[Tkabber-dev] [tclxmpp] r163 committed - * xmpp/https.tcl: Removed domain flag from the NTLM greeting message....

tclxmpp at googlecode.com tclxmpp at googlecode.com
Sun Apr 21 13:14:54 MSK 2013


Revision: 163
Author:   sgolovan
Date:     Sun Apr 21 02:14:38 2013
Log:      	* xmpp/https.tcl: Removed domain flag from the NTLM greeting  
message.
	  This fixes authentication on ISA 2006 proxy.

	* xmpp/sasl.tcl: Added EXTERNAL mechanism.

	* xmpp/xml.tcl: Added -from option to the stream header, which is useful
	  for components.

http://code.google.com/p/tclxmpp/source/detail?r=163

Modified:
  /trunk/ChangeLog
  /trunk/xmpp/https.tcl
  /trunk/xmpp/sasl.tcl
  /trunk/xmpp/xml.tcl

=======================================
--- /trunk/ChangeLog	Thu May 17 22:31:17 2012
+++ /trunk/ChangeLog	Sun Apr 21 02:14:38 2013
@@ -1,3 +1,13 @@
+2013-04-21  Sergei Golovan  <sgolovan at nes.ru>
+
+	* xmpp/https.tcl: Removed domain flag from the NTLM greeting message.
+	  This fixes authentication on ISA 2006 proxy.
+
+	* xmpp/sasl.tcl: Added EXTERNAL mechanism.
+
+	* xmpp/xml.tcl: Added -from option to the stream header, which is useful
+	  for components.
+
  2012-05-18  Sergei Golovan  <sgolovan at nes.ru>

  	* xmpp/zlib.tcl: Added support for the native zlib coming with Tcl 8.6.
=======================================
--- /trunk/xmpp/https.tcl	Thu Nov 11 05:14:58 2010
+++ /trunk/xmpp/https.tcl	Sun Apr 21 02:14:38 2013
@@ -4,7 +4,7 @@
  #       tunnelling HTTPS traffic, so the name is https) method for
  #       connecting TCP sockets. Only client side.
  #
-# Copyright (c) 2007-2010 Sergei Golovan <sgolovan at nes.ru>
+# Copyright (c) 2007-2013 Sergei Golovan <sgolovan at nes.ru>
  #
  # See the file "license.terms" for information on usage and redistribution
  # of this file, and for a DISCLAMER OF ALL WARRANTIES.
@@ -335,7 +335,8 @@

      set message1 \
          [string map {\n {}} \
-                [base64::encode [::SASL::NTLM::CreateGreeting "" ""]]]
+                [base64::encode [::SASL::NTLM::CreateGreeting "" "" \
+                                    {unicode oem ntlm req_target server}]]]

      Debug $token 2 "NTLM $message1"

@@ -409,15 +410,18 @@
      # then set domain and username
      set username $state(-username)
      regexp {(\w+)[\\/](.*)} $username -> domain username
+    if {![info exists domain]} {
+        set domain $challenge(domain)
+    }

      set message3 \
          [string map {\n {}} \
                  [base64::encode \
-                        [::SASL::NTLM::CreateResponse $challenge(domain) \
-                                                      [info hostname]    \
-                                                      $username          \
-                                                      $state(-password)  \
-                                                      $challenge(nonce)  \
+                        [::SASL::NTLM::CreateResponse $domain           \
+                                                      [info hostname]   \
+                                                      $username         \
+                                                      $state(-password) \
+                                                      $challenge(nonce) \
                                                        $challenge(flags)]]]
      Debug $token 2 "NTLM $message3"

=======================================
--- /trunk/xmpp/sasl.tcl	Mon Jan 25 09:14:37 2010
+++ /trunk/xmpp/sasl.tcl	Sun Apr 21 02:14:38 2013
@@ -4,7 +4,7 @@
  #       SASL authentication layer via the tclsasl or tcllib SASL package.
  #       Also, it binds resource and opens XMPP session.
  #
-# Copyright (c) 2008-2010 Sergei Golovan <sgolovan at nes.ru>
+# Copyright (c) 2008-2013 Sergei Golovan <sgolovan at nes.ru>
  #
  # See the file "license.terms" for information on usage and redistribution
  # of this file, and for a DISCLAMER OF ALL WARRANTIES.
@@ -444,12 +444,13 @@
      set forbiddenMechs $state(-disable)

      if {$state(-digest) == 1} {
-        lappend forbiddenMechs PLAIN LOGIN
+        lappend forbiddenMechs PLAIN LOGIN EXTERNAL
      } elseif {$state(-digest) == 0} {
          foreach m [SASL::mechanisms] {
              switch -- $m {
                  PLAIN -
-                LOGIN {}
+                LOGIN -
+                EXTERNAL {}
                  default {lappend forbiddenMechs $m}
              }
          }
=======================================
--- /trunk/xmpp/xml.tcl	Mon Jan 25 09:14:37 2010
+++ /trunk/xmpp/xml.tcl	Sun Apr 21 02:14:38 2013
@@ -4,7 +4,7 @@
  #       wrap XML parser. These procedures are called by functions in XMPP
  #       library, and they in turn call the TclXML or tDOM library  
functions.
  #
-# Copyright (c) 2008-2010 Sergei Golovan <sgolovan at nes.ru>
+# Copyright (c) 2008-2013 Sergei Golovan <sgolovan at nes.ru>
  #
  # See the file "license.terms" for information on usage and redistribution
  # of this file, and for a DISCLAMER OF ALL WARRANTIES.
@@ -586,6 +586,7 @@
  #       to                  A peer's (server's) JID.
  #       -xmlns:stream uri   xmlns:stream attribute
  #       -xmlns uri          xmlns attribute
+#       -from jid           from attribute (optional)
  #       -xml:lang lang      xml:lang attribute (optional)
  #       -version ver        XMPP version attribute (optional)
  #
@@ -613,6 +614,9 @@

      foreach {key val} $args {
          switch -- $key {
+            -from {
+                append retext " from='[Escape $val]'"
+            }
              -xml:lang {
                  append retext " xml:lang='[Escape $val]'"
              }


More information about the Tkabber-dev mailing list