annotate libpurple/protocols/oscar/clientlogin.c @ 31807:b24babbae157

Bounds-check stringref copies (which are safe anyway)
author Ethan Blanton <elb@pidgin.im>
date Wed, 17 Aug 2011 23:54:59 +0000
parents 6f9a43a2b716
children 7df08e88d9bb
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
1 /*
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
2 * Purple's oscar protocol plugin
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
3 * This file is the legal property of its developers.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
4 * Please see the AUTHORS file distributed alongside this file.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
5 *
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
6 * This library is free software; you can redistribute it and/or
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
7 * modify it under the terms of the GNU Lesser General Public
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
8 * License as published by the Free Software Foundation; either
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
9 * version 2 of the License, or (at your option) any later version.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
10 *
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
11 * This library is distributed in the hope that it will be useful,
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
14 * Lesser General Public License for more details.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
15 *
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
16 * You should have received a copy of the GNU Lesser General Public
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
17 * License along with this library; if not, write to the Free Software
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
19 */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
20
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
21 /**
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
22 * This file implements AIM's clientLogin procedure for authenticating
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
23 * users. This replaces the older MD5-based and XOR-based
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
24 * authentication methods that use SNAC family 0x0017.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
25 *
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
26 * This doesn't use SNACs or FLAPs at all. It makes http and https
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
27 * POSTs to AOL to validate the user based on the password they
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
28 * provided to us. Upon successful authentication we request a
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
29 * connection to the BOS server by calling startOSCARsession. The
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
30 * AOL server gives us the hostname and port number to use, as well
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
31 * as the cookie to use to authenticate to the BOS server. And then
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
32 * everything else is the same as with BUCP.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
33 *
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
34 * For details, see:
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
35 * http://dev.aol.com/aim/oscar/#AUTH
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
36 * http://dev.aol.com/authentication_for_clients
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
37 */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
38
28770
259bbfb423d4 Fix all the remaining files for which internal.h doesn't end up being the first include.
Paul Aurich <paul@darkrain42.org>
parents: 28764
diff changeset
39 #include "oscar.h"
259bbfb423d4 Fix all the remaining files for which internal.h doesn't end up being the first include.
Paul Aurich <paul@darkrain42.org>
parents: 28764
diff changeset
40 #include "oscarcommon.h"
259bbfb423d4 Fix all the remaining files for which internal.h doesn't end up being the first include.
Paul Aurich <paul@darkrain42.org>
parents: 28764
diff changeset
41
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
42 #include "cipher.h"
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
43 #include "core.h"
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
44
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
45 #define AIM_LOGIN_HOST "api.screenname.aol.com"
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
46 #define ICQ_LOGIN_HOST "api.login.icq.net"
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
47
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
48 #define AIM_API_HOST "api.oscar.aol.com"
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
49 #define ICQ_API_HOST "api.icq.net"
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
50
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
51 #define CLIENT_LOGIN_PAGE "/auth/clientLogin"
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
52 #define START_OSCAR_SESSION_PAGE "/aim/startOSCARSession"
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
53
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
54 #define HTTPS_FORMAT_URL(host, page) "https://" host page
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
55
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
56 static const gchar *client_login_urls[] = {
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
57 HTTPS_FORMAT_URL(AIM_LOGIN_HOST, CLIENT_LOGIN_PAGE),
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
58 HTTPS_FORMAT_URL(ICQ_LOGIN_HOST, CLIENT_LOGIN_PAGE),
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
59 };
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
60
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
61 static const gchar *start_oscar_session_urls[] = {
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
62 HTTPS_FORMAT_URL(AIM_API_HOST, START_OSCAR_SESSION_PAGE),
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
63 HTTPS_FORMAT_URL(ICQ_API_HOST, START_OSCAR_SESSION_PAGE),
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
64 };
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
65
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
66 static const gchar *get_client_login_url(OscarData *od)
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
67 {
30893
d9e21370fca0 Continuing Daniel's quest for safety in Pidginland (see b01c2771dfe0c2c521afb1699a3a9c509c12567d).
ivan.komarov@soc.pidgin.im
parents: 30647
diff changeset
68 return client_login_urls[od->icq ? 1 : 0];
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
69 }
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
70
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
71 static const gchar *get_start_oscar_session_url(OscarData *od)
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
72 {
30893
d9e21370fca0 Continuing Daniel's quest for safety in Pidginland (see b01c2771dfe0c2c521afb1699a3a9c509c12567d).
ivan.komarov@soc.pidgin.im
parents: 30647
diff changeset
73 return start_oscar_session_urls[od->icq ? 1 : 0];
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
74 }
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
75
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
76 /*
27425
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
77 * Using clientLogin requires a developer ID. This key is for libpurple.
