core/EjabberdAuth.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

<?php

/**
 * Runs constantly and takes requests from an input stream
 * as specified in the ejabberd auth protocol.
 */
class EjabberdAuth {
  var $running;

  function __construct($config, $bridge, $session) {
    $this->bridge = $bridge;
    $this->session = $session;
    $this->bridge->parent = $this;
    if ($this->session) $this->session->parent = $this;
    if (!empty($config['log_path']) && is_dir($config['log_path']) && is_writable($config['log_path']))
      $this->logfile = fopen($config['log_path'] . 'activity-' . date('Y-m-d') . '.log', 'a');
    else $this->logfile = STDERR;
    $this->log('Initialized.');
  }

  function stop() {
    $this->log("Stopping...");
    $this->running = FALSE;
  }

  function run() {
    $this->log('Starting...');
    $this->running = TRUE;
    while ($this->running) {
      $data = $this->read();
      if ($data) {
        $result = $this->execute($data);
        $this->write((int)$result);
      }
    }
    $this->log("Stopped");
  }

  function read() {
    $input = fread(STDIN, 2);
    if (!$input) {
      return $this->stop();
    }

    $input = unpack('n', $input);
    $length = $input[1];
    if($length > 0) {
      $this->log("Reading $length bytes...");
      $data = fread(STDIN, $length);
      return $data;
    }
  }

  function write($data) {
    $this->log("OUT: $data");
    fwrite(STDOUT, pack("nn", 2, $data));
  }

  function log($data) {
    fwrite($this->logfile, sprintf("%s [%d] - %s\n", date('Y-m-d H:i:s'), getmypid(), $data));
  }

  function execute($data) {
    $args = is_array($data) ? array_merge($data, [NULL,NULL,NULL]) : explode(':', $data . ':::');
    list($command, $username, $server, $password) = $args;
    $username = xmpp_unescape_node($username);

    // Don't log the password, obviously.
    $this->log("Executing $command on {$username}@{$server}");

    switch ($command) {
      case 'isuser':
        return ($this->session && $this->session->isuser($username, $server)) ||
               $this->bridge->isuser($username, $server);
      case 'auth':
        return ($this->session && $this->session->auth($username, $server, $password)) ||
               $this->bridge->auth($username, $server, $password);
      case 'setpass':
      case 'tryregister':
      case 'removeuser':
      case 'removeuser3':
        return FALSE;
      default:
        $this->stop();
    }
  }
}

function xmpp_unescape_node($string) {
  return str_replace(
    ['\\20', '\\22', '\\26', '\\27', '\\2f', '\\3a', '\\3c', '\\3e', '\\40', '\\5c'],
    [' ',     '"',    '&',    '\'',   '/',    ':',    '<',    '>',    '@',    '\\'],
    $string);
}