| blob | e24a930aa53a1a1c33ecc1e3d7ec8ce710fc073d |
1 #
2 # old_revision [16e6cd4ffd8a8308380dc016f0afa782a7750374]
3 #
4 # patch "libpurple/protocols/jabber/auth.c"
5 # from [c7157e2b2625e9be09dd8b2c201b1d3dcc72fd19]
6 # to [e5b832b9c3273e547187cae77189719d4c09dbbe]
7 #
8 ============================================================
9 --- libpurple/protocols/jabber/auth.c c7157e2b2625e9be09dd8b2c201b1d3dcc72fd19
10 +++ libpurple/protocols/jabber/auth.c e5b832b9c3273e547187cae77189719d4c09dbbe
11 @@ -396,6 +396,24 @@ static void jabber_auth_start_cyrus(Jabb
12 g_free(enc_out);
13 }
14 }
15 +
16 + if (mech && (strcmp(mech, "DIGEST-MD5") == 0)) {
17 + /* CYRUS-SASL's DIGEST-MD5 and Java's DIGEST-MD5 are mutually incompatible because of different interpretations of RFC2831.
18 + * This means that if we are using SASL and connecting to a Java-based server such as OpenFire, we will receive an authentication
19 + * failure if that server offers DIGEST-MD5 in such a way that SASL chooses it as the best mechanism for us.
20 + *
21 + * However, we implement our own DIGEST-MD5 for use when we're compiled without SASL support, and that implementation
22 + * works correctly. Therefore, if SASL chooses DIGEST-MD5, we switch over to our own implementation.
23 + * jabber_auth_handle_challenge() will note the auth_type and take it from there.
24 + *
25 + * SASL would change state to SASL_OK after when handling the challenge; we do so immediately to avoid an error later.
26 + */
27 + js->auth_type = JABBER_AUTH_DIGEST_MD5;
28 + js->sasl_state = SASL_OK;
29 + sasl_dispose(&js->sasl);
30 + js->sasl = NULL;
31 + }
32 +
33 jabber_send(js, auth);
34 xmlnode_free(auth);
35 } else {