summaryrefslogtreecommitdiff
path: root/src/net/manaserv/loginhandler.cpp
diff options
context:
space:
mode:
authorStefan Beller <stefanbeller@googlemail.com>2011-08-06 03:25:31 +0200
committerStefan Beller <stefanbeller@googlemail.com>2011-08-10 21:32:50 +0200
commit5c5e17c0b200004c6d18a51e2c02fd21d710f04f (patch)
tree677f019f2d7c84abb51007e8860b8ee95d0b6913 /src/net/manaserv/loginhandler.cpp
parent7342860e6c7b8d817410d886c7b89ff36e5c26f7 (diff)
downloadmana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.gz
mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.bz2
mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.xz
mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.zip
Client logs in with salted password now.
The password is salted by a random number sent by server. Reviewed by Bertram.
Diffstat (limited to 'src/net/manaserv/loginhandler.cpp')
-rw-r--r--src/net/manaserv/loginhandler.cpp26
1 files changed, 24 insertions, 2 deletions
diff --git a/src/net/manaserv/loginhandler.cpp b/src/net/manaserv/loginhandler.cpp
index 2f802e21..f06c3262 100644
--- a/src/net/manaserv/loginhandler.cpp
+++ b/src/net/manaserv/loginhandler.cpp
@@ -44,6 +44,7 @@ extern std::string netToken;
LoginHandler::LoginHandler()
{
static const Uint16 _messages[] = {
+ APMSG_LOGIN_RNDTRGR_RESPONSE,
APMSG_LOGIN_RESPONSE,
APMSG_REGISTER_RESPONSE,
APMSG_RECONNECT_RESPONSE,
@@ -62,6 +63,10 @@ void LoginHandler::handleMessage(Net::MessageIn &msg)
{
switch (msg.getId())
{
+ case APMSG_LOGIN_RNDTRGR_RESPONSE:
+ handleLoginRandomResponse(msg);
+ break;
+
case APMSG_LOGIN_RESPONSE:
handleLoginResponse(msg);
break;
@@ -245,6 +250,12 @@ void LoginHandler::handleMessage(Net::MessageIn &msg)
}
}
+void LoginHandler::handleLoginRandomResponse(Net::MessageIn &msg)
+{
+ mLoginData->randomSeed = msg.readString();
+ loginAccountContinue();
+}
+
void LoginHandler::handleLoginResponse(Net::MessageIn &msg)
{
const int errMsg = msg.readInt8();
@@ -385,14 +396,25 @@ unsigned int LoginHandler::getMaxUserNameLength() const
void LoginHandler::loginAccount(LoginData *loginData)
{
mLoginData = loginData;
+ mTmpPassword = loginData->password;
+
+ MessageOut msg(PAMSG_LOGIN_RNDTRGR);
+ msg.writeString(mLoginData->username);
+ accountServerConnection->send(msg);
+}
+
+void LoginHandler::loginAccountContinue()
+{
MessageOut msg(PAMSG_LOGIN);
msg.writeInt32(PROTOCOL_VERSION); // client version
- msg.writeString(loginData->username);
- msg.writeString(sha256(loginData->username + loginData->password));
+ msg.writeString(mLoginData->username);
+
+ msg.writeString(sha256(sha256(sha256(mLoginData->username + mTmpPassword)) + mLoginData->randomSeed));
accountServerConnection->send(msg);
+ mTmpPassword = "";
}
void LoginHandler::logout()