ÿØÿà JFIF    ÿÛ „ !.%+&8&+/1555$;@;4?.451 4,$,44444444444414444444444444444444444444444444444444ÿÀ  á á" ÿÄ     ÿÄ ?    !1AQaq"2‘¡±ÁðBRbrÑá#‚’¢²3S CñÿÄ   ÿÄ !    !1QAa‘2ÿÚ   ? 5˜Z¯V¦cø)›t/? z¨±>Õ5€¶‹Á¤·¼z¼Ü¬+ñ®v¤¨_ˆR­BFn©—˜ý®ç̝P8gýt·ÉSTŦˆìät?þé¼íìN/Þa)ì–í6ô… Ï¿øÃj´¿KÇü]ÿ ªô¹-eKànëÕHTx}ýSÜ›ÿ ”7Ø×&µ<¦  ¥ÑO¶[Ù¯ä¨ÞÃÿ PZ-¬;#õ|•oaÿ ©CìÞz3˜öː/¤­ñTûIØ}š^ mÓ%ªxˆ¥ÉŸu=Z+ISe¿45™¼u;ú&WØ÷€æßQ™®{|íx*TC“#ZŠìZ§²‹ 6pv…³¿¡äª*áZÐ%ÒOáˆo"x«OHk w±æ+¬V(kMúŸ5Vö«$ ÁrÏbàb57/luR ¸ÑÛj Òµì`Ðœq­û žICÀÊ•©4€Âcà¨Ï€O´<èÐ:›ù(Ë^L8þ‘ÍÌ#¸Ð_Ì©ÙK(Öz 4¬û+¸;ü’V’84‘¬ÃŽ:[â‡ÔÌáõp¢~§ªlæ£ö{®G>J¼"°‡7¯ÆÉèßû ‹É‹§ÁòÃýâßî ^ƾÙõ‹×óH#«LP½ïX=xÑÍ$|W?•~• îëÔ©ª‹ {ÝT…Kÿ ”hûâá)J*ö˜–ÔU;iÇ€/ ÆþjóZ\ýwØ=Ìm ºèËL9 ýèÆð/¨’¥öo=nË.%Îì ŽÕ¯È|{Oj²ƒE6e/ßdÄõ²Ìâ1O®ò×TsəԸhOMýíMˆ¿¼H˜l²,7Â¥#MF/Úf°Ö½± ¸–dr‹NýÊ íjqx{œÉ ä-È ¦ øÄër¨q°ð †nцýÑÄÆ’mä…n<0È™;ÁÝá¯ÁZƒ7FÀmì­ É&9ˆîéi¶ùN§Y• ÃZãAâ?•‡©‰ , ó¾IŸŠc1 4â&y­&pŠ­6;M À 0¹qç»p.á …ŸÅáK@%6·y6ƒ‰3?”úºŽ‰éX5ªPT §µ!=Mž«Ú½‹ÅgÂSâÉaþÓoö–¯ÁÔìR>5éÿ üs¶ÆUcÌ kÇR ]ÿ ù¬¼«VŽ;Â|‡~¢¦”ÏÅ°æ {L™Õ°Óv¹ò¸írŽ¡×¢CÃ!íVÕ {¶»sŒNPg/ "uÕbkm²“$ďå¿é¹§°½æz¯6 †s¿!s–wÚÝ“™Œ °.ûj>·+™Òa…©Œ&rÝÎtÛë긪Ît’LAVp%c Úý[ÄzJ¾ÇàXXç@˜ó<êL]·T˜¾¥1Ó©V‡g´æ½¦Ý@¹óø!_@´ÞâSÁ —S3™•& ]@JHÚý©ZŽ €×æÔr»Áf!‡yÞ4Mv*èÓã_{‘åóUuљØ«Oïé*®EvÑ Œ÷‡U \"㪒ÍK+À 4“M¡ï:0¥5í!'<@î´”>Ç»&Z–ïCCV˜Ì5Šo&îhè.žû |ÓK©h$s6KìŒëã)¹hI¦GïOåóI;ììü#É$Š0…Ææ¥TØ.5­¾gn´ “ÂÖ\:hœ89G)J@„}œ:’Ò{/Š"¦_Æ×7Æ3VÇŠÊa]ÚŒÙ€Ä–=®uÁßâACZƒ§§£ Qnâ:«,×{tyø¬iÛcœÜÄ€H½ÄÍCk´÷šß .W'b¤Íåh]÷€=,Žv×cÚEÚHXJX¶îo¨FÒtèöŸ>ªª6[J®Fµ£sGÁeqõfe\íjÒÐïÄÐGˆe1Ø‹.Ø”‘Ëuø Y­ˆÜ ŽG|zùªüMpDnQWÄ”%JŠ™)â*p@Örš«ÕT2Ð%ˆG#ª„ ·¤!°ŸOTÂT¸aÚ%4&h™LµšØüÐ.F¿²ÐÞ_Ç‚¾ÅÃaÜ÷09Æ q€öy˜v‡85õN÷]¬äѼóS{°_MŽ¬úÔ#°Ç¸0åÞè2ëôPcvÆw9®ií1Ä8F™˜à‰´+‰Ik1òÝ7“Ñ×ÒsÝ\x‚h`ÞÑ`ó"|µEcý£n˜h`}GÞ !±ù²Ápü²ß6 0ïi󜵩SÈÇ7˜-ÕURO˜¦´f$ªž-Í6(œ}<„ éc øs]ŽŽ„*—¾ ìdŽ„)méª\¿êÎIg¾ØÞ~I#C/¼¼´EÁÈŽi8“©õådô·>euä ƒ'Ê×लR1ÉJE1ÐAát`t;ÇР%Ý<‡¥„ÍÆ`×Oyó)õiI€ñQaŸ4Ûù\áàaÃÔ¹HÃu¹*k€¦<„e S‡&õÏ B!ŽhüÞ`yj}mªf×\¿ Ç~æ­9‡û\՞Ǖg²1Žû5V7 !àöšm° c`ܬøÇìµÒ'P"?…´Ö,"§^•õŽ¨sÔ)6˜sæéÍR¼ ò|Sl”‹7 nPW Gòú÷½§O¯‡„l¡kSÞŒr½PÊ@æ¢pŽ-mÿ #Ÿ˜Àº¶Áä¦;ïÔæ$1££`“Õ>„—·ž)ßð³ñ#Ï Ô$¶œ‰ÊE‹À;÷º ¯«P:Ñ”8–IÊtpÞ3ª“>ê“þës4ò2OÏÕ­±zô†Õ§‰.÷ä¸;¿˜“'œ›žª}«Œ{ª±Ì 9ÔóÞÕ‡0 $íWV3Üì¬ —@kÝ4@¿r¼±½¬™›?øØæ´'Áé®CË3-g$˜ö‡×auÚi´Žp/êÛ æF›Ú2v‹ã¿¿,nB1̨ƃqÞa5͝@&Æû“él÷ \C²½UÍc ¯k×¢U ÖéQå™—-r wô ÞÏ<Ò=&=ÿ Ôê Òêˈt,i—;LîÜ á¸*ÚÃ1$êL•LÍ <É)ýÐà’ ;F™{ƒ™˜€&'}‚ãÄK`¡ÞT@I;®žZóè‚s’7®°›+§O­Åq©é»²9<Ô J ¼9O’HL»Ùïì¸rk¼Ž_ý‘TŸu[²ßÚŒ·ü÷B%¯E ŸÔX5êO´ Ç•€’I0 ÉJX` ñ¹õ%;µŸD‘«´€àwÒ™U ûئžÖö\×®×´8 ½‡ºÐÆÓ§?Àkmœ=;d5*@-ì0F Rªýš[Ü6âö̃ڸr*KA9· u*µæ£?U¸Âêí†8@¦X4 e-ò„0s{ HâUpU?¼mñRa°®a%Ð'tÉ×’\¾ÊÉ]t›h>·(Ë@R¼¡Ãt h}’O÷au<+nT…Ö…MӐ??