Mercurial > pidgin.yaz
changeset 24069:dc112387190f
2008.09.29 - ccpaging <ccpaging(at)gmail.com>
* 'Check Password' function for protocol 2007/2008
author | SHiNE CsyFeK <csyfek@gmail.com> |
---|---|
date | Wed, 22 Oct 2008 14:41:13 +0000 |
parents | 87e61a85f5dd |
children | 832178d951ca |
files | libpurple/protocols/qq/ChangeLog libpurple/protocols/qq/buddy_opt.c libpurple/protocols/qq/group_join.c libpurple/protocols/qq/im.c libpurple/protocols/qq/qq.h libpurple/protocols/qq/qq_base.c libpurple/protocols/qq/qq_network.c libpurple/protocols/qq/qq_process.c |
diffstat | 8 files changed, 145 insertions(+), 118 deletions(-) [+] |
line wrap: on
line diff
--- a/libpurple/protocols/qq/ChangeLog Wed Oct 22 14:40:04 2008 +0000 +++ b/libpurple/protocols/qq/ChangeLog Wed Oct 22 14:41:13 2008 +0000 @@ -1,3 +1,6 @@ +2008.09.29 - ccpaging <ccpaging(at)gmail.com> + * 'Check Password' function for protocol 2007/2008 + 2008.09.28 - ccpaging <ccpaging(at)gmail.com> * The source is only for debug, not for user: 1. Implement new QQ protocol 2007/2008, include login and change status
--- a/libpurple/protocols/qq/buddy_opt.c Wed Oct 22 14:40:04 2008 +0000 +++ b/libpurple/protocols/qq/buddy_opt.c Wed Oct 22 14:41:13 2008 +0000 @@ -512,7 +512,7 @@ g_return_val_if_fail(gc->account != NULL && uid != 0, NULL); qd = (qq_data *) gc->proto_data; - if (is_known || uid == qd->uid) { + if (is_known) { group_name = g_strdup_printf(PURPLE_GROUP_QQ_FORMAT, purple_account_get_username(gc->account)); } else { @@ -529,7 +529,7 @@ purple_blist_remove_buddy(buddy); buddy = purple_buddy_new(gc->account, buddy_name, NULL); - if ( !is_known && uid != qd->uid) { + if ( !is_known) { if (purple_privacy_check(gc->account, buddy_name)) { purple_privacy_deny(gc->account, buddy_name, TRUE, FALSE); } else {
--- a/libpurple/protocols/qq/group_join.c Wed Oct 22 14:40:04 2008 +0000 +++ b/libpurple/protocols/qq/group_join.c Wed Oct 22 14:41:13 2008 +0000 @@ -39,6 +39,7 @@ #include "group_opt.h" #include "group_conv.h" #include "group_search.h" +#include "group_im.h" #include "qq_define.h" #include "packet_parse.h" #include "qq_network.h" @@ -226,6 +227,9 @@ gint bytes; guint32 id; qq_data *qd; + qq_group *group; + gchar *msg; + time_t now = time(NULL); g_return_if_fail(data != NULL && len > 0); qd = (qq_data *) gc->proto_data; @@ -239,7 +243,14 @@ bytes += qq_get32(&id, data + bytes); g_return_if_fail(id > 0); - qq_got_attention(gc, _("Successed join to Qun")); + group = qq_room_search_id(gc, id); + if (group != NULL) { + msg = g_strdup_printf(_("Successed join to Qun %s (%d)"), group->title_utf8, group->ext_id); + qq_room_got_chat_in(gc, group, 0, msg, now); + g_free(msg); + } else { + qq_got_attention(gc, _("Successed join to Qun")); + } } /* process group cmd reply "join group" */
