File: https-auth.patch

package info (click to toggle)
pidgin-nateon 0.0.0.svn147-1
links: PTS, VCS
area: main
in suites: bullseye, buster, jessie, jessie-kfreebsd, stretch, wheezy
size: 2,616 kB
ctags: 779
sloc: sh: 9,081; ansic: 6,639; makefile: 110
file content (133 lines) | stat: -rw-r--r-- 4,427 bytes
parent folder | download | duplicates (2)
diff --git a/src/notification.c b/src/notification.c
index 265ffde..0915f9a 100644
--- a/src/notification.c
+++ b/src/notification.c
@@ -88,6 +88,55 @@ nateon_notification_destroy(NateonNotification *notification)
  **************************************************************************/
 
 static void
+got_auth_code_cb(PurpleUtilFetchUrlData *url_data, gpointer user_data, const gchar *url_text, gsize len, const gchar *error_message)
+{
+	NateonCmdProc *cmdproc;
+	NateonSession *session;
+	NateonServConn *servconn;
+	PurpleAccount *account;
+	char *cmd = NULL;
+	char *params = NULL;
+	char * authcode = NULL;
+	purple_debug_info("nateon", "%s\n", __FUNCTION__);
+
+	purple_debug_info("nateon", "data returned=%s\n", url_text);
+
+	servconn = (NateonServConn *)user_data;
+	g_return_if_fail(servconn != NULL);
+
+	cmdproc = servconn->cmdproc;
+	session = servconn->session;
+	account = session->account;
+
+	purple_debug_info("nateon", "Line %d\n", __LINE__);
+	params = g_strrstr(url_text, "OK\r\n");
+
+	params += strlen("OK\r\n");
+	params[338] = '\0';//cut the string after the key string
+	purple_debug_info("nateon", "params=%s\n", params);
+	const char *username = purple_account_get_username(account);
+
+	if (strstr(username, "@nate.com"))	strtok(username, "@");
+
+	time_t rawtime;
+	struct tm * timeinfo;
+	char buffer [80];
+
+	time ( &rawtime );
+	timeinfo = localtime ( &rawtime );
+
+	char strTime[19];
+	strftime(strTime, 19, "0%Y%m%d%H%M%S000", timeinfo); //should use milliseconds, but works fine anyway.  Matt
+
+	cmd = g_strdup_printf("%s %s SSL %s UTF8 ko.linux %%00 %s %c", username, params, "1.0.2.275", strTime, 'Y');
+	nateon_session_set_login_step(session, NATEON_LOGIN_STEP_AUTH_START);
+
+	nateon_cmdproc_send(cmdproc, "LSIN", "%s", cmd);
+
+	g_free(cmd);
+}
+
+static void
 connect_cb(NateonServConn *servconn)
 {
 	NateonCmdProc *cmdproc;
@@ -109,41 +158,36 @@ connect_cb(NateonServConn *servconn)
 		nateon_session_set_login_step(session, NATEON_LOGIN_STEP_HANDSHAKE);
 
 		//nateon_cmdproc_send(cmdproc, "PVER", "%s", cmd);
-		nateon_cmdproc_send(cmdproc, "PVER", "3.615 3.0");
+		nateon_cmdproc_send(cmdproc, "PVER", "1.0.2.275 3.0 ko.linux");
 
 	}
 	else
 	{
-		const char *username = purple_account_get_username(account);
-		const char *password = purple_account_get_password(account);
-		char *token;
-		PurpleCipher *cipher;
-		PurpleCipherContext *context;
-		guchar digest[16];
-		char buf[33];
-		int i;
-
-		token = g_strdup(username);
-		if (strstr(token, "@nate.com"))	strtok(token, "@");
-
-		cipher = purple_ciphers_find_cipher("md5");
-		context = purple_cipher_context_new(cipher, NULL);
-
-		purple_cipher_context_append(context, (const guchar *)password, strlen(password));
-		purple_cipher_context_append(context, (const guchar *)token, strlen(token));
-
-		purple_cipher_context_digest(context, sizeof(digest), digest, NULL);
-		purple_cipher_context_destroy(context);
-
-		g_free(token);
-
-		for (i = 0; i < 16; i++)
-			g_snprintf(buf + (i*2), 3, "%02x", digest[i]);
+		const char *username = g_strdup(purple_url_encode(purple_account_get_username(account)));
+		const char *password = purple_url_encode(purple_account_get_password(account));
+		char *body = NULL;
+		char *request = NULL;
+
+		/* Construct the body of the HTTP POST request */
+		body = g_strdup_printf("id=%s&pwd=%s", username, password);
+
+		/* Construct an HTTP POST request */
+		request = g_strdup_printf("POST /client/login.do HTTP/1.1\r\n"
+			"Connection: Keep-Alive\r\n"
+			"Accept: *\r\n"
+			"Host: nsl.nate.com\r\n"
+			"Content-Type: application/x-www-form-urlencoded; charset=UTF-8\r\n"
+			"Content-Length: %" G_GSIZE_FORMAT "\r\n\r\n"
+			"%s", strlen(body), body );
 
-		cmd = g_strdup_printf("%s %s MD5 %1.3f UTF8", username, buf, session->protocol_ver);
 		nateon_session_set_login_step(session, NATEON_LOGIN_STEP_AUTH_START);
 
-		nateon_cmdproc_send(cmdproc, "LSIN", "%s", cmd);
+		purple_util_fetch_url_request("https://nsl.nate.com",
+		TRUE, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)", TRUE, request, TRUE,
+		got_auth_code_cb, servconn);
+		g_free(username);
+		g_free(body);
+		g_free(request);
 	}
 
 
@@ -319,6 +363,7 @@ static void lsin_error(NateonCmdProc *cmdproc, NateonTransaction *trans, int err
 //		case 921:
 //			nateonerr = NATEON_ERROR_SERV_UNAVAILABLE;
 //			break;
+		case 300:
 //		case 911:
 		case 301:
 			nateonerr = NATEON_ERROR_AUTH;