Changeset 6a89740 for protocols/msn/soap.c
- Timestamp:
- 2015-05-31T02:40:04Z (9 years ago)
- Children:
- 85dabae
- Parents:
- 95fdf22
- git-author:
- dequis <dx@…> (11-04-15 22:24:13)
- git-committer:
- dequis <dx@…> (31-05-15 02:40:04)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
protocols/msn/soap.c
r95fdf22 r6a89740 174 174 if (!(md->flags & MSN_REAUTHING)) { 175 175 /* Nonce shouldn't actually be touched for re-auths. */ 176 msn_soap_passport_sso_request(soap_req->ic , "blaataap");176 msn_soap_passport_sso_request(soap_req->ic); 177 177 md->flags |= MSN_REAUTHING; 178 178 } … … 259 259 260 260 struct msn_soap_passport_sso_data { 261 char *nonce;262 char *secret;263 261 char *error; 264 262 char *redirect; … … 269 267 struct msn_soap_passport_sso_data *sd = soap_req->data; 270 268 struct im_connection *ic = soap_req->ic; 271 struct msn_data *md = ic->proto_data;272 269 char pass[MAX_PASSPORT_PWLEN + 1]; 273 270 … … 275 272 soap_req->url = sd->redirect; 276 273 sd->redirect = NULL; 277 } 278 /* MS changed this URL and broke the old MSN-specific one. The generic 279 one works, forwarding us to a msn.com URL that works. Takes an extra 280 second, but that's better than not being able to log in at all. :-/ 281 else if( g_str_has_suffix( ic->acc->user, "@msn.com" ) ) 282 soap_req->url = g_strdup( SOAP_PASSPORT_SSO_URL_MSN ); 283 */ 284 else { 274 } else { 285 275 soap_req->url = g_strdup(SOAP_PASSPORT_SSO_URL); 286 276 } … … 289 279 pass[MAX_PASSPORT_PWLEN] = '\0'; 290 280 soap_req->payload = g_markup_printf_escaped(SOAP_PASSPORT_SSO_PAYLOAD, 291 ic->acc->user, pass , md->pp_policy);281 ic->acc->user, pass); 292 282 293 283 return MSN_SOAP_OK; … … 297 287 { 298 288 struct msn_soap_req_data *soap_req = data; 299 struct msn_soap_passport_sso_data *sd = soap_req->data; 300 struct msn_data *md = soap_req->ic->proto_data; 301 struct xt_node *p; 289 struct msn_data *md = soap_req->ic->proto_data; 302 290 char *id; 303 291 … … 306 294 } 307 295 id += strlen(id) - 1; 308 if (*id == '1' &&309 (p = xt_find_path(node, "../../wst:RequestedProofToken/wst:BinarySecret")) &&310 p->text) {311 sd->secret = g_strdup(p->text);312 }313 296 314 297 *id -= '1'; … … 349 332 }; 350 333 351 static char *msn_key_fuckery(char *key, int key_len, char *type)352 {353 unsigned char hash1[20 + strlen(type) + 1];354 unsigned char hash2[20];355 char *ret;356 357 sha1_hmac(key, key_len, type, 0, hash1);358 strcpy((char *) hash1 + 20, type);359 sha1_hmac(key, key_len, (char *) hash1, sizeof(hash1) - 1, hash2);360 361 /* This is okay as hash1 is read completely before it's overwritten. */362 sha1_hmac(key, key_len, (char *) hash1, 20, hash1);363 sha1_hmac(key, key_len, (char *) hash1, sizeof(hash1) - 1, hash1);364 365 ret = g_malloc(24);366 memcpy(ret, hash2, 20);367 memcpy(ret + 20, hash1, 4);368 return ret;369 }370 371 334 static int msn_soap_passport_sso_handle_response(struct msn_soap_req_data *soap_req) 372 335 { … … 374 337 struct im_connection *ic = soap_req->ic; 375 338 struct msn_data *md = ic->proto_data; 376 char *key1, *key2, *key3, *blurb64;377 int key1_len;378 unsigned char *padnonce, *des3res;379 380 struct {381 unsigned int uStructHeaderSize; // 28. Does not count data382 unsigned int uCryptMode; // CRYPT_MODE_CBC (1)383 unsigned int uCipherType; // TripleDES (0x6603)384 unsigned int uHashType; // SHA1 (0x8004)385 unsigned int uIVLen; // 8386 unsigned int uHashLen; // 20387 unsigned int uCipherLen; // 72388 unsigned char iv[8];389 unsigned char hash[20];390 unsigned char cipherbytes[72];391 } blurb = {392 GUINT32_TO_LE(28),393 GUINT32_TO_LE(1),394 GUINT32_TO_LE(0x6603),395 GUINT32_TO_LE(0x8004),396 GUINT32_TO_LE(8),397 GUINT32_TO_LE(20),398 GUINT32_TO_LE(72),399 };400 339 401 340 if (sd->redirect) { … … 408 347 } 409 348 410 if ( sd->secret== NULL) {349 if (md->tokens[0] == NULL) { 411 350 msn_auth_got_passport_token(ic, NULL, sd->error ? sd->error : soap_req->error); 412 351 return MSN_SOAP_OK; 413 352 } 414 353 415 key1_len = base64_decode(sd->secret, (unsigned char **) &key1); 416 417 key2 = msn_key_fuckery(key1, key1_len, "WS-SecureConversationSESSION KEY HASH"); 418 key3 = msn_key_fuckery(key1, key1_len, "WS-SecureConversationSESSION KEY ENCRYPTION"); 419 420 sha1_hmac(key2, 24, sd->nonce, 0, blurb.hash); 421 padnonce = g_malloc(strlen(sd->nonce) + 8); 422 strcpy((char *) padnonce, sd->nonce); 423 memset(padnonce + strlen(sd->nonce), 8, 8); 424 425 random_bytes(blurb.iv, 8); 426 427 ssl_des3_encrypt((unsigned char *) key3, 24, padnonce, strlen(sd->nonce) + 8, blurb.iv, &des3res); 428 memcpy(blurb.cipherbytes, des3res, 72); 429 430 blurb64 = base64_encode((unsigned char *) &blurb, sizeof(blurb)); 431 msn_auth_got_passport_token(ic, blurb64, NULL); 432 433 g_free(padnonce); 434 g_free(blurb64); 435 g_free(des3res); 436 g_free(key1); 437 g_free(key2); 438 g_free(key3); 354 msn_auth_got_passport_token(ic, md->tokens[0], NULL); 439 355 440 356 return MSN_SOAP_OK; … … 445 361 struct msn_soap_passport_sso_data *sd = soap_req->data; 446 362 447 g_free(sd->nonce);448 g_free(sd->secret);449 363 g_free(sd->error); 450 364 g_free(sd->redirect); … … 454 368 } 455 369 456 int msn_soap_passport_sso_request(struct im_connection *ic , const char *nonce)370 int msn_soap_passport_sso_request(struct im_connection *ic) 457 371 { 458 372 struct msn_soap_passport_sso_data *sd = g_new0(struct msn_soap_passport_sso_data, 1); 459 460 sd->nonce = g_strdup(nonce);461 373 462 374 return msn_soap_start(ic, sd, msn_soap_passport_sso_build_request,
Note: See TracChangeset
for help on using the changeset viewer.