--- a/libpurple/protocols/qq/im.c Wed Oct 22 14:40:04 2008 +0000 +++ b/libpurple/protocols/qq/im.c Wed Oct 22 14:41:13 2008 +0000 @@ -298,24 +298,21 @@ { qq_data *qd; gchar *from; - PurpleBuddy *b; - qq_buddy *qq_b; + PurpleBuddy *buddy; time_t now = time(NULL); qd = (qq_data *) gc->proto_data; - from = uid_to_purple_name(qd->uid); g_return_if_fail(qd->uid > 0); - b = purple_find_buddy(gc->account, from); - if (b == NULL) { - qq_create_buddy(gc, qd->uid, FALSE, TRUE); - b = purple_find_buddy(gc->account, from); + from = uid_to_purple_name(qd->uid); + buddy = purple_find_buddy(gc->account, from); + if (buddy == NULL) { + qq_create_buddy(gc, qd->uid, TRUE, TRUE); } - qq_b = (b == NULL) ? NULL : (qq_buddy *) b->proto_data; - g_return_if_fail(qq_b != NULL); serv_got_im(gc, from, msg, PURPLE_MESSAGE_SYSTEM | PURPLE_MESSAGE_NOTIFY, now); + g_free(from); } /* process received normal text IM */
--- a/libpurple/protocols/qq/qq.h Wed Oct 22 14:40:04 2008 +0000 +++ b/libpurple/protocols/qq/qq.h Wed Oct 22 14:41:13 2008 +0000 @@ -60,8 +60,8 @@ guint8 *token_ex; /* get from server */ guint16 token_ex_len; - guint8 pwd_2nd_md5[QQ_KEY_LENGTH]; /* password in md5 (or md5' md5) */ - guint8 pwd_4th_md5[QQ_KEY_LENGTH]; + guint8 pwd_md5[QQ_KEY_LENGTH]; /* password in md5 (or md5' md5) */ + guint8 pwd_twice_md5[QQ_KEY_LENGTH]; guint8 *login_token; guint16 login_token_len; @@ -73,7 +73,7 @@ guint8 b1; guint32 w1; guint32 w2; - guint32 ip; + struct in_addr ip; }; struct _qq_add_request {
--- a/libpurple/protocols/qq/qq_base.c Wed Oct 22 14:40:04 2008 +0000 +++ b/libpurple/protocols/qq/qq_base.c Wed Oct 22 14:41:13 2008 +0000 @@ -34,16 +34,13 @@ #include "qq_crypt.h" #include "group.h" #include "qq_define.h" +#include "qq_network.h" #include "qq_base.h" #include "packet_parse.h" #include "qq.h" #include "qq_network.h" #include "utils.h" -#define QQ_LOGIN_DATA_LENGTH 416 -#define QQ_LOGIN_REPLY_OK_PACKET_LEN 139 -#define QQ_LOGIN_REPLY_REDIRECT_PACKET_LEN 11 - /* generate a md5 key using uid and session_key */ static void get_session_md5(guint8 *session_md5, guint32 uid, guint8 *session_key) { @@ -71,7 +68,13 @@ qd = (qq_data *) gc->proto_data; qq_show_packet("Login reply", data, len); - /* FIXME, check QQ_LOGIN_REPLY_OK_PACKET_LEN here */ + if (len < 139) { + purple_connection_error_reason(gc, + PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR, + _("Can not decrypt get server reply")); + return QQ_LOGIN_REPLY_ERR; + } + bytes = 0; bytes += qq_get8(&ret, data + bytes); bytes += qq_getdata(qd->session_key, sizeof(qd->session_key), data + bytes); @@ -134,11 +137,9 @@ tm_local->tm_hour, tm_local->tm_min, tm_local->tm_sec); /* unknow 9 bytes, 0x(00 0a 00 0a 01 00 00 0e 10) */ - if (bytes != QQ_LOGIN_REPLY_OK_PACKET_LEN) { /* fail parsing login info */ - purple_debug_warning("QQ", - "Fail parsing login info, expect %d bytes, read %d bytes\n", - QQ_LOGIN_REPLY_OK_PACKET_LEN, bytes); - } /* but we still go on as login OK */ + if (len > 139) { + purple_debug_warning("QQ", "Login reply more than expected %d bytes, read %d bytes\n", 139, bytes); + } return QQ_LOGIN_REPLY_OK; } @@ -155,6 +156,13 @@ } packet; + if (len < 11) { + purple_connection_error_reason(gc, + PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR, + _("Can not decrypt get server reply")); + return QQ_LOGIN_REPLY_ERR; + } + qd = (qq_data *) gc->proto_data; bytes = 0; /* 000-000: reply code */ @@ -166,11 +174,8 @@ /* 009-010: redirected new server port */ bytes += qq_get16(&packet.new_server_port, data + bytes); - if (bytes != QQ_LOGIN_REPLY_REDIRECT_PACKET_LEN) { - purple_debug_error("QQ", - "Fail parsing login redirect packet, expect %d bytes, read %d bytes\n", - QQ_LOGIN_REPLY_REDIRECT_PACKET_LEN, bytes); - return QQ_LOGIN_REPLY_ERR; + if (len > 11) { + purple_debug_error("QQ", "Login redirect more than expected %d bytes, read %d bytes\n", 11, bytes); } /* redirect to new server, do not disconnect or connect here @@ -239,15 +244,15 @@ g_return_if_fail(qd->ld.token != NULL && qd->ld.token_len > 0); - raw_data = g_newa(guint8, QQ_LOGIN_DATA_LENGTH); - memset(raw_data, 0, QQ_LOGIN_DATA_LENGTH); + raw_data = g_newa(guint8, MAX_PACKET_SIZE - 16); + memset(raw_data, 0, MAX_PACKET_SIZE - 16); - encrypted = g_newa(guint8, QQ_LOGIN_DATA_LENGTH + 16); /* 16 bytes more */ + encrypted = g_newa(guint8, MAX_PACKET_SIZE); /* 16 bytes more */ bytes = 0; /* now generate the encrypted data * 000-015 use password_twice_md5 as key to encrypt empty string */ - encrypted_len = qq_encrypt(encrypted, (guint8 *) "", 0, qd->ld.pwd_2nd_md5); + encrypted_len = qq_encrypt(encrypted, (guint8 *) "", 0, qd->ld.pwd_twice_md5); g_return_if_fail(encrypted_len == 16); bytes += qq_putdata(raw_data + bytes, encrypted, encrypted_len); @@ -270,8 +275,10 @@ /* 100 bytes unknown */ bytes += qq_putdata(raw_data + bytes, login_100_bytes, 100); /* all zero left */ + memset(raw_data + bytes, 0, 416 - bytes); + bytes = 416; - encrypted_len = qq_encrypt(encrypted, raw_data, QQ_LOGIN_DATA_LENGTH, qd->ld.random_key); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.random_key); buf = g_newa(guint8, MAX_PACKET_SIZE); memset(buf, 0, MAX_PACKET_SIZE); @@ -350,7 +357,7 @@ qd = (qq_data *) gc->proto_data; for (i = 0; i < 4; i++) - qq_send_cmd(gc, QQ_CMD_LOGOUT, qd->ld.pwd_2nd_md5, QQ_KEY_LENGTH); + qq_send_cmd(gc, QQ_CMD_LOGOUT, qd->ld.pwd_twice_md5, QQ_KEY_LENGTH); qd->is_login = FALSE; /* update login status AFTER sending logout packets */ } @@ -502,15 +509,19 @@ g_return_if_fail(gc != NULL && gc->proto_data != NULL); qd = (qq_data *) gc->proto_data; - raw_data = g_newa(guint8, QQ_LOGIN_DATA_LENGTH); - memset(raw_data, 0, QQ_LOGIN_DATA_LENGTH); + raw_data = g_newa(guint8, sizeof(qd->redirect_data)); + memset(raw_data, 0, sizeof(qd->redirect_data)); - encrypted = g_newa(guint8, QQ_LOGIN_DATA_LENGTH + 16); /* 16 bytes more */ + encrypted = g_newa(guint8, sizeof(qd->redirect_data) + 16); /* 16 bytes more */ bytes = 0; - bytes += qq_putdata(raw_data + bytes, (guint8 *)&qd->redirect_data, sizeof(qd->redirect_data)); + bytes += qq_put16(raw_data + bytes, qd->redirect_data.ret); + bytes += qq_put8(raw_data + bytes, qd->redirect_data.b1); + bytes += qq_put32(raw_data + bytes, qd->redirect_data.w1); + bytes += qq_put32(raw_data + bytes, qd->redirect_data.w2); + bytes += qq_putIP(raw_data + bytes, &(qd->redirect_data.ip)); - encrypted_len = qq_encrypt(encrypted, raw_data, QQ_LOGIN_DATA_LENGTH, qd->ld.random_key); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.random_key); buf = g_newa(guint8, MAX_PACKET_SIZE); memset(buf, 0, MAX_PACKET_SIZE); @@ -519,34 +530,44 @@ bytes += qq_putdata(buf + bytes, encrypted, encrypted_len); qd->send_seq++; - qq_send_cmd_encrypted(gc, QQ_CMD_LOGIN, qd->send_seq, buf, bytes, TRUE); + qq_send_cmd_encrypted(gc, QQ_CMD_GET_SERVER, qd->send_seq, buf, bytes, TRUE); } guint16 qq_process_get_server(PurpleConnection *gc, guint8 *data, gint data_len) { qq_data *qd; - qq_redirect_data *redirect; + gint bytes; g_return_val_if_fail (gc != NULL && gc->proto_data != NULL, QQ_LOGIN_REPLY_ERR); qd = (qq_data *) gc->proto_data; g_return_val_if_fail (data != NULL, QQ_LOGIN_REPLY_ERR); - if (data_len < sizeof(qq_redirect_data)) { - purple_connection_error_reason(gc, - PURPLE_CONNECTION_ERROR_NETWORK_ERROR, - _("Can not decrypt get server reply")); - return QQ_LOGIN_REPLY_ERR; - } - - redirect = (qq_redirect_data *)data; - if (redirect->ret == 0) { + + /* qq_show_packet("Get Server", data, data_len); */ + bytes = 0; + bytes += qq_get16(&qd->redirect_data.ret, data + bytes); + if (qd->redirect_data.ret == 0) { memset(&qd->redirect_data, 0, sizeof(qd->redirect_data)); qd->redirect_ip.s_addr = 0; return QQ_LOGIN_REPLY_OK; } - g_memmove(&qd->redirect_data, redirect, sizeof(qd->redirect_data)); - g_memmove(&qd->redirect_ip, &redirect->ip, sizeof(qd->redirect_ip)); + if (data_len < 15) { + purple_connection_error_reason(gc, + PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR, + _("Can not decrypt get server reply")); + return QQ_LOGIN_REPLY_ERR; + } + + bytes += qq_get8(&qd->redirect_data.b1, data + bytes); + bytes += qq_get32(&qd->redirect_data.w1, data + bytes); + bytes += qq_get32(&qd->redirect_data.w2, data + bytes); + bytes += qq_getIP(&qd->redirect_data.ip, data + bytes); + purple_debug_info("QQ", "Get server %d-%d-%d%d, %s\n", + qd->redirect_data.ret, qd->redirect_data.b1, qd->redirect_data.w1, qd->redirect_data.w2, + inet_ntoa(qd->redirect_data.ip)); + + g_memmove(&qd->redirect_ip, &qd->redirect_data.ip, sizeof(qd->redirect_ip)); return QQ_LOGIN_REPLY_REDIRECT; } @@ -577,7 +598,7 @@ bytes += qq_put8(raw_data + bytes, 0); /* fragment index */ bytes += qq_put16(raw_data + bytes, 0); /* captcha token */ - encrypted_len = qq_encrypt(encrypted, raw_data, QQ_LOGIN_DATA_LENGTH, qd->ld.random_key); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.random_key); buf = g_newa(guint8, MAX_PACKET_SIZE); memset(buf, 0, MAX_PACKET_SIZE); @@ -617,7 +638,7 @@ bytes += qq_put16(raw_data + bytes, qd->captcha.token_len); /* captcha token */ bytes += qq_putdata(raw_data + bytes, qd->captcha.token, qd->captcha.token_len); - encrypted_len = qq_encrypt(encrypted, raw_data, QQ_LOGIN_DATA_LENGTH, qd->ld.random_key); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.random_key); buf = g_newa(guint8, MAX_PACKET_SIZE); memset(buf, 0, MAX_PACKET_SIZE); @@ -662,7 +683,7 @@ bytes += qq_put16(raw_data + bytes, qd->captcha.token_len); /* captcha token */ bytes += qq_putdata(raw_data + bytes, qd->captcha.token, qd->captcha.token_len); - encrypted_len = qq_encrypt(encrypted, raw_data, QQ_LOGIN_DATA_LENGTH, qd->ld.random_key); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.random_key); buf = g_newa(guint8, MAX_PACKET_SIZE); memset(buf, 0, MAX_PACKET_SIZE); @@ -783,8 +804,8 @@ ret = data[0]; bytes = 0; - bytes += qq_get8(&sub_cmd, data + bytes); - bytes += 2; + bytes += qq_get8(&sub_cmd, data + bytes); /* 03: ok; 04: need verifying */ + bytes += 2; /* 0x(00 05) */ bytes += qq_get8(&reply, data + bytes); bytes += qq_get16(&(qd->ld.token_ex_len), data + bytes); @@ -794,7 +815,7 @@ if(reply != 1) { - purple_debug_info("QQ", "Captcha verified\n"); + purple_debug_info("QQ", "Captcha verified, result %d\n", reply); return QQ_LOGIN_REPLY_OK; } @@ -863,8 +884,9 @@ gint bytes; guint8 *encrypted; gint encrypted_len; + gint count; static guint8 header[] = { - 0x00, 0x5F, 0x00, 0x00, 0x08, 0x04, 0x01, 0x0E + 0x00, 0x5F, 0x00, 0x00, 0x08, 0x04, 0x01, 0xE0 }; g_return_if_fail(gc != NULL && gc->proto_data != NULL); @@ -879,39 +901,35 @@ /* Encrypted password and put in encrypted */ bytes = 0; - bytes += qq_putdata(raw_data + bytes, qd->ld.pwd_2nd_md5, sizeof(qd->ld.pwd_2nd_md5)); - bytes += qq_put16(raw_data + bytes, 0); - bytes += qq_put16(raw_data + bytes, 0); + bytes += qq_putdata(raw_data + bytes, qd->ld.pwd_md5, sizeof(qd->ld.pwd_md5)); + bytes += qq_put16(raw_data + bytes, rand() & 0); + bytes += qq_put16(raw_data + bytes, rand() & 0xffff); - encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.pwd_4th_md5); - + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.pwd_twice_md5); /* create packet */ bytes = 0; bytes += qq_putdata(raw_data + bytes, header, sizeof(header)); /* token get from qq_process_token_ex */ - bytes += qq_put16(raw_data + bytes, qd->ld.token_ex_len); + bytes += qq_put8(raw_data + bytes, qd->ld.token_ex_len); bytes += qq_putdata(raw_data + bytes, qd->ld.token_ex, qd->ld.token_ex_len); /* password encrypted */ bytes += qq_put16(raw_data + bytes, encrypted_len); bytes += qq_putdata(raw_data + bytes, encrypted, encrypted_len); - /* some random data */ - bytes += qq_put16(raw_data + bytes, 0x0014); - bytes += qq_put32(raw_data + bytes, rand() & 0xffff); - bytes += qq_put32(raw_data + bytes, rand() & 0xffff); - bytes += qq_put32(raw_data + bytes, rand() & 0xffff); - bytes += qq_put32(raw_data + bytes, rand() & 0xffff); - bytes += qq_put32(raw_data + bytes, rand() & 0xffff); + /* random data, 20 bytes */ + bytes += qq_put16(raw_data + bytes, 0x0014); /* length of next segment*/ + count = 0x14; + while (count--) bytes += qq_put8(raw_data + bytes, rand() & 0xff); /* put length into first 2 bytes */ qq_put16(raw_data, bytes - 2); /* tail */ - bytes += qq_put8(raw_data + bytes, 0); - bytes += qq_put8(raw_data + bytes, 0x03); + bytes += qq_put8(raw_data + bytes, 0); /* length of next segment */ + bytes += qq_put8(raw_data + bytes, 0x03); /* length of next segment */ bytes += qq_put8(raw_data + bytes, 0); - bytes += qq_put8(raw_data + bytes, qd->ld.pwd_2nd_md5[1]); - bytes += qq_put8(raw_data + bytes, qd->ld.pwd_2nd_md5[2]); - + bytes += qq_put8(raw_data + bytes, qd->ld.pwd_md5[1]); + bytes += qq_put8(raw_data + bytes, qd->ld.pwd_md5[2]); + qq_show_packet("QQ", raw_data, bytes); /* Encrypted by random key*/ - encrypted_len = qq_encrypt(encrypted, raw_data, QQ_LOGIN_DATA_LENGTH, qd->ld.random_key); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.random_key); buf = g_newa(guint8, MAX_PACKET_SIZE); memset(buf, 0, MAX_PACKET_SIZE); @@ -920,7 +938,7 @@ bytes += qq_putdata(buf + bytes, encrypted, encrypted_len); qd->send_seq++; - qq_send_cmd_encrypted(gc, QQ_CMD_LOGIN, qd->send_seq, buf, bytes, TRUE); + qq_send_cmd_encrypted(gc, QQ_CMD_CHECK_PWD, qd->send_seq, buf, bytes, TRUE); } guint8 qq_process_check_pwd_2007( PurpleConnection *gc, guint8 *data, gint data_len) @@ -960,7 +978,7 @@ switch (ret) { - case 0x34: /* invalid password */ + case 0x34: /* invalid password, 2nd byte is 0xc6 */ if (!purple_account_get_remember_password(gc->account)) { purple_account_set_password(gc->account, NULL); } @@ -987,13 +1005,13 @@ } qq_hex_dump(PURPLE_DEBUG_WARNING, "QQ", data, data_len, ">>> [default] decrypt and dump"); - bytes = 1; + bytes = 11; bytes += qq_get16(&msg_len, data + bytes); msg = g_strndup((gchar *)data + bytes, msg_len); msg_utf8 = qq_to_utf8(msg, QQ_CHARSET_DEFAULT); - purple_debug_error("QQ", "%s: %s\n", error, msg_utf8); + purple_debug_error("QQ", "%s:\n%s\n", error, msg_utf8); purple_connection_error_reason(gc, reason, msg_utf8); g_free(error); @@ -1100,39 +1118,37 @@ /* Encrypted password and put in encrypted */ bytes = 0; - bytes += qq_putdata(raw_data + bytes, qd->ld.pwd_2nd_md5, sizeof(qd->ld.pwd_2nd_md5)); + bytes += qq_putdata(raw_data + bytes, qd->ld.pwd_md5, sizeof(qd->ld.pwd_md5)); bytes += qq_put16(raw_data + bytes, 0); - bytes += qq_put16(raw_data + bytes, (guint16) (rand() & 0xffff)); + bytes += qq_put16(raw_data + bytes, rand() & 0xffff); - encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.pwd_4th_md5); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.pwd_twice_md5); /* create packet */ bytes = 0; bytes += qq_putdata(raw_data + bytes, header, sizeof(header)); /* token get from qq_request_token_ex */ - bytes += qq_put16(raw_data + bytes, qd->ld.token_ex_len); + bytes += qq_put8(raw_data + bytes, qd->ld.token_ex_len); bytes += qq_putdata(raw_data + bytes, qd->ld.token_ex, qd->ld.token_ex_len); - bytes += qq_put8(raw_data + bytes, 0); /* password encrypted */ bytes += qq_put16(raw_data + bytes, encrypted_len); bytes += qq_putdata(raw_data + bytes, encrypted, encrypted_len); - bytes += qq_put8(raw_data + bytes, 0); /* len of unknown + len of CRC32 */ - bytes += qq_put8(raw_data + bytes, sizeof(unknown) + 4); + bytes += qq_put16(raw_data + bytes, sizeof(unknown) + 4); bytes += qq_putdata(raw_data + bytes, unknown, sizeof(unknown)); bytes += qq_put32( raw_data + bytes, crc32(0xFFFFFFFF, unknown, sizeof(unknown))); /* put length into first 2 bytes */ qq_put16(raw_data, bytes - 2); /* tail */ - bytes += qq_put8(raw_data + bytes, 0); - bytes += qq_put8(raw_data + bytes, 0x03); + bytes += qq_put16(raw_data + bytes, 