Changeset 89d736a


Ignore:
Timestamp:
2008-06-22T19:21:06Z (12 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
dfbb056
Parents:
fab3d2d
Message:

From the department of over-engineering, now cached packet IDs are full
MD5 hashes instead of a known MD5 hash with a number. Just to make it
harder to confuse BitlBee by sending it faked responses to packets.

Location:
protocols/jabber
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • protocols/jabber/jabber.c

    rfab3d2d r89d736a  
    3333#include "jabber.h"
    3434#include "md5.h"
    35 #include "base64.h"
    3635
    3736GSList *jabber_connections;
     
    241240}
    242241
     242/* This generates an unfinished md5_state_t variable. Every time we generate
     243   an ID, we finish the state by adding a sequence number and take the hash. */
    243244static void jabber_generate_id_hash( struct jabber_data *jd )
    244245{
    245         md5_state_t id_hash;
    246         md5_byte_t binbuf[16];
     246        md5_byte_t binbuf[4];
    247247        char *s;
    248248       
    249         md5_init( &id_hash );
    250         md5_append( &id_hash, (unsigned char *) jd->username, strlen( jd->username ) );
    251         md5_append( &id_hash, (unsigned char *) jd->server, strlen( jd->server ) );
     249        md5_init( &jd->cached_id_prefix );
     250        md5_append( &jd->cached_id_prefix, (unsigned char *) jd->username, strlen( jd->username ) );
     251        md5_append( &jd->cached_id_prefix, (unsigned char *) jd->server, strlen( jd->server ) );
    252252        s = set_getstr( &jd->ic->acc->set, "resource" );
    253         md5_append( &id_hash, (unsigned char *) s, strlen( s ) );
    254         random_bytes( binbuf, 16 );
    255         md5_append( &id_hash, binbuf, 16 );
    256         md5_finish( &id_hash, binbuf );
    257        
    258         s = base64_encode( binbuf, 9 );
    259         jd->cached_id_prefix = g_strdup_printf( "%s%s", JABBER_CACHED_ID, s );
    260         g_free( s );
     253        md5_append( &jd->cached_id_prefix, (unsigned char *) s, strlen( s ) );
     254        random_bytes( binbuf, 4 );
     255        md5_append( &jd->cached_id_prefix, binbuf, 4 );
    261256}
    262257
     
    289284        xt_free( jd->xt );
    290285       
    291         g_free( jd->cached_id_prefix );
    292286        g_free( jd->away_message );
    293287        g_free( jd->username );
  • protocols/jabber/jabber.h

    rfab3d2d r89d736a  
    8686        char *away_message;
    8787       
    88         char *cached_id_prefix;
     88        md5_state_t cached_id_prefix;
    8989        GHashTable *node_cache;
    9090        GHashTable *buddies;
  • protocols/jabber/jabber_util.c

    rfab3d2d r89d736a  
    2323
    2424#include "jabber.h"
     25#include "md5.h"
     26#include "base64.h"
    2527
    2628static unsigned int next_id = 1;
     
    134136        struct jabber_data *jd = ic->proto_data;
    135137        struct jabber_cache_entry *entry = g_new0( struct jabber_cache_entry, 1 );
    136         char *id;
    137        
    138         id = g_strdup_printf( "%s%05x", jd->cached_id_prefix, ( next_id++ ) & 0xfffff );
     138        md5_state_t id_hash;
     139        md5_byte_t id_sum[16];
     140        char *id, *asc_hash;
     141       
     142        next_id ++;
     143       
     144        id_hash = jd->cached_id_prefix;
     145        md5_append( &id_hash, (md5_byte_t*) &next_id, sizeof( next_id ) );
     146        md5_finish( &id_hash, id_sum );
     147        asc_hash = base64_encode( id_sum, 12 );
     148       
     149        id = g_strdup_printf( "%s%s", JABBER_CACHED_ID, asc_hash );
    139150        xt_add_attr( node, "id", id );
    140151        g_free( id );
     152        g_free( asc_hash );
    141153       
    142154        entry->node = node;
     
    184196       
    185197        if( ( s = xt_find_attr( node, "id" ) ) == NULL ||
    186             strncmp( s, jd->cached_id_prefix, strlen( jd->cached_id_prefix ) ) != 0 )
     198            strncmp( s, JABBER_CACHED_ID, strlen( JABBER_CACHED_ID ) ) != 0 )
    187199        {
    188200                /* Silently ignore it, without an ID (or a non-cache
     
    196208        if( entry == NULL )
    197209        {
     210                /*
     211                There's no longer an easy way to see if we generated this
     212                one or someone else, and there's a ten-minute timeout anyway,
     213                so meh.
     214               
    198215                imcb_log( ic, "Warning: Received %s-%s packet with unknown/expired ID %s!",
    199216                              node->name, xt_find_attr( node, "type" ) ? : "(no type)", s );
     217                */
    200218        }
    201219        else if( entry->func )
Note: See TracChangeset for help on using the changeset viewer.