summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorultramage <ultramage@54d463be-8e91-2dee-dedb-b68131a5f0ec>2008-08-09 13:05:54 +0000
committerultramage <ultramage@54d463be-8e91-2dee-dedb-b68131a5f0ec>2008-08-09 13:05:54 +0000
commit16675230f6fff2b30b48b83e395e273919b5515f (patch)
treeb55bc1f455b99e7dd9635cd06c9aae9c93be1ac2 /src
parentc5c74a00ce7bbc152f20066c22952770535dd7f5 (diff)
downloadhercules-16675230f6fff2b30b48b83e395e273919b5515f.tar.gz
hercules-16675230f6fff2b30b48b83e395e273919b5515f.tar.bz2
hercules-16675230f6fff2b30b48b83e395e273919b5515f.tar.xz
hercules-16675230f6fff2b30b48b83e395e273919b5515f.zip
Fixed login printing raw passwdenc passwords to console (bugreport:826).
Added strlib function bin2hex(). Cleaned up the md5calc interface a bit. git-svn-id: https://rathena.svn.sourceforge.net/svnroot/rathena/trunk@13055 54d463be-8e91-2dee-dedb-b68131a5f0ec
Diffstat (limited to 'src')
-rw-r--r--src/common/md5calc.c48
-rw-r--r--src/common/md5calc.h2
-rw-r--r--src/common/strlib.c22
-rw-r--r--src/common/strlib.h4
-rw-r--r--src/ladmin/ladmin.c2
-rw-r--r--src/login/login.c12
6 files changed, 55 insertions, 35 deletions
diff --git a/src/common/md5calc.c b/src/common/md5calc.c
index 701a9db6c..d6a38b865 100644
--- a/src/common/md5calc.c
+++ b/src/common/md5calc.c
@@ -141,27 +141,22 @@ static void MD5_Round_Calculate(const unsigned char *block,
memset(pX, 0, sizeof(X));
}
-//-------------------------------------------------------------------
-// The function for the exteriors
-
-/** output is the coded binary in the character sequence which wants to code string. */
-void MD5_String2binary(const char * string, char * output)
+static void MD5_String2binary(const char * string, unsigned char * output)
{
//var
/*8bit*/
unsigned char padding_message[64]; //Extended message 512bit 64byte
- unsigned char *pstring; //The position of string in the present scanning notes is held.
+ unsigned char *pstring; //The position of string in the present scanning notes is held.
-// unsigned char digest[16];
/*32bit*/
- unsigned int string_byte_len, //The byte chief of string is held.
- string_bit_len, //The bit length of string is held.
- copy_len, //The number of bytes which is used by 1-3 and which remained
- msg_digest[4]; //Message digest 128bit 4byte
+ unsigned int string_byte_len, //The byte chief of string is held.
+ string_bit_len, //The bit length of string is held.
+ copy_len, //The number of bytes which is used by 1-3 and which remained
+ msg_digest[4]; //Message digest 128bit 4byte
unsigned int *A = &msg_digest[0], //The message digest in accordance with RFC (reference)
- *B = &msg_digest[1],
- *C = &msg_digest[2],
- *D = &msg_digest[3];
+ *B = &msg_digest[1],
+ *C = &msg_digest[2],
+ *D = &msg_digest[3];
int i;
//prog
@@ -193,7 +188,6 @@ void MD5_String2binary(const char * string, char * output)
memset(padding_message, 0, 56); //56 bytes is newly fill uped with 0.
}
-
//Step 2.Append Length (the information on length is added)
string_bit_len = string_byte_len * 8; //From the byte chief to bit length (32 bytes of low rank)
memcpy(&padding_message[56], &string_bit_len, 4); //32 bytes of low rank is set.
