changeset 30008:09ca9dfb2cfe

jabber: Fix a case where a broken server would hang the connection. This also fixes a few small leaks and updates a few strings to match scram_handle_challenge().
author Paul Aurich <paul@darkrain42.org>
date Fri, 21 May 2010 03:26:15 +0000
parents 23b3627ecec3
children 1b1fee952341
files libpurple/protocols/jabber/auth_scram.c
diffstat 1 files changed, 14 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/protocols/jabber/auth_scram.c	Fri May 21 02:40:53 2010 +0000
+++ b/libpurple/protocols/jabber/auth_scram.c	Fri May 21 03:26:15 2010 +0000
@@ -517,13 +517,24 @@
 	gsize len;
 
 	enc_in = xmlnode_get_data(packet);
-	g_return_val_if_fail(enc_in != NULL && *enc_in != '\0', FALSE);
+	if (data->step != 3 && (!enc_in || *enc_in == '\0')) {
+		*error = g_strdup(_("Invalid challenge from server"));
+		g_free(enc_in);
+		return JABBER_SASL_STATE_FAIL;
+	}
 
-	if (data->step == 3)
+	if (data->step == 3) {
+		/*
+		 * If the server took the slow approach (sending the verifier
+		 * as a challenge/response pair), we get here.
+		 */
+		g_free(enc_in);
 		return JABBER_SASL_STATE_OK;
+	}
 
 	if (data->step != 2) {
 		*error = g_strdup(_("Unexpected response from server"));
+		g_free(enc_in);
 		return JABBER_SASL_STATE_FAIL;
 	}
 
@@ -532,7 +543,7 @@
 	if (!dec_in || len != strlen(dec_in)) {
 		/* Danger afoot; SCRAM shouldn't contain NUL bytes */
 		g_free(dec_in);
-		*error = g_strdup(_("Invalid challenge from server"));
+		*error = g_strdup(_("Malicious challenge from server"));
 		return JABBER_SASL_STATE_FAIL;
 	}