Reverting to the old MSN/Passport authentication mechanism, the new one

is "broken". (Bug #439)

3 files changed, 197 insertions, 207 deletions

diff --git a/protocols/msn/ns.c b/protocols/msn/ns.c
index fe48f96d..96363778 100644
--- a/protocols/msn/ns.c
+++ b/protocols/msn/ns.c
@@ -33,7 +33,7 @@ static gboolean msn_ns_callback( gpointer data, gint source, b_input_condition c
 static int msn_ns_command( gpointer data, char **cmd, int num_parts );
 static int msn_ns_message( gpointer data, char *msg, int msglen, char **cmd, int num_parts );
 
-static void msn_auth_got_passport_token( struct msn_auth_data *mad );
+static void msn_auth_got_passport_id( struct passport_reply *rep );
 
 gboolean msn_ns_connected( gpointer data, gint source, b_input_condition cond )
 {
@@ -221,7 +221,7 @@ static int msn_ns_command( gpointer data, char **cmd, int num_parts )
 		if( num_parts == 5 && strcmp( cmd[2], "TWN" ) == 0 && strcmp( cmd[3], "S" ) == 0 )
 		{
 			/* Time for some Passport black magic... */
-			if( !passport_get_token( msn_auth_got_passport_token, ic, ic->acc->user, ic->acc->pass, cmd[4] ) )
+			if( !passport_get_id( msn_auth_got_passport_id, ic, ic->acc->user, ic->acc->pass, cmd[4] ) )
 			{
 				imcb_error( ic, "Error while contacting Passport server" );
 				imc_logout( ic, TRUE );
@@ -708,26 +708,22 @@ static int msn_ns_message( gpointer data, char *msg, int msglen, char **cmd, int
 	return( 1 );
 }
 
-static void msn_auth_got_passport_token( struct msn_auth_data *mad )
+static void msn_auth_got_passport_id( struct passport_reply *rep )
 {
-	struct im_connection *ic = mad->data;
-	struct msn_data *md;
-	
-	/* Dead connection? */
-	if( g_slist_find( msn_connections, ic ) == NULL )
-		return;
+	struct im_connection *ic = rep->data;
+	struct msn_data *md = ic->proto_data;
+	char *key = rep->result;
+	char buf[1024];
 	
-	md = ic->proto_data;
-	if( mad->token )
+	if( key == NULL )
 	{
-		char buf[1024];
-		
-		g_snprintf( buf, sizeof( buf ), "USR %d TWN S %s\r\n", ++md->trId, mad->token );
-		msn_write( ic, buf, strlen( buf ) );
+		imcb_error( ic, "Error during Passport authentication (%s)",
+		               rep->error_string ? rep->error_string : "Unknown error" );
+		imc_logout( ic, TRUE );
 	}
 	else
 	{
-		imcb_error( ic, "Error during Passport authentication: %s", mad->error );
-		imc_logout( ic, TRUE );
+		g_snprintf( buf, sizeof( buf ), "USR %d TWN S %s\r\n", ++md->trId, key );
+		msn_write( ic, buf, strlen( buf ) );
 	}
 }
diff --git a/protocols/msn/passport.c b/protocols/msn/passport.c
index 565d15f3..673b488d 100644
--- a/protocols/msn/passport.c
+++ b/protocols/msn/passport.c
@@ -1,7 +1,8 @@
-/** passport.c
+/* passport.c
  *
- * Functions to login to Microsoft Passport service for Messenger
- * Copyright (C) 2004-2008 Wilmer van der Gaast <wilmer@gaast.net>
+ * Functions to login to microsoft passport service for Messenger
+ * Copyright (C) 2004 Wouter Paesen <wouter@blue-gate.be>
+ * Copyright (C) 2004 Wilmer van der Gaast <wilmer@gaast.net>
  *
  * This program is free software; you can redistribute it and/or modify             
  * it under the terms of the GNU General Public License version 2                   
@@ -22,149 +23,209 @@
 #include "passport.h"
 #include "msn.h"
 #include "bitlbee.h"
-#include "url.h"
-#include "misc.h"
-#include "xmltree.h"
 #include <ctype.h>
 #include <errno.h>
 
