+
+ // We now check if the password match
+ $sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]);
+ $this->writeDebugLog("[debug] doing auth for ".$sUser."@".$aCommand[2]);
+
+ // If the hostnames doesn't match, we try to authenticate remotely
+ if ($a->get_hostname() != $aCommand[2])
+ $Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true);
+ else {
+ $sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='".dbesc($sUser)."'";
+ $this->writeDebugLog("[debug] using query ". $sQuery);
+ if ($oResult = q($sQuery)) {
+ $uid = $oResult[0]["uid"];
+ $Error = ($oResult[0]["password"] != hash('whirlpool',$aCommand[3]));
+ } else {
+ $this->writeLog("[MySQL] invalid query: ". $sQuery);
+ $Error = true;
+ $uid = -1;
+ }
+ if ($Error) {
+ $oConfig = q("SELECT `v` FROM `pconfig` WHERE `uid` = %d AND `cat` = 'xmpp' AND `k`='password' LIMIT 1;", intval($uid));
+ $this->writeLog("[exAuth] got password ".$oConfig[0]["v"]);
+ $Error = ($aCommand[3] != $oConfig[0]["v"]);
+ }
+ }
+
+ if ($Error) {
+ $this->writeLog("[exAuth] authentification failed for user ".$sUser."@". $aCommand[2]);
+ fwrite(STDOUT, pack("nn", 2, 0));
+ } else {
+ $this->writeLog("[exAuth] authentificated user ".$sUser."@".$aCommand[2]);
+ fwrite(STDOUT, pack("nn", 2, 1));
+ }
+ }
+
+ /**
+ * @brief Check remote credentials via HTTP(S)
+ *
+ * @param string $host The hostname
+ * @param string $user Username
+ * @param string $password Password
+ * @param boolean $ssl Should the check be done via SSL?
+ *
+ * @return boolean Are the credentials okay?
+ */
+ private function check_credentials($host, $user, $password, $ssl) {
+ $this->writeDebugLog("[debug] check credentials for user ".$user." on ".$host);
+
+ $url = ($ssl ? "https":"http")."://".$host."/api/account/verify_credentials.json";
+
+ $ch = curl_init();
+ curl_setopt($ch, CURLOPT_URL, $url);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
+ curl_setopt($ch, CURLOPT_HEADER, true);
+ curl_setopt($ch, CURLOPT_NOBODY, true);
+ curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
+ curl_setopt($ch, CURLOPT_USERPWD, $user.':'.$password);
+
+ $header = curl_exec($ch);
+ $curl_info = @curl_getinfo($ch);
+ $http_code = $curl_info["http_code"];
+ curl_close($ch);
+
+ $this->writeDebugLog("[debug] got HTTP code ".$http_code);
+
+ return ($http_code == 200);
+ }
+
+ /**
+ * @brief write data to the logfile
+ *
+ * @param string $sMessage The logfile message
+ */
+ private function writeLog($sMessage) {
+ if (is_resource($this->rLogFile))
+ fwrite($this->rLogFile, date("r")." ".$sMessage."\n");