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
78 * It is the default key for all libpurple-based clients. AOL encourages
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
79 * UIs (especially ones with lots of users) to override this with their
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
80 * own key. This key is owned by the AIM account "markdoliner"
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
81 *
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
82 * Keys can be managed at http://developer.aim.com/manageKeys.jsp
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
83 */
27425
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
84 #define DEFAULT_CLIENT_KEY "ma15d7JTxbmVG-RP"
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
85
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
86 static const char *get_client_key(OscarData *od)
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
87 {
27427
4f24d5da4cb3 Create a oscar_get_ui_info_string() function that looks up a value in the
Mark Doliner <mark@kingant.net>
parents: 27425
diff changeset
88 return oscar_get_ui_info_string(
4f24d5da4cb3 Create a oscar_get_ui_info_string() function that looks up a value in the
Mark Doliner <mark@kingant.net>
parents: 27425
diff changeset
89 od->icq ? "prpl-icq-clientkey" : "prpl-aim-clientkey",
4f24d5da4cb3 Create a oscar_get_ui_info_string() function that looks up a value in the
Mark Doliner <mark@kingant.net>
parents: 27425
diff changeset
90 DEFAULT_CLIENT_KEY);
27425
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
91 }
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
92
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
93 static gchar *generate_error_message(xmlnode *resp, const char *url)
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
94 {
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
95 xmlnode *text;
30902
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
96 xmlnode *status_code_node;
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
97 gchar *status_code;
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
98 gboolean have_error_code = TRUE;
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
99 gchar *err = NULL;
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
100 gchar *details = NULL;
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
101
30902
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
102 status_code_node = xmlnode_get_child(resp, "statusCode");
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
103 if (status_code_node) {
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
104 /* We can get 200 OK here if the server omitted something we think it shouldn't have (see #12783).
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
105 * No point in showing the "Ok" string to the user.
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
106 */
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
107 if ((status_code = xmlnode_get_data_unescaped(status_code_node)) && strcmp(status_code, "200") == 0) {
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
108 have_error_code = FALSE;
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
109 }
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
110 }
4f0d6ee5ffee The end user is not going to be amused when he sees a "<URL>: Ok" connection
ivan.komarov@soc.pidgin.im
parents: 30893
diff changeset
111 if (have_error_code && resp && (text = xmlnode_get_child(resp, "statusText"))) {
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
112 details = xmlnode_get_data(text);
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
113 }
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
114
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
115 if (details && *details) {
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
116 err = g_strdup_printf(_("Received unexpected response from %s: %s"), url, details);
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
117 } else {
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
118 err = g_strdup_printf(_("Received unexpected response from %s"), url);
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
119 }
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
120
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
121 g_free(details);
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
122 return err;
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
123 }
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
124
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
125 /**
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
126 * @return A null-terminated base64 encoded version of the HMAC
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
127 * calculated using the given key and data.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
128 */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
129 static gchar *hmac_sha256(const char *key, const char *message)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
130 {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
131 PurpleCipherContext *context;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
132 guchar digest[32];
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
133
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
134 context = purple_cipher_context_new_by_name("hmac", NULL);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
135 purple_cipher_context_set_option(context, "hash", "sha256");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
136 purple_cipher_context_set_key(context, (guchar *)key);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
137 purple_cipher_context_append(context, (guchar *)message, strlen(message));
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
138 purple_cipher_context_digest(context, sizeof(digest), digest, NULL);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
139 purple_cipher_context_destroy(context);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
140
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
141 return purple_base64_encode(digest, sizeof(digest));
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
142 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
143
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
144 /**
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
145 * @return A base-64 encoded HMAC-SHA256 signature created using the
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
146 * technique documented at
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
147 * http://dev.aol.com/authentication_for_clients#signing
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
148 */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
149 static gchar *generate_signature(const char *method, const char *url, const char *parameters, const char *session_key)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
150 {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
151 char *encoded_url, *signature_base_string, *signature;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
152 const char *encoded_parameters;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
153
28255
79c14adf9669 Change purple_url_encode() to not encode . _ - ~ because it's not
Mark Doliner <mark@kingant.net>
parents: 27989
