diff options
author | Stefan Beller <stefanbeller@googlemail.com> | 2011-08-06 03:25:31 +0200 |
---|---|---|
committer | Stefan Beller <stefanbeller@googlemail.com> | 2011-08-10 21:32:50 +0200 |
commit | 5c5e17c0b200004c6d18a51e2c02fd21d710f04f (patch) | |
tree | 677f019f2d7c84abb51007e8860b8ee95d0b6913 /src/net/manaserv/loginhandler.cpp | |
parent | 7342860e6c7b8d817410d886c7b89ff36e5c26f7 (diff) | |
download | mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.gz mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.bz2 mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.xz mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.zip |
Client logs in with salted password now.
The password is salted by a random number sent by server.
Reviewed by Bertram.
Diffstat (limited to 'src/net/manaserv/loginhandler.cpp')
-rw-r--r-- | src/net/manaserv/loginhandler.cpp | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/src/net/manaserv/loginhandler.cpp b/src/net/manaserv/loginhandler.cpp index 2f802e21..f06c3262 100644 --- a/src/net/manaserv/loginhandler.cpp +++ b/src/net/manaserv/loginhandler.cpp @@ -44,6 +44,7 @@ extern std::string netToken; LoginHandler::LoginHandler() { static const Uint16 _messages[] = { + APMSG_LOGIN_RNDTRGR_RESPONSE, APMSG_LOGIN_RESPONSE, APMSG_REGISTER_RESPONSE, APMSG_RECONNECT_RESPONSE, @@ -62,6 +63,10 @@ void LoginHandler::handleMessage(Net::MessageIn &msg) { switch (msg.getId()) { + case APMSG_LOGIN_RNDTRGR_RESPONSE: + handleLoginRandomResponse(msg); + break; + case APMSG_LOGIN_RESPONSE: handleLoginResponse(msg); break; @@ -245,6 +250,12 @@ void LoginHandler::handleMessage(Net::MessageIn &msg) } } +void LoginHandler::handleLoginRandomResponse(Net::MessageIn &msg) +{ + mLoginData->randomSeed = msg.readString(); + loginAccountContinue(); +} + void LoginHandler::handleLoginResponse(Net::MessageIn &msg) { const int errMsg = msg.readInt8(); @@ -385,14 +396,25 @@ unsigned int LoginHandler::getMaxUserNameLength() const void LoginHandler::loginAccount(LoginData *loginData) { mLoginData = loginData; + mTmpPassword = loginData->password; + + MessageOut msg(PAMSG_LOGIN_RNDTRGR); + msg.writeString(mLoginData->username); + accountServerConnection->send(msg); +} + +void LoginHandler::loginAccountContinue() +{ MessageOut msg(PAMSG_LOGIN); msg.writeInt32(PROTOCOL_VERSION); // client version - msg.writeString(loginData->username); - msg.writeString(sha256(loginData->username + loginData->password)); + msg.writeString(mLoginData->username); + + msg.writeString(sha256(sha256(sha256(mLoginData->username + mTmpPassword)) + mLoginData->randomSeed)); accountServerConnection->send(msg); + mTmpPassword = ""; } void LoginHandler::logout() |