0x0003); bytes += qq_put8(raw_data + bytes, 0); - bytes += qq_put8(raw_data + bytes, qd->ld.pwd_2nd_md5[1]); - bytes += qq_put8(raw_data + bytes, qd->ld.pwd_2nd_md5[2]); + bytes += qq_put8(raw_data + bytes, qd->ld.pwd_md5[1]); + bytes += qq_put8(raw_data + bytes, qd->ld.pwd_md5[2]); + qq_show_packet("Check password", raw_data, bytes); /* Encrypted by random key*/ - encrypted_len = qq_encrypt(encrypted, raw_data, QQ_LOGIN_DATA_LENGTH, qd->ld.random_key); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.random_key); buf = g_newa(guint8, MAX_PACKET_SIZE); memset(buf, 0, MAX_PACKET_SIZE); @@ -1141,7 +1157,7 @@ bytes += qq_putdata(buf + bytes, encrypted, encrypted_len); qd->send_seq++; - qq_send_cmd_encrypted(gc, QQ_CMD_LOGIN, qd->send_seq, buf, bytes, TRUE); + qq_send_cmd_encrypted(gc, QQ_CMD_CHECK_PWD, qd->send_seq, buf, bytes, TRUE); } void qq_request_login_2007(PurpleConnection *gc) @@ -1184,11 +1200,11 @@ /* Encrypted password and put in encrypted */ bytes = 0; - bytes += qq_putdata(raw_data + bytes, qd->ld.pwd_2nd_md5, sizeof(qd->ld.pwd_2nd_md5)); + bytes += qq_putdata(raw_data + bytes, qd->ld.pwd_md5, sizeof(qd->ld.pwd_md5)); bytes += qq_put16(raw_data + bytes, 0); bytes += qq_put16(raw_data + bytes, 0xffff); - encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.pwd_4th_md5); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.pwd_twice_md5); /* create packet */ bytes = 0; @@ -1196,8 +1212,8 @@ /* password encrypted */ bytes += qq_put16(raw_data + bytes, encrypted_len); bytes += qq_putdata(raw_data + bytes, encrypted, encrypted_len); - /* put data which NULL string encrypted by key pwd_4th_md5 */ - encrypted_len = qq_encrypt(encrypted, (guint8 *) "", 0, qd->ld.pwd_4th_md5); + /* put data which NULL string encrypted by key pwd_twice_md5 */ + encrypted_len = qq_encrypt(encrypted, (guint8 *) "", 0, qd->ld.pwd_twice_md5); g_return_if_fail(encrypted_len == 16); bytes += qq_putdata(raw_data + bytes, encrypted, encrypted_len); /* unknow fill */ @@ -1337,11 +1353,11 @@ /* Encrypted password and put in encrypted */ bytes = 0; - bytes += qq_putdata(raw_data + bytes, qd->ld.pwd_2nd_md5, sizeof(qd->ld.pwd_2nd_md5)); + bytes += qq_putdata(raw_data + bytes, qd->ld.pwd_md5, sizeof(qd->ld.pwd_md5)); bytes += qq_put16(raw_data + bytes, 0); bytes += qq_put16(raw_data + bytes, 0xffff); - encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.pwd_4th_md5); + encrypted_len = qq_encrypt(encrypted, raw_data, bytes, qd->ld.pwd_twice_md5); /* create packet */ bytes = 0; @@ -1350,8 +1366,8 @@ /* password encrypted */ bytes += qq_put16(raw_data + bytes, encrypted_len); bytes += qq_putdata(raw_data + bytes, encrypted, encrypted_len); - /* put data which NULL string encrypted by key pwd_4th_md5 */ - encrypted_len = qq_encrypt(encrypted, (guint8 *) "", 0, qd->ld.pwd_4th_md5); + /* put data which NULL string encrypted by key pwd_twice_md5 */ + encrypted_len = qq_encrypt(encrypted, (guint8 *) "", 0, qd->ld.pwd_twice_md5); g_return_if_fail(encrypted_len == 16); bytes += qq_putdata(raw_data + bytes, encrypted, encrypted_len); /* unknow 19 bytes zero filled*/
