diff --git a/src/xmpp/connection.c b/src/xmpp/connection.c index c188498c..e25b8f6f 100644 --- a/src/xmpp/connection.c +++ b/src/xmpp/connection.c @@ -514,26 +514,20 @@ connection_free_uuid(char* uuid) char* connection_create_stanza_id(void) { - char* uuid = connection_create_uuid(); + char* rndid = get_random_string(CON_RAND_ID_LEN); - assert(uuid != NULL); + assert(rndid != NULL); - gchar* hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256, + gchar* hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA1, (guchar*)prof_identifier, strlen(prof_identifier), - uuid, strlen(uuid)); + rndid, strlen(rndid)); - GString* signature = g_string_new(""); - g_string_printf(signature, "%s%s", uuid, hmac); + char *ret = g_strdup_printf("%s%s", rndid, hmac); - free(uuid); + free(rndid); g_free(hmac); - char* b64 = g_base64_encode((unsigned char*)signature->str, signature->len); - g_string_free(signature, TRUE); - - assert(b64 != NULL); - - return b64; + return ret; } char* @@ -748,18 +742,12 @@ _random_bytes_close(void) static void _compute_identifier(const char* barejid) { - gchar* hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256, - (guchar*)profanity_instance_id, strlen(profanity_instance_id), - barejid, strlen(barejid)); - - char* b64 = g_base64_encode((guchar*)hmac, XMPP_SHA1_DIGEST_SIZE); - assert(b64 != NULL); - g_free(hmac); - //in case of reconnect (lost connection) free(prof_identifier); - prof_identifier = b64; + prof_identifier = g_compute_hmac_for_string(G_CHECKSUM_SHA256, + (guchar*)profanity_instance_id, strlen(profanity_instance_id), + barejid, strlen(barejid)); } const char* diff --git a/src/xmpp/connection.h b/src/xmpp/connection.h index d638d037..cab579f7 100644 --- a/src/xmpp/connection.h +++ b/src/xmpp/connection.h @@ -38,6 +38,8 @@ #include "xmpp/xmpp.h" +#define CON_RAND_ID_LEN 15 + void connection_init(void); void connection_shutdown(void); void connection_check_events(void); diff --git a/src/xmpp/message.c b/src/xmpp/message.c index 33d58cde..4f093bcf 100644 --- a/src/xmpp/message.c +++ b/src/xmpp/message.c @@ -1564,26 +1564,24 @@ message_is_sent_by_us(const ProfMessage* const message, bool checkOID) } if (tmp_id != NULL) { - gsize tmp_len; - char* tmp = (char*)g_base64_decode(tmp_id, &tmp_len); + gsize tmp_len = strlen(tmp_id); - // our client sents at least 36 (uuid) + identifier - if (tmp_len > 36) { - char* uuid = g_strndup(tmp, 36); + // our client sents at CON_RAND_ID_LEN + identifier + if (tmp_len > CON_RAND_ID_LEN) { + char* uuid = g_strndup(tmp_id, CON_RAND_ID_LEN); const char* prof_identifier = connection_get_profanity_identifier(); - gchar* hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256, + gchar* hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA1, (guchar*)prof_identifier, strlen(prof_identifier), uuid, strlen(uuid)); - if (g_strcmp0(&tmp[36], hmac) == 0) { + if (g_strcmp0(&tmp_id[CON_RAND_ID_LEN], hmac) == 0) { ret = TRUE; } g_free(uuid); g_free(hmac); } - free(tmp); } }