diff --git a/src/xmpp/connection.c b/src/xmpp/connection.c index e121d9a6..7dba20f7 100644 --- a/src/xmpp/connection.c +++ b/src/xmpp/connection.c @@ -459,18 +459,18 @@ connection_free_uuid(char *uuid) char* connection_create_stanza_id(void) { - char *msgid = get_random_string(10); + char *uuid = connection_create_uuid(); - assert(msgid != NULL); + assert(uuid != NULL); gchar *hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256, (guchar*)prof_identifier, strlen(prof_identifier), - msgid, strlen(msgid)); + uuid, strlen(uuid)); GString *signature = g_string_new(""); - g_string_printf(signature, "%s%s", msgid, hmac); + g_string_printf(signature, "%s%s", uuid, hmac); - free(msgid); + free(uuid); g_free(hmac); char *b64 = g_base64_encode((unsigned char*)signature->str, signature->len); diff --git a/src/xmpp/message.c b/src/xmpp/message.c index fb9022dc..d11af8b6 100644 --- a/src/xmpp/message.c +++ b/src/xmpp/message.c @@ -1169,20 +1169,20 @@ message_is_sent_by_us(ProfMessage *message) { gsize tmp_len; char *tmp = (char*)g_base64_decode(message->id, &tmp_len); - // our client sents at least 10 for the identifier + random message bytes - if (tmp_len > 10) { - char *msgid = g_strndup(tmp, 10); + // our client sents at least 36 (uuid) + identifier + if (tmp_len > 36) { + char *uuid = g_strndup(tmp, 36); char *prof_identifier = connection_get_profanity_identifier(); gchar *hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256, (guchar*)prof_identifier, strlen(prof_identifier), - msgid, strlen(msgid)); + uuid, strlen(uuid)); - if (g_strcmp0(&tmp[10], hmac) == 0) { + if (g_strcmp0(&tmp[36], hmac) == 0) { ret = TRUE; } - g_free(msgid); + g_free(uuid); g_free(hmac); } free(tmp);