Óe95 q>í/;&JSû °¯ÊéÞ øƒ*Ã2½Ài&:nôUl=¾¿5eˆ3”ñc|Ú2V”>„»&eE;«ÚäC p¢Û úy 9š[ŒÌx¼擼A&DåÒ¯ˆ¤ÀÌ;"˜ ÏQä¸åhÊ}Ûq«Û0WžÒ|»€ø®öCm5•\ÇÀ§Pe3£]0ÃàLDÉ‰1øªxjgwT‚÷¿LΨK‹›ùs—xˆÜ±µ kæ¸f‰‰ÜGk/LÛØ6d9ò¶ùA{ƒA3š/¬D¬khÓk‰`˜"㯒r¿±Óã jx‡°e}<Ñø\3y:'À•/h½Í€Ç4~g ?Û(¼]v‘ªlKÎâ~?O‚W%{Ì:“'©úNq¾›úo(X’¥¯ˆ nFê{Ç€ü?º'ë ø‹ì Þ09ŒÌç9Æ —ËC`j@ÓÄ(+a‹un¸#ÂꟋ{K`‘ÑÍÍ'à´»/Û,KW;Þ4²þð ï Nm|~fGÏ(…³Ã)«1ö­Õ ¥‡¨©ƒÃ™ü-s=à=U66Ï«Ýc蓦W¹íž®›nÔ%êÇìŒ<#Ü×84ån®Ð ÒåOC` ñânÑs‡¢ç 1õ%Îhì½Ã½® e:ݼUZo™`  ÅZŸŒÊ«ê1ÏÄo$q¹Þ€©ˆhÐÉä¯ñ[!…Ú˜àJ:x2$Íß&PåT£6ç— ‡Í*4Ýšçjÿ ‰É nófÐ ó(L5C•åÆ\rMÒ@ò }y-W}™üýVù—ú¢=Ù”c®‘< M ž ´Phr ¦©TD ‘ù.$´÷O‡‘V2Æò.=IUŒ=ž‡â¬i™aþÓåÙ?òUø'ØÖ•.~* šTŒ!•-×áºTâ®ä#õü'´ eýlYÅÓeÕKÂrT"CÚ@u!Óxƒ{š3€}1¿(r}%«nËamjÑ%ÑNEò v ˜à  σöK³,*º.àzù¨™Ó ÚçâU¦*¿ 9{%Ö¹ njûdaXöb) kÛƱûÓ\°M7ˆÂ=û›ç¿Ã‚­V»Cg–8ÙêE- j)k$º`Ã-ùEýeBÆÇ]c¡°ñty&Òd0nõ'¡W+ƒ*|–øµFa\GQªEAÔp5\Ǽ·¼Ç8·õ -â§Ú[ ‡ uZeÖ 3}×d'+¹:ð+K†Û®s!Ï$úe€<Û”x)1»a­¡LC]¸µík…ÚàA»AYº{†ªS[¦5HÒ7ù --,ísòDØ€èk ÞÀîÜ ò@â( ËNˆë›4ô½•/¦o‡€Û7 ê•ÆêòðÜy'Án½µ á˜ݦ ndeo…[ì¶Ê,¥R³Ä=À±—–ß;£™´ñSâ*g§”ïaið‘Jå~™ÓÞ ß³Õ¢»8x埒²52>AÊb&-÷\7´éÄù€T˜,w;3{ï˜k…à¹ÄqÀ«œ{€\ ˆ¾[´¨јr &Úé„Ívˆ±8†¿]|¬ņ4I×pÞS1ÈÖz‰#Ìv‡G!YNògñ:màTz¢Ý1ô©^O=~ë|5Bã™ç•¼µõ•bÆ@úÕS¬ÈŒ#¬zünrŸ û” Z²•ï›èðV"ÁHÚý©wÝ €7¼Ìu1hÑa3Éä û f$o¿É ™Ú›ÝçnpÒ3äÌ3†Í§,Äï]$‰/pê †«À¼¸e9­Æê_C]žƒ·ý·frÁN«, E=›Çq -‰öŒ:aÏ¿±í&£Í:-} 84‘ÿ eƒQÑeëSsuiA ³g㟥ú£?ÿ ʼn*”“÷aühe:ÊWa@ÒÞk±eØ] F Ô—r.åä˜ @ö¥ªZoÐýYL·¥S²G/‡ñ <~*ZÆ´è>JlòàÛƽÿ 窘ìGN¢:I®KšJp/`íIÁÀõ#Ä-€ö­šµŒoF4|ÆQØÆ@Ì|£Ô…¢À{9˜è½Üó›€ôYÒÎYsið;ís¤€à²ˆ‚4qÉVŒI$ ‰"° æµ8cXGjœˏ¡Aâý•ËÜ¢ûï e·çLx']á"oÅÎê3¯Ç—¹”ó0nå‚âg{Œñ> S´˜îè°g238‚ãköÝfÚd´6Ò€;ò÷±¢™¼›º ¢Æ'¥Ðx'e¬ç ]bÈÆV¢ó‹kýBO ðÊâ$Ÿ!×T 3Mýמ žìٍàÌü‘8÷€àæØ8æ©6‰©L´«…oãpð„~Çk‰!ñ;‹”ÛžÍ àž±z Ÿôû øŸÝužÏ;ÿ #|u6™Þ¬ÚˆÐõA4¶â|ôl|Ê2ŽÇ¤ÝÅÇY.<#Aí.k§hóF‚”Y; M½Ö4hŸ4&›­¿tès´%FìL¥£Ãk‰ÇT¤haÁ¤ÚxfÉ`ÑìË›>i 3t‚:,–+^÷´–{Û–Nxi"x‘Ûg î¨>¥Õ܁ùZH,2Û“:8xÊ¢Çí9.É-Ìâã-=çjwµS˜dütžçwýGòú®®ûº_ˆýx$–¡ãøO EÚÛÏ÷R„×w+3£Á£öUMyR²¹âŒ°š›¸Ñãò9§Ó_Dl+Ùßc›úšGÅÌc†Ž!Ko=¶.‘Îÿ c²(2®V mª.ÿ ¹B›¹å ù„öŸSV>™ü¯$y:G¢Z×àøúdî¹û­·ýÇ´:•c LÍõi_‹ö+ÎæGÊè>OŠ•äž´§Þ{X}¨1ÚTc›»Qþ•êô°t¿OP?eæ~É{5]•ÙR£r5†nZ\ã@ &îJõ ¾àC°þV>fé¥/ü5ñÊIº_é5 ;e­h<@ Ä&æÃëE%;X,ÒãÆÞ`Oò¦kŸm#˜!ÀyÄ¢| óLšò¥Ä` ¶R=|ÈCâh5ò3DˆïF†ðÒ#ÅìÛœ?¸yhBãœí ZxßÎÄhºRK„`Þödvײ™ÀÈÑÒgŒuY w³%†ƒÓzõ ÖÏp‚dH®¦A´ù§»ÓÇMæ~)ˆð‡û:ù&Ä •vGD´À n ݇¼Ö8Fö óáà£~Ë¥x`oK|Ä?fxiØü%pìR>éò+Û±éÎ>núlFŤ'tq8LZÏvÃ?„¡ß±È⽆¯³íü@x|PöUäèØã¡ð‚ŒAìÏ"vÍwóŸÍ{ ý0.z È•Ö{,N¡£¡ŸKÕÙž>Ýœþ ÍÀ°<×EA!Å‚D™IúOÍ¡>ôG}Â` ÍßkÜL™Ž Þð™ {IøF²¹òQ3&!ÃÂÞz.d&Ï-sH¸,Ôõ˜ŽP€ 77ˆÝ¼ÊëÜw =cÕ Ú,ØÐ5ÎYÐ)ì´öœgŒ[¤ßv㙑8心>h]§µháYš£²ºÑ.{Ï7Sð•?