pidgin: 657be692: Patch from Will Hawkins to fix SIMPLE au...

Tue May 13 15:00:44 EDT 2008

-----------------------------------------------------------------
Revision: 657be692e8fe314ef25624dc2b70d25e1cf8085b
Ancestor: a9b967ef48f5df65686f453f94132b83a4e90145
Author: datallah at pidgin.im
Date: 2008-05-13T18:55:06
Branch: im.pidgin.pidgin
URL: http://d.pidgin.im/viewmtn/revision/info/657be692e8fe314ef25624dc2b70d25e1cf8085b

Modified files:
        libpurple/protocols/simple/simple.c

ChangeLog: 

Patch from Will Hawkins to fix SIMPLE authentication on some servers.
Fixes #4890.

-------------- next part --------------
============================================================

--- libpurple/protocols/simple/simple.c	e07f04cd366dd21c21f226f1e1d72b9dc7f81f09
+++ libpurple/protocols/simple/simple.c	aa84a7e60063ca0db12992fd9050f168acbdd3b1
@@ -309,6 +309,12 @@ static char *parse_attribute(const char 
 	char *retval = NULL;
 	int len = strlen(attrname);
 
+	/* we know that source is NULL-terminated.
+	 * Therefore this loop won't be infinite.
+	 */
+	while (source[0] == ' ')
+ 		source++;
+
 	if(!strncmp(source, attrname, len)) {
 		tmp = source + len;
 		tmp2 = g_strstr_len(tmp, strlen(tmp), "\"");
@@ -341,7 +347,7 @@ static void fill_auth(struct simple_acco
 	if(!g_ascii_strncasecmp(hdr, "NTLM", 4)) {
 		purple_debug_info("simple", "found NTLM\n");
 		auth->type = 2;
-		parts = g_strsplit(hdr+5, "\", ", 0);
+		parts = g_strsplit(hdr+5, "\",", 0);
 		i = 0;
 		while(parts[i]) {
 			purple_debug_info("simple", "parts[i] %s\n", parts[i]);
@@ -368,30 +374,40 @@ static void fill_auth(struct simple_acco
 			auth->nc = 1;
 		} else {
 			auth->nc = 3;
-                }
+		}
+
 		return;
-	}
+	} else if(!g_ascii_strncasecmp(hdr, "DIGEST", 6)) {
 
-	auth->type = 1;
-	parts = g_strsplit(hdr, " ", 0);
-	while(parts[i]) {
-		if((tmp = parse_attribute("nonce=\"", parts[i]))) {
-			auth->nonce = tmp;
+		purple_debug_info("simple", "found DIGEST\n");
+
+		auth->type = 1;
+		parts = g_strsplit(hdr+7, ",", 0);
+		while(parts[i]) {
+			if((tmp = parse_attribute("nonce=\"", parts[i]))) {
+				auth->nonce = tmp;
+			}
+			else if((tmp = parse_attribute("realm=\"", parts[i]))) {
+				auth->realm = tmp;
+			}
+			i++;
 		}
-		else if((tmp = parse_attribute("realm=\"", parts[i]))) {
-			auth->realm = tmp;
-		}
-		i++;
-	}
-	g_strfreev(parts);
+		g_strfreev(parts);
+		purple_debug(PURPLE_DEBUG_MISC, "simple", "nonce: %s realm: %s\n",
+					 auth->nonce ? auth->nonce : "(null)",
+					 auth->realm ? auth->realm : "(null)"); 
 
-	purple_debug(PURPLE_DEBUG_MISC, "simple", "nonce: %s realm: %s\n", auth->nonce ? auth->nonce : "(null)", auth->realm ? auth->realm : "(null)");
-	if(auth->realm) {
-		auth->digest_session_key = purple_cipher_http_digest_calculate_session_key(
+		if(auth->realm) {
+			auth->digest_session_key = purple_cipher_http_digest_calculate_session_key(
 				"md5", authuser, auth->realm, sip->password, auth->nonce, NULL);
 
-		auth->nc = 1;
+			auth->nc = 1;
+		}
+
+	} else {
+		purple_debug_error("simple", "Unsupported or bad WWW-Authenticate header (%s).\n", hdr);
 	}
+
 }
 
 static void simple_canwrite_cb(gpointer data, gint source, PurpleInputCondition cond) {
