changeset 14632:108152f29f37

[gaim-migrate @ 17378] There's no reason to generate our session_md5 more than once. This probably doesn't fix the bug from Adium crash 215722, but if it happens again, it'll be a bit easier to track down. Also, I was wrong about the login scheme. Nothing significant is different, so remove the comment. committer: Tailor Script <tailor@pidgin.im>
author Mark Huetsch <markhuetsch>
date Wed, 27 Sep 2006 00:31:39 +0000
parents 622931ca5622
children 43bae5968317
files libgaim/protocols/qq/file_trans.c libgaim/protocols/qq/im.c libgaim/protocols/qq/login_logout.c libgaim/protocols/qq/qq.h libgaim/protocols/qq/qq_proxy.c libgaim/protocols/qq/send_file.c
diffstat 6 files changed, 22 insertions(+), 35 deletions(-) [+]
line wrap: on
line diff
--- a/libgaim/protocols/qq/file_trans.c	Tue Sep 26 23:20:39 2006 +0000
+++ b/libgaim/protocols/qq/file_trans.c	Wed Sep 27 00:31:39 2006 +0000
@@ -284,7 +284,7 @@
 {
 	qq_data *qd;
 	gint bytes, bytes_expected, encrypted_len;
-	guint8 *raw_data, *cursor, *encrypted_data, *md5;
+	guint8 *raw_data, *cursor, *encrypted_data;
 	time_t now;
 	ft_info *info;
 	
@@ -296,9 +296,8 @@
 	
 	bytes = 0;
 	now = time(NULL);
-	md5 = _gen_session_md5(qd->uid, qd->session_key);
 
-	bytes += create_packet_data(raw_data, &cursor, md5, 16);
+	bytes += create_packet_data(raw_data, &cursor, qd->session_md5, 16);
 	bytes += create_packet_w(raw_data, &cursor, packet_type);
 	switch (packet_type) {
 		case QQ_FILE_CMD_SENDER_SAY_HELLO:
@@ -377,8 +376,6 @@
 	else
 		gaim_debug(GAIM_DEBUG_ERROR, "QQ", "qq_send_file_ctl_packet: Expected to get %d bytes, but get %d",
 				bytes_expected, bytes);
-
-	g_free(md5);
 }
 
 /* send a file to udp channel with QQ_FILE_DATA_PACKET_TAG */
@@ -521,14 +518,12 @@
 	guint16 packet_type;
 	guint16 seq;
 	guint8 hellobyte;
-	guint8 *md5;
 	ft_info *info = (ft_info *) qd->xfer->data;
 
 	decrypted_data = g_newa(guint8, len);
 	decrypted_len = len;
 
-	md5 = _gen_session_md5(qd->uid, qd->session_key);
-	if (qq_crypt(DECRYPT, cursor, len - (cursor - data), md5, decrypted_data, &decrypted_len)) {
+	if (qq_crypt(DECRYPT, cursor, len - (cursor - data), qd->session_md5, decrypted_data, &decrypted_len)) {
 		cursor = decrypted_data + 16;	/* skip md5 section */
 		read_packet_w(decrypted_data, &cursor, decrypted_len, &packet_type);
 		read_packet_w(decrypted_data, &cursor, decrypted_len, &seq);
@@ -577,7 +572,6 @@
 				gaim_debug(GAIM_DEBUG_INFO, "QQ", "unprocess file command %d\n", packet_type);
 		}
 	} 
-	g_free(md5);
 }
 
 static void _qq_recv_file_progess(GaimConnection *gc, guint8 *buffer, guint16 len, guint32 index, guint32 offset)
--- a/libgaim/protocols/qq/im.c	Tue Sep 26 23:20:39 2006 +0000
+++ b/libgaim/protocols/qq/im.c	Wed Sep 27 00:31:39 2006 +0000
@@ -425,7 +425,7 @@
 void qq_send_packet_im(GaimConnection *gc, guint32 to_uid, gchar *msg, gint type)
 {
 	qq_data *qd;
-	guint8 *cursor, *raw_data, *send_im_tail, *md5;
+	guint8 *cursor, *raw_data, *send_im_tail;
 	guint16 client_tag, normal_im_type;
 	gint msg_len, raw_len, font_name_len, tail_len, bytes;
 	time_t now;
@@ -483,7 +483,6 @@
 	msg_filtered = gaim_markup_strip_html(msg);
 	msg_len = strlen(msg_filtered);
 	now = time(NULL);
-	md5 = _gen_session_md5(qd->uid, qd->session_key);
 