´~×SÃKýJÛ˜ ™Íäiúu<µX¶1õ^kâçIÑ£sZ4h>j*ÔšD:4­¿_ ÷¸ Õxæÿ ¸?Mù _•­ÊÐ ä ÷ý ÑwL œ­ïnTkÛUÍN©ë:¦fV ¶ÜÔÜMªÅâA½–¿R×TXš-%iTÊT•‡Ù‚JôϐZxWÑè‰f‰òG º ×Õû2aZ7OU3[“×AT–ÞŒ…-‘¤”Ì ì&(ˆ¿­•ƒkï’:ðY¦W‘ Å)“†‘˜³Åtcø˜ñTÂwÚÇ4|üLÇªí–v- qˆèU qPE.†â‘˜µ Æ,ÐÅs]8¾„oúÑ i>ÜxxÈó)ƒ ´æÁâØ$À‰vžŸf$Ž |ãw;ÀÁIJ»b` {¦Ó¤Ú$©YÀ‘n@Óïž«9J¼êG m¤ ܯ¹ÌW4€ÐÒÅÛ‡#褕Ÿn-?í|с¥÷Ú¹¬'´ÞÜ9ÓK `hê£SÄSà?7—Wí_´…óB›»:=Ãïq`<8ñÓŒÑlú2d¬ê³£hÖ[l|$vÝro~'R®‰§°ñmY ͧäP |PUª¹·:3Œ[Û{Xÿ ºâ@‚W–Äé u‚ ¯´*=íή.pûÒdt @G‰¬ s¸ ëÉücr ÞæѨÊ@>¤¢Ö±. Þ'¯°ÌME[YéïĵÂCå½ Ué©Áû'Ê9%eÔðNU”ë‘ÌsD3/®+UI˜9h.WC”빓$#:pz:YÓ ¿xž* ³$Í +$kñAŠ‹†¢ Uê>¸)_š¬÷©ßAÂÔb9ÇU ¯¾á•9¯ÏÏ÷O÷¼¼Fähal1‰3Ì[Ïr•´UCksNÐ] R‘¸¥H+§Šé†c©vÖÞ0iÓ76s†î!§=ß ¼~Ô'°Ãmäoäš³ªøi1úÉ)³yV8 CLÄØÁ‘WYïi€H6ÖÑiámø^ÈY´°Ñ7¥Û*—Ñ©L«Qƒï—Ùrÿ ›£Ð*š¸ˆL©ˆ$ˆ ÷¾D§9È®«qbqC)–ˆïv´çñsÑVT­Ø, <àïºÀO«Jý·õ àfPìð .wFšir´þ’2_Y *Æ€x\« ì€9š@ Ž|F⇥ˆkZ@hÖÄ0t¿-<“‹qµ¾*ZL¤Ú)&BJpÓF5=$„at*Zš$’ÑtdûÝRI1 2Ž‰$€$I$#‰SÞ’Hë¬ï;Á$¡t$’`<(ñÇt)$‡Ð.Êf¢X’Kt=Éé$‚ˆªè¢oÝëòI%Rgcª÷ŠyI%¡‰ÿ !ñ)´õ $¤ Ô’IIGÿÙ--- A XMPP (Jabber) library, implementing a minimal subset of the protocol -- enough to do authentication brute-force. -- -- The XML parsing of tags isn't optimal but there's no other easy way -- (nulls or line-feeds) to match the end of a message. The parse_tag -- method in the XML class was borrowed from the initial xmpp.nse -- script written by Vasiliy Kulikov. -- -- The library consist of the following classes: -- * XML - containing a minimal XML parser written by -- Vasiliy Kulikov. -- * TagProcessor - Contains processing code for common tags -- * XMPP - containing the low-level functions used to -- communicate with the Jabber server. -- * Helper - containing the main interface for script -- writers -- -- The following sample illustrates how to use the library to authenticate -- to a XMPP sever: -- -- local helper = xmpp.Helper:new(host, port, options) -- local status, err = helper:connect() -- status, err = helper:login(user, pass, "DIGEST-MD5") -- -- -- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html -- @author Patrik Karlsson -- Version 0.2 -- Created 07/19/2011 - v0.1 - Created by Patrik Karlsson -- Revised 07/22/2011 - v0.2 - Added TagProcessors and two new auth mechs: -- CRAM-MD5 and LOGIN local base64 = require "base64" local match = require "match" local nmap = require "nmap" local sasl = require "sasl" local stdnse = require "stdnse" local string = require "string" local table = require "table" _ENV = stdnse.module("xmpp", stdnse.seeall) -- This is a trivial XML processor written by Vasiliy Kulikov. It doesn't -- fully support