I'll be damned, thank you! I'm committing this to SVN right now! Daniel
On Mar 22, 2007, at 1:15 PM, Michael Dyrna wrote: > Hi, > > I found a bug (inaccurate parsing) in PyAIM-t preventing some AIM > accounts to authenticate correctly: The length of the MD5 hashing > key (family 0x0017 subfamily 0x0007 [1]) is ignored in the old code > and thus a wrong (too long) MD5 key is used for calculatinng the > password hash. > > A bugfix is attached. > > I have not yet investigated which AIM accounts are affected, but I > had more than one user complaining. > > Regards, > > Michael > > > [1] http://xeons.net/oscar/index.php?id=bucp/0007 > > > diff -rNu pyaimt/src/tlib/oscar.py pyaimt.fixed/src/tlib/oscar.py > --- pyaimt/src/tlib/oscar.py 2007-03-22 12:17:31.000000000 +0100 > +++ pyaimt.fixed/src/tlib/oscar.py 2007-03-22 17:33:57.516084000 +0100 > @@ -3103,7 +3103,8 @@ > if not snac: > log.msg("Illegal SNAC data received in oscar_Key: %s" > % data) > return > - key=snac[5][2:] > + len=ord(snac[5][0]) * 256 + ord(snac[5][1]) > + key=snac[5][2:2+len] > encpass=encryptPasswordMD5(self.password,key) > self.sendFLAP(SNAC(0x17,0x02,0, > TLV(TLV_USERNAME,self.username)+ > _______________________________________________ > py-transports mailing list > [email protected] > http://lists.modevia.com/cgi-bin/mailman/listinfo/py-transports _______________________________________________ py-transports mailing list [email protected] http://lists.modevia.com/cgi-bin/mailman/listinfo/py-transports
