# HG changeset patch # User Mikael Berthe # Date 1444576655 -7200 # Node ID 189abf03ef24abfe4076f4672b59f22bff6a942f # Parent 8811fe9d6ef02e3944deca5c9f18cf6493643c76 Fix fingerprint management (Reported by Sven Gaerner in issue #134) diff -r 8811fe9d6ef0 -r 189abf03ef24 mcabber/mcabber/utils.c --- a/mcabber/mcabber/utils.c Wed Oct 07 21:58:38 2015 +0200 +++ b/mcabber/mcabber/utils.c Sun Oct 11 17:17:35 2015 +0200 @@ -155,26 +155,35 @@ return g_strdup(fname); } -void fingerprint_to_hex(const unsigned char *fpr, char hex[49]) +void fingerprint_to_hex(const unsigned char *fpr, char hex[48]) { int i; char *p; + hex[0] = 0; + if (!fpr) return; + for (p = hex, i = 0; i < 15; i++, p+=3) - g_sprintf(p, "%02X:", fpr[i]); - g_sprintf(p, "%02X", fpr[i]); - hex[48] = '\0'; + g_snprintf(p, 4, "%02X:", fpr[i]); + g_snprintf(p, 3, "%02X", fpr[i]); } -gboolean hex_to_fingerprint(const char *hex, char fpr[16]) +gboolean hex_to_fingerprint(const char *hex, char fpr[17]) { int i; - char *p; + const char *p; + fpr[0] = 0; if (strlen(hex) != 47) return FALSE; - for (i = 0, p = (char*)hex; *p && *(p+1); i++, p += 3) - fpr[i] = (char) g_ascii_strtoull (p, NULL, 16); + for (i = 0, p = hex; *p && *(p+1); i++, p += 3) { + if (*(p+2) && (*(p+2) != ':')) { + fpr[i] = 0; + return FALSE; + } + fpr[i] = (char)g_ascii_strtoull(p, NULL, 16); + } + fpr[i] = 0; return TRUE; } diff -r 8811fe9d6ef0 -r 189abf03ef24 mcabber/mcabber/utils.h --- a/mcabber/mcabber/utils.h Wed Oct 07 21:58:38 2015 +0200 +++ b/mcabber/mcabber/utils.h Sun Oct 11 17:17:35 2015 +0200 @@ -21,8 +21,8 @@ const char *resource); gboolean jid_equal(const char *jid1, const char *jid2); -void fingerprint_to_hex(const unsigned char *fpr, char hex[49]); -gboolean hex_to_fingerprint(const char * hex, char fpr[16]); +void fingerprint_to_hex(const unsigned char *fpr, char hex[48]); +gboolean hex_to_fingerprint(const char *hex, char fpr[17]); void ut_init_debug(void); void ut_write_log(unsigned int flag, const char *data); diff -r 8811fe9d6ef0 -r 189abf03ef24 mcabber/mcabber/xmpp.c --- a/mcabber/mcabber/xmpp.c Wed Oct 07 21:58:38 2015 +0200 +++ b/mcabber/mcabber/xmpp.c Sun Oct 11 17:17:35 2015 +0200 @@ -714,19 +714,19 @@ "Certificate hostname does not match expected hostname!"); break; case LM_SSL_STATUS_CERT_FINGERPRINT_MISMATCH: { - char fpr[49]; - fingerprint_to_hex((const unsigned char*)lm_ssl_get_fingerprint(ssl), - fpr); - scr_LogPrint(LPRINT_LOGNORM, - "Certificate fingerprint does not match expected fingerprint!"); - scr_LogPrint(LPRINT_LOGNORM, "Remote fingerprint: %s", fpr); + char fpr[49] = {0}; + fingerprint_to_hex((const unsigned char*)lm_ssl_get_fingerprint(ssl), + fpr); + scr_LogPrint(LPRINT_LOGNORM, + "Certificate fingerprint does not match expected fingerprint!"); + scr_LogPrint(LPRINT_LOGNORM, "Remote fingerprint: %s", fpr); - scr_LogPrint(LPRINT_LOGNORM, "Expected fingerprint: %s", - settings_opt_get("ssl_fingerprint")); + scr_LogPrint(LPRINT_LOGNORM, "Expected fingerprint: %s", + settings_opt_get("ssl_fingerprint")); - return LM_SSL_RESPONSE_STOP; + return LM_SSL_RESPONSE_STOP; + } break; - } case LM_SSL_STATUS_GENERIC_ERROR: scr_LogPrint(LPRINT_LOGNORM, "Generic SSL error!"); break; @@ -1732,14 +1732,14 @@ { const char *userjid, *password, *resource, *servername, *ssl_fpr; char *dynresource = NULL; - char fpr[16]; + char fpr[17] = {0}; const char *proxy_host; const char *resource_prefix = PACKAGE_NAME; char *fjid; int ssl, tls; LmSSL *lssl; unsigned int port; - unsigned int ping; + unsigned int ping = 40; LmMessageHandler *handler; GError *error = NULL; @@ -1765,7 +1765,6 @@ g_log_set_handler("LM", LM_LOG_LEVEL_ALL, lm_debug_handler, NULL); - ping = 40; if (settings_opt_get("pinginterval")) ping = (unsigned int) settings_opt_get_int("pinginterval"); lm_connection_set_keep_alive_rate(lconnection, ping);