XML, but it should be sufficient for the basic XMPP -- stream handshake. If you see stanzas with uncommon symbols, feel -- free to enhance these regexps. XML = { ---XML tag table --@class table --@name XML.tag --@field name The tag name --@field attrs The tag attributes as a key-value table --@field start True if this was an opening tag. --@field contents The contents of the tag --@field finish true if the tag was closed. ---Parse an XML tag --@name XML.parse_tag --@param s String containing the XML tag --@return XML tag table --@see XML.tag parse_tag = function(s) local _, _, contents, empty, name = string.find(s, "([^<]*)<(/?)([?:%w-]+)") local attrs = {} if not name then return end for k, v in string.gmatch(s, "%s([%w:]+)='([^']+)'") do attrs[k] = v end for k, v in string.gmatch(s, "%s([%w:]+)=\"([^\"]+)\"") do attrs[k] = v end local finish = (empty ~= "") or (s:sub(#s-1) == '/>') return { name = name, attrs = attrs, start = (empty == ""), contents = contents, finish = finish } end, } TagProcessor = { ["failure"] = function(socket, tag) return TagProcessor["success"](socket,tag) end, ["success"] = function(socket, tag) if ( tag.finish ) then return true end local newtag repeat local status, data = socket:receive_buf(match.pattern_limit(">", 2048), true) if ( not(status) ) then return false, ("ERROR: Failed to process %s tag"):format(tag.name) end newtag = XML.parse_tag(data) until( newtag.finish and newtag.name == tag.name ) if ( newtag.name == tag.name ) then return true, tag end return false, ("ERROR: Failed to process %s tag"):format(tag.name) end, ["challenge"] = function(socket, tag) local status, data = socket:receive_buf(match.pattern_limit(">", 2048), true) if ( not(status) ) then return false, "ERROR: Failed to read challenge tag" end local tag = XML.parse_tag(data) if ( not(status) or tag.name ~= "challenge" ) then return false, "ERROR: Failed to process challenge" end return status, (tag.contents and base64.dec(tag.contents)) end, } XMPP = { --- Creates a new instance of the XMPP class -- -- @name XMPP.new -- @param host table as received by the action function -- @param port table as received by the action function -- @param options table containing options, currently supported -- * timeout - sets the socket timeout -- * servername - sets the server name to use in -- communication with the server. -- * starttls - start TLS handshake even if it is optional. new = function(self, host, port, options) local o = { host = host, port = port, options = options or {}, auth = { mechs = {} } } o.options.timeout = o.options.timeout and o.options.timeout or 10 o.servername = stdnse.get_hostname(host) or o.options.servername setmetatable(o, self) self.__index = self return o end, --- Sends data to XMPP server -- @name XMPP.send -- @param data string containing data to send to server -- @return status true on success false on failure -- @return err string containing error message send = function(self, data) -- this ain't pretty, but we try to "flush" what's left of the receive -- buffer, prior to send. This way we account for not reading to the -- end of one message resulting in the next read reading from our -- previous message. self.socket:set_timeout(1) repeat local status = self.socket:receive_buf("\0", false) until(not(status)) self.socket:set_timeout(self.options.timeout * 1000) return self.socket:send(data) end, --- Receives a XML tag from the server -- -- @name XMPP.receive_tag -- @param tag [optional] if unset, receives the next available tag -- if set, reads until the given tag has been found -- @param close [optional] if set, matches a closing tag -- @return true on success, false on error -- @return The XML tag table, or error message -- @see XML.tag receive_tag = function(self, tag, close) local result repeat local status, data = self.socket:receive_buf(match.pattern_limit(">", 2048), true) if ( not(status) ) then return false, data end result = XML.parse_tag(data) until( ( not(tag) and (close == nil or result.finish == close ) ) or ( tag == result.name and ( close == nil or result.finish == close ) ) ) return true, result end, --- Connects to the XMPP server -- @name XMPP.connect -- @return status true on success, false on failure -- @return err string containing an error message if status is false connect = function(self, socket) assert(self.servername, "Cannot connect to XMPP server without valid server name") -- we may be reconnecting using SSL if ( not(self.socket) ) then self.socket = socket or nmap.new_socket() self.socket:set_timeout(self.options.timeout * 1000) local status, err = self.socket:connect(self.host, self.port) if ( not(status) ) then return false, err end end local data = (""):format(self.servername) local status, err = self:send(data) if ( not(status) ) then return false, "ERROR: Failed to connect to server" end local version, start_tls repeat local status, tag = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to connect to server" end if ( tag.name == "stream:stream" ) then version = tag.attrs and tag.attrs.version elseif ( tag.name == "starttls" and tag.start ) then status, tag = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to connect to server" end if ( tag.name ~= "starttls" ) then start_tls = tag.name else start_tls = "optional" end elseif ( tag.name == "mechanism" and tag.finish ) then self.auth.mechs[tag.contents] = true end until(tag.name == "stream:features" and tag.finish) if ( version ~= "1.0" ) then return false, "ERROR: Only version 1.0 is supported" end if ( start_tls == "required" or self.options.starttls) then status, err = self:send("") if ( not(status) ) then return false, "ERROR: Failed to initiate STARTTLS" end local status, tag = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to receive from server" end if ( tag.name == "proceed" ) then status, err = self.socket:reconnect_ssl() self.options.starttls = false return self:connect() end end return true end, --- Logs in to the XMPP server -- -- @name XMPP.login -- @param username string -- @param password string -- @param mech string containing a supported authentication mechanism -- @return status true on success, false on failure -- @return err string containing error message if status is false login = function(self, username, password, mech) assert(mech == "PLAIN" or mech == "DIGEST-MD5" or mech == "CRAM-MD5" or mech == "LOGIN", "Unsupported authentication mechanism") local auth = (""):format(mech) -- we currently don't do anything with the realm local realm -- we need to cut the @domain.tld from the username if ( username:match("@") ) then username, realm = username:match("^(.*)@(.*)$") end local status, result if ( mech == "PLAIN" ) then local mech_params = { username, password } local auth_data = sasl.Helper:new(mech):encode(table.unpack(mech_params)) auth = ("%s"):format(mech, base64.enc(auth_data)) status, result = self.socket:send(auth) if ( not(status) ) then return false, "ERROR: Failed to send SASL PLAIN authentication" end status, result = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to receive login response" end if ( result.name == "failure" ) then status = TagProcessor[result.name](self.socket, result) end else local status, err = self.socket:send(auth) if(not(status)) then return false, "ERROR: Failed to initiate SASL login" end local chall status, result = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to retrieve challenge" end status, chall = TagProcessor[result.name](self.socket, result) if ( mech == "LOGIN" ) then if ( chall ~= "User Name" ) then return false, ("ERROR: Login expected 'User Name' received: %s"):format(chall) end self.socket:send("" .. base64.enc(username) .. "") status, result = self:receive_tag() if ( not(status) or result.name ~= "challenge") then return false, "ERROR: Receiving tag from server" end status, chall = TagProcessor[result.name](self.socket, result) if ( chall ~= "Password" ) then return false, ("ERROR: Login expected 'Password' received: %s"):format(chall) end self.socket:send("" .. base64.enc(password) .. "") status, result = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to receive login challenge" end if ( result.name == "failure" ) then status = TagProcessor[result.name](self.socket, result) return false, "Login failed" end else local mech_params = { username, password, chall, "xmpp", "xmpp/" .. self.servername } local auth_data = sasl.Helper:new(mech):encode(table.unpack(mech_params)) auth_data = "" .. base64.enc(auth_data) .. "" status, err = self.socket:send(auth_data) -- read to the end tag regardless of what it is -- it should be one of either: success, challenge or error repeat status, result = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to receive login challenge" end if ( result.name == "failure" ) then status = TagProcessor[result.name](self.socket, result) return false, "Login failed" elseif ( result.name == "success" ) then status = TagProcessor[result.name](self.socket, result) if ( not(status) ) then return false, "Failed to process success message" end return true, "Login success" elseif ( result.name ~= "challenge" ) then return false, "ERROR: Failed to receive login challenge" end until( result.name == "challenge" and result.finish ) if ( result.name == "challenge" and mech == "DIGEST-MD5" ) then status, result = self.socket:send("") if ( not(status) ) then return false, "ERROR: Failed to send DIGEST-MD5 request" end status, result = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to receive DIGEST-MD5 response" end end end end if ( result.name == "success" ) then return true, "Login success" end return false, "Login failed" end, --- Retrieves the available authentication mechanisms -- @name XMPP.getAuthMechs -- @return table containing all available authentication mechanisms getAuthMechs = function(self) return self.auth.mechs end, --- Disconnects the socket from the server -- @name XMPP.disconnect -- @return status true on success, false on failure -- @return error message if status is false disconnect = function(self) local status, err = self.socket:close() self.socket = nil return status, err end, } Helper = { --- Creates a new Helper instance -- @name Helper.new -- @param host table as received by the action function -- @param port table as received by the action function -- @param options table containing options, currently supported -- * timeout - sets the socket timeout -- * servername - sets the server name to use in -- communication with the server. new = function(self, host, port, options) local o = { host = host, port = port, options = options or {}, xmpp = XMPP:new(host, port, options), state = "" } setmetatable(o, self) self.__index = self return o end, --- Connects to the XMPP server and starts the initial communication -- @name Helper.connect -- @return status true on success, false on failure -- @return err string containing an error message is status is false connect = function(self, socket) if ( not(self.host.targetname) and not(self.options.servername) ) then return false, "ERROR: Cannot connect to XMPP server without valid server name" end self.state = "CONNECTED" return self.xmpp:connect(socket) end, --- Login to the XMPP server -- -- @name Helper.login -- @param username string -- @param password string -- @param mech string containing a supported authentication mechanism -- @see Helper.getAuthMechs -- @return status true on success, false on failure -- @return err string containing error message if status is false login = function(self, username, password, mech) return self.xmpp:login(username, password, mech) end, --- Retrieves the available authentication mechanisms -- @name Helper.getAuthMechs -- @return table containing all available authentication mechanisms getAuthMechs = function(self) if ( self.state == "CONNECTED" ) then return self.xmpp:getAuthMechs() end return end, --- Closes the connection to the server -- @name Helper.close close = function(self) self.xmpp:disconnect() self.state = "DISCONNECTED" end, } return _ENV;