Mercurial > pidgin

comparison libpurple/protocols/myspace/myspace.c @ 17941:dcbb535e8d55

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Lowercase password before sending it. Closes #2066.
author Jeffrey Connelly <jaconnel@calpoly.edu>
date Wed, 11 Jul 2007 05:17:18 +0000
parents 65cf1785e5bf
children 949fddc9d82f
comparison
equal deleted inserted replaced
17940:1f08b7a0fc12 17941:dcbb535e8d55
354 354
355 purple_connection_update_progress(session->gc, _("Reading challenge"), 1, 4); 355 purple_connection_update_progress(session->gc, _("Reading challenge"), 1, 4);
356 356
357 purple_debug_info("msim", "nc is %d bytes, decoded\n", nc_len); 357 purple_debug_info("msim", "nc is %d bytes, decoded\n", nc_len);
358 358
359 if (nc_len != 0x40) 359 if (nc_len != MSIM_AUTH_CHALLENGE_LENGTH)
360 { 360 {
361 purple_debug_info("msim", "bad nc length: %x != 0x40\n", nc_len); 361 purple_debug_info("msim", "bad nc length: %x != 0x%x\n", nc_len, MSIM_AUTH_CHALLENGE_LENGTH);
362 purple_connection_error(session->gc, _("Unexpected challenge length from server")); 362 purple_connection_error(session->gc, _("Unexpected challenge length from server"));
363 return FALSE; 363 return FALSE;
364 } 364 }
365 365
366 purple_connection_update_progress(session->gc, _("Logging in"), 2, 4); 366 purple_connection_update_progress(session->gc, _("Logging in"), 2, 4);
401 PurpleCipher *sha1; 401 PurpleCipher *sha1;
402 PurpleCipherContext *rc4; 402 PurpleCipherContext *rc4;
403 403
404 guchar hash_pw[HASH_SIZE]; 404 guchar hash_pw[HASH_SIZE];
405 guchar key[HASH_SIZE]; 405 guchar key[HASH_SIZE];
406 gchar *password_utf16le; 406 gchar *password_utf16le, *password_ascii_lc;
407 guchar *data; 407 guchar *data;
408 guchar *data_out; 408 guchar *data_out;
409 size_t data_len, data_out_len; 409 size_t data_len, data_out_len;
410 gsize conv_bytes_read, conv_bytes_written; 410 gsize conv_bytes_read, conv_bytes_written;
411 GError *conv_error; 411 GError *conv_error;
416 g_return_val_if_fail(nonce != NULL, NULL); 416 g_return_val_if_fail(nonce != NULL, NULL);
417 g_return_val_if_fail(email != NULL, NULL); 417 g_return_val_if_fail(email != NULL, NULL);
418 g_return_val_if_fail(password != NULL, NULL); 418 g_return_val_if_fail(password != NULL, NULL);
419 g_return_val_if_fail(response_len != NULL, NULL); 419 g_return_val_if_fail(response_len != NULL, NULL);
420 420
421 /* Convert password to lowercase (required for passwords containing
422 * uppercase characters). MySpace passwords are lowercase,
423 * see ticket #2066. */
424 password_ascii_lc = g_strdup(password);
425 g_strdown(password_ascii_lc);
426
421 /* Convert ASCII password to UTF16 little endian */ 427 /* Convert ASCII password to UTF16 little endian */
422 purple_debug_info("msim", "converting password to UTF-16LE\n"); 428 purple_debug_info("msim", "converting password to UTF-16LE\n");
423 conv_error = NULL; 429 conv_error = NULL;
424 password_utf16le = g_convert(password, -1, "UTF-16LE", "UTF-8", 430 password_utf16le = g_convert(password_ascii_lc, -1, "UTF-16LE", "UTF-8",
425 &conv_bytes_read, &conv_bytes_written, &conv_error); 431 &conv_bytes_read, &conv_bytes_written, &conv_error);
432 g_free(password_ascii_lc);
426 433
427 g_return_val_if_fail(conv_bytes_read == strlen(password), NULL); 434 g_return_val_if_fail(conv_bytes_read == strlen(password), NULL);
428 435
429 if (conv_error != NULL) 436 if (conv_error != NULL)
430 { 437 {