-static int passport_get_token_real( struct msn_auth_data *mad );
-static void passport_get_token_ready( struct http_request *req );
+#define MSN_BUF_LEN 8192
 
-int passport_get_token( gpointer func, gpointer data, char *username, char *password, char *cookie )
+static char *prd_cached = NULL;
+
+static int passport_get_id_real( gpointer func, gpointer data, char *header );
+static void passport_get_id_ready( struct http_request *req );
+
+static int passport_retrieve_dalogin( gpointer data, gpointer func, char *header );
+static void passport_retrieve_dalogin_ready( struct http_request *req );
+
+static char *passport_create_header( char *cookie, char *email, char *pwd );
+static void destroy_reply( struct passport_reply *rep );
+
+int passport_get_id( gpointer func, gpointer data, char *username, char *password, char *cookie )
 {
-	struct msn_auth_data *mad = g_new0( struct msn_auth_data, 1 );
-	int i;
-	
-	mad->username = g_strdup( username );
-	mad->password = g_strdup( password );
-	mad->cookie = g_strdup( cookie );
-	
-	mad->callback = func;
-	mad->data = data;
-	
-	mad->url = g_strdup( SOAP_AUTHENTICATION_URL );
-	mad->ttl = 3; /* Max. # of redirects. */
+	char *header = passport_create_header( cookie, username, password );
 	
-	/* HTTP-escape stuff and s/,/&/ */
-	http_decode( mad->cookie );
-	for( i = 0; mad->cookie[i]; i ++ )
-		if( mad->cookie[i] == ',' )
-			mad->cookie[i] = '&';
-	
-	/* Microsoft doesn't allow password longer than 16 chars and silently
-	   fails authentication if you give the "full version" of your passwd. */
-	if( strlen( mad->password ) > MAX_PASSPORT_PWLEN )
-		mad->password[MAX_PASSPORT_PWLEN] = 0;
-	
-	return passport_get_token_real( mad );
+	if( prd_cached == NULL )
+		return passport_retrieve_dalogin( func, data, header );
+	else
+		return passport_get_id_real( func, data, header );
 }
 
-static int passport_get_token_real( struct msn_auth_data *mad )
+static int passport_get_id_real( gpointer func, gpointer data, char *header )
 {
-	char *post_payload, *post_request;
+	struct passport_reply *rep;
+	char *server, *dummy, *reqs;
 	struct http_request *req;
-	url_t url;
 	
-	url_set( &url, mad->url );
+	rep = g_new0( struct passport_reply, 1 );
+	rep->data = data;
+	rep->func = func;
+	rep->header = header;
+	
+	server = g_strdup( prd_cached );
+	dummy = strchr( server, '/' );
+	
+	if( dummy == NULL )
+	{
+		destroy_reply( rep );
+		return( 0 );
+	}
+	
+	reqs = g_strdup_printf( "GET %s HTTP/1.0\r\n%s\r\n\r\n", dummy, header );
 	
-	post_payload = g_markup_printf_escaped( SOAP_AUTHENTICATION_PAYLOAD,
-	                                        mad->username,
-	                                        mad->password,
-	                                        mad->cookie );
+	*dummy = 0;
+	req = http_dorequest( server, 443, 1, reqs, passport_get_id_ready, rep );
 	
-	post_request = g_strdup_printf( SOAP_AUTHENTICATION_REQUEST,
-	                                url.file, url.host,
-	                                (int) strlen( post_payload ),
-	                                post_payload );
-	                                
-	req = http_dorequest( url.host, url.port, 1, post_request,
-	                      passport_get_token_ready, mad );
+	g_free( server );
+	g_free( reqs );
 	
-	g_free( post_request );
-	g_free( post_payload );
+	if( req == NULL )
+		destroy_reply( rep );
 	
