Mercurial > pidgin3 / file diff

diff: libpurple/protocols/jabber/auth_scram.c

libpurple/protocols/jabber/auth_scram.c

branch
cpw.darkrain42.xmpp.scram
changeset 28926
a737800d1445
parent 28868
7415cb6c4587
child 28927
24ee4d53dc68
--- a/libpurple/protocols/jabber/auth_scram.c	Tue Nov 17 19:23:05 2009 +0000
+++ b/libpurple/protocols/jabber/auth_scram.c	Tue Nov 17 19:39:36 2009 +0000
@@ -226,7 +226,7 @@
 	/* Ensure that the first cnonce_len bytes of the nonce are the original
 	 * cnonce we sent to the server.
 	 */
-	if (!g_str_equal(data->cnonce, token + 2))
+	if (0 != strncmp(data->cnonce, token + 2, strlen(data->cnonce)))
 		goto err;
 
 	nonce = g_strdup(token + 2);
@@ -264,7 +264,8 @@
 
 err:
 	g_free(nonce);
-	g_string_free(salt, TRUE);
+	if (salt)
+		g_string_free(salt, TRUE);
 	g_strfreev(tokens);
 	return FALSE;
 }
@@ -290,8 +291,8 @@
 	return TRUE;
 }
 
-static gboolean
-feed_parser(JabberScramData *data, gchar *in, gchar **out)
+gboolean
+jabber_scram_feed_parser(JabberScramData *data, gchar *in, gchar **out)
 {
 	gboolean ret;
 
@@ -311,8 +312,8 @@
 
 		g_string_append_c(data->auth_message, ',');
 
-		/* "biwsCg==" is the base64 encoding of "n,,". I promise. */
-		g_string_append_printf(data->auth_message, "c=%s,r=%s", "biwsCg==", nonce);
+		/* "biws" is the base64 encoding of "n,,". I promise. */
+		g_string_append_printf(data->auth_message, "c=%s,r=%s", "biws", nonce);
 #ifdef CHANNEL_BINDING
 #error fix this
 #endif
@@ -322,7 +323,7 @@
 			return FALSE;
 
 		proof = purple_base64_encode((guchar *)data->client_proof->str, data->client_proof->len);
-		*out = g_strdup_printf("c=%s,r=%s,p=%s", "biwsCg==", nonce, proof);
+		*out = g_strdup_printf("c=%s,r=%s,p=%s", "biws", nonce, proof);
 		g_free(proof);
 	} else if (data->step == 2) {
 		gchar *server_sig, *enc_server_sig;
@@ -428,7 +429,7 @@
 
 	purple_debug_misc("jabber", "decoded challenge: %s\n", dec_in);
 
-	if (!feed_parser(data, dec_in, &dec_out)) {
+	if (!jabber_scram_feed_parser(data, dec_in, &dec_out)) {
 		reply = xmlnode_new("abort");
 		xmlnode_set_namespace(reply, "urn:ietf:params:xml:ns:xmpp-sasl");
 		data->step = -1;
@@ -479,7 +480,7 @@
 
 	purple_debug_misc("jabber", "decoded success: %s\n", dec_in);
 
-	if (!feed_parser(data, dec_in, &dec_out) || dec_out != NULL) {
+	if (!jabber_scram_feed_parser(data, dec_in, &dec_out) || dec_out != NULL) {
 		g_free(dec_out);
 		return FALSE;
 	}
@@ -488,19 +489,22 @@
 	return TRUE;
 }
 
+void jabber_scram_data_destroy(JabberScramData *data)
+{
+	g_free(data->cnonce);
+	if (data->auth_message)
+		g_string_free(data->auth_message, TRUE);
+	if (data->client_proof)
+		g_string_free(data->client_proof, TRUE);
+	if (data->server_signature)
+		g_string_free(data->server_signature, TRUE);
+	g_free(data);
+}
+
 static void scram_dispose(JabberStream *js)
 {
 	if (js->auth_mech_data) {
-		JabberScramData *data = js->auth_mech_data;
-
-		g_free(data->cnonce);
-		if (data->auth_message)
-			g_string_free(data->auth_message, TRUE);
-		if (data->client_proof)
-			g_string_free(data->client_proof, TRUE);
-		if (data->server_signature)
-			g_string_free(data->server_signature, TRUE);
-		g_free(data);
+		jabber_scram_data_destroy(js->auth_mech_data);
 		js->auth_mech_data = NULL;
 	}
 }

Mercurial Repository: pidgin3

mercurial