1
0
Fork 0

Use UUID in origin-id and id

Let's use UUID to have a more random string then just 10 alphanumeric
values.
This commit is contained in:
Michael Vetter 2019-10-22 11:10:37 +02:00
parent b16426f66d
commit ba18752405
2 changed files with 11 additions and 11 deletions

View File

@ -459,18 +459,18 @@ connection_free_uuid(char *uuid)
char*
connection_create_stanza_id(void)
{
char *msgid = get_random_string(10);
char *uuid = connection_create_uuid();
assert(msgid != NULL);
assert(uuid != NULL);
gchar *hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256,
(guchar*)prof_identifier, strlen(prof_identifier),
msgid, strlen(msgid));
uuid, strlen(uuid));
GString *signature = g_string_new("");
g_string_printf(signature, "%s%s", msgid, hmac);
g_string_printf(signature, "%s%s", uuid, hmac);
free(msgid);
free(uuid);
g_free(hmac);
char *b64 = g_base64_encode((unsigned char*)signature->str, signature->len);

View File

@ -1169,20 +1169,20 @@ message_is_sent_by_us(ProfMessage *message) {
gsize tmp_len;
char *tmp = (char*)g_base64_decode(message->id, &tmp_len);
// our client sents at least 10 for the identifier + random message bytes
if (tmp_len > 10) {
char *msgid = g_strndup(tmp, 10);
// our client sents at least 36 (uuid) + identifier
if (tmp_len > 36) {
char *uuid = g_strndup(tmp, 36);
char *prof_identifier = connection_get_profanity_identifier();
gchar *hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256,
(guchar*)prof_identifier, strlen(prof_identifier),
msgid, strlen(msgid));
uuid, strlen(uuid));
if (g_strcmp0(&tmp[10], hmac) == 0) {
if (g_strcmp0(&tmp[36], hmac) == 0) {
ret = TRUE;
}
g_free(msgid);
g_free(uuid);
g_free(hmac);
}
free(tmp);