+ /**
+ * @brief Authenticate the givven user and password
+ *
+ * @param array $aCommand The command array
+ */
+ private function auth($aCommand) {
+ global $a;
+
+ // check user authentication
+ if (sizeof($aCommand) != 4) {
+ $this->writeLog("[exAuth] invalid auth command, data missing");
+ fwrite(STDOUT, pack("nn", 2, 0));
+ return;
+ }
+
+ // We now check if the password match
+ $sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]);
+ $this->writeDebugLog("[debug] doing auth for ".$sUser."@".$aCommand[2]);
+
+ // If the hostnames doesn't match, we try to authenticate remotely
+ if ($a->get_hostname() != $aCommand[2])
+ $Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true);
+ else {
+ $sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='".dbesc($sUser)."'";
+ $this->writeDebugLog("[debug] using query ". $sQuery);
+ if ($oResult = q($sQuery)) {
+ $uid = $oResult[0]["uid"];
+ $Error = ($oResult[0]["password"] != hash('whirlpool',$aCommand[3]));
+ } else {
+ $this->writeLog("[MySQL] invalid query: ". $sQuery);
+ $Error = true;
+ $uid = -1;
+ }
+ if ($Error) {
+ $oConfig = q("SELECT `v` FROM `pconfig` WHERE `uid` = %d AND `cat` = 'xmpp' AND `k`='password' LIMIT 1;", intval($uid));
+ $this->writeLog("[exAuth] got password ".$oConfig[0]["v"]);
+ $Error = ($aCommand[3] != $oConfig[0]["v"]);
+ }
+ }
+
+ if ($Error) {
+ $this->writeLog("[exAuth] authentification failed for user ".$sUser."@". $aCommand[2]);
+ fwrite(STDOUT, pack("nn", 2, 0));
+ } else {
+ $this->writeLog("[exAuth] authentificated user ".$sUser."@".$aCommand[2]);
+ fwrite(STDOUT, pack("nn", 2, 1));
+ }
+ }
+
+ /**
+ * @brief Check remote credentials via HTTP(S)
+ *
+ * @param string $host The hostname
+ * @param string $user Username
+ * @param string $password Password
+ * @param boolean $ssl Should the check be done via SSL?
+ *
+ * @return boolean Are the credentials okay?
+ */