diff changeset
154 encoded_url = g_strdup(purple_url_encode(url));
79c14adf9669 Change purple_url_encode() to not encode . _ - ~ because it's not
Mark Doliner <mark@kingant.net>
parents: 27989
diff changeset
155 encoded_parameters = purple_url_encode(parameters);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
156 signature_base_string = g_strdup_printf("%s&%s&%s",
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
157 method, encoded_url, encoded_parameters);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
158 g_free(encoded_url);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
159
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
160 signature = hmac_sha256(session_key, signature_base_string);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
161 g_free(signature_base_string);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
162
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
163 return signature;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
164 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
165
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
166 static gboolean parse_start_oscar_session_response(PurpleConnection *gc, const gchar *response, gsize response_len, char **host, unsigned short *port, char **cookie, char **tls_certname)
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
167 {
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
168 OscarData *od = purple_connection_get_protocol_data(gc);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
169 xmlnode *response_node, *tmp_node, *data_node;
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
170 xmlnode *host_node = NULL, *port_node = NULL, *cookie_node = NULL, *tls_node = NULL;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
171 char *tmp;
28521
546dcce6f780 oscar: According to the online docs, statusCode 607 is rate limit (confirmed
Paul Aurich <paul@darkrain42.org>
parents: 28510
diff changeset
172 guint code;
30903
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
173 const gchar *encryption_type = purple_account_get_string(purple_connection_get_account(gc), "encryption", OSCAR_DEFAULT_ENCRYPTION);
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
174
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
175 /* Parse the response as XML */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
176 response_node = xmlnode_from_str(response, response_len);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
177 if (response_node == NULL)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
178 {
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
179 char *msg;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
180 purple_debug_error("oscar", "startOSCARSession could not parse "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
181 "response as XML: %s\n", response);
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
182 /* Note to translators: %s in this string is a URL */
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
183 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
184 get_start_oscar_session_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
185 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
186 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
187 g_free(msg);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
188 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
189 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
190
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
191 /* Grab the necessary XML nodes */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
192 tmp_node = xmlnode_get_child(response_node, "statusCode");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
193 data_node = xmlnode_get_child(response_node, "data");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
194 if (data_node != NULL) {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
195 host_node = xmlnode_get_child(data_node, "host");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
196 port_node = xmlnode_get_child(data_node, "port");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
197 cookie_node = xmlnode_get_child(data_node, "cookie");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
198 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
199
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
200 /* Make sure we have a status code */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
201 if (tmp_node == NULL || (tmp = xmlnode_get_data_unescaped(tmp_node)) == NULL) {
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
202 char *msg;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
203 purple_debug_error("oscar", "startOSCARSession response was "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
204 "missing statusCode: %s\n", response);
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
205 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
206 get_start_oscar_session_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
207 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
208 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
209 g_free(msg);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
210 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
211 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
212 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
213
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
214 /* Make sure the status code was 200 */
28521
546dcce6f780 oscar: According to the online docs, statusCode 607 is rate limit (confirmed
Paul Aurich <paul@darkrain42.org>
parents: 28510
diff changeset
215 code = atoi(tmp);
546dcce6f780 oscar: According to the online docs, statusCode 607 is rate limit (confirmed
Paul Aurich <paul@darkrain42.org>
parents: 28510
diff changeset
216 if (code != 200)
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
217 {
29406
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
218 xmlnode *status_detail_node;
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
219 guint status_detail = 0;
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
220
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
221 status_detail_node = xmlnode_get_child(response_node,
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
222 "statusDetailCode");
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
223 if (status_detail_node) {
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
224 gchar *data = xmlnode_get_data(status_detail_node);
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
225 if (data) {
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
226 status_detail = atoi(data);
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
227 g_free(data);
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
228 }
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
229 }
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
230
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
231 purple_debug_error("oscar", "startOSCARSession response statusCode "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
232 "was %s: %s\n", tmp, response);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
233
29406
fa8a25b46252 401/1014 is a bad signature (it's what I've been getting while testing startOSCARSession over https).
