprep:to_lower(DigestURICase),
|
||||
case catch string:tokens(DigestURI, "/") of
|
||||
["xmpp", Host] when Host == JabberHost ->
|
||||
true;
|
||||
@ -164,11 +164,11 @@ hex([N | Ns], Res) ->
|
||||
|
||||
|
||||
response(KeyVals, User, Passwd, Nonce, AuthzId, A2Prefix) ->
|
||||
Realm = xml:get_attr_s("realm", KeyVals),
|
||||
CNonce = xml:get_attr_s("cnonce", KeyVals),
|
||||
DigestURI = xml:get_attr_s("digest-uri", KeyVals),
|
||||
NC = xml:get_attr_s("nc", KeyVals),
|
||||
QOP = xml:get_attr_s("qop", KeyVals),
|
||||
Realm = proplists:get_value("realm", KeyVals, ""),
|
||||
CNonce = proplists:get_value("cnonce", KeyVals, ""),
|
||||
DigestURI = proplists:get_value("digest-uri", KeyVals, ""),
|
||||
NC = proplists:get_value("nc", KeyVals, ""),
|
||||
QOP = proplists:get_value("qop", KeyVals, ""),
|
||||
A1 = case AuthzId of
|
||||
"" ->
|
||||
binary_to_list(
|
||||
|
@ -155,7 +155,7 @@ wait_for_stream({xmlstreamstart, #xmlel{ns = NS, attrs = Attrs}}, StateData) ->
|
||||
%% However several transports don't respect that,
|
||||
%% so ejabberd doesn't check 'to' attribute (EJAB-717)
|
||||
To = binary_to_list(exmpp_stanza:get_recipient_from_attrs(Attrs)),
|
||||
Opening_Reply = exmpp_stream:opening_reply(xml:crypt(To),
|
||||
Opening_Reply = exmpp_stream:opening_reply(exmpp_xml:escape_using_entities(To),
|
||||
?NS_COMPONENT_ACCEPT,
|
||||
{0, 0}, StateData#state.streamid),
|
||||
send_element(StateData, Opening_Reply),
|
||||
|
Loading…
Reference in New Issue
Block a user