Changes in storage_xml.c [4e8db1c:eeb85a8]
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
storage_xml.c
r4e8db1c reeb85a8 80 80 char *nick = xml_attr( attr_names, attr_values, "nick" ); 81 81 char *pass = xml_attr( attr_names, attr_values, "password" ); 82 int st;82 md5_byte_t *pass_dec = NULL; 83 83 84 84 if( !nick || !pass ) … … 87 87 "Missing attributes for %s element", element_name ); 88 88 } 89 else if( ( st = md5_verify_password( xd->given_pass, pass ) ) == -1 ) 90 { 91 xd->pass_st = XML_PASS_WRONG; 89 else if( base64_decode( pass, &pass_dec ) != 21 ) 90 { 92 91 g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, 93 92 "Error while decoding password attribute" ); 94 93 } 95 else if( st == 0 )96 {97 if( xd->pass_st != XML_PASS_CHECK_ONLY )98 xd->pass_st = XML_PASS_OK;99 }100 94 else 101 95 { 102 xd->pass_st = XML_PASS_WRONG; 103 g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, 104 "Password mismatch" ); 105 } 96 md5_byte_t pass_md5[16]; 97 md5_state_t md5_state; 98 int i; 99 100 md5_init( &md5_state ); 101 md5_append( &md5_state, (md5_byte_t*) xd->given_pass, strlen( xd->given_pass ) ); 102 md5_append( &md5_state, (md5_byte_t*) pass_dec + 16, 5 ); /* Hmmm, salt! */ 103 md5_finish( &md5_state, pass_md5 ); 104 105 for( i = 0; i < 16; i ++ ) 106 { 107 if( pass_dec[i] != pass_md5[i] ) 108 { 109 xd->pass_st = XML_PASS_WRONG; 110 g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, 111 "Password mismatch" ); 112 break; 113 } 114 } 115 116 /* If we reached the end of the loop, it was a match! */ 117 if( i == 16 ) 118 { 119 if( xd->pass_st != XML_PASS_CHECK_ONLY ) 120 xd->pass_st = XML_PASS_OK; 121 } 122 } 123 124 g_free( pass_dec ); 106 125 } 107 126 else if( xd->pass_st < XML_PASS_OK ) … … 409 428 int pass_len; 410 429 411 pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password , 12);430 pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password ); 412 431 pass_b64 = base64_encode( pass_cr, pass_len ); 413 432 g_free( pass_cr );
Note: See TracChangeset
for help on using the changeset viewer.