-	return req != NULL;
+	return( req != NULL );
 }
 
-static xt_status passport_xt_extract_token( struct xt_node *node, gpointer data );
-static xt_status passport_xt_handle_fault( struct xt_node *node, gpointer data );
-
-static const struct xt_handler_entry passport_xt_handlers[] = {
-	{ "wsse:BinarySecurityToken", "wst:RequestedSecurityToken", passport_xt_extract_token },
-	{ "S:Fault",                  "S:Envelope",                 passport_xt_handle_fault  },
-	{ NULL,                       NULL,                         NULL                      }
-};
-
-static void passport_get_token_ready( struct http_request *req )
+static void passport_get_id_ready( struct http_request *req )
 {
-	struct msn_auth_data *mad = req->data;
-	struct xt_parser *parser;
-	
-	g_free( mad->url );
-	g_free( mad->error );
-	mad->url = mad->error = NULL;
+	struct passport_reply *rep = req->data;
 	
-	if( req->status_code == 200 )
-	{
-		parser = xt_new( passport_xt_handlers, mad );
-		xt_feed( parser, req->reply_body, req->body_size );
-		xt_handle( parser, NULL, -1 );
-		xt_free( parser );
-	}
-	else
+	if( !g_slist_find( msn_connections, rep->data ) )
 	{
-		mad->error = g_strdup_printf( "HTTP error %d (%s)", req->status_code,
-		                              req->status_string ? req->status_string : "unknown" );
+		destroy_reply( rep );
+		return;
 	}
 	
-	if( mad->error == NULL && mad->token == NULL )
-		mad->error = g_strdup( "Could not parse Passport server response" );
-	
-	if( mad->url && mad->token == NULL )
+	if( req->finished && req->reply_headers && req->status_code == 200 )
 	{
-		passport_get_token_real( mad );
+		char *dummy;
+		
+		if( ( dummy = strstr( req->reply_headers, "from-PP='" ) ) )
+		{
+			char *responseend;
+			
+			dummy += strlen( "from-PP='" );
+			responseend = strchr( dummy, '\'' );
+			if( responseend )
+				*responseend = 0;
+			
+			rep->result = g_strdup( dummy );
+		}
+		else
+		{
+			rep->error_string = g_strdup( "Could not parse Passport server response" );
+		}
 	}
 	else
 	{
-		mad->callback( mad );
-		
-		g_free( mad->url );
-		g_free( mad->username );
-		g_free( mad->password );
-		g_free( mad->cookie );
-		g_free( mad->token );
-		g_free( mad->error );
-		g_free( mad );
+		rep->error_string = g_strdup_printf( "HTTP error: %s",
+		                      req->status_string ? req->status_string : "Unknown error" );
 	}
+	
+	rep->func( rep );
+	destroy_reply( rep );
 }
 
-static xt_status passport_xt_extract_token( struct xt_node *node, gpointer data )
+static char *passport_create_header( char *cookie, char *email, char *pwd )
 {
-	struct msn_auth_data *mad = data;
-	char *s;
+	char *buffer;
+	char *currenttoken;
+	char *email_enc, *pwd_enc;
+	
+	currenttoken = strstr( cookie, "lc=" );
+	if( currenttoken == NULL )
+		return NULL;
+	
+	email_enc = g_new0( char, strlen( email ) * 3 + 1 );
+	strcpy( email_enc, email );
+	http_encode( email_enc );
+	
+	pwd_enc = g_new0( char, strlen( pwd ) * 3 + 1 );
+	g_snprintf( pwd_enc, 17, "%s", pwd ); /* Passwords >16 chars never succeed. (Bug #360) */
+	strcpy( pwd_enc, pwd );
+	http_encode( pwd_enc );
 	
-	if( ( s = xt_find_attr( node, "Id" ) ) && strcmp( s, "PPToken1" ) == 0 )
-		mad->token = g_memdup( node->text, node->text_len + 1 );
+	buffer = g_strdup_printf( "Authorization: Passport1.4 OrgVerb=GET,"
+	                          "OrgURL=http%%3A%%2F%%2Fmessenger%%2Emsn%%2Ecom,"
+	                          "sign-in=%s,pwd=%s,%s", email_enc, pwd_enc,
+	                          currenttoken );
 	
-	return XT_HANDLED;
+	g_free( email_enc );
+	g_free( pwd_enc );
+	
+	return buffer;
 }
 
