Mercurial > hg
comparison mcabber/src/jabglue.c @ 1104:382972712208
Allow short key format in check_signature()
author | Mikael Berthe <mikael@lilotux.net> |
---|---|
date | Wed, 13 Dec 2006 21:51:51 +0100 |
parents | 7804dbac3875 |
children | ac9c89f6cb51 |
comparison
equal
deleted
inserted
replaced
1103:d0ffa34bec3a | 1104:382972712208 |
---|---|
1478 else | 1478 else |
1479 scr_LogPrint(LPRINT_LOGNORM, | 1479 scr_LogPrint(LPRINT_LOGNORM, |
1480 "Warning: you're not connected to the server."); | 1480 "Warning: you're not connected to the server."); |
1481 } | 1481 } |
1482 | 1482 |
1483 // keys_mismatch(key, expectedkey) | |
1484 // Return TRUE if both keys are non-null and "expectedkey" doesn't match | |
1485 // the end of "key". | |
1486 // If one of the keys is null, return FALSE. | |
1487 // If expectedkey is less than 8 bytes long, return TRUE. | |
1488 // | |
1489 // Example: keys_mismatch("C9940A9BB0B92210", "B0B92210") will return FALSE. | |
1490 static bool keys_mismatch(const char *key, const char *expectedkey) | |
1491 { | |
1492 int lk, lek; | |
1493 | |
1494 if (!expectedkey || !key) | |
1495 return FALSE; | |
1496 | |
1497 lk = strlen(key); | |
1498 lek = strlen(expectedkey); | |
1499 | |
1500 // If the expectedkey is less than 8 bytes long, this is probably a | |
1501 // user mistake so we consider it's a mismatch. | |
1502 if (lek < 8) | |
1503 return TRUE; | |
1504 | |
1505 if (lek < lk) | |
1506 key += lk - lek; | |
1507 | |
1508 return strcasecmp(key, expectedkey); | |
1509 } | |
1510 | |
1483 // check_signature(barejid, resourcename, xmldata, text) | 1511 // check_signature(barejid, resourcename, xmldata, text) |
1484 // Verify the signature (in xmldata) of "text" for the contact | 1512 // Verify the signature (in xmldata) of "text" for the contact |
1485 // barejid/resourcename. | 1513 // barejid/resourcename. |
1486 // xmldata is the 'jabber:x:signed' stanza. | 1514 // xmldata is the 'jabber:x:signed' stanza. |
1487 // If the key id is found, the contact's PGP data are updated. | 1515 // If the key id is found, the contact's PGP data are updated. |
1531 scr_LogPrint(LPRINT_LOGNORM, "%s", buf); | 1559 scr_LogPrint(LPRINT_LOGNORM, "%s", buf); |
1532 g_free(buf); | 1560 g_free(buf); |
1533 } | 1561 } |
1534 // Verify that the key id is the one we expect. | 1562 // Verify that the key id is the one we expect. |
1535 expectedkey = settings_pgp_getkeyid(barejid); | 1563 expectedkey = settings_pgp_getkeyid(barejid); |
1536 if (expectedkey && strcasecmp(key, expectedkey)) { | 1564 if (keys_mismatch(key, expectedkey)) { |
1537 buf = g_strdup_printf("Warning: The KeyId from <%s/%s> doesn't match " | 1565 buf = g_strdup_printf("Warning: The KeyId from <%s/%s> doesn't match " |
1538 "the key you set up", barejid, rname); | 1566 "the key you set up", barejid, rname); |
1539 scr_WriteIncomingMessage(barejid, buf, 0, HBB_PREFIX_INFO); | 1567 scr_WriteIncomingMessage(barejid, buf, 0, HBB_PREFIX_INFO); |
1540 scr_LogPrint(LPRINT_LOGNORM, "%s", buf); | 1568 scr_LogPrint(LPRINT_LOGNORM, "%s", buf); |
1541 g_free(buf); | 1569 g_free(buf); |