@@ -208,26 +202,26 @@ void MD5_String2binary(const char * string, char * output)
//Step 4.Process Message in 16-Word Blocks (calculation of MD5)
MD5_Round_Calculate(padding_message, A,B,C,D);
-
//Step 5.Output (output)
memcpy(output,msg_digest,16);
-// memcpy (digest, msg_digest, and 16); //8 byte*4 < - 32byte conversion A function called Encode as used in the field of RFC
-/* sprintf(output,
- "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
- digest[ 0], digest[ 1], digest[ 2], digest[ 3],
- digest[ 4], digest[ 5], digest[ 6], digest[ 7],
- digest[ 8], digest[ 9], digest[10], digest[11],
- digest[12], digest[13], digest[14], digest[15]);*/
+}
+
+//-------------------------------------------------------------------
+// The function for the exteriors
+
+/** output is the coded binary in the character sequence which wants to code string. */
+void MD5_Binary(const char * string, unsigned char * output)
+{
+ MD5_String2binary(string,output);
}
/** output is the coded character sequence in the character sequence which wants to code string. */
void MD5_String(const char * string, char * output)
{
- unsigned char digest[16];
+ unsigned char digest[16];
- MD5_String2binary(string,(char*)digest);
- sprintf(output,
- "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+ MD5_String2binary(string,digest);
+ sprintf(output, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
digest[ 0], digest[ 1], digest[ 2], digest[ 3],
digest[ 4], digest[ 5], digest[ 6], digest[ 7],
digest[ 8], digest[ 9], digest[10], digest[11],
diff --git a/src/common/md5calc.h b/src/common/md5calc.h
index fc1c274f2..e35e64219 100644
--- a/src/common/md5calc.h
+++ b/src/common/md5calc.h
@@ -2,6 +2,6 @@
#define _MD5CALC_H_
void MD5_String(const char * string, char * output);
-void MD5_String2binary(const char * string, char * output);
+void MD5_Binary(const char * string, unsigned char * output);
#endif /* _MD5CALC_H_ */
diff --git a/src/common/strlib.c b/src/common/strlib.c
index 88de59cb9..93b69ab54 100644
--- a/src/common/strlib.c
+++ b/src/common/strlib.c
@@ -363,6 +363,28 @@ int strline(const char* str, size_t pos)
return line;
}
+/// Produces the hexadecimal representation of the given input.
+/// The output buffer must be at least count*2+1 in size.
+/// Returns true on success, false on failure.
+///
+/// @param output Output string
+/// @param input Binary input buffer
+/// @param count Number of bytes to convert
+bool bin2hex(char* output, unsigned char* input, size_t count)
+{
+ char toHex[] = "0123456789abcdef";
+ size_t i;
+
+ for( i = 0; i < count; ++i )
+ {
+ *output++ = toHex[(*input & 0xF0) >> 4];
+ *output++ = toHex[(*input & 0x0F) >> 0];
+ ++input;
+ }
+ *output = '\0';
+ return true;
+}
+
/////////////////////////////////////////////////////////////////////
diff --git a/src/common/strlib.h b/src/common/strlib.h
index 074c7eae3..1ba26ca4c 100644
--- a/src/common/strlib.h
+++ b/src/common/strlib.h
@@ -46,6 +46,10 @@ int safesnprintf(char* buf, size_t sz, const char* fmt, ...);
/// Lines start at 1.
int strline(const char* str, size_t pos);
+/// Produces the hexadecimal representation of the given input.
+/// The output buffer must be at least count*2+1 in size.
+/// Returns true on success, false on failure.
+bool bin2hex(char* output, unsigned char* input, size_t count);
/// Bitfield determining the behaviour of sv_parse and sv_split.
diff --git a/src/ladmin/ladmin.c b/src/ladmin/ladmin.c
index 56e08bde5..3f02a240a 100644
--- a/src/ladmin/ladmin.c
+++ b/src/ladmin/ladmin.c
@@ -2343,7 +2343,7 @@ int parse_fromlogin(int fd)
strncpy(md5str, loginserveradminpassword, sizeof(loginserveradminpassword));
strcat(md5str, (const char*)RFIFOP(fd,4));
}
- MD5_String2binary(md5str, md5bin);
+ MD5_Binary(md5str, md5bin);
WFIFOW(login_fd,0) = 0x7918; // Request for administation login (encrypted password)
WFIFOW(login_fd,2) = passenc; // Encrypted type
memcpy(WFIFOP(login_fd,4), md5bin, 16);
diff --git a/src/login/login.c b/src/login/login.c
index 9bcc5ba79..d458a8b88 100644
--- a/src/login/login.c
+++ b/src/login/login.c
@@ -230,12 +230,12 @@ static int sync_ip_addresses(int tid, unsigned int tick, int id, intptr data)
//-----------------------------------------------------
bool check_encrypted(const char* str1, const char* str2, const char* passwd)
{
- char md5str[64], md5bin[32];
+ char tmpstr[64+1], md5str[32+1];
- safesnprintf(md5str, sizeof(md5str), "%s%s", str1, str2);
- MD5_String2binary(md5str, md5bin);
+ safesnprintf(tmpstr, sizeof(tmpstr), "%s%s", str1, str2);
+ MD5_String(tmpstr, md5str);
- return (0==memcmp(passwd, md5bin, 16));
+ return (0==strcmp(passwd, md5str));
}
bool check_password(const char* md5key, int passwdenc, const char* passwd, const char* refpass)
@@ -1316,8 +1316,8 @@ int parse_login(int fd)
}
else
{
- ShowStatus("Request for connection (encryption mode) of %s (ip: %s).\n", sd->userid, ip);
- memcpy(sd->passwd, passwd, 16); sd->passwd[16] = '\0'; // raw binary data here!
+ ShowStatus("Request for connection (passwdenc mode) of %s (ip: %s).\n", sd->userid, ip);
+ bin2hex(sd->passwd, (unsigned char*)passwd, 16); // raw binary data here!
sd->passwdenc = PASSWORDENC;
}