From 201c409cb52d001a91954cc9ff1d76ef24d6a628 Mon Sep 17 00:00:00 2001 From: George Hazan Date: Tue, 3 Sep 2013 19:26:14 +0000 Subject: - restored old password verification - unused header removed git-svn-id: http://svn.miranda-ng.org/main/trunk@5924 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c --- protocols/MRA/src/Mra.h | 1 - protocols/MRA/src/MraProto.h | 1 + protocols/MRA/src/Mra_functions.cpp | 41 ++++++++++++-- protocols/MRA/src/Sdk/MemoryCompare.h | 101 ---------------------------------- protocols/MRA/src/Sdk/MemoryFind.h | 2 +- protocols/MRA/src/Sdk/SHA1.h | 5 -- 6 files changed, 39 insertions(+), 112 deletions(-) delete mode 100644 protocols/MRA/src/Sdk/MemoryCompare.h (limited to 'protocols/MRA/src') diff --git a/protocols/MRA/src/Mra.h b/protocols/MRA/src/Mra.h index 04dc97c624..d6aa29a04d 100644 --- a/protocols/MRA/src/Mra.h +++ b/protocols/MRA/src/Mra.h @@ -80,7 +80,6 @@ #include "Sdk/SocketFunctions.h" #include "Sdk/MemoryFind.h" #include "Sdk/MemoryFindByte.h" -#include "Sdk/MemoryCompare.h" #include "Sdk/MemoryReplace.h" #include "Sdk/BuffToLowerCase.h" #include "Sdk/StrToNum.h" diff --git a/protocols/MRA/src/MraProto.h b/protocols/MRA/src/MraProto.h index a9788ef432..79fd39359b 100644 --- a/protocols/MRA/src/MraProto.h +++ b/protocols/MRA/src/MraProto.h @@ -295,6 +295,7 @@ struct CMraProto : public PROTO bool SetPassDB(const CMStringA& pass); bool GetPassDB(CMStringA& pass); + bool GetPassDB_v1(CMStringA &res); bool MraRequestXStatusDetails(DWORD dwXStatus); bool MraSendReplyBlogStatus(HANDLE hContact); diff --git a/protocols/MRA/src/Mra_functions.cpp b/protocols/MRA/src/Mra_functions.cpp index 2e08684f42..079904ea72 100644 --- a/protocols/MRA/src/Mra_functions.cpp +++ b/protocols/MRA/src/Mra_functions.cpp @@ -1359,12 +1359,45 @@ bool CMraProto::SetPassDB(const CMStringA& pass) ///////////////////////////////////////////////////////////////////////////////////////// + +bool CMraProto::GetPassDB_v1(CMStringA &res) +{ + BYTE btRandomData[256] = {0}, btCryptedPass[256] = {0}, bthmacSHA1[MIR_SHA1_HASH_SIZE] = {0}; + size_t dwRandomDataSize, dwCryptedPass, dwPassSize; + CMStringA szEmail; + + if (mraGetContactSettingBlob(NULL, "pCryptData", btRandomData, sizeof(btRandomData), &dwRandomDataSize)) + if (dwRandomDataSize == sizeof(btRandomData)) + if (mraGetContactSettingBlob(NULL, "pCryptPass", btCryptedPass, sizeof(btCryptedPass), &dwCryptedPass)) + if (dwCryptedPass == sizeof(btCryptedPass)) + if (mraGetStringA(NULL, "e-mail", szEmail)) { + mir_hmac_sha1(bthmacSHA1, (BYTE*)szEmail.c_str(), szEmail.GetLength(), btRandomData, sizeof(btRandomData)); + + RC4(btCryptedPass, sizeof(btCryptedPass), bthmacSHA1, MIR_SHA1_HASH_SIZE); + CopyMemoryReverseDWORD(btCryptedPass, btCryptedPass, sizeof(btCryptedPass)); + RC4(btCryptedPass, sizeof(btCryptedPass), btRandomData, dwRandomDataSize); + RC4(btCryptedPass, sizeof(btCryptedPass), bthmacSHA1, MIR_SHA1_HASH_SIZE); + + dwPassSize = (*btCryptedPass); + btCryptedPass[dwPassSize] = 