pidgin: f6b7d03a: jabber: Fix a case where a broken server...

Fri May 21 00:12:03 EDT 2010

-----------------------------------------------------------------
Revision: f6b7d03a661bf05b8903d2d3691b149613b3509a
Ancestor: 9c5dc525d1a6b0582c1eea5805b5a895ffbec47a
Author: darkrain42 at pidgin.im
Date: 2010-05-21T03:26:15
Branch: im.pidgin.pidgin
URL: http://d.pidgin.im/viewmtn/revision/info/f6b7d03a661bf05b8903d2d3691b149613b3509a

Modified files:
        libpurple/protocols/jabber/auth_scram.c

ChangeLog: 

jabber: Fix a case where a broken server would hang the connection.

This also fixes a few small leaks and updates a few strings to match
scram_handle_challenge().

-------------- next part --------------
============================================================

--- libpurple/protocols/jabber/auth_scram.c	508d42c5185ac63b8aa36b38205cacafb214c5c1
+++ libpurple/protocols/jabber/auth_scram.c	64a287b607ece18bc980d07601280ccfcedc0ddb
@@ -517,13 +517,24 @@ scram_handle_success(JabberStream *js, x
 	gsize len;
 
 	enc_in = xmlnode_get_data(packet);
-	g_return_val_if_fail(enc_in != NULL && *enc_in != '\0', FALSE);
+	if (data->step != 3 && (!enc_in || *enc_in == '\0')) {
+		*error = g_strdup(_("Invalid challenge from server"));
+		g_free(enc_in);
+		return JABBER_SASL_STATE_FAIL;
+	}
 
-	if (data->step == 3)
+	if (data->step == 3) {
+		/*
+		 * If the server took the slow approach (sending the verifier
+		 * as a challenge/response pair), we get here.
+		 */
+		g_free(enc_in);
 		return JABBER_SASL_STATE_OK;
+	}
 
 	if (data->step != 2) {
 		*error = g_strdup(_("Unexpected response from server"));
+		g_free(enc_in);
 		return JABBER_SASL_STATE_FAIL;
 	}
 
@@ -532,7 +543,7 @@ scram_handle_success(JabberStream *js, x
 	if (!dec_in || len != strlen(dec_in)) {
 		/* Danger afoot; SCRAM shouldn't contain NUL bytes */
 		g_free(dec_in);
-		*error = g_strdup(_("Invalid challenge from server"));
+		*error = g_strdup(_("Malicious challenge from server"));
 		return JABBER_SASL_STATE_FAIL;
 	}
 