Paul Aurich <paul@darkrain42.org>
parents: 29403
diff changeset
234 if ((code == 401 && status_detail != 1014) || code == 607)
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
235 purple_connection_error_reason(gc,
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
236 PURPLE_CONNECTION_ERROR_OTHER_ERROR,
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
237 _("You have been connecting and disconnecting too "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
238 "frequently. Wait ten minutes and try again. If "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
239 "you continue to try, you will need to wait even "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
240 "longer."));
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
241 else {
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
242 char *msg;
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
243 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
244 get_start_oscar_session_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
245 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
246 PURPLE_CONNECTION_ERROR_OTHER_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
247 g_free(msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
248 }
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
249
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
250 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
251 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
252 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
253 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
254 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
255
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
256 /* Make sure we have everything else */
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
257 if (data_node == NULL || host_node == NULL || port_node == NULL || cookie_node == NULL)
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
258 {
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
259 char *msg;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
260 purple_debug_error("oscar", "startOSCARSession response was missing "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
261 "something: %s\n", response);
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
262 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
263 get_start_oscar_session_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
264 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
265 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
266 g_free(msg);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
267 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
268 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
269 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
270
30903
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
271 if (strcmp(encryption_type, OSCAR_NO_ENCRYPTION) != 0) {
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
272 tls_node = xmlnode_get_child(data_node, "tlsCertName");
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
273 if (tls_node != NULL) {
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
274 *tls_certname = xmlnode_get_data_unescaped(tls_node);
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
275 } else {
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
276 if (strcmp(encryption_type, OSCAR_OPPORTUNISTIC_ENCRYPTION) == 0) {
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
277 purple_debug_warning("oscar", "We haven't received a tlsCertName to use. We will not do SSL to BOS.\n");
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
278 } else {
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
279 purple_debug_error("oscar", "startOSCARSession was missing tlsCertName: %s\n", response);
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
280 purple_connection_error_reason(
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
281 gc,
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
282 PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
283 _("You required encryption in your account settings, but one of the servers doesn't support it."));
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
284 xmlnode_free(response_node);
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
285 return FALSE;
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
286 }
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
287 }
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
288 }
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
289
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
290 /* Extract data from the XML */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
291 *host = xmlnode_get_data_unescaped(host_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
292 tmp = xmlnode_get_data_unescaped(port_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
293 *cookie = xmlnode_get_data_unescaped(cookie_node);
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
294
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
295 if (*host == NULL || **host == '\0' || tmp == NULL || *tmp == '\0' || *cookie == NULL || **cookie == '\0')
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
296 {
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
297 char *msg;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
298 purple_debug_error("oscar", "startOSCARSession response was missing "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
299 "something: %s\n", response);
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
300 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
301 get_start_oscar_session_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
302 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
303 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
304 g_free(msg);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
305 g_free(*host);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
306 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
307 g_free(*cookie);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
308 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
309 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
310 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
311
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
312 *port = atoi(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
313 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
314
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
315 return TRUE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
316 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
317
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
318 static void start_oscar_session_cb(PurpleUtilFetchUrlData *url_data, gpointer user_data, const gchar *url_text, gsize len, const gchar *error_message)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
319 {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
320 OscarData *od;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
321 PurpleConnection *gc;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
322 char *host, *cookie;
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
323 char *tls_certname = NULL;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
324 unsigned short port;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
325 guint8 *cookiedata;
30616
943fce8ef142 Fix for CVE-2010-3711. Properly validate the return value from
Daniel Atallah <daniel.atallah@gmail.com>
parents: 29720
diff changeset
326 gsize cookiedata_len = 0;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
327
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
328 od = user_data;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
329 gc = od->gc;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
330
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
331 od->url_data = NULL;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
332
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
333 if (error_message != NULL || len == 0) {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
334 gchar *tmp;
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
335 /* Note to translators: The first %s is a URL, the second is an
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
336 error message. */
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
337 tmp = g_strdup_printf(_("Error requesting %s: %s"),
30955
6f9a43a2b716 I noticed a NULL printf crash from the first chunk of this change.
Mark Doliner <mark@kingant.net>
parents: 30903
diff changeset
338 get_start_oscar_session_url(od), error_message ?
6f9a43a2b716 I noticed a NULL printf crash from the first chunk of this change.
