struct xt_node *xml_generate( irc_t *irc ) { char *pass_buf = NULL; account_t *acc; md5_byte_t pass_md5[21]; md5_state_t md5_state; GSList *l; struct xt_node *root, *cur; /* Generate a salted md5sum of the password. Use 5 bytes for the salt (to prevent dictionary lookups of passwords) to end up with a 21- byte password hash, more convenient for base64 encoding. */ random_bytes( pass_md5 + 16, 5 ); md5_init( &md5_state ); md5_append( &md5_state, (md5_byte_t*) irc->password, strlen( irc->password ) ); md5_append( &md5_state, pass_md5 + 16, 5 ); /* Add the salt. */ md5_finish( &md5_state, pass_md5 ); /* Save the hash in base64-encoded form. */ pass_buf = base64_encode( pass_md5, 21 ); root = cur = xt_new_node( "user", NULL, NULL ); xt_add_attr( cur, "nick", irc->user->nick ); xt_add_attr( cur, "password", pass_buf ); xt_add_attr( cur, "version", XML_FORMAT_VERSION ); g_free( pass_buf ); xml_generate_settings( cur, &irc->b->set ); for( acc = irc->b->accounts; acc; acc = acc->next ) { unsigned char *pass_cr; char *pass_b64; int pass_len; pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password, 12 ); pass_b64 = base64_encode( pass_cr, pass_len ); g_free( pass_cr ); cur = xt_new_node( "account", NULL, NULL ); xt_add_attr( cur, "protocol", acc->prpl->name ); xt_add_attr( cur, "handle", acc->user ); xt_add_attr( cur, "password", pass_b64 ); xt_add_attr( cur, "autoconnect", acc->auto_connect ? "true" : "false" ); xt_add_attr( cur, "tag", acc->tag ); if( acc->server && acc->server[0] ) xt_add_attr( cur, "server", acc->server ); g_free( pass_b64 ); /* This probably looks pretty strange. g_hash_table_foreach is quite a PITA already (but it can't get much better in C without using #define, I'm afraid), and it doesn't seem to be possible to abort the foreach on write errors, so instead let's use the _find function and return TRUE on write errors. Which means, if we found something, there was an error. :-) */ g_hash_table_find( acc->nicks, xml_generate_nick, cur ); xml_generate_settings( cur, &acc->set ); xt_add_child( root, cur ); } for( l = irc->channels; l; l = l->next ) { irc_channel_t *ic = l->data; if( ic->flags & IRC_CHANNEL_TEMP ) continue; cur = xt_new_node( "channel", NULL, NULL ); xt_add_attr( cur, "name", ic->name ); xt_add_attr( cur, "type", set_getstr( &ic->set, "type" ) ); xml_generate_settings( cur, &ic->set ); xt_add_child( root, cur ); } return root; }
struct xt_node *xml_generate(irc_t *irc) { char *pass_buf = NULL; account_t *acc; md5_byte_t pass_md5[21]; md5_state_t md5_state; GSList *l; struct xt_node *root, *cur; root = cur = xt_new_node("user", NULL, NULL); if (irc->auth_backend) { xt_add_attr(cur, "auth_backend", irc->auth_backend); } else { /* Generate a salted md5sum of the password. Use 5 bytes for the salt (to prevent dictionary lookups of passwords) to end up with a 21- byte password hash, more convenient for base64 encoding. */ random_bytes(pass_md5 + 16, 5); md5_init(&md5_state); md5_append(&md5_state, (md5_byte_t *) irc->password, strlen(irc->password)); md5_append(&md5_state, pass_md5 + 16, 5); /* Add the salt. */ md5_finish(&md5_state, pass_md5); /* Save the hash in base64-encoded form. */ pass_buf = base64_encode(pass_md5, 21); xt_add_attr(cur, "password", pass_buf); g_free(pass_buf); } xt_add_attr(cur, "nick", irc->user->nick); xt_add_attr(cur, "version", XML_FORMAT_VERSION); xml_generate_settings(cur, &irc->b->set); for (acc = irc->b->accounts; acc; acc = acc->next) { GHashTableIter iter; gpointer key, value; unsigned char *pass_cr; char *pass_b64; int pass_len; if(irc->auth_backend) { /* If we don't "own" the password, it may change without us * knowing, so we cannot encrypt the data, as we then may not be * able to decrypt it */ pass_b64 = base64_encode((unsigned char *)acc->pass, strlen(acc->pass)); } else { pass_len = arc_encode(acc->pass, strlen(acc->pass), (unsigned char **) &pass_cr, irc->password, 12); pass_b64 = base64_encode(pass_cr, pass_len); g_free(pass_cr); } cur = xt_new_node("account", NULL, NULL); xt_add_attr(cur, "protocol", acc->prpl->name); xt_add_attr(cur, "handle", acc->user); xt_add_attr(cur, "password", pass_b64); xt_add_attr(cur, "autoconnect", acc->auto_connect ? "true" : "false"); xt_add_attr(cur, "tag", acc->tag); if (acc->server && acc->server[0]) { xt_add_attr(cur, "server", acc->server); } if (acc->flags & ACC_FLAG_LOCKED) { xt_add_attr(cur, "locked", "true"); } g_free(pass_b64); g_hash_table_iter_init(&iter, acc->nicks); while (g_hash_table_iter_next(&iter, &key, &value)) { struct xt_node *node = xt_new_node("buddy", NULL, NULL); xt_add_attr(node, "handle", key); xt_add_attr(node, "nick", value); xt_add_child(cur, node); } xml_generate_settings(cur, &acc->set); xt_add_child(root, cur); } for (l = irc->channels; l; l = l->next) { irc_channel_t *ic = l->data; if (ic->flags & IRC_CHANNEL_TEMP) { continue; } cur = xt_new_node("channel", NULL, NULL); xt_add_attr(cur, "name", ic->name); xt_add_attr(cur, "type", set_getstr(&ic->set, "type")); xml_generate_settings(cur, &ic->set); xt_add_child(root, cur); } return root; }