# HG changeset patch
# User Mikael Berthe <mikael@lilotux.net>
# Date 1166043111 -3600
# Node ID 38297271220842cc81e1867c40d20556e3910534
# Parent  d0ffa34bec3aa4b27aa83aa99ac235e96e5cc73a
Allow short key format in check_signature()

diff -r d0ffa34bec3a -r 382972712208 mcabber/src/jabglue.c
--- a/mcabber/src/jabglue.c	Wed Dec 13 14:45:08 2006 +0100
+++ b/mcabber/src/jabglue.c	Wed Dec 13 21:51:51 2006 +0100
@@ -1480,6 +1480,34 @@
                  "Warning: you're not connected to the server.");
 }
 
+//  keys_mismatch(key, expectedkey)
+// Return TRUE if both keys are non-null and "expectedkey" doesn't match
+// the end of "key".
+// If one of the keys is null, return FALSE.
+// If expectedkey is less than 8 bytes long, return TRUE.
+//
+// Example: keys_mismatch("C9940A9BB0B92210", "B0B92210") will return FALSE.
+static bool keys_mismatch(const char *key, const char *expectedkey)
+{
+  int lk, lek;
+
+  if (!expectedkey || !key)
+    return FALSE;
+
+  lk = strlen(key);
+  lek = strlen(expectedkey);
+
+  // If the expectedkey is less than 8 bytes long, this is probably a
+  // user mistake so we consider it's a mismatch.
+  if (lek < 8)
+    return TRUE;
+
+  if (lek < lk)
+    key += lk - lek;
+
+  return strcasecmp(key, expectedkey);
+}
+
 //  check_signature(barejid, resourcename, xmldata, text)
 // Verify the signature (in xmldata) of "text" for the contact
 // barejid/resourcename.
@@ -1533,7 +1561,7 @@
     }
     // Verify that the key id is the one we expect.
     expectedkey = settings_pgp_getkeyid(barejid);
-    if (expectedkey && strcasecmp(key, expectedkey)) {
+    if (keys_mismatch(key, expectedkey)) {
       buf = g_strdup_printf("Warning: The KeyId from <%s/%s> doesn't match "
                             "the key you set up", barejid, rname);
       scr_WriteIncomingMessage(barejid, buf, 0, HBB_PREFIX_INFO);