From ee08eadf815daa6b332e22769cda9007ec0104d9 Mon Sep 17 00:00:00 2001
From: Florian Zeitz <florob@babelmonkeys.de>
Date: Wed, 25 Jan 2012 16:42:29 +0100
Subject: [PATCH] Implement SASL EXTERNAL

---
 src/Makefile         |  1 +
 src/XMPPConnection.h |  2 ++
 src/XMPPConnection.m | 34 +++++++++++++++++++++++++++++++++-
 3 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/src/Makefile b/src/Makefile
index fb710e1..263cdf2 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -9,6 +9,7 @@ SRCS = XMPPAuthenticator.m	\
        XMPPCallback.m		\
        XMPPConnection.m		\
        XMPPExceptions.m		\
+       XMPPEXTERNALAuth.m	\
        XMPPIQ.m			\
        XMPPJID.m		\
        XMPPMessage.m		\
diff --git a/src/XMPPConnection.h b/src/XMPPConnection.h
index 05ef58e..4fd6afd 100644
--- a/src/XMPPConnection.h
+++ b/src/XMPPConnection.h
@@ -73,6 +73,7 @@
 	OFXMLParser *parser, *oldParser;
 	OFXMLElementBuilder *elementBuilder, *oldElementBuilder;
 	OFString *username, *password, *server, *resource;
+	OFString *privateKeyFile, *certificateFile;
 	OFString *domain, *domainToASCII;
 	XMPPJID *JID;
 	uint16_t port;
@@ -88,6 +89,7 @@
 
 #ifdef OF_HAVE_PROPERTIES
 @property (copy) OFString *username, *password, *server, *domain, *resource;
+@property (copy) OFString *privateKeyFile, *certificateFile;
 @property (copy, readonly) XMPPJID *JID;
 @property (assign) uint16_t port;
 @property (assign) id <XMPPConnectionDelegate> delegate;
diff --git a/src/XMPPConnection.m b/src/XMPPConnection.m
index 78a43f8..bdd46be 100644
--- a/src/XMPPConnection.m
+++ b/src/XMPPConnection.m
@@ -39,6 +39,7 @@
 #import "XMPPConnection.h"
 #import "XMPPCallback.h"
 #import "XMPPSRVLookup.h"
+#import "XMPPEXTERNALAuth.h"
 #import "XMPPSCRAMAuth.h"
 #import "XMPPPLAINAuth.h"
 #import "XMPPStanza.h"
@@ -82,6 +83,8 @@
 	[elementBuilder release];
 	[username release];
 	[password release];
+	[privateKeyFile release];
+	[certificateFile release];
 	[server release];
 	[domain release];
 	[resource release];
@@ -220,6 +223,26 @@
 	return [[password copy] autorelease];
 }
 
+- (void)setPrivateKeyFile: (OFString*)file
+{
+	OF_SETTER(privateKeyFile, file, YES, YES)
+}
+
+- (OFString*)privateKeyFile
+{
+	OF_GETTER(privateKeyFile, YES)
+}
+
+- (void)setCertificateFile: (OFString*)file
+{
+	OF_SETTER(certificateFile, file, YES, YES)
+}
+
+- (OFString*)certificateFile
+{
+	OF_GETTER(certificateFile, YES)
+}
+
 - (void)connect
 {
 	OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
@@ -673,7 +696,9 @@ withCallbackBlock: (xmpp_callback_block)callback;
 		    @selector(connectionWillUpgradeToTLS:)])
 			[delegate connectionWillUpgradeToTLS: self];
 
-		newSock = [[SSLSocket alloc] initWithSocket: sock];
+		newSock = [[SSLSocket alloc] initWithSocket: sock
+					     privateKeyFile: privateKeyFile
+					    certificateFile: certificateFile];
 		[sock release];
 		sock = newSock;
 
@@ -819,6 +844,13 @@ withCallbackBlock: (xmpp_callback_block)callback;
 		while ((mech = [enumerator nextObject]) != nil)
 			[mechanisms addObject: [mech stringValue]];
 
+		if (privateKeyFile && certificateFile &&
+		    [mechanisms containsObject: @"EXTERNAL"]) {
+			authModule = [[XMPPEXTERNALAuth alloc] init];
+			[self XMPP_sendAuth: @"EXTERNAL"];
+			return;
+		}
+
 		if ([mechanisms containsObject: @"SCRAM-SHA-1-PLUS"]) {
 			authModule = [[XMPPSCRAMAuth alloc]
 			    initWithAuthcid: username