-static xt_status passport_xt_handle_fault( struct xt_node *node, gpointer data )
+static int passport_retrieve_dalogin( gpointer func, gpointer data, char *header )
 {
-	struct msn_auth_data *mad = data;
-	struct xt_node *code = xt_find_node( node->children, "faultcode" );
-	struct xt_node *string = xt_find_node( node->children, "faultstring" );
-	struct xt_node *redirect = xt_find_node( node->children, "psf:redirectUrl" );
+	struct passport_reply *rep = g_new0( struct passport_reply, 1 );
+	struct http_request *req;
 	
-	if( redirect && redirect->text_len && mad->ttl-- > 0 )
-		mad->url = g_memdup( redirect->text, redirect->text_len + 1 );
+	rep->data = data;
+	rep->func = func;
+	rep->header = header;
 	
-	if( code == NULL || code->text_len == 0 )
-		mad->error = g_strdup( "Unknown error" );
-	else
-		mad->error = g_strdup_printf( "%s (%s)", code->text, string && string->text_len ?
-		                              string->text : "no description available" );
+	req = http_dorequest_url( "https://nexus.passport.com/rdr/pprdr.asp", passport_retrieve_dalogin_ready, rep );
+	
+	if( !req )
+		destroy_reply( rep );
+	
+	return( req != NULL );
+}
+
+static void passport_retrieve_dalogin_ready( struct http_request *req )
+{
+	struct passport_reply *rep = req->data;
+	char *dalogin;
+	char *urlend;
+	
+	if( !g_slist_find( msn_connections, rep->data ) )
+	{
+		destroy_reply( rep );
+		return;
+	}
+	
+	if( !req->finished || !req->reply_headers || req->status_code != 200 )
+	{
+		rep->error_string = g_strdup_printf( "HTTP error while fetching DALogin: %s",
+		                        req->status_string ? req->status_string : "Unknown error" );
+		goto failure;
+	}
 	
-	return XT_HANDLED;
+	dalogin = strstr( req->reply_headers, "DALogin=" );	
+	
+	if( !dalogin )
+	{
+		rep->error_string = g_strdup( "Parse error while fetching DALogin" );
+		goto failure;
+	}
+	
+	dalogin += strlen( "DALogin=" );
+	urlend = strchr( dalogin, ',' );
+	if( urlend )
+		*urlend = 0;
+	
+	/* strip the http(s):// part from the url */
+	urlend = strstr( urlend, "://" );
+	if( urlend )
+		dalogin = urlend + strlen( "://" );
+	
+	if( prd_cached == NULL )
+		prd_cached = g_strdup( dalogin );
+	
+	if( passport_get_id_real( rep->func, rep->data, rep->header ) )
+	{
+		rep->header = NULL;
+		destroy_reply( rep );
+		return;
+	}
+	
+failure:	
+	rep->func( rep );
+	destroy_reply( rep );
+}
+
+static void destroy_reply( struct passport_reply *rep )
+{
+	g_free( rep->result );
+	g_free( rep->header );
+	g_free( rep->error_string );
+	g_free( rep );
 }
diff --git a/protocols/msn/passport.h b/protocols/msn/passport.h
index 517d2e91..9fd81a82 100644
--- a/protocols/msn/passport.h
+++ b/protocols/msn/passport.h
@@ -1,7 +1,10 @@
+#ifndef __PASSPORT_H__
+#define __PASSPORT_H__
 /* passport.h
  *
- * Functions to login to Microsoft Passport service for Messenger
- * Copyright (C) 2004-2008 Wilmer van der Gaast <wilmer@gaast.net>
+ * Functions to login to Microsoft Passport Service for Messenger
+ * Copyright (C) 2004 Wouter Paesen <wouter@blue-gate.be>,
+ *                    Wilmer van der Gaast <wilmer@gaast.net>
  *
  * This program is free software; you can redistribute it and/or modify             
  * it under the terms of the GNU General Public License version 2                   
@@ -14,15 +17,9 @@
  *                                                                                   
  * You should have received a copy of the GNU General Public License                
  * along with this program; if not, write to the Free Software                      
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA          
+ *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA          
  */
 
-/* Thanks to http://msnpiki.msnfanatic.com/index.php/MSNP13:SOAPTweener
-   for the specs! */
-
-#ifndef __PASSPORT_H__
-#define __PASSPORT_H__
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -35,79 +32,15 @@
 #endif
 #include "nogaim.h"
 
