+ /**
+ * @brief Authenticate the givven user and password
+ *
+ * @param array $aCommand The command array
+ */
+ private function auth($aCommand) {
+ $a = get_app();
+
+ // check user authentication
+ if (sizeof($aCommand) != 4) {
+ $this->writeLog(LOG_NOTICE, "invalid auth command, data missing");
+ fwrite(STDOUT, pack("nn", 2, 0));
+ return;
+ }
+
+ // We now check if the password match
+ $sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]);
+
+ // Does the hostname match? So we try directly
+ if ($a->get_hostname() == $aCommand[2]) {
+ $this->writeLog(LOG_INFO, "internal auth for ".$sUser."@".$aCommand[2]);
+
+ $sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='".dbesc($sUser)."'";
+ $this->writeLog(LOG_DEBUG, "using query ". $sQuery);
+ if ($oResult = q($sQuery)) {
+ $uid = $oResult[0]["uid"];
+ $Error = ($oResult[0]["password"] != hash('whirlpool',$aCommand[3]));
+ } else {
+ $this->writeLog(LOG_WARNING, "invalid query: ". $sQuery);
+ $Error = true;
+ $uid = -1;
+ }
+ if ($Error) {
+ $oConfig = q("SELECT `v` FROM `pconfig` WHERE `uid` = %d AND `cat` = 'xmpp' AND `k`='password' LIMIT 1;", intval($uid));
+ $this->writeLog(LOG_INFO, "check against alternate password for ".$sUser."@".$aCommand[2]);
+ $Error = ($aCommand[3] != $oConfig[0]["v"]);
+ }
+ } else {
+ $Error = true;
+ }
+
+ // If the hostnames doesn't match or there is some failure, we try to check remotely
+ if ($Error) {
+ $Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true);
+ }
+
+ if ($Error) {
+ $this->writeLog(LOG_WARNING, "authentification failed for user ".$sUser."@". $aCommand[2]);
+ fwrite(STDOUT, pack("nn", 2, 0));
+ } else {
+ $this->writeLog(LOG_NOTICE, "authentificated user ".$sUser."@".$aCommand[2]);
+ fwrite(STDOUT, pack("nn", 2, 1));