mirror of
https://github.com/luanti-org/luanti.git
synced 2025-06-27 16:36:03 +00:00
Change the way how password is stored in C++ engine.
This commit is contained in:
SFENCE
parent
81d62d01d1
commit
b0c08bf370
19 changed files with 386 additions and 100 deletions
|
|
@ -86,8 +86,9 @@ void PacketCounter::print(std::ostream &o) const
|
|||
*/
|
||||
|
||||
Client::Client(
|
||||
const char *playername,
|
||||
const std::string &password,
|
||||
const std::string &playername,
|
||||
//const std::string &password,
|
||||
ClientAuth *auth,
|
||||
MapDrawControl &control,
|
||||
IWritableTextureSource *tsrc,
|
||||
IWritableShaderSource *shsrc,
|
||||
|
|
@ -116,14 +117,14 @@ Client::Client(
|
|||
m_allow_login_or_register(allow_login_or_register),
|
||||
m_server_ser_ver(SER_FMT_VER_INVALID),
|
||||
m_last_chat_message_sent(time(NULL)),
|
||||
m_password(password),
|
||||
m_auth(auth),
|
||||
m_chosen_auth_mech(AUTH_MECHANISM_NONE),
|
||||
m_media_downloader(new ClientMediaDownloader()),
|
||||
m_state(LC_Created),
|
||||
m_modchannel_mgr(new ModChannelMgr())
|
||||
{
|
||||
// Add local player
|
||||
m_env.setLocalPlayer(new LocalPlayer(this, playername));
|
||||
m_env.setLocalPlayer(new LocalPlayer(this, playername.c_str()));
|
||||
|
||||
// Make the mod storage database and begin the save for later
|
||||
m_mod_storage_database =
|
||||
|
|
@ -1114,20 +1115,7 @@ void Client::interact(InteractAction action, const PointedThing& pointed)
|
|||
|
||||
void Client::deleteAuthData()
|
||||
{
|
||||
if (!m_auth_data)
|
||||
return;
|
||||
|
||||
switch (m_chosen_auth_mech) {
|
||||
case AUTH_MECHANISM_FIRST_SRP:
|
||||
break;
|
||||
case AUTH_MECHANISM_SRP:
|
||||
case AUTH_MECHANISM_LEGACY_PASSWORD:
|
||||
srp_user_delete((SRPUser *) m_auth_data);
|
||||
m_auth_data = NULL;
|
||||
break;
|
||||
case AUTH_MECHANISM_NONE:
|
||||
break;
|
||||
}
|
||||
m_auth->clearSessionData();
|
||||
m_chosen_auth_mech = AUTH_MECHANISM_NONE;
|
||||
}
|
||||
|
||||
|
|
@ -1166,36 +1154,34 @@ void Client::startAuth(AuthMechanism chosen_auth_mechanism)
|
|||
switch (chosen_auth_mechanism) {
|
||||
case AUTH_MECHANISM_FIRST_SRP: {
|
||||
// send srp verifier to server
|
||||
std::string verifier;
|
||||
std::string salt;
|
||||
generate_srp_verifier_and_salt(playername, m_password,
|
||||
&verifier, &salt);
|
||||
const std::string &verifier = m_auth->getSrpVerifier();
|
||||
const std::string &salt = m_auth->getSrpSalt();
|
||||
|
||||
NetworkPacket resp_pkt(TOSERVER_FIRST_SRP, 0);
|
||||
resp_pkt << salt << verifier << (u8)((m_password.empty()) ? 1 : 0);
|
||||
resp_pkt << salt << verifier << (u8)((m_auth->getIsEmpty()) ? 1 : 0);
|
||||
|
||||
Send(&resp_pkt);
|
||||
break;
|
||||
}
|
||||
case AUTH_MECHANISM_SRP:
|
||||
case AUTH_MECHANISM_LEGACY_PASSWORD: {
|
||||
u8 based_on = 1;
|
||||
u8 based_on;
|
||||
SRPUser *auth_data;
|
||||
|
||||
if (chosen_auth_mechanism == AUTH_MECHANISM_LEGACY_PASSWORD) {
|
||||
m_password = translate_password(playername, m_password);
|
||||
based_on = 0;
|
||||
auth_data = m_auth->getLegacyAuthData();
|
||||
}
|
||||
else {
|
||||
based_on = 1;
|
||||
auth_data = m_auth->getSrpAuthData();
|
||||
}
|
||||
|
||||
std::string playername_u = lowercase(playername);
|
||||
m_auth_data = srp_user_new(SRP_SHA256, SRP_NG_2048,
|
||||
playername.c_str(), playername_u.c_str(),
|
||||
(const unsigned char *) m_password.c_str(),
|
||||
m_password.length(), NULL, NULL);
|
||||
char *bytes_A = 0;
|
||||
size_t len_A = 0;
|
||||
SRP_Result res = srp_user_start_authentication(
|
||||
(struct SRPUser *) m_auth_data, NULL, NULL, 0,
|
||||
(unsigned char **) &bytes_A, &len_A);
|
||||
auth_data, NULL, NULL, 0,
|
||||
reinterpret_cast<unsigned char **>(&bytes_A), &len_A);
|
||||
FATAL_ERROR_IF(res != SRP_OK, "Creating local SRP user failed.");
|
||||
|
||||
NetworkPacket resp_pkt(TOSERVER_SRP_BYTES_A, 0);
|
||||
|
|
@ -1347,16 +1333,25 @@ void Client::clearOutChatQueue()
|
|||
m_out_chat_queue = std::queue<std::wstring>();
|
||||
}
|
||||
|
||||
void Client::sendChangePassword(const std::string &oldpassword,
|
||||
const std::string &newpassword)
|
||||
void Client::sendChangePassword(std::string &oldpassword,
|
||||
std::string &newpassword)
|
||||
{
|
||||
LocalPlayer *player = m_env.getLocalPlayer();
|
||||
if (player == NULL)
|
||||
if (player == NULL) {
|
||||
porting::secure_clear_string(oldpassword);
|
||||
porting::secure_clear_string(newpassword);
|
||||
return;
|
||||
}
|
||||
|
||||
// get into sudo mode and then send new password to server
|
||||
m_password = oldpassword;
|
||||
m_new_password = newpassword;
|
||||
std::string playername = m_env.getLocalPlayer()->getName();
|
||||
m_auth->applyPassword(playername, oldpassword);
|
||||
m_new_auth.applyPassword(playername, newpassword);
|
||||
|
||||
// we do not need to keep passwords in memory
|
||||
porting::secure_clear_string(oldpassword);
|
||||
porting::secure_clear_string(newpassword);
|
||||
|
||||
startAuth(choseAuthMech(m_sudo_auth_methods));
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue