Mercurial > pidgin.yaz
changeset 3171:d71c23e4d1c2
[gaim-migrate @ 3187]
MSN security...
committer: Tailor Script <tailor@pidgin.im>
author | Rob Flynn <gaim@robflynn.com> |
---|---|
date | Thu, 25 Apr 2002 23:11:49 +0000 |
parents | 8eb3c7eb3857 |
children | 14045cebdee3 |
files | src/protocols/msn/msn.c |
diffstat | 1 files changed, 121 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/protocols/msn/msn.c Thu Apr 25 07:36:53 2002 +0000 +++ b/src/protocols/msn/msn.c Thu Apr 25 23:11:49 2002 +0000 @@ -104,6 +104,13 @@ GSList *fl; GSList *permit; GSList *deny; + + char *kv; + char *sid; + char *mspauth; + unsigned long sl; + char *passport; + }; struct msn_switchboard { @@ -343,8 +350,18 @@ static void handle_hotmail(struct gaim_connection *gc, char *data) { char login_url[2048]; - - snprintf(login_url, sizeof(login_url), "%s%s&passwd=%s", PASSPORT_URL, gc->username, gc->password); + char buf[MSN_BUF_LEN]; + struct msn_data *md = gc->proto_data; + + g_snprintf(buf, sizeof(buf), "URL %d INBOX\r\n", ++md->trId); + + if (msn_write(md->fd, buf, strlen(buf)) < 0) { + return; + } + + debug_printf("\n"); + + snprintf(login_url, sizeof(login_url), "%s", md->passport); if (strstr(data, "Content-Type: text/x-msmsgsinitialemailnotification;")) { char *x = strstr(data, "Inbox-Unread:"); @@ -573,6 +590,7 @@ serv_got_typing(ms->gc, ms->msguser, MSN_TYPING_RECV_TIMEOUT); return; } + } else if (!g_strncasecmp(content, "Content-Type: text/plain", strlen("Content-Type: text/plain"))) { char *skiphead; @@ -1124,6 +1142,65 @@ ms->sessid = g_strdup(sessid); ms->auth = g_strdup(auth); ms->gc = gc; + } else if (!g_strncasecmp(buf, "URL", 3)) { + char *tmp = buf; + FILE *fd; + md5_state_t st; + md5_byte_t di[16]; + int i; + char buf2[64]; + char sendbuf[64]; + char hippy[2048]; + char *rru; + char *passport; + char *filename; + + GET_NEXT(tmp); + GET_NEXT(tmp); + rru = tmp; + GET_NEXT(tmp); + passport = tmp; + + snprintf(hippy, sizeof(hippy), "%s%d%s", md->mspauth, time(NULL) - md->sl, gc->password); + + md5_init(&st); + md5_append(&st, (const md5_byte_t *)hippy, strlen(hippy)); + md5_finish(&st, di); + + bzero(sendbuf, sizeof(sendbuf)); + for (i = 0; i < 16; i++) { + g_snprintf(buf2, sizeof(buf2), "%02x", di[i]); + strcat(sendbuf, buf2); + } + + md->passport = tmpnam(NULL); + + fd = fopen(md->passport, "w"); + fprintf(fd, "<html>\n"); + fprintf(fd, "<head>\n"); + fprintf(fd, "<noscript>\n"); + fprintf(fd, "<meta http-equiv=Refresh content=\"0; url=http://www.hotmail.com\">\n"); + fprintf(fd, "</noscript>\n"); + fprintf(fd, "</head>\n\n"); + + fprintf(fd, "<body onload=\"document.pform.submit(); \">\n"); + fprintf(fd, "<form name=\"pform\" action=\"%s\" method=\"POST\">\n\n", passport); + fprintf(fd, "<input type=\"hidden\" name=\"mode\" value=\"ttl\">\n"); + fprintf(fd, "<input type=\"hidden\" name=\"login\" value=\"%s\">\n", gc->username); + fprintf(fd, "<input type=\"hidden\" name=\"username\" value=\"%s\">\n", gc->username); + fprintf(fd, "<input type=\"hidden\" name=\"sid\" value=\"%s\">\n", md->sid); + fprintf(fd, "<input type=\"hidden\" name=\"kv\" value=\"%s\">\n", md->kv); + fprintf(fd, "<input type=\"hidden\" name=\"id\" value=\"2\">\n"); + fprintf(fd, "<input type=\"hidden\" name=\"sl\" value=\"%ld\">\n", time(NULL) - md->sl); + fprintf(fd, "<input type=\"hidden\" name=\"rru\" value=\"%s\">\n", rru); + fprintf(fd, "<input type=\"hidden\" name=\"auth\" value=\"%s\">\n", md->mspauth); + fprintf(fd, "<input type=\"hidden\" name=\"creds\" value=\"%s\">\n", sendbuf); // Digest me + fprintf(fd, "<input type=\"hidden\" name=\"svc\" value=\"mail\">\n"); + fprintf(fd, "<input type=\"hidden\" name=\"js\" value=\"yes\">\n"); + fprintf(fd, "</form></body>\n"); + fprintf(fd, "</html>\n"); + fclose(fd); + } else if (!g_strncasecmp(buf, "SYN", 3)) { } else if (!g_strncasecmp(buf, "USR", 3)) { } else if (!g_strncasecmp(buf, "XFR", 3)) { @@ -1194,12 +1271,53 @@ { struct msn_data *md = gc->proto_data; char *skiphead, *utf; + char *content; + + content = strstr(msg, "Content-Type: "); + + if ((content) && (!g_strncasecmp(content, "Content-Type: text/x-msmsgsprofile", + strlen("Content-Type: text/x-msmsgsprofile")))) { + + char *kv,*sid,*mspauth; + + kv = strstr(msg, "kv: "); + sid = strstr(msg, "sid: "); + mspauth = strstr(msg, "MSPAuth: "); + + if (kv) { + char *tmp; + + kv += strlen("kv: "); + tmp = strstr(kv, "\r\n"); *tmp = 0; + md->kv = g_strdup(kv); + } + + if (sid) { + char *tmp; + + sid += strlen("sid: "); + tmp = strstr(sid, "\r\n"); *tmp = 0; + md->sid = g_strdup(sid); + } + + if (mspauth) { + char *tmp; + + mspauth += strlen("MSPAuth: "); + tmp = strstr(mspauth, "\r\n"); *tmp = 0; + md->mspauth = g_strdup(mspauth); + } + + } + + if (!g_strcasecmp(md->msguser, "hotmail")) { handle_hotmail(gc, msg); return; } + skiphead = strstr(msg, "\r\n\r\n"); if (!skiphead || !skiphead[4]) return; @@ -1435,6 +1553,7 @@ md->inpa = 0; md->fd = 0; md->fd = proxy_connect(host, port, msn_login_xfr_connect, gc); + md->sl = time(NULL); if (md->fd < 0) { hide_login_progress(gc, "Unable to transfer"); signoff(gc);