--- a/libpurple/protocols/qq/qq_network.c Wed Oct 22 14:40:04 2008 +0000 +++ b/libpurple/protocols/qq/qq_network.c Wed Oct 22 14:41:13 2008 +0000 @@ -309,6 +309,8 @@ switch (cmd) { case QQ_CMD_TOKEN: case QQ_CMD_GET_SERVER: + case QQ_CMD_TOKEN_EX: + case QQ_CMD_CHECK_PWD: case QQ_CMD_LOGIN: ret = qq_proc_login_cmds(gc, cmd, seq, buf + bytes, bytes_not_read, update_class, ship32); if (ret != QQ_LOGIN_REPLY_OK) { @@ -715,13 +717,11 @@ passwd = purple_account_get_password(purple_connection_get_account(gc)); /* use twice-md5 of user password as session key since QQ 2003iii */ - dest = qd->ld.pwd_2nd_md5; + dest = qd->ld.pwd_md5; qq_get_md5(dest, dest_len, (guint8 *)passwd, strlen(passwd)); - qq_get_md5(dest, dest_len, dest, dest_len); - dest = qd->ld.pwd_4th_md5; - qq_get_md5(dest, dest_len, qd->ld.pwd_2nd_md5, dest_len); - qq_get_md5(dest, dest_len, dest, dest_len); + dest = qd->ld.pwd_twice_md5; + qq_get_md5(dest, dest_len, qd->ld.pwd_md5, dest_len); } /* the callback function after socket is built @@ -1021,8 +1021,8 @@ qq_trans_remove_all(gc); memset(qd->ld.random_key, 0, sizeof(qd->ld.random_key)); - memset(qd->ld.pwd_2nd_md5, 0, sizeof(qd->ld.pwd_2nd_md5)); - memset(qd->ld.pwd_4th_md5, 0, sizeof(qd->ld.pwd_4th_md5)); + memset(qd->ld.pwd_md5, 0, sizeof(qd->ld.pwd_md5)); + memset(qd->ld.pwd_twice_md5, 0, sizeof(qd->ld.pwd_twice_md5)); memset(qd->ld.login_key, 0, sizeof(qd->ld.login_key)); memset(qd->session_key, 0, sizeof(qd->session_key)); memset(qd->session_md5, 0, sizeof(qd->session_md5));
--- a/libpurple/protocols/qq/qq_process.c Wed Oct 22 14:40:04 2008 +0000 +++ b/libpurple/protocols/qq/qq_process.c Wed Oct 22 14:41:13 2008 +0000 @@ -607,18 +607,18 @@ if (data_len >= 0) { purple_debug_warning("QQ", "Decrypt login packet by random_key, %d bytes\n", data_len); } else { - data_len = qq_decrypt(data, rcved, rcved_len, qd->ld.pwd_4th_md5); + data_len = qq_decrypt(data, rcved, rcved_len, qd->ld.pwd_twice_md5); if (data_len >= 0) { - purple_debug_warning("QQ", "Decrypt login packet by pwd_4th_md5, %d bytes\n", data_len); + purple_debug_warning("QQ", "Decrypt login packet by pwd_twice_md5, %d bytes\n", data_len); } } break; case QQ_CMD_LOGIN: default: if (qd->client_version > 2005) { - data_len = qq_decrypt(data, rcved, rcved_len, qd->ld.pwd_4th_md5); + data_len = qq_decrypt(data, rcved, rcved_len, qd->ld.pwd_twice_md5); if (data_len >= 0) { - purple_debug_warning("QQ", "Decrypt login packet by pwd_4th_md5\n"); + purple_debug_warning("QQ", "Decrypt login packet by pwd_twice_md5\n"); } else { data_len = qq_decrypt(data, rcved, rcved_len, qd->ld.login_key); if (data_len >= 0) { @@ -631,9 +631,9 @@ if (data_len >= 0) { purple_debug_warning("QQ", "Decrypt login packet by random_key\n"); } else { - data_len = qq_decrypt(data, rcved, rcved_len, qd->ld.pwd_2nd_md5); + data_len = qq_decrypt(data, rcved, rcved_len, qd->ld.pwd_twice_md5); if (data_len >= 0) { - purple_debug_warning("QQ", "Decrypt login packet by pwd_2nd_md5\n"); + purple_debug_warning("QQ", "Decrypt login packet by pwd_twice_md5\n"); } } }