 	font_name_len = (font_name) ? strlen(font_name) : DEFAULT_FONT_NAME_LEN;
 	tail_len = font_name_len + QQ_SEND_IM_AFTER_MSG_HEADER_LEN + 1;
@@ -504,7 +503,7 @@
 	/* 014-017: sender uid */
 	bytes += create_packet_dw(raw_data, &cursor, to_uid);
 	/* 018-033: md5 of (uid+session_key) */
-	bytes += create_packet_data(raw_data, &cursor, md5, 16);
+	bytes += create_packet_data(raw_data, &cursor, qd->session_md5, 16);
 	/* 034-035: message type */
 	bytes += create_packet_w(raw_data, &cursor, normal_im_type);
 	/* 036-037: sequence number */
--- a/libgaim/protocols/qq/login_logout.c	Tue Sep 26 23:20:39 2006 +0000
+++ b/libgaim/protocols/qq/login_logout.c	Wed Sep 27 00:31:39 2006 +0000
@@ -171,23 +171,23 @@
 	/* 017-020: login uid */
 	bytes += read_packet_dw(data, &cursor, len, &lrop.uid);
 	/* 021-024: server detected user public IP */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.client_ip, 4);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.client_ip, 4);
 	/* 025-026: server detected user port */
 	bytes += read_packet_w(data, &cursor, len, &lrop.client_port);
 	/* 027-030: server detected itself ip 127.0.0.1 ? */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.server_ip, 4);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.server_ip, 4);
 	/* 031-032: server listening port */
 	bytes += read_packet_w(data, &cursor, len, &lrop.server_port);
 	/* 033-036: login time for current session */
-	bytes += read_packet_dw(data, &cursor, len, (guint32 *) & lrop.login_time);
+	bytes += read_packet_dw(data, &cursor, len, (guint32 *) &lrop.login_time);
 	/* 037-062: 26 bytes, unknown */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown1, 26);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown1, 26);
 	/* 063-066: unknown server1 ip address */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown_server1_ip, 4);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown_server1_ip, 4);
 	/* 067-068: unknown server1 port */
 	bytes += read_packet_w(data, &cursor, len, &lrop.unknown_server1_port);
 	/* 069-072: unknown server2 ip address */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown_server2_ip, 4);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown_server2_ip, 4);
 	/* 073-074: unknown server2 port */
 	bytes += read_packet_w(data, &cursor, len, &lrop.unknown_server2_port);
 	/* 075-076: 2 bytes unknown */
@@ -195,15 +195,15 @@
 	/* 077-078: 2 bytes unknown */
 	bytes += read_packet_w(data, &cursor, len, &lrop.unknown3);
 	/* 079-110: 32 bytes unknown */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown4, 32);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown4, 32);
 	/* 111-122: 12 bytes unknown */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown5, 12);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown5, 12);
 	/* 123-126: login IP of last session */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.last_client_ip, 4);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.last_client_ip, 4);
 	/* 127-130: login time of last session */
-	bytes += read_packet_dw(data, &cursor, len, (guint32 *) & lrop.last_login_time);
+	bytes += read_packet_dw(data, &cursor, len, (guint32 *) &lrop.last_login_time);
 	/* 131-138: 8 bytes unknown */
-	bytes += read_packet_data(data, &cursor, len, (guint8 *) & lrop.unknown6, 8);
+	bytes += read_packet_data(data, &cursor, len, (guint8 *) &lrop.unknown6, 8);
 
 	if (bytes != QQ_LOGIN_REPLY_OK_PACKET_LEN) {	/* fail parsing login info */
 		gaim_debug(GAIM_DEBUG_WARNING, "QQ",
@@ -211,15 +211,14 @@
 			   QQ_LOGIN_REPLY_OK_PACKET_LEN, bytes);
 	}			/* but we still go on as login OK */
 
-	qd->session_key = g_memdup(lrop.session_key, QQ_KEY_LENGTH);
+	qd->session_key = lrop.session_key;
+	qd->session_md5 = _gen_session_md5(qd->uid, qd->session_key);
 	qd->my_ip = gen_ip_str(lrop.client_ip);
 	qd->my_port = lrop.client_port;
 	qd->login_time = lrop.login_time;
 	qd->last_login_time = lrop.last_login_time;
 	qd->last_login_ip = gen_ip_str(lrop.last_client_ip);
 
-	g_free(lrop.session_key);
-
 	gaim_connection_set_state(gc, GAIM_CONNECTED);
 	qd->logged_in = TRUE;	/* must be defined after sev_finish_login */
 
@@ -279,7 +278,7 @@
 }
 
 /* process login reply which says wrong password */
-static gint _qq_process_login_wrong_pwd(GaimConnection * gc, guint8 * data, gint len)
+static gint _qq_process_login_wrong_pwd(GaimConnection *gc, guint8 *data, gint len)
 {
 	gchar *server_reply, *server_reply_utf8;
 	server_reply = g_new0(gchar, len);
@@ -316,10 +315,6 @@
 		gaim_debug(GAIM_DEBUG_ERROR, "QQ", "Fail create request login token packet\n");
 }
 
-/* TODO: The login packet and its response have changed by QQ2006 Beta2. In that version,
- * the login OK response packet does not appear to be decryptable with qd->pwkey or qd->inikey.
- * Fortunately, this older system still works. */
-
 /* send login packet to QQ server */
 static void qq_send_packet_login(GaimConnection *gc, guint8 token_length, guint8 *token)
 {
--- a/libgaim/protocols/qq/qq.h	Tue Sep 26 23:20:39 2006 +0000
+++ b/libgaim/protocols/qq/qq.h	Wed Sep 27 00:31:39 2006 +0000
@@ -61,6 +61,7 @@
 	guint8 *inikey;			/* initial key to encrypt login packet */
 	guint8 *pwkey;			/* password in md5 (or md5' md5) */
 	guint8 *session_key;		/* later use this as key in this session */
+	guint8 *session_md5;		/* concatenate my uid with session_key and md5 it */
 
 	guint16 send_seq;		/* send sequence number */
 	guint8 login_mode;		/* online of invisible */
--- a/libgaim/protocols/qq/qq_proxy.c	Tue Sep 26 23:20:39 2006 +0000
+++ b/libgaim/protocols/qq/qq_proxy.c	Wed Sep 27 00:31:39 2006 +0000
@@ -457,6 +457,7 @@
 	g_free(qd->inikey);
 	g_free(qd->pwkey);
 	g_free(qd->session_key);
+	g_free(qd->session_md5);
 	g_free(qd->my_ip);
 	g_free(qd);
 
--- a/libgaim/protocols/qq/send_file.c	Tue Sep 26 23:20:39 2006 +0000
+++ b/libgaim/protocols/qq/send_file.c	Wed Sep 27 00:31:39 2006 +0000
@@ -281,13 +281,11 @@
 {
 	gint bytes;
 	time_t now;
-	guint8 *md5;
 	guint16 seq;
 	ft_info *info;
 
 	bytes = 0;
 	now = time(NULL);
-	md5 = _gen_session_md5(qd->uid, qd->session_key);
 	if (!seq_ack) seq = qd->send_seq;
 	else {
 		info = (ft_info *) qd->xfer->data;
@@ -305,7 +303,7 @@
 	/* 014-017: sender uid */
 	bytes += create_packet_dw (raw_data, cursor, to_uid);
 	/* 018-033: md5 of (uid+session_key) */
-	bytes += create_packet_data (raw_data, cursor, md5, 16);
+	bytes += create_packet_data (raw_data, cursor, qd->session_md5, 16);
 	/* 034-035: message type */
 	bytes += create_packet_w (raw_data, cursor, message_type);
 	/* 036-037: sequence number */
@@ -332,7 +330,6 @@
 	/* 063: transfer_type,  0x65: FILE 0x6b: FACE */
 	bytes += create_packet_b (raw_data, cursor, QQ_FILE_TRANSFER_FILE); /* FIXME */
 
-	g_free (md5);
 	return bytes;
 }