Context Navigation

← Previous Changeset
Next Changeset →

Changeset 6227

Timestamp:

06/02/08 00:14:42 (3 months ago)

Author:

emostar

Message:

Use MD5 method for logins.

Location:

Files:

: 6 modified

include/licq_icq.h (modified) (2 diffs)
include/licq_icqd.h (modified) (3 diffs)
include/licq_packets.h (modified) (2 diffs)
src/icqd-srv.cpp (modified) (6 diffs)
src/icqd.cpp (modified) (1 diff)
src/icqpacket.cpp (modified) (7 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/licq/include/licq_icq.h

r6181	r6227
38	38	const unsigned short ICQ_SNACxFAM_LIST = 0x0013;
39	39	const unsigned short ICQ_SNACxFAM_VARIOUS = 0x0015;
40		const unsigned short ICQ_SNACxFAM_~~NEWUIN~~ = 0x0017;
	40	const unsigned short ICQ_SNACxFAM_AUTH = 0x0017;
41	41
42	42	// Subtypes for service family
…	…
101	101	// Subtypes for new uin family
102	102	const unsigned short ICQ_SNACxNEW_UIN_ERROR = 0x0001; // server
	103	const unsigned short ICQ_SNACxAUTHxLOGON = 0x0002; // client
	104	const unsigned short ICQ_SNACxAUTHxLOGON_REPLY = 0x0003; // server
103	105	const unsigned short ICQ_SNACxREGISTER_USER = 0x0004; // client
104	106	const unsigned short ICQ_SNACxNEW_UIN = 0x0005; // server
	107	const unsigned short ICQ_SNACxAUTHxREQUEST_SALT = 0x0006; // client
	108	const unsigned short ICQ_SNACxAUTHxSALT_REPLY = 0x0007; // server
105	109	const unsigned short ICQ_SNACxREQUEST_IMAGE = 0x000C; // client
106	110	const unsigned short ICQ_SNACxSEND_IMAGE = 0x000D; // server

trunk/licq/include/licq_icqd.h

r6217	r6227
388	388	unsigned long icqFetchAutoResponseServer(unsigned long);
389	389	unsigned long icqLogon(unsigned short logonStatus);
	390	unsigned long icqRequestLogonSalt();
390	391	unsigned long icqUserBasicInfo(const char *);
391	392	unsigned long icqUserBasicInfo(unsigned long);
…	…
691	692	m_bTCPEnabled,
692	693	m_bFirewall,
693		m_bVerify;
	694	m_bVerify,
	695	// NeedSalt is to let the daemon know when to make a salt request, which
	696	// should only happen when we first log on. After we get the credentials, we
	697	// do another logon, but it doesn't need to get a salt.
	698	m_bNeedSalt;
694	699	time_t m_tLogonTime;
695	700	char *m_szRegisterPasswd;
…	…
807	812	void ProcessBOSFam(CBuffer&, unsigned short);
808	813	void ProcessListFam(CBuffer &, unsigned short);
809		void Process~~NewUIN~~Fam(CBuffer &, unsigned short);
	814	void ProcessAuthFam(CBuffer &, unsigned short);
810	815
811	816	void ProcessSystemMessage(CBuffer &packet, unsigned long checkUin, unsigned short newCommand, time_t timeSent);

trunk/licq/include/licq_packets.h

r6181	r6227
198	198	};
199	199
	200	class CPU_ConnectStart : public CSrvPacketTcp
	201	{
	202	public:
	203	CPU_ConnectStart();
	204	};
	205
200	206	//-----Logon--------------------------------------------------------------------
201	207	class CPU_Logon : public CSrvPacketTcp
…	…
242	248	unsigned short nService = 0);
243	249	virtual ~CPU_GenericFamily();
	250	};
	251
	252	class CPU_RequestLogonSalt : public CPU_CommonFamily
	253	{
	254	public:
	255	CPU_RequestLogonSalt(const std::string &);
	256	};
	257
	258	class CPU_NewLogon : public CPU_CommonFamily
	259	{
	260	public:
	261	CPU_NewLogon(const char _szPassword, const char _szUin, const char *_szMD5Salt);
244	262	};
245	263

