Changeset b79308b for storage_xml.c

Timestamp:

2008-04-14T13:10:53Z (16 years ago)

Author:

ulim <a.sporto+bee@…>

Branches:

master

Children:

0cab388

Parents:

6cac643 (diff), aa31117 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

Message:

merged in upstream r379 (somewhere after 1.2-3).
Just one trivial conflict in the jabber Makefile, went smoothly.

File:

• storage_xml.c (modified) (3 diffs)

storage_xml.c

@@ -80 +80 @@
                 char *nick = xml_attr( attr_names, attr_values, "nick" );
                 char *pass = xml_attr( attr_names, attr_values, "password" );
-                md5_byte_t *pass_dec = NULL;
+                int st;
                 
                 if( !nick || !pass )
@@ -87 +87 @@
                                      "Missing attributes for %s element", element_name );
                 }
-                else if( base64_decode( pass, &pass_dec ) != 21 )
-                {
+                else if( ( st = md5_verify_password( xd->given_pass, pass ) ) == -1 )
+                {
+                        xd->pass_st = XML_PASS_WRONG;
                         g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
                                      "Error while decoding password attribute" );
                 }
+                else if( st == 0 )
+                {
+                        if( xd->pass_st != XML_PASS_CHECK_ONLY )
+                                xd->pass_st = XML_PASS_OK;
+                }
                 else
                 {
-                        md5_byte_t pass_md5[16];
-                        md5_state_t md5_state;
-                        int i;
-                        
-                        md5_init( &md5_state );
-                        md5_append( &md5_state, (md5_byte_t*) xd->given_pass, strlen( xd->given_pass ) );
-                        md5_append( &md5_state, (md5_byte_t*) pass_dec + 16, 5 ); /* Hmmm, salt! */
-                        md5_finish( &md5_state, pass_md5 );
-                        
-                        for( i = 0; i < 16; i ++ )
-                        {
-                                if( pass_dec[i] != pass_md5[i] )
-                                {
-                                        xd->pass_st = XML_PASS_WRONG;
-                                        g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
-                                                     "Password mismatch" );
-                                        break;
-                                }
-                        }
-                        
-                        /* If we reached the end of the loop, it was a match! */
-                        if( i == 16 )
-                        {
-                                if( xd->pass_st != XML_PASS_CHECK_ONLY )
-                                        xd->pass_st = XML_PASS_OK;
-                        }
-                }
-                
-                g_free( pass_dec );
+                        xd->pass_st = XML_PASS_WRONG;
+                        g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
+                                     "Password mismatch" );
+                }
         }
         else if( xd->pass_st < XML_PASS_OK )
@@ -428 +409 @@
                 int pass_len;
                 
-                pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password );
+                pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password, 12 );
                 pass_b64 = base64_encode( pass_cr, pass_len );
                 g_free( pass_cr );