changeset 23673:59f8890ae8cf

Fix up the MSN Inbox URL. There was a typo that caused a use-after-free and also needed to escape the auth key because now it includes slashes and equals-signs, etc.
author Elliott Sales de Andrade <qulogic@pidgin.im>
date Thu, 07 Aug 2008 05:06:49 +0000
parents 5aba1f0f36b0
children 4ca41efb75a7
files libpurple/protocols/msn/notification.c
diffstat 1 files changed, 5 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/protocols/msn/notification.c	Tue Aug 05 02:55:24 2008 +0000
+++ b/libpurple/protocols/msn/notification.c	Thu Aug 07 05:06:49 2008 +0000
@@ -1288,7 +1288,7 @@
 	const char *rru;
 	const char *url;
 	PurpleCipherContext *cipher;
-	gchar digest[33];
+	gchar creds[33];
 	char *buf;
 
 	gulong tmp_timestamp;
@@ -1310,16 +1310,16 @@
 
 	cipher = purple_cipher_context_new_by_name("md5", NULL);
 	purple_cipher_context_append(cipher, (const guchar *)buf, strlen(buf));
-	purple_cipher_context_digest_to_str(cipher, sizeof(digest), digest, NULL);
+	purple_cipher_context_digest_to_str(cipher, sizeof(creds), creds, NULL);
 	purple_cipher_context_destroy(cipher);
 
 	g_free(buf);
 
 	g_free(session->passport_info.mail_url);
-	session->passport_info.mail_url = g_strdup_printf("%s&auth=%s&creds=%s&sl=%ld&username=%s&mode=ttl&sid=%s&id=2&rru=%ssvc_mail&js=yes",
+	session->passport_info.mail_url = g_strdup_printf("%s&auth=%s&creds=%s&sl=%ld&username=%s&mode=ttl&sid=%s&id=2&rru=%s&svc=mail&js=yes",
                                                         url,
-                                                        session->passport_info.mspauth ? session->passport_info.mspauth : "BOGUS",
-                                                        buf,
+                                                        session->passport_info.mspauth ? purple_url_encode(session->passport_info.mspauth) : "BOGUS",
+                                                        creds,
                                                         tmp_timestamp,
                                                         msn_user_get_passport(session->user),
                                                         session->passport_info.sid,