summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorStefan Beller <stefanbeller@googlemail.com>2011-08-06 03:25:31 +0200
committerStefan Beller <stefanbeller@googlemail.com>2011-08-10 21:32:50 +0200
commit5c5e17c0b200004c6d18a51e2c02fd21d710f04f (patch)
tree677f019f2d7c84abb51007e8860b8ee95d0b6913 /src
parent7342860e6c7b8d817410d886c7b89ff36e5c26f7 (diff)
downloadmana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.gz
mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.bz2
mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.tar.xz
mana-5c5e17c0b200004c6d18a51e2c02fd21d710f04f.zip
Client logs in with salted password now.
The password is salted by a random number sent by server. Reviewed by Bertram.
Diffstat (limited to 'src')
-rw-r--r--src/net/logindata.h4
-rw-r--r--src/net/manaserv/loginhandler.cpp26
-rw-r--r--src/net/manaserv/loginhandler.h4
-rw-r--r--src/net/manaserv/manaserv_protocol.h2
4 files changed, 33 insertions, 3 deletions
diff --git a/src/net/logindata.h b/src/net/logindata.h
index 4d8fc043..b842bdfd 100644
--- a/src/net/logindata.h
+++ b/src/net/logindata.h
@@ -1,7 +1,7 @@
/*
* The Mana Client
* Copyright (C) 2004-2009 The Mana World Development Team
- * Copyright (C) 2009-2010 The Mana Developers
+ * Copyright (C) 2009-2011 The Mana Developers
*
* This file is part of The Mana Client.
*
@@ -36,6 +36,7 @@ public:
std::string username;
std::string password;
+ std::string randomSeed;
std::string newPassword;
std::string updateHost;
@@ -61,6 +62,7 @@ public:
{
username.clear();
password.clear();
+ randomSeed.clear();
newPassword.clear();
updateHost.clear();
email.clear();
diff --git a/src/net/manaserv/loginhandler.cpp b/src/net/manaserv/loginhandler.cpp
index 2f802e21..f06c3262 100644
--- a/src/net/manaserv/loginhandler.cpp
+++ b/src/net/manaserv/loginhandler.cpp
@@ -44,6 +44,7 @@ extern std::string netToken;
LoginHandler::LoginHandler()
{
static const Uint16 _messages[] = {
+ APMSG_LOGIN_RNDTRGR_RESPONSE,
APMSG_LOGIN_RESPONSE,
APMSG_REGISTER_RESPONSE,
APMSG_RECONNECT_RESPONSE,
@@ -62,6 +63,10 @@ void LoginHandler::handleMessage(Net::MessageIn &msg)
{
switch (msg.getId())
{
+ case APMSG_LOGIN_RNDTRGR_RESPONSE:
+ handleLoginRandomResponse(msg);
+ break;
+
case APMSG_LOGIN_RESPONSE:
handleLoginResponse(msg);
break;
@@ -245,6 +250,12 @@ void LoginHandler::handleMessage(Net::MessageIn &msg)
}
}
+void LoginHandler::handleLoginRandomResponse(Net::MessageIn &msg)
+{
+ mLoginData->randomSeed = msg.readString();
+ loginAccountContinue();
+}
+
void LoginHandler::handleLoginResponse(Net::MessageIn &msg)
{
const int errMsg = msg.readInt8();
@@ -385,14 +396,25 @@ unsigned int LoginHandler::getMaxUserNameLength() const
void LoginHandler::loginAccount(LoginData *loginData)
{
mLoginData = loginData;
+ mTmpPassword = loginData->password;
+
+ MessageOut msg(PAMSG_LOGIN_RNDTRGR);
+ msg.writeString(mLoginData->username);
+ accountServerConnection->send(msg);
+}
+
+void LoginHandler::loginAccountContinue()
+{
MessageOut msg(PAMSG_LOGIN);
msg.writeInt32(PROTOCOL_VERSION); // client version
- msg.writeString(loginData->username);
- msg.writeString(sha256(loginData->username + loginData->password));
+ msg.writeString(mLoginData->username);
+
+ msg.writeString(sha256(sha256(sha256(mLoginData->username + mTmpPassword)) + mLoginData->randomSeed));
accountServerConnection->send(msg);
+ mTmpPassword = "";
}
void LoginHandler::logout()
diff --git a/src/net/manaserv/loginhandler.h b/src/net/manaserv/loginhandler.h
index 2062dcb5..294b99ac 100644
--- a/src/net/manaserv/loginhandler.h
+++ b/src/net/manaserv/loginhandler.h
@@ -77,12 +77,16 @@ class LoginHandler : public MessageHandler, public Net::LoginHandler
void reconnect();
private:
+ void handleLoginRandomResponse(Net::MessageIn &msg);
void handleLoginResponse(Net::MessageIn &msg);
void handleRegisterResponse(Net::MessageIn &msg);
void readServerInfo(Net::MessageIn &msg);
+ void loginAccountContinue();
+
LoginData *mLoginData;
+ std::string mTmpPassword;
unsigned int mMinUserNameLength;
unsigned int mMaxUserNameLength;
};
diff --git a/src/net/manaserv/manaserv_protocol.h b/src/net/manaserv/manaserv_protocol.h
index 66da57df..27d7c7b8 100644
--- a/src/net/manaserv/manaserv_protocol.h
+++ b/src/net/manaserv/manaserv_protocol.h
@@ -57,6 +57,8 @@ enum {
APMSG_LOGIN_RESPONSE = 0x0012, // B error, S updatehost, S Client data URL, B Character slots
PAMSG_LOGOUT = 0x0013, // -
APMSG_LOGOUT_RESPONSE = 0x0014, // B error
+ PAMSG_LOGIN_RNDTRGR = 0x0015, // S username
+ APMSG_LOGIN_RNDTRGR_RESPONSE = 0x0016, // S random seed
PAMSG_CHAR_CREATE = 0x0020, // S name, B hair style, B hair color, B gender, B slot, {W stats}*
APMSG_CHAR_CREATE_RESPONSE = 0x0021, // B error
PAMSG_CHAR_DELETE = 0x0022, // B slot