diff options
| author | ulim <a.sporto+bee@gmail.com> | 2008-04-14 15:10:53 +0200 |
|---|---|---|
| committer | ulim <a.sporto+bee@gmail.com> | 2008-04-14 15:10:53 +0200 |
| commit | b79308b943149d729b1daea8c56cff9fc02711a0 (patch) | |
| tree | a5f80445ed63d864703941474dc6cf8998df3136 /storage_xml.c | |
| parent | 6cac643f6933e431b90fcb937dec505f989e6a53 (diff) | |
| parent | aa311173a85020bcbbbf61135a5451e171d422f5 (diff) | |
merged in upstream r379 (somewhere after 1.2-3).
Just one trivial conflict in the jabber Makefile, went smoothly.
Diffstat (limited to 'storage_xml.c')
| -rw-r--r-- | storage_xml.c | 43 |
1 files changed, 12 insertions, 31 deletions
diff --git a/storage_xml.c b/storage_xml.c index 19070a74..f37fce44 100644 --- a/storage_xml.c +++ b/storage_xml.c @@ -79,49 +79,30 @@ static void xml_start_element( GMarkupParseContext *ctx, const gchar *element_na { char *nick = xml_attr( attr_names, attr_values, "nick" ); char *pass = xml_attr( attr_names, attr_values, "password" ); - md5_byte_t *pass_dec = NULL; + int st; if( !nick || !pass ) { g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, "Missing attributes for %s element", element_name ); } - else if( base64_decode( pass, &pass_dec ) != 21 ) + else if( ( st = md5_verify_password( xd->given_pass, pass ) ) == -1 ) { + xd->pass_st = XML_PASS_WRONG; g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, "Error while decoding password attribute" ); } + else if( st == 0 ) + { + if( xd->pass_st != XML_PASS_CHECK_ONLY ) + xd->pass_st = XML_PASS_OK; + } else { - md5_byte_t pass_md5[16]; - md5_state_t md5_state; - int i; - - md5_init( &md5_state ); - md5_append( &md5_state, (md5_byte_t*) xd->given_pass, strlen( xd->given_pass ) ); - md5_append( &md5_state, (md5_byte_t*) pass_dec + 16, 5 ); /* Hmmm, salt! */ - md5_finish( &md5_state, pass_md5 ); - - for( i = 0; i < 16; i ++ ) - { - if( pass_dec[i] != pass_md5[i] ) - { - xd->pass_st = XML_PASS_WRONG; - g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, - "Password mismatch" ); - break; - } - } - - /* If we reached the end of the loop, it was a match! */ - if( i == 16 ) - { - if( xd->pass_st != XML_PASS_CHECK_ONLY ) - xd->pass_st = XML_PASS_OK; - } + xd->pass_st = XML_PASS_WRONG; + g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, + "Password mismatch" ); } - - g_free( pass_dec ); } else if( xd->pass_st < XML_PASS_OK ) { @@ -427,7 +408,7 @@ static storage_status_t xml_save( irc_t *irc, int overwrite ) char *pass_b64; int pass_len; - pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password ); + pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password, 12 ); pass_b64 = base64_encode( pass_cr, pass_len ); g_free( pass_cr ); |