diff options
| author | Michael Vetter <jubalh@iodoru.org> | 2019-10-22 11:10:37 +0200 |
|---|---|---|
| committer | Michael Vetter <jubalh@iodoru.org> | 2019-10-22 11:10:37 +0200 |
| commit | ba1875240571559e57f03285068d47b63aa22e24 (patch) | |
| tree | 0de394ed14deaf67278b759e72c7052df7978846 /src | |
| parent | b16426f66da54cd53d0c877f3f25976247733bf1 (diff) | |
| download | profani-tty-ba1875240571559e57f03285068d47b63aa22e24.tar.gz | |
Use UUID in origin-id and id
Let's use UUID to have a more random string then just 10 alphanumeric values.
Diffstat (limited to 'src')
| -rw-r--r-- | src/xmpp/connection.c | 10 | ||||
| -rw-r--r-- | src/xmpp/message.c | 12 |
2 files changed, 11 insertions, 11 deletions
diff --git a/src/xmpp/connection.c b/src/xmpp/connection.c index e121d9a6..7dba20f7 100644 --- a/src/xmpp/connection.c +++ b/src/xmpp/connection.c @@ -459,18 +459,18 @@ connection_free_uuid(char *uuid) char* connection_create_stanza_id(void) { - char *msgid = get_random_string(10); + char *uuid = connection_create_uuid(); - assert(msgid != NULL); + assert(uuid != NULL); gchar *hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256, (guchar*)prof_identifier, strlen(prof_identifier), - msgid, strlen(msgid)); + uuid, strlen(uuid)); GString *signature = g_string_new(""); - g_string_printf(signature, "%s%s", msgid, hmac); + g_string_printf(signature, "%s%s", uuid, hmac); - free(msgid); + free(uuid); g_free(hmac); char *b64 = g_base64_encode((unsigned char*)signature->str, signature->len); diff --git a/src/xmpp/message.c b/src/xmpp/message.c index fb9022dc..d11af8b6 100644 --- a/src/xmpp/message.c +++ b/src/xmpp/message.c @@ -1169,20 +1169,20 @@ message_is_sent_by_us(ProfMessage *message) { gsize tmp_len; char *tmp = (char*)g_base64_decode(message->id, &tmp_len); - // our client sents at least 10 for the identifier + random message bytes - if (tmp_len > 10) { - char *msgid = g_strndup(tmp, 10); + // our client sents at least 36 (uuid) + identifier + if (tmp_len > 36) { + char *uuid = g_strndup(tmp, 36); char *prof_identifier = connection_get_profanity_identifier(); gchar *hmac = g_compute_hmac_for_string(G_CHECKSUM_SHA256, (guchar*)prof_identifier, strlen(prof_identifier), - msgid, strlen(msgid)); + uuid, strlen(uuid)); - if (g_strcmp0(&tmp[10], hmac) == 0) { + if (g_strcmp0(&tmp[36], hmac) == 0) { ret = TRUE; } - g_free(msgid); + g_free(uuid); g_free(hmac); } free(tmp); |