trunk/licq/src/icqd-srv.cpp

r6217	r6227
1776	1776	case MAKESNAC(ICQ_SNACxFAM_BUDDY, ICQ_SNACxBDY_ADDxTOxLIST):
1777	1777	case MAKESNAC(ICQ_SNACxFAM_BUDDY, ICQ_SNACxBDY_REMOVExFROMxLIST):
1778		case MAKESNAC(ICQ_SNACxFAM_~~NEWUIN~~, ICQ_SNACxREGISTER_USER):
	1778	case MAKESNAC(ICQ_SNACxFAM_AUTH, ICQ_SNACxREGISTER_USER):
1779	1779	case MAKESNAC(ICQ_SNACxFAM_LOCATION, ICQ_SNACxREQUESTxUSERxINFO):
1780	1780	case MAKESNAC(ICQ_SNACxFAM_LOCATION, ICQ_SNACxLOC_INFOxREQ):
…	…
1858	1858	}
1859	1859
1860		char *passwd = strdup(o->Password());
1861		char *user = strdup(o->IdString());
1862		unsigned long status = o->AddStatusFlags(logonStatus);
	1860	m_nDesiredStatus = o->AddStatusFlags(logonStatus);
1863	1861	gUserManager.DropOwner();
1864		CPU_Logon *p = new CPU_Logon(passwd, user, status);
1865		free(passwd);
1866		free(user);
	1862
	1863	CPU_ConnectStart *startPacket = new CPU_ConnectStart();
	1864	SendEvent_Server(startPacket);
	1865
1867	1866	m_bOnlineNotifies = false;
1868		~~gLog.Info(tr("%sRequesting logon (#%hu)...\n"), L_SRVxSTR, p->Sequence());~~
1869	1867	m_nServerSequence = 0;
1870		~~m_nDesiredStatus = status;~~
1871	1868	m_bLoggingOn = true;
1872	1869	m_tLogonTime = time(NULL);
1873
1874		SendEvent_Server(p);
	1870	m_bNeedSalt = true;
	1871
	1872	return 0;
	1873	}
	1874
	1875	unsigned long CICQDaemon::icqRequestLogonSalt()
	1876	{
	1877	if (m_bNeedSalt)
	1878	{
	1879	ICQOwner *o = gUserManager.FetchOwner(LICQ_PPID, LOCK_R);
	1880	CPU_RequestLogonSalt *p = new CPU_RequestLogonSalt(o->IdString());
	1881	gUserManager.DropOwner();
	1882	gLog.Info(tr("%sRequesting logon salt (#%hu)...\n"), L_SRVxSTR, p->Sequence());
	1883	SendEvent_Server(p);
	1884	}
1875	1885
1876	1886	return 0;
…	…
2212	2222	m_bRegistering = false;
2213	2223	}
	2224	}
	2225	else if (m_bLoggingOn)
	2226	{
	2227	icqRequestLogonSalt();
2214	2228	}
2215	2229	break;
…	…
6195	6209	}
6196	6210
6197		//--------Process~~NewUINFam-~~----------------------------------------------------
6198		void CICQDaemon::Process~~NewUIN~~Fam(CBuffer &packet, unsigned short nSubtype)
	6211	//--------ProcessAuthFam----------------------------------------------------
	6212	void CICQDaemon::ProcessAuthFam(CBuffer &packet, unsigned short nSubtype)
6199	6213	{
6200	6214	/unsigned long Flags =/ packet.UnpackUnsignedLongBE();
…	…
6289	6303	}
6290	6304
	6305	case ICQ_SNACxAUTHxSALT_REPLY:
	6306	{
	6307	char *md5Salt = packet.UnpackStringBE();
	6308	ICQOwner *o = gUserManager.FetchOwner(LICQ_PPID, LOCK_R);
	6309	CPU_NewLogon *p = new CPU_NewLogon(o->Password(), o->IdString(), md5Salt);
	6310	gUserManager.DropOwner(LICQ_PPID);
	6311	gLog.Info(tr("%sSending md5 hashed password.\n"), L_SRVxSTR);
	6312	SendEvent_Server(p);
	6313	delete [] md5Salt;
	6314	m_bNeedSalt = false;
	6315	break;
	6316	}
	6317
	6318	case ICQ_SNACxAUTHxLOGON_REPLY:
	6319	{
	6320	ProcessCloseChannel(packet);
	6321	break;
	6322	}
	6323
6291	6324	case ICQ_SNACxSEND_IMAGE:
6292	6325	{
…	…
6377	6410	break;
6378	6411
6379		case ICQ_SNACxFAM_~~NEWUIN~~:
6380		Process~~NewUIN~~Fam(packet, nSubtype);
	6412	case ICQ_SNACxFAM_AUTH:
	6413	ProcessAuthFam(packet, nSubtype);
6381	6414	break;
6382	6415