Mark Doliner <mark@kingant.net>
parents: 30903
diff changeset
339 error_message : _("The server returned an empty response"));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
340 purple_connection_error_reason(gc,
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
341 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
342 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
343 return;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
344 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
345
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
346 if (!parse_start_oscar_session_response(gc, url_text, len, &host, &port, &cookie, &tls_certname))
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
347 return;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
348
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
349 cookiedata = purple_base64_decode(cookie, &cookiedata_len);
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
350 oscar_connect_to_bos(gc, od, host, port, cookiedata, cookiedata_len, tls_certname);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
351 g_free(cookiedata);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
352
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
353 g_free(host);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
354 g_free(cookie);
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
355 g_free(tls_certname);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
356 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
357
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
358 static void send_start_oscar_session(OscarData *od, const char *token, const char *session_key, time_t hosttime)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
359 {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
360 char *query_string, *signature, *url;
30903
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
361 PurpleAccount *account = purple_connection_get_account(od->gc);
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
362 const gchar *encryption_type = purple_account_get_string(account, "encryption", OSCAR_DEFAULT_ENCRYPTION);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
363
28741
5e11c572d730 This magic number is documented in oscar.h, but it makes sense to
Mark Doliner <mark@kingant.net>
parents: 28740
diff changeset
364 /*
5e11c572d730 This magic number is documented in oscar.h, but it makes sense to
Mark Doliner <mark@kingant.net>
parents: 28740
diff changeset
365 * Construct the GET parameters. 0x00000611 is the distid given to
5e11c572d730 This magic number is documented in oscar.h, but it makes sense to
Mark Doliner <mark@kingant.net>
parents: 28740
diff changeset
366 * us by AOL for use as the default libpurple distid.
5e11c572d730 This magic number is documented in oscar.h, but it makes sense to
Mark Doliner <mark@kingant.net>
parents: 28740
diff changeset
367 */
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
368 query_string = g_strdup_printf("a=%s"
28740
41656cf6af7a Send our distid when calling startOSCARSession, as request by AOL
Mark Doliner <mark@kingant.net>
parents: 28521
diff changeset
369 "&distId=%d"
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
370 "&f=xml"
27425
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
371 "&k=%s"
27446
036d94041e09 Fix this compiler warning:
Stu Tomlinson <stu@nosnilmot.com>
parents: 27427
diff changeset
372 "&ts=%" PURPLE_TIME_T_MODIFIER
28509
17617d892bc4 oscar: Properly support TLS when using clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 28255
diff changeset
373 "&useTLS=%d",
28740
41656cf6af7a Send our distid when calling startOSCARSession, as request by AOL
Mark Doliner <mark@kingant.net>
parents: 28521
diff changeset
374 purple_url_encode(token),
30903
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
375 oscar_get_ui_info_int(od->icq ? "prpl-icq-distid" : "prpl-aim-distid", 0x00000611),
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
376 get_client_key(od),
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
377 hosttime,
f8f853ab3aba A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
ivan.komarov@soc.pidgin.im
parents: 30902
diff changeset
378 strcmp(encryption_type, OSCAR_NO_ENCRYPTION) != 0 ? 1 : 0);
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
379 signature = generate_signature("GET", get_start_oscar_session_url(od),
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
380 query_string, session_key);
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
381 url = g_strdup_printf("%s?%s&sig_sha256=%s", get_start_oscar_session_url(od),
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
382 query_string, signature);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
383 g_free(query_string);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
384 g_free(signature);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
385
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
386 /* Make the request */
29403
66a15a093e61 Allow clientLogin POST/GETs to use a configured proxy.
Paul Aurich <paul@darkrain42.org>
parents: 29402
diff changeset
387 od->url_data = purple_util_fetch_url_request_len_with_account(account,
66a15a093e61 Allow clientLogin POST/GETs to use a configured proxy.
Paul Aurich <paul@darkrain42.org>
parents: 29402
diff changeset
388 url, TRUE, NULL, FALSE, NULL, FALSE, -1,
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
389 start_oscar_session_cb, od);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
390 g_free(url);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
391 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
392
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
393 /**
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
394 * This function parses the given response from a clientLogin request
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
395 * and extracts the useful information.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
396 *
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
397 * @param gc The PurpleConnection. If the response data does
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
398 * not indicate then purple_connection_error_reason()
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
399 * will be called to close this connection.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
400 * @param response The response data from the clientLogin request.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
401 * @param response_len The length of the above response, or -1 if
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
402 * @response is NUL terminated.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
403 * @param token If parsing was successful then this will be set to
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
404 * a newly allocated string containing the token. The
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
405 * caller should g_free this string when it is finished
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
406 * with it. On failure this value will be untouched.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
407 * @param secret If parsing was successful then this will be set to
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
408 * a newly allocated string containing the secret. The
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
409 * caller should g_free this string when it is finished
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
410 * with it. On failure this value will be untouched.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
411 * @param hosttime If parsing was successful then this will be set to
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
412 * the time on the OpenAuth Server in seconds since the
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
413 * Unix epoch. On failure this value will be untouched.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
414 *
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
415 * @return TRUE if the request was successful and we were able to
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
416 * extract all info we need. Otherwise FALSE.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
417 */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
418 static gboolean parse_client_login_response(PurpleConnection *gc, const gchar *response, gsize response_len, char **token, char **secret, time_t *hosttime)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
419 {
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
420 OscarData *od = purple_connection_get_protocol_data(gc);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
421 xmlnode *response_node, *tmp_node, *data_node;
27200
a2508ac2e536 Silence some warnings from gcc on OS X. None of these were actually valid.
Paul Aurich <paul@darkrain42.org>
parents: 27190
diff changeset
422 xmlnode *secret_node = NULL, *hosttime_node = NULL, *token_node = NULL, *tokena_node = NULL;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
423 char *tmp;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
424
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
425 /* Parse the response as XML */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
426 response_node = xmlnode_from_str(response, response_len);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
427 if (response_node == NULL)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
428 {
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
429 char *msg;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
430 purple_debug_error("oscar", "clientLogin could not parse "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
431 "response as XML: %s\n", response);
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
432 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
433 get_client_login_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
434 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
435 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
436 g_free(msg);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
437 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
438 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
439
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
440 /* Grab the necessary XML nodes */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
441 tmp_node = xmlnode_get_child(response_node, "statusCode");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
442 data_node = xmlnode_get_child(response_node, "data");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
443 if (data_node != NULL) {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
444 secret_node = xmlnode_get_child(data_node, "sessionSecret");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
445 hosttime_node = xmlnode_get_child(data_node, "hostTime");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
446 token_node = xmlnode_get_child(data_node, "token");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
447 if (token_node != NULL)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
448 tokena_node = xmlnode_get_child(token_node, "a");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
449 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
450
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
451 /* Make sure we have a status code */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
452 if (tmp_node == NULL || (tmp = xmlnode_get_data_unescaped(tmp_node)) == NULL) {
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
453 char *msg;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
454 purple_debug_error("oscar", "clientLogin response was "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
455 "missing statusCode: %s\n", response);
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
456 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
457 get_client_login_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
458 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
459 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
460 g_free(msg);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
461 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
462 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
463 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
464
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
465 /* Make sure the status code was 200 */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
466 if (strcmp(tmp, "200") != 0)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
467 {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
468 int status_code, status_detail_code = 0;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
469
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
470 status_code = atoi(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
471 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
472 tmp_node = xmlnode_get_child(response_node, "statusDetailCode");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
473 if (tmp_node != NULL && (tmp = xmlnode_get_data_unescaped(tmp_node)) != NULL) {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
474 status_detail_code = atoi(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
475 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
476 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
477
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
478 purple_debug_error("oscar", "clientLogin response statusCode "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
479 "was %d (%d): %s\n", status_code, status_detail_code, response);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
480
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
481 if (status_code == 330 && status_detail_code == 3011) {
29720
3fbae92e7e0b oscar: Forget un-remembered passwords on Incorrect Password w/ clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 29700
diff changeset
482 PurpleAccount *account = purple_connection_get_account(gc);
3fbae92e7e0b oscar: Forget un-remembered passwords on Incorrect Password w/ clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 29700
diff changeset
483 if (!purple_account_get_remember_password(account))
3fbae92e7e0b oscar: Forget un-remembered passwords on Incorrect Password w/ clientLogin.
Paul Aurich <paul@darkrain42.org>
parents: 29700
diff changeset
484 purple_account_set_password(account, NULL);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
485 purple_connection_error_reason(gc,
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
486 PURPLE_CONNECTION_ERROR_AUTHENTICATION_FAILED,
27381
f541583e31bd More uniformity among disconnect error messages
Mark Doliner <mark@kingant.net>
parents: 27200
diff changeset
487 _("Incorrect password"));
28995
e1dd357fc494 Add back Paul's error message from revision 219b3128f3d96b126a9ed9aff2d2f3277e69dbd4
Mark Doliner <mark@kingant.net>
parents: 28912
diff changeset
488 } else if (status_code == 330 && status_detail_code == 3015) {
e1dd357fc494 Add back Paul's error message from revision 219b3128f3d96b126a9ed9aff2d2f3277e69dbd4
Mark Doliner <mark@kingant.net>
parents: 28912
diff changeset
489 purple_connection_error_reason(gc,
e1dd357fc494 Add back Paul's error message from revision 219b3128f3d96b126a9ed9aff2d2f3277e69dbd4
Mark Doliner <mark@kingant.net>
parents: 28912
diff changeset
490 PURPLE_CONNECTION_ERROR_AUTHENTICATION_FAILED,
e1dd357fc494 Add back Paul's error message from revision 219b3128f3d96b126a9ed9aff2d2f3277e69dbd4
Mark Doliner <mark@kingant.net>
parents: 28912
diff changeset
491 _("Server requested that you fill out a CAPTCHA in order to "
e1dd357fc494 Add back Paul's error message from revision 219b3128f3d96b126a9ed9aff2d2f3277e69dbd4
Mark Doliner <mark@kingant.net>
parents: 28912
diff changeset
492 "sign in, but this client does not currently support CAPTCHAs."));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
493 } else if (status_code == 401 && status_detail_code == 3019) {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
494 purple_connection_error_reason(gc,
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
495 PURPLE_CONNECTION_ERROR_OTHER_ERROR,
27381
f541583e31bd More uniformity among disconnect error messages
Mark Doliner <mark@kingant.net>
parents: 27200
diff changeset
496 _("AOL does not allow your screen name to authenticate here"));
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
497 } else {
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
498 char *msg;
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
499 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
500 get_client_login_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
501 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
502 PURPLE_CONNECTION_ERROR_OTHER_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
503 g_free(msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
504 }
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
505
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
506 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
507 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
508 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
509 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
510
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
511 /* Make sure we have everything else */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
512 if (data_node == NULL || secret_node == NULL ||
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
513 token_node == NULL || tokena_node == NULL)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
514 {
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
515 char *msg;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
516 purple_debug_error("oscar", "clientLogin response was missing "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
517 "something: %s\n", response);
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
518 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
519 get_client_login_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
520 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
521 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
522 g_free(msg);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
523 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
524 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
525 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
526
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
527 /* Extract data from the XML */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
528 *token = xmlnode_get_data_unescaped(tokena_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
529 *secret = xmlnode_get_data_unescaped(secret_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
530 tmp = xmlnode_get_data_unescaped(hosttime_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
531 if (*token == NULL || **token == '\0' || *secret == NULL || **secret == '\0' || tmp == NULL || *tmp == '\0')
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
532 {
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
533 char *msg;
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
534 purple_debug_error("oscar", "clientLogin response was missing "
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
535 "something: %s\n", response);
28912
c833ae72599b oscar: Try to make the error message more verbose.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 28770
diff changeset
536 msg = generate_error_message(response_node,
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
537 get_client_login_url(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
538 purple_connection_error_reason(gc,
27989
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
539 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg);
2987756bc600 Make the strings in this file more localizable
Mark Doliner <mark@kingant.net>
parents: 27446
diff changeset
540 g_free(msg);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
541 g_free(*token);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
542 g_free(*secret);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
543 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
544 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
545 return FALSE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
546 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
547
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
548 *hosttime = strtol(tmp, NULL, 10);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
549 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
550
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
551 xmlnode_free(response_node);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
552
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
553 return TRUE;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
554 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
555
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
556 static void client_login_cb(PurpleUtilFetchUrlData *url_data, gpointer user_data, const gchar *url_text, gsize len, const gchar *error_message)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
557 {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
558 OscarData *od;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
559 PurpleConnection *gc;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
560 char *token, *secret, *session_key;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
561 time_t hosttime;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
562 int password_len;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
563 char *password;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
564
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
565 od = user_data;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
566 gc = od->gc;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
567
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
568 od->url_data = NULL;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
569
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
570 if (error_message != NULL || len == 0) {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
571 gchar *tmp;
30955
6f9a43a2b716 I noticed a NULL printf crash from the first chunk of this change.
Mark Doliner <mark@kingant.net>
parents: 30903
diff changeset
572 tmp = g_strdup_printf(_("Error requesting %s: %s"),
6f9a43a2b716 I noticed a NULL printf crash from the first chunk of this change.
Mark Doliner <mark@kingant.net>
parents: 30903
diff changeset
573 get_client_login_url(od), error_message ?
6f9a43a2b716 I noticed a NULL printf crash from the first chunk of this change.
