# HG changeset patch # User Mark Huetsch # Date 1159317099 0 # Node ID 108152f29f37b8e65d706c5efc3709311e5741af # Parent 622931ca5622f30f799766b14524ea906b0aa4f2 [gaim-migrate @ 17378] There's no reason to generate our session_md5 more than once. This probably doesn't fix the bug from Adium crash 215722, but if it happens again, it'll be a bit easier to track down. Also, I was wrong about the login scheme. Nothing significant is different, so remove the comment. committer: Tailor Script diff -r 622931ca5622 -r 108152f29f37 libgaim/protocols/qq/file_trans.c --- a/libgaim/protocols/qq/file_trans.c Tue Sep 26 23:20:39 2006 +0000 +++ b/libgaim/protocols/qq/file_trans.c Wed Sep 27 00:31:39 2006 +0000 @@ -284,7 +284,7 @@ { qq_data *qd; gint bytes, bytes_expected, encrypted_len; - guint8 *raw_data, *cursor, *encrypted_data, *md5; + guint8 *raw_data, *cursor, *encrypted_data; time_t now; ft_info *info; @@ -296,9 +296,8 @@ bytes = 0; now = time(NULL); - md5 = _gen_session_md5(qd->uid, qd->session_key); - bytes += create_packet_data(raw_data, &cursor, md5, 16); + bytes += create_packet_data(raw_data, &cursor, qd->session_md5, 16); bytes += create_packet_w(raw_data, &cursor, packet_type); switch (packet_type) { case QQ_FILE_CMD_SENDER_SAY_HELLO: @@ -377,8 +376,6 @@ else gaim_debug(GAIM_DEBUG_ERROR, "QQ", "qq_send_file_ctl_packet: Expected to get %d bytes, but get %d", bytes_expected, bytes); - - g_free(md5); } /* send a file to udp channel with QQ_FILE_DATA_PACKET_TAG */ @@ -521,14 +518,12 @@ guint16 packet_type; guint16 seq; guint8 hellobyte; - guint8 *md5; ft_info *info = (ft_info *) qd->xfer->data; decrypted_data = g_newa(guint8, len); decrypted_len = len; - md5 = _gen_session_md5(qd->uid, qd->session_key); - if (qq_crypt(DECRYPT, cursor, len - (cursor - data), md5, decrypted_data, &decrypted_len)) { + if (qq_crypt(DECRYPT, cursor, len - (cursor - data), qd->session_md5, decrypted_data, &decrypted_len)) { cursor = decrypted_data + 16; /* skip md5 section */ read_packet_w(decrypted_data, &cursor, decrypted_len, &packet_type); read_packet_w(decrypted_data, &cursor, decrypted_len, &seq); @@ -577,7 +572,6 @@ gaim_debug(GAIM_DEBUG_INFO, "QQ", "unprocess file command %d\n", packet_type); } } - g_free(md5); } static void _qq_recv_file_progess(GaimConnection *gc, guint8 *buffer, guint16 len, guint32 index, guint32 offset) diff -r 622931ca5622 -r 108152f29f37 libgaim/protocols/qq/im.c --- a/libgaim/protocols/qq/im.c Tue Sep 26 23:20:39 2006 +0000 +++ b/libgaim/protocols/qq/im.c Wed Sep 27 00:31:39 2006 +0000 @@ -425,7 +425,7 @@ void qq_send_packet_im(GaimConnection *gc, guint32 to_uid, gchar *msg, gint type) { qq_data *qd; - guint8 *cursor, *raw_data, *send_im_tail, *md5; + guint8 *cursor, *raw_data, *send_im_tail; guint16 client_tag, normal_im_type; gint msg_len, raw_len, font_name_len, tail_len, bytes; time_t now; @@ -483,7 +483,6 @@ msg_filtered = gaim_markup_strip_html(msg); msg_len = strlen(msg_filtered); now = time(NULL); - md5 = _gen_session_md5(qd->uid, qd->session_key); font_name_len = (font_name) ? strlen(font_name) : DEFAULT_FONT_NAME_LEN; tail_len = font_name_len + QQ_SEND_IM_AFTER_MSG_HEADER_LEN + 1; @@ -504,7 +503,7 @@ /* 014-017: sender uid */ bytes += create_packet_dw(raw_data, &cursor, to_uid); /* 018-033: md5 of (uid+session_key) */ - bytes += create_packet_data(raw_data, &cursor, md5, 16); + bytes += create_packet_data(raw_data, &cursor, qd->session_md5, 16); /* 034-035: message type */ bytes += create_packet_w(raw_data, &cursor, normal_im_type); /* 036-037: sequence number */ diff -r 622931ca5622 -r 108152f29f37 libgaim/protocols/qq/login_logout.c --- a/libgaim/protocols/qq/login_logout.c Tue Sep 26 23:20:39 2006 +0000 +++ b/libgaim/protocols/qq/login_logout.c Wed Sep 27 00:31:39 2006 +0000 @@ -171,23 +171,23 @@ /* 017-020: login uid */ bytes += read_packet_dw(data, &cursor, len, &lrop.uid); /* 021-024: server detected user public IP */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.client_ip, 4); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.client_ip, 4); /* 025-026: server detected user port */ bytes += read_packet_w(data, &cursor, len, &lrop.client_port); /* 027-030: server detected itself ip 127.0.0.1 ? */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.server_ip, 4); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.server_ip, 4); /* 031-032: server listening port */ bytes += read_packet_w(data, &cursor, len, &lrop.server_port); /* 033-036: login time for current session */ - bytes += read_packet_dw(data, &cursor, len, (guint32 *) & lrop.login_time); + bytes += read_packet_dw(data, &cursor, len, (guint32 *) &lrop.login_time); /* 037-062: 26 bytes, unknown */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown1, 26); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown1, 26); /* 063-066: unknown server1 ip address */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown_server1_ip, 4); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown_server1_ip, 4); /* 067-068: unknown server1 port */ bytes += read_packet_w(data, &cursor, len, &lrop.unknown_server1_port); /* 069-072: unknown server2 ip address */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown_server2_ip, 4); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown_server2_ip, 4); /* 073-074: unknown server2 port */ bytes += read_packet_w(data, &cursor, len, &lrop.unknown_server2_port); /* 075-076: 2 bytes unknown */ @@ -195,15 +195,15 @@ /* 077-078: 2 bytes unknown */ bytes += read_packet_w(data, &cursor, len, &lrop.unknown3); /* 079-110: 32 bytes unknown */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown4, 32); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown4, 32); /* 111-122: 12 bytes unknown */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown5, 12); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown5, 12); /* 123-126: login IP of last session */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.last_client_ip, 4); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.last_client_ip, 4); /* 127-130: login time of last session */ - bytes += read_packet_dw(data, &cursor, len, (guint32 *) & lrop.last_login_time); + bytes += read_packet_dw(data, &cursor, len, (guint32 *) &lrop.last_login_time); /* 131-138: 8 bytes unknown */ - bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown6, 8); + bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown6, 8); if (bytes != QQ_LOGIN_REPLY_OK_PACKET_LEN) { /* fail parsing login info */ gaim_debug(GAIM_DEBUG_WARNING, "QQ", @@ -211,15 +211,14 @@ QQ_LOGIN_REPLY_OK_PACKET_LEN, bytes); } /* but we still go on as login OK */ - qd->session_key = g_memdup(lrop.session_key, QQ_KEY_LENGTH); + qd->session_key = lrop.session_key; + qd->session_md5 = _gen_session_md5(qd->uid, qd->session_key); qd->my_ip = gen_ip_str(lrop.client_ip); qd->my_port = lrop.client_port; qd->login_time = lrop.login_time; qd->last_login_time = lrop.last_login_time; qd->last_login_ip = gen_ip_str(lrop.last_client_ip); - g_free(lrop.session_key); - gaim_connection_set_state(gc, GAIM_CONNECTED); qd->logged_in = TRUE; /* must be defined after sev_finish_login */ @@ -279,7 +278,7 @@ } /* process login reply which says wrong password */ -static gint _qq_process_login_wrong_pwd(GaimConnection * gc, guint8 * data, gint len) +static gint _qq_process_login_wrong_pwd(GaimConnection *gc, guint8 *data, gint len) { gchar *server_reply, *server_reply_utf8; server_reply = g_new0(gchar, len); @@ -316,10 +315,6 @@ gaim_debug(GAIM_DEBUG_ERROR, "QQ", "Fail create request login token packet\n"); } -/* TODO: The login packet and its response have changed by QQ2006 Beta2. In that version, - * the login OK response packet does not appear to be decryptable with qd->pwkey or qd->inikey. - * Fortunately, this older system still works. */ - /* send login packet to QQ server */ static void qq_send_packet_login(GaimConnection *gc, guint8 token_length, guint8 *token) { diff -r 622931ca5622 -r 108152f29f37 libgaim/protocols/qq/qq.h --- a/libgaim/protocols/qq/qq.h Tue Sep 26 23:20:39 2006 +0000 +++ b/libgaim/protocols/qq/qq.h Wed Sep 27 00:31:39 2006 +0000 @@ -61,6 +61,7 @@ guint8 *inikey; /* initial key to encrypt login packet */ guint8 *pwkey; /* password in md5 (or md5' md5) */ guint8 *session_key; /* later use this as key in this session */ + guint8 *session_md5; /* concatenate my uid with session_key and md5 it */ guint16 send_seq; /* send sequence number */ guint8 login_mode; /* online of invisible */ diff -r 622931ca5622 -r 108152f29f37 libgaim/protocols/qq/qq_proxy.c --- a/libgaim/protocols/qq/qq_proxy.c Tue Sep 26 23:20:39 2006 +0000 +++ b/libgaim/protocols/qq/qq_proxy.c Wed Sep 27 00:31:39 2006 +0000 @@ -457,6 +457,7 @@ g_free(qd->inikey); g_free(qd->pwkey); g_free(qd->session_key); + g_free(qd->session_md5); g_free(qd->my_ip); g_free(qd); diff -r 622931ca5622 -r 108152f29f37 libgaim/protocols/qq/send_file.c --- a/libgaim/protocols/qq/send_file.c Tue Sep 26 23:20:39 2006 +0000 +++ b/libgaim/protocols/qq/send_file.c Wed Sep 27 00:31:39 2006 +0000 @@ -281,13 +281,11 @@ { gint bytes; time_t now; - guint8 *md5; guint16 seq; ft_info *info; bytes = 0; now = time(NULL); - md5 = _gen_session_md5(qd->uid, qd->session_key); if (!seq_ack) seq = qd->send_seq; else { info = (ft_info *) qd->xfer->data; @@ -305,7 +303,7 @@ /* 014-017: sender uid */ bytes += create_packet_dw (raw_data, cursor, to_uid); /* 018-033: md5 of (uid+session_key) */ - bytes += create_packet_data (raw_data, cursor, md5, 16); + bytes += create_packet_data (raw_data, cursor, qd->session_md5, 16); /* 034-035: message type */ bytes += create_packet_w (raw_data, cursor, message_type); /* 036-037: sequence number */ @@ -332,7 +330,6 @@ /* 063: transfer_type, 0x65: FILE 0x6b: FACE */ bytes += create_packet_b (raw_data, cursor, QQ_FILE_TRANSFER_FILE); /* FIXME */ - g_free (md5); return bytes; }