0; + + unsigned dwDecodedSize; + mir_ptr pDecoded((PBYTE)mir_base64_decode((LPCSTR)&btCryptedPass[(1+MIR_SHA1_HASH_SIZE)], &dwDecodedSize)); + SHA1GetDigest(pDecoded, dwDecodedSize, btRandomData); + if ( !memcmp(&btCryptedPass[1], btRandomData, MIR_SHA1_HASH_SIZE)) { + res = CMStringA((LPSTR)(PBYTE)pDecoded, dwDecodedSize); + return true; + } + } + + return false; +} + bool CMraProto::GetPassDB(CMStringA &res) { switch (getDword("pCryptVer", 0)) { case 1: - MessageBox(NULL, TranslateT("Your password expired. Please reenter password in the Options dialog"), TranslateT("Error"), MB_OK); - return false; + return GetPassDB_v1(res); case 2: break; default: @@ -1387,9 +1420,9 @@ bool CMraProto::GetPassDB(CMStringA &res) RC4(btCryptedPass, sizeof(btCryptedPass), btRandomData, dwRandomDataSize); RC4(btCryptedPass, sizeof(btCryptedPass), bthmacSHA1, MIR_SHA1_HASH_SIZE); - DWORD dwPassSize = ((*btCryptedPass)&0xff); + DWORD dwPassSize = btCryptedPass[0]; SHA1GetDigest(&btCryptedPass[(1+MIR_SHA1_HASH_SIZE)], dwPassSize, btRandomData); - if (MemoryCompare(&btCryptedPass[1], MIR_SHA1_HASH_SIZE, btRandomData, MIR_SHA1_HASH_SIZE) == CMEM_EQUAL) + if ( !memcmp(&btCryptedPass[1], btRandomData, MIR_SHA1_HASH_SIZE)) res = CMStringA((char*)&btCryptedPass[(1+MIR_SHA1_HASH_SIZE)], dwPassSize); return true; } diff --git a/protocols/MRA/src/Sdk/MemoryCompare.h b/protocols/MRA/src/Sdk/MemoryCompare.h deleted file mode 100644 index 17ef96f35a..0000000000 --- a/protocols/MRA/src/Sdk/MemoryCompare.h +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright (c) 2003 Rozhuk Ivan - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - - - -#if !defined(AFX_MEMORYCOMPARE__H__INCLUDED_) -#define AFX_MEMORYCOMPARE__H__INCLUDED_ - -#if _MSC_VER > 1000 -#pragma once -#endif // _MSC_VER > 1000 - - -// If the string pointed to by lpString1 is less than the string pointed -// to by lpString2, the return value is negative. -// If the string pointed to by lpString1 is greater than the string pointed -// to by lpString2, the return value is positive. -// If the strings are equal, the return value is zero. -// -// lpString1> ret=1=CSTR_LESS_THAN -// lpString1=lpString2 >> ret=2=CSTR_EQUAL -// lpString1>lpString2 >> ret=3=CSTR_GREATER_THAN - -#define CMEM_EQUAL 0 -#define CMEM_GREATER_THAN 1 -#define CMEM_LESS_THAN 2 - - -__inline unsigned int MemoryCompare(const void *pBuff1,size_t dwBuff1Size,const void *pBuff2,size_t dwBuff2Size) -{ - unsigned int uiRet; - - if (dwBuff1Size==dwBuff2Size) - { - if (pBuff1==pBuff2) - { - uiRet=CMEM_EQUAL; - }else{ - if (pBuff1 && pBuff2) - { - int iRet; - - iRet=memcmp(pBuff1,pBuff2,dwBuff1Size); - if (iRet==0) - { - uiRet=CMEM_EQUAL; - }else{ - if (iRet<0) - { - uiRet=CMEM_GREATER_THAN; - }else{ - uiRet=CMEM_LESS_THAN; - } - } - }else{ - if (pBuff1) - {//pBuff2==NULL - uiRet=CMEM_GREATER_THAN; - }else{//pBuff1==NULL - uiRet=CMEM_LESS_THAN; - } - } - } - }else{ - if (dwBuff1Size>8) & 0x0000ff00) | (dwIn>>24))); -- cgit v1.2.3