Mark Doliner <mark@kingant.net>
parents: 30903
diff changeset
574 error_message : _("The server returned an empty response"));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
575 purple_connection_error_reason(gc,
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
576 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
577 g_free(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
578 return;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
579 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
580
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
581 if (!parse_client_login_response(gc, url_text, len, &token, &secret, &hosttime))
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
582 return;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
583
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
584 password_len = strlen(purple_connection_get_password(gc));
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
585 password = g_strdup_printf("%.*s",
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
586 od->icq ? MIN(password_len, MAXICQPASSLEN) : password_len,
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
587 purple_connection_get_password(gc));
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
588 session_key = hmac_sha256(password, secret);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
589 g_free(password);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
590 g_free(secret);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
591
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
592 send_start_oscar_session(od, token, session_key, hosttime);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
593
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
594 g_free(token);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
595 g_free(session_key);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
596 }
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
597
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
598 /**
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
599 * This function sends a request to
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
600 * https://api.screenname.aol.com/auth/clientLogin with the user's
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
601 * username and password and receives the user's session key, which is
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
602 * used to request a connection to the BOSS server.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
603 */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
604 void send_client_login(OscarData *od, const char *username)
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
605 {
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
606 PurpleConnection *gc;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
607 GString *request, *body;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
608 const char *tmp;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
609 char *password;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
610 int password_len;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
611
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
612 gc = od->gc;
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
613
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
614 /*
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
615 * We truncate ICQ passwords to 8 characters. There is probably a
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
616 * limit for AIM passwords, too, but we really only need to do
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
617 * this for ICQ because older ICQ clients let you enter a password
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
618 * as long as you wanted and then they truncated it silently.
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
619 *
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
620 * And we can truncate based on the number of bytes and not the
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
621 * number of characters because passwords for AIM and ICQ are
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
622 * supposed to be plain ASCII (I don't know if this has always been
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
623 * the case, though).
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
624 */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
625 tmp = purple_connection_get_password(gc);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
626 password_len = strlen(tmp);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
627 password = g_strndup(tmp, od->icq ? MIN(password_len, MAXICQPASSLEN) : password_len);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
628
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
629 /* Construct the body of the HTTP POST request */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
630 body = g_string_new("");
27425
4813810ea7d4 Allow UIs to specify their own AOL client key
Mark Doliner <mark@kingant.net>
parents: 27381
diff changeset
631 g_string_append_printf(body, "devId=%s", get_client_key(od));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
632 g_string_append_printf(body, "&f=xml");
28255
79c14adf9669 Change purple_url_encode() to not encode . _ - ~ because it's not
Mark Doliner <mark@kingant.net>
parents: 27989
diff changeset
633 g_string_append_printf(body, "&pwd=%s", purple_url_encode(password));
79c14adf9669 Change purple_url_encode() to not encode . _ - ~ because it's not
Mark Doliner <mark@kingant.net>
parents: 27989
diff changeset
634 g_string_append_printf(body, "&s=%s", purple_url_encode(username));
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
635 g_free(password);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
636
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
637 /* Construct an HTTP POST request */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
638 request = g_string_new("POST /auth/clientLogin HTTP/1.0\r\n"
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
639 "Connection: close\r\n"
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
640 "Accept: */*\r\n");
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
641
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
642 /* Tack on the body */
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
643 g_string_append_printf(request, "Content-Type: application/x-www-form-urlencoded; charset=UTF-8\r\n");
27190
1a255e11c02b Dear Compiler, Shut up!
Sadrul Habib Chowdhury <imadil@gmail.com>
parents: 27161
diff changeset
644 g_string_append_printf(request, "Content-Length: %" G_GSIZE_FORMAT "\r\n\r\n", body->len);
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
645 g_string_append_len(request, body->str, body->len);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
646 g_string_free(body, TRUE);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
647
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
648 /* Send the POST request */
29403
66a15a093e61 Allow clientLogin POST/GETs to use a configured proxy.
Paul Aurich <paul@darkrain42.org>
parents: 29402
diff changeset
649 od->url_data = purple_util_fetch_url_request_len_with_account(
30647
4297feb30ad1 Merged everything related to ICQ server changes.
ivan.komarov@soc.pidgin.im
parents: 30616
diff changeset
650 purple_connection_get_account(gc), get_client_login_url(od),
29403
66a15a093e61 Allow clientLogin POST/GETs to use a configured proxy.
Paul Aurich <paul@darkrain42.org>
parents: 29402
diff changeset
651 TRUE, NULL, FALSE, request->str, FALSE, -1,
27161
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
652 client_login_cb, od);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
653 g_string_free(request, TRUE);
7054f810b0f9 Check in code that connects to oscar using clientLogin. This is the
Mark Doliner <mark@kingant.net>
parents:
diff changeset
654 }