diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/login/login.c | 39 | ||||
-rw-r--r-- | src/login/login.h | 17 | ||||
-rw-r--r-- | src/login/loginlog_sql.c | 1 |
3 files changed, 31 insertions, 26 deletions
diff --git a/src/login/login.c b/src/login/login.c index 95cbab70d..9c01c3956 100644 --- a/src/login/login.c +++ b/src/login/login.c @@ -227,17 +227,14 @@ bool login_check_password(const char* md5key, int passwdenc, const char* passwd, { nullpo_ret(passwd); nullpo_ret(refpass); - if(passwdenc == 0) - { + if(passwdenc == PWENC_NONE) { return (0==strcmp(passwd, refpass)); - } - else - { - // password mode set to 1 -> md5(md5key, refpass) enable with <passwordencrypt></passwordencrypt> - // password mode set to 2 -> md5(refpass, md5key) enable with <passwordencrypt2></passwordencrypt2> + } else { + // password mode set to PWENC_ENCRYPT -> md5(md5key, refpass) enable with <passwordencrypt></passwordencrypt> + // password mode set to PWENC_ENCRYPT2 -> md5(refpass, md5key) enable with <passwordencrypt2></passwordencrypt2> - return ((passwdenc&0x01) && login->check_encrypted(md5key, refpass, passwd)) || - ((passwdenc&0x02) && login->check_encrypted(refpass, md5key, passwd)); + return ((passwdenc&PWENC_ENCRYPT) && login->check_encrypted(md5key, refpass, passwd)) || + ((passwdenc&PWENC_ENCRYPT2) && login->check_encrypted(refpass, md5key, passwd)); } } @@ -396,7 +393,7 @@ void login_fromchar_parse_request_change_email(int fd, int id, const char *const if( !accounts->load_num(accounts, &acc, account_id) || strcmp(acc.email, "a@a.com") == 0 || acc.email[0] == '\0' ) ShowNotice("Char-server '%s': Attempt to create an e-mail on an account with a default e-mail REFUSED - account doesn't exist or e-mail of account isn't default e-mail (account: %d, ip: %s).\n", server[id].name, account_id, ip); else { - memcpy(acc.email, email, 40); + memcpy(acc.email, email, sizeof(acc.email)); ShowNotice("Char-server '%s': Create an e-mail on an account with a default e-mail (account: %d, new e-mail: %s, ip: %s).\n", server[id].name, account_id, email, ip); // Save accounts->save(accounts, &acc); @@ -503,7 +500,7 @@ void login_fromchar_parse_change_email(int fd, int id, const char *const ip) if( strcmpi(acc.email, actual_email) != 0 ) ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but actual e-mail is incorrect (account: %d (%s), actual e-mail: %s, proposed e-mail: %s, ip: %s).\n", server[id].name, account_id, acc.userid, acc.email, actual_email, ip); else { - safestrncpy(acc.email, new_email, 40); + safestrncpy(acc.email, new_email, sizeof(acc.email)); ShowNotice("Char-server '%s': Modify an e-mail on an account (@email GM command) (account: %d (%s), new e-mail: %s, ip: %s).\n", server[id].name, account_id, acc.userid, new_email, ip); // Save accounts->save(accounts, &acc); @@ -733,9 +730,9 @@ void login_fromchar_parse_change_pincode(int fd) { struct mmo_account acc; - if( accounts->load_num(accounts, &acc, RFIFOL(fd,2) ) ) { - safestrncpy( acc.pincode, (char*)RFIFOP(fd,6), sizeof(acc.pincode) ); - acc.pincode_change = ((unsigned int)time( NULL )); + if (accounts->load_num(accounts, &acc, RFIFOL(fd,2))) { + safestrncpy(acc.pincode, (char*)RFIFOP(fd,6), sizeof(acc.pincode)); + acc.pincode_change = ((unsigned int)time(NULL)); accounts->save(accounts, &acc); } RFIFOSKIP(fd,11); @@ -753,7 +750,7 @@ bool login_fromchar_parse_wrong_pincode(int fd) return true; } - login_log(host2ip(acc.last_ip), acc.userid, 100, "PIN Code check failed"); + login_log(host2ip(acc.last_ip), acc.userid, 100, "PIN Code check failed"); // FIXME: Do we really want to log this with the same code as successful logins? } login->remove_online_user(acc.account_id); @@ -1077,6 +1074,7 @@ int login_mmo_auth_new(const char* userid, const char* pass, const char sex, con //----------------------------------------------------- // Check/authentication of a connection //----------------------------------------------------- +// TODO: Map result values to an enum (or at least document them) int login_mmo_auth(struct login_session_data* sd, bool isServer) { struct mmo_account acc; size_t len; @@ -1113,7 +1111,7 @@ int login_mmo_auth(struct login_session_data* sd, bool isServer) { // Account creation with _M/_F if( login_config.new_account_flag ) { if (len > 2 && sd->passwd[0] != '\0' && // valid user and password lengths - sd->passwdenc == 0 && // unencoded password + sd->passwdenc == PWENC_NONE && // unencoded password sd->userid[len-2] == '_' && memchr("FfMm", sd->userid[len-1], 4)) // _M/_F suffix { int result; @@ -1392,7 +1390,7 @@ void login_auth_failed(struct login_session_data* sd, int result) default : error = "Unknown Error."; break; } - login_log(ip, sd->userid, result, error); + login_log(ip, sd->userid, result, error); // FIXME: result can be 100, conflicting with the value 100 we use for successful login... } if( result == 1 && login_config.dynamic_pass_failure_ban ) @@ -1502,7 +1500,7 @@ bool login_parse_client_login(int fd, struct login_session_data* sd, const char safestrncpy(sd->passwd, password, PASSWD_LEN); if( login_config.use_md5_passwds ) MD5_String(sd->passwd, sd->passwd); - sd->passwdenc = 0; + sd->passwdenc = PWENC_NONE; } else { @@ -1511,8 +1509,7 @@ bool login_parse_client_login(int fd, struct login_session_data* sd, const char sd->passwdenc = PASSWORDENC; } - if( sd->passwdenc != 0 && login_config.use_md5_passwds ) - { + if (sd->passwdenc != PWENC_NONE && login_config.use_md5_passwds) { login->auth_failed(sd, 3); // send "rejected from server" return true; } @@ -1566,7 +1563,7 @@ void login_parse_request_connection(int fd, struct login_session_data* sd, const safestrncpy(sd->passwd, (char*)RFIFOP(fd,26), NAME_LENGTH); if( login_config.use_md5_passwds ) MD5_String(sd->passwd, sd->passwd); - sd->passwdenc = 0; + sd->passwdenc = PWENC_NONE; sd->version = login_config.client_version_to_connect; // hack to skip version check server_ip = ntohl(RFIFOL(fd,54)); server_port = ntohs(RFIFOW(fd,58)); diff --git a/src/login/login.h b/src/login/login.h index 7254b5db2..22bae50e0 100644 --- a/src/login/login.h +++ b/src/login/login.h @@ -18,8 +18,15 @@ enum E_LOGINSERVER_ST LOGINSERVER_ST_LAST }; -// supported encryption types: 1- passwordencrypt, 2- passwordencrypt2, 3- both -#define PASSWORDENC 3 +enum password_enc { + PWENC_NONE = 0x0, ///< No encryption + PWENC_ENCRYPT = 0x1, ///< passwordencrypt + PWENC_ENCRYPT2 = 0x2, ///< passwordencrypt2 + PWENC_BOTH = PWENC_ENCRYPT|PWENC_ENCRYPT2, ///< both the above +}; + +#define PASSWORDENC PWENC_BOTH + #define PASSWD_LEN (32+1) // 23+1 for plaintext, 32+1 for md5-ed passwords struct login_session_data { @@ -53,9 +60,9 @@ struct mmo_char_server { int fd; uint32 ip; uint16 port; - uint16 users; // user count on this server - uint16 type; // 0=normal, 1=maintenance, 2=over 18, 3=paying, 4=P2P - uint16 new_; // should display as 'new'? + uint16 users; ///< user count on this server + uint16 type; ///< 0=normal, 1=maintenance, 2=over 18, 3=paying, 4=P2P (@see e_char_server_type in mmo.h) + uint16 new_; ///< should display as 'new'? }; struct client_hash_node { diff --git a/src/login/loginlog_sql.c b/src/login/loginlog_sql.c index 8ed6e395a..2c6f76e38 100644 --- a/src/login/loginlog_sql.c +++ b/src/login/loginlog_sql.c @@ -62,6 +62,7 @@ unsigned long loginlog_failedattempts(uint32 ip, unsigned int minutes) /*============================================= * Records an event in the login log *---------------------------------------------*/ +// TODO: add an enum of rcode values void login_log(uint32 ip, const char* username, int rcode, const char* message) { char esc_username[NAME_LENGTH*2+1]; |