-#define MAX_PASSPORT_PWLEN 16
-
-struct msn_auth_data
+struct passport_reply
 {
-	char *url;
-	int ttl;
-	
-	char *username;
-	char *password;
-	char *cookie;
-	
-	/* The end result, the only thing we'll really be interested in
-	   once finished. */
-	char *token;
-	char *error; /* Yeah, or that... */
-	
-	void (*callback)( struct msn_auth_data *mad );
-	gpointer data;
+	void (*func)( struct passport_reply * );
+	void *data;
+	char *result;
+	char *header;
+	char *error_string;
 };
 
-#define SOAP_AUTHENTICATION_URL "https://loginnet.passport.com/RST.srf"
-
-#define SOAP_AUTHENTICATION_REQUEST \
-"POST %s HTTP/1.0\r\n" \
-"Accept: text/*\r\n" \
-"User-Agent: BitlBee " BITLBEE_VERSION "\r\n" \
-"Host: %s\r\n" \
-"Content-Length: %d\r\n" \
-"Cache-Control: no-cache\r\n" \
-"\r\n" \
-"%s"
-
-#define SOAP_AUTHENTICATION_PAYLOAD \
-"<?xml version=\"1.0\" encoding=\"UTF-8\"?>" \
-"<Envelope xmlns=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsse=\"http://schemas.xmlsoap.org/ws/2003/06/secext\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2002/12/policy\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" xmlns:wsa=\"http://schemas.xmlsoap.org/ws/2004/03/addressing\" xmlns:wssc=\"http://schemas.xmlsoap.org/ws/2004/04/sc\" xmlns:wst=\"http://schemas.xmlsoap.org/ws/2004/04/trust\">" \
-  "<Header>" \
-    "<ps:AuthInfo xmlns:ps=\"http://schemas.microsoft.com/Passport/SoapServices/PPCRL\" Id=\"PPAuthInfo\">" \
-      "<ps:HostingApp>{7108E71A-9926-4FCB-BCC9-9A9D3F32E423}</ps:HostingApp>" \
-      "<ps:BinaryVersion>4</ps:BinaryVersion>" \
-      "<ps:UIVersion>1</ps:UIVersion>" \
-      "<ps:Cookies></ps:Cookies>" \
-      "<ps:RequestParams>AQAAAAIAAABsYwQAAAAzMDg0</ps:RequestParams>" \
-    "</ps:AuthInfo>" \
-    "<wsse:Security>" \
-       "<wsse:UsernameToken Id=\"user\">" \
-         "<wsse:Username>%s</wsse:Username>" \
-         "<wsse:Password>%s</wsse:Password>" \
-       "</wsse:UsernameToken>" \
-    "</wsse:Security>" \
-  "</Header>" \
-  "<Body>" \
-    "<ps:RequestMultipleSecurityTokens xmlns:ps=\"http://schemas.microsoft.com/Passport/SoapServices/PPCRL\" Id=\"RSTS\">" \
-      "<wst:RequestSecurityToken Id=\"RST0\">" \
-        "<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>" \
-        "<wsp:AppliesTo>" \
-          "<wsa:EndpointReference>" \
-            "<wsa:Address>http://Passport.NET/tb</wsa:Address>" \
-          "</wsa:EndpointReference>" \
-        "</wsp:AppliesTo>" \
-      "</wst:RequestSecurityToken>" \
-      "<wst:RequestSecurityToken Id=\"RST1\">" \
-       "<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>" \
-        "<wsp:AppliesTo>" \
-          "<wsa:EndpointReference>" \
-            "<wsa:Address>messenger.msn.com</wsa:Address>" \
-          "</wsa:EndpointReference>" \
-        "</wsp:AppliesTo>" \
-        "<wsse:PolicyReference URI=\"?%s\"></wsse:PolicyReference>" \
-      "</wst:RequestSecurityToken>" \
-    "</ps:RequestMultipleSecurityTokens>" \
-  "</Body>" \
-"</Envelope>"
-
-int passport_get_token( gpointer func, gpointer data, char *username, char *password, char *cookie );
+int passport_get_id( gpointer func, gpointer data, char *username, char *password, char *cookie );
 
 #endif /* __PASSPORT_H__ */