diff options
Diffstat (limited to 'src/twnauth.c')
-rw-r--r-- | src/twnauth.c | 218 |
1 files changed, 218 insertions, 0 deletions
diff --git a/src/twnauth.c b/src/twnauth.c new file mode 100644 index 0000000..19b9aef --- /dev/null +++ b/src/twnauth.c @@ -0,0 +1,218 @@ +/* + * twnauth.c + * + * TWN authentication + * + * (c) 2002-2005 Thomas White <taw27@srcf.ucam.org> + * Part of TuxMessenger - GTK+-based MSN Messenger client + * + * This package is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 dated June, 1991. + * + * This package is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this package; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + * 02111-1307, USA. + * + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <assert.h> +#include <string.h> + +#include "debug.h" +#include "options.h" +#include "routines.h" + +/* Nothing insecure happens if the server data won't fit in this - anything + beyond this limit simply gets ignored. */ +#define TWNAUTH_WGETSIZE 4096 +//#define TWNAUTH_DEBUG 1 + +/* Internally called to get the login URL from Nexus */ +char *twnauth_loginurl() { + + char *shellcommand; + int read_more; + FILE *wget_stream; + char *nexus = NULL; + char *wget_buffer; + int wget_offset = 0; + size_t i; + + shellcommand = malloc(1024); + strncpy(shellcommand, options_wget(), 256); + shellcommand[255] = '\0'; + strcat(shellcommand, " -S -O - https://nexus.passport.com/rdr/pprdr.asp 2>&1"); + + debug_print("twnauth: nexus: %s\n", shellcommand); + wget_stream = popen(shellcommand, "r"); + + if ( wget_stream == NULL ) { + debug_print("twnauth: Nexus failed.\n"); + return strdup(""); + } + + wget_buffer = malloc(TWNAUTH_WGETSIZE); + read_more = 1; + while ( read_more ) { + + ssize_t readval; + readval = fread(wget_buffer + wget_offset, 1, TWNAUTH_WGETSIZE-wget_offset, wget_stream); + if ( (readval != 0) && (readval != -1) && (wget_offset < TWNAUTH_WGETSIZE) ) { + wget_offset += readval; + } else { + read_more = 0; + wget_buffer[wget_offset] = '\0'; + } + + } + + pclose(wget_stream); + +#ifdef TWNAUTH_DEBUG + debug_print("'%s'\n", wget_buffer); +#endif + + /* Now try and find the new nexus in the wget output */ + for ( i=0; i<strlen(wget_buffer); i++ ) { + + if ( strncmp((wget_buffer+i), "DALogin=", 8) == 0 ) { + + size_t j; + + /* Find the end of the ticket and tie it off */ + for ( j=i+7; j<strlen(wget_buffer); j++ ) { + if ( wget_buffer[j] == ',' ) { + wget_buffer[j] = '\0'; + } + } + + nexus = strdup(wget_buffer+i+8); + debug_print("twnauth: nexus: %s\n", nexus); + + } + + } + + free(wget_buffer); + free(shellcommand); + + if ( nexus == NULL ) { + debug_print("Warning! Couldn't retrieve URL from Nexus!\n"); + nexus = strdup(""); + } + return nexus; + +} + +char *twnauth_ticket(char *authdata) { + + char *shellcommand; + int read_more; + FILE *wget_stream; + char *options_username_2; + char *auth_ticket = NULL; + char *wget_buffer; + int wget_offset = 0; + size_t i; + char *loginurl; + + assert(strlen(authdata) < 255); + + loginurl = twnauth_loginurl(); + + shellcommand = malloc(1024); + strncpy(shellcommand, options_wget(), 256); + shellcommand[255] = '\0'; + strcat(shellcommand, " -S -O - --header='Authorization: Passport1.4 OrgVerb=GET,OrgURL=http%3A%2F%2Fmessenger%2Emsn%2Ecom,sign-in="); + options_username_2 = routines_urlencode(options_username()); + strncat(shellcommand, options_username_2, 64); + shellcommand[1023] = '\0'; + free(options_username_2); + strncat(shellcommand, ",pwd=", 64); + shellcommand[1023] = '\0'; + strncat(shellcommand, options_password(), 64); + shellcommand[1023] = '\0'; + strcat(shellcommand, ","); + shellcommand[1023] = '\0'; + strncat(shellcommand, authdata, 256); + shellcommand[1023] = '\0'; + strcat(shellcommand, "' https://"); + shellcommand[1023] = '\0'; + strncat(shellcommand, loginurl, 64); + shellcommand[1023] = '\0'; + free(loginurl); + strcat(shellcommand, " 2>&1"); + shellcommand[1023] = '\0'; + +#ifdef TWNAUTH_DEBUG + debug_print("twnauth: %s\n", shellcommand); +#else + debug_print("twnauth: (sending authentication data)\n"); +#endif + wget_stream = popen(shellcommand, "r"); + + if ( wget_stream == NULL ) { + return NULL; + } + + wget_buffer = malloc(TWNAUTH_WGETSIZE); + read_more = 1; + while ( read_more ) { + + ssize_t readval; + readval = fread(wget_buffer + wget_offset, 1, TWNAUTH_WGETSIZE-wget_offset, wget_stream); + if ( (readval != 0) && (readval != -1) && (wget_offset < TWNAUTH_WGETSIZE) ) { + wget_offset += readval; + } else { + read_more = 0; + wget_buffer[wget_offset] = '\0'; + } + + } + + pclose(wget_stream); + +#ifdef TWNAUTH_DEBUG + debug_print("'%s'\n", wget_buffer); +#endif + + /* Now try and find the ticket in the wget output */ + for ( i=0; i<strlen(wget_buffer); i++ ) { + + if ( strncmp((wget_buffer+i), "from-PP='t=:", 11) == 0 ) { + + size_t j; + + /* Find the end of the ticket and tie it off */ + for ( j=i+10; j<strlen(wget_buffer); j++ ) { + if ( wget_buffer[j] == '\'' ) { + wget_buffer[j] = '\0'; + } + } + + auth_ticket = strdup(wget_buffer+i+9); + debug_print("twnauth: %s\n", auth_ticket); + + } + + } + + free(wget_buffer); + free(shellcommand); + + return auth_ticket; + +} |