trunk/licq/src/icqd.cpp

r6181	r6227
161	161	m_bOnlineNotifies = true;
162	162	m_bVerify = false;
	163	m_bNeedSalt = true;
163	164	m_szRegisterPasswd = 0;
164	165	m_nRegisterThreadId = 0;

trunk/licq/src/icqpacket.cpp

r6207	r6227
23	23	extern int errno;
24	24	#endif
	25
	26	#include <openssl/md5.h>
25	27
26	28	#include <boost/scoped_array.hpp>
…	…
713	715
714	716	CPU_Register::CPU_Register(const char *szPasswd)
715		: CPU_CommonFamily(ICQ_SNACxFAM_~~NEWUIN~~, ICQ_SNACxREGISTER_USER)
	717	: CPU_CommonFamily(ICQ_SNACxFAM_AUTH, ICQ_SNACxREGISTER_USER)
716	718	{
717	719	int nPassLen = strlen(szPasswd);
…	…
742	744
743	745	CPU_VerifyRegistration::CPU_VerifyRegistration()
744		: CPU_CommonFamily(ICQ_SNACxFAM_~~NEWUIN~~, ICQ_SNACxREQUEST_IMAGE)
	746	: CPU_CommonFamily(ICQ_SNACxFAM_AUTH, ICQ_SNACxREQUEST_IMAGE)
745	747	{
746	748	// Yes, it's empty
…	…
755	757
756	758	CPU_SendVerification::CPU_SendVerification(const char szPasswd, const char szVerify)
757		: CPU_CommonFamily(ICQ_SNACxFAM_~~NEWUIN~~, ICQ_SNACxREGISTER_USER)
	759	: CPU_CommonFamily(ICQ_SNACxFAM_AUTH, ICQ_SNACxREGISTER_USER)
758	760	{
759	761	int nPassLen = strlen(szPasswd);
…	…
786	788	}
787	789
	790	CPU_ConnectStart::CPU_ConnectStart()
	791	: CSrvPacketTcp(ICQ_CHNxNEW)
	792	{
	793	pthread_mutex_lock(&s_xMutex);
	794	if (!s_bRegistered) {
	795	s_nSequence[m_nService] = 0xffff;
	796	s_bRegistered = true;
	797	}
	798	pthread_mutex_unlock(&s_xMutex);
	799
	800	m_nSize = 12;
	801	InitBuffer();
	802
	803	buffer->PackUnsignedLongBE(0x00000001);
	804	buffer->PackUnsignedLongBE(0x80030004);
	805	buffer->PackUnsignedLongBE(0x00100000);
	806	}
	807
	808	CPU_RequestLogonSalt::CPU_RequestLogonSalt(const std::string &id)
	809	: CPU_CommonFamily(ICQ_SNACxFAM_AUTH, ICQ_SNACxAUTHxREQUEST_SALT)
	810	{
	811	m_nSize += id.size() + 4;
	812	InitBuffer();
	813
	814	buffer->PackTLV(0x0001, id.size(), id.c_str());
	815	}
	816
	817	//-----NewLogon-----------------------------------------------------------------
	818	CPU_NewLogon::CPU_NewLogon(const char szPassword, const char szUin, const char *szMD5Salt)
	819	: CPU_CommonFamily(ICQ_SNACxFAM_AUTH, ICQ_SNACxAUTHxLOGON)
	820	{
	821	// truncate password to MAX 8 characters
	822	char szPass[MAX_LINE_LEN];
	823	if (strlen(szPassword) > 8)
	824	{
	825	gLog.Warn(tr("%sPassword too long, truncated to 8 Characters!\n"), L_WARNxSTR);
	826	strncpy(szPass, szPassword, 8);
	827	szPass[8] = '\0';
	828	}
	829	else
	830	{
	831	strcpy(szPass, szPassword);
	832	}
	833
	834	std::string toHash = szMD5Salt;
	835	toHash += szPass;
	836	toHash += "AOL Instant Messenger (SM)";
	837	unsigned char szDigest[16];
	838	MD5((const unsigned char *)toHash.c_str(), toHash.size(), szDigest);
	839
	840	unsigned int uinlen = strlen(szUin);
	841	unsigned int digestlen = strlen(reinterpret_cast<char *>(szDigest));
	842
	843	m_nSize += uinlen + digestlen + 70;
	844	InitBuffer();
	845
	846	buffer->PackTLV(0x0001, uinlen, szUin);
	847	buffer->PackTLV(0x0025, digestlen, reinterpret_cast<char *>(szDigest));
	848
	849	buffer->PackTLV(0x0003, 0x0008, "ICQBasic");
	850
	851	// Static versioning
	852	buffer->PackUnsignedLongBE(0x00160002);
	853	buffer->PackUnsignedShortBE(0x010A);
	854	// Client version major (4 == ICQ2000, 5 == ICQ2001)
	855	buffer->PackUnsignedLongBE(0x00170002);
	856	buffer->PackUnsignedShortBE(0x0014);
	857	// Client version minor
	858	buffer->PackUnsignedLongBE(0x00180002);
	859	buffer->PackUnsignedShortBE(0x0022);
	860	buffer->PackUnsignedLongBE(0x00190002);
	861	buffer->PackUnsignedShortBE(0x0000);
	862	// Client version build
	863	buffer->PackUnsignedLongBE(0x001a0002);
	864	buffer->PackUnsignedShortBE(0x0BB8);
	865	buffer->PackUnsignedLongBE(0x00140004);
	866	buffer->PackUnsignedLongBE(0x0000043D);
	867
	868	// locale info, just use english, usa for now, i don't know what else they use
	869	buffer->PackTLV(0x000f, 0x0002, "en");
	870	buffer->PackTLV(0x000e, 0x0002, "us");
	871	}
	872
788	873	//-----Logon--------------------------------------------------------------------
789	874	CPU_Logon::CPU_Logon(const char szPassword, const char szUin, unsigned short _nLogonStatus)
…	…
792	877	// truncate password to MAX 8 characters
793	878	char szPass[MAX_LINE_LEN];
794		strcpy(szPass, szPassword);
795		if (strlen(szPass) > 8)
	879	if (strlen(szPassword) > 8)
796	880	{
797	881	gLog.Warn(tr("%sPassword too long, truncated to 8 Characters!\n"), L_WARNxSTR);
798		szPass[8] = 0;
799		}
	882	strncpy(szPass, szPassword, 8);
	883	}
	884	else
	885	{
	886	strcpy(szPass, szPassword);
	887	}
	888
800	889	char szEncPass[16];
801	890	unsigned int j;
…	…
819	908	// Encrypt our password here
820	909	unsigned char xor_table[] = { 0xf3, 0x26, 0x81, 0xc4, 0x39, 0x86, 0xdb, 0x92,
821		0x71, 0xa3, 0xb9, 0xe6, 0x53, 0x7a, 0x95, 0x7c};
	910	0x71, 0xa3, 0xb9, 0xe6, 0x53, 0x7a, 0x95, 0x7c};
822	911	for (j = 0; j < pwlen; j++)
823	912	szEncPass[j] = (szPass[j] ^ xor_table[j]);

Download in other formats: