[Bug 27622] Pluggable SASL authentication

Wed May 5 20:53:14 CEST 2010

https://bugs.freedesktop.org/show_bug.cgi?id=27622

--- Comment #17 from Sjoerd Simons <sjoerd at luon.net> 2010-05-05 11:53:13 PDT ---
(In reply to comment #16)
> Added the Jabber auth stuff to the new world order, the branch is at:
> 
> http://git.collabora.co.uk/?p=user/eitan/wocky.git;a=shortlog;h=refs/heads/jabber-auth-refactor

wocky-jabber-auth-digest: auth digest isn't a plain method strictly 
One might argue it's not a very secure one as the server controls one part of
your hashing and it's only a single round so easy enough to brute-force.. Maybe
we should leave it as non-plain..

wocky-jabber-auth.c:
  You use "X-WOCKY-JABBER-{PASSWORD,DIGEST} in some places, having a #define
would be
   nice  (typo's are too easy to make)


iff --git a/wocky/wocky-node.c b/wocky/wocky-node.c
index 9658704..9086443 100644
@@ -1216,7 +1216,6 @@ wocky_node_add_build_va (WockyNode *node, va_list ap)
           {
             gchar *txt = va_arg (ap, gchar *);

-            g_assert (txt != NULL);
             wocky_node_set_content (stack->data, txt);
           }
           break;

that should really be in a seperate commit as it's a quite crucial change


The copyright header for wocky-jabber-auth seems wrong? I'm pretty sure you
copied some code from wocky-connector into it ?

wocky-jabber-auth stream error parsing loop should probably do wocky_node_iter
instead of a for loop of the children

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

