Fix challengeauth lower casing username

This commit is contained in:
Patrick Griffis 2016-04-13 18:46:20 -04:00
parent 54c6418d61
commit 44aa999598
2 changed files with 18 additions and 4 deletions

View File

@ -1414,6 +1414,21 @@ str_sha256hash (char *string)
return g_strdup (buf); return g_strdup (buf);
} }
static char *
rfc_strlower (const char *str)
{
size_t i, len = strlen(str);
char *lower = g_new(char, len + 1);
for (i = 0; i < len; ++i)
{
lower[i] = rfc_tolower(str[i]);
}
lower[i] = '\0';
return lower;
}
/** /**
* \brief Generate CHALLENGEAUTH response for QuakeNet login. * \brief Generate CHALLENGEAUTH response for QuakeNet login.
* *
@ -1430,7 +1445,7 @@ str_sha256hash (char *string)
* <a href="http://stackoverflow.com/questions/242665/understanding-engine-initialization-in-openssl">example 2</a>. * <a href="http://stackoverflow.com/questions/242665/understanding-engine-initialization-in-openssl">example 2</a>.
*/ */
char * char *
challengeauth_response (char *username, char *password, char *challenge) challengeauth_response (const char *username, const char *password, const char *challenge)
{ {
int i; int i;
char *user; char *user;
@ -1441,8 +1456,7 @@ challengeauth_response (char *username, char *password, char *challenge)
unsigned char *digest; unsigned char *digest;
GString *buf = g_string_new_len (NULL, SHA256_DIGEST_LENGTH * 2); GString *buf = g_string_new_len (NULL, SHA256_DIGEST_LENGTH * 2);
user = g_strdup (username); user = rfc_strlower (username); /* convert username to lowercase as per the RFC */
*user = rfc_tolower (*username); /* convert username to lowercase as per the RFC */
pass = g_strndup (password, 10); /* truncate to 10 characters */ pass = g_strndup (password, 10); /* truncate to 10 characters */
passhash = str_sha256hash (pass); passhash = str_sha256hash (pass);

View File

@ -76,7 +76,7 @@ void canonalize_key (char *key);
int portable_mode (void); int portable_mode (void);
int unity_mode (void); int unity_mode (void);
char *encode_sasl_pass_plain (char *user, char *pass); char *encode_sasl_pass_plain (char *user, char *pass);
char *challengeauth_response (char *username, char *password, char *challenge); char *challengeauth_response (const char *username, const char *password, const char *challenge);
size_t strftime_validated (char *dest, size_t destsize, const char *format, const struct tm *time); size_t strftime_validated (char *dest, size_t destsize, const char *format, const struct tm *time);
gsize strftime_utf8 (char *dest, gsize destsize, const char *format, time_t time); gsize strftime_utf8 (char *dest, gsize destsize, const char *format, time_t time);
#endif #endif