Added password encryption client-side using SHA256.

author: Yohann Ferreira <bertram@cegetel.net> 2008-04-21 16:18:03 +0000
committer: Yohann Ferreira <bertram@cegetel.net> 2008-04-21 16:18:03 +0000
commit: ac1a456a90d06ba7765716643257ec33cc513f76 (patch)
tree: 5cc5a9ce24942bcac3d2fa4b45d8d92375313cc1 /src/net/accountserver/account.cpp
parent: 24681ad4312d804aa06c8ace7d1a9f2f9605a4eb (diff)
download: Mana-ac1a456a90d06ba7765716643257ec33cc513f76.tar.gz
Mana-ac1a456a90d06ba7765716643257ec33cc513f76.tar.bz2
Mana-ac1a456a90d06ba7765716643257ec33cc513f76.tar.xz
Mana-ac1a456a90d06ba7765716643257ec33cc513f76.zip
1 files changed, 17 insertions, 12 deletions
diff --git a/src/net/accountserver/account.cpp b/src/net/accountserver/account.cpp
index 9f3bfe5c..bb0214d3 100644
--- a/src/net/accountserver/account.cpp
+++ b/src/net/accountserver/account.cpp
@@ -23,6 +23,9 @@
 
 #include "account.h"
 
+#include <string>
+#include "../../utils/encryption.h"
+
 #include "internal.h"
 
 #include "../connection.h"
@@ -74,34 +77,36 @@ void Net::AccountServer::Account::unregister(const std::string &username,
     MessageOut msg(PAMSG_UNREGISTER);
 
     msg.writeString(username);
-    msg.writeString(password);
+    msg.writeString(Encryption::GetSHA2Hash(
+                    std::string (username + password)));
 
     Net::AccountServer::connection->send(msg);
 }
 
-void Net::AccountServer::Account::changeEmail(const std::string &email)
+void Net::AccountServer::Account::changeEmail(const std::string &username,
+                                                const std::string &email)
 {
     MessageOut msg(PAMSG_EMAIL_CHANGE);
 
+    // Email is sent clearly so the server can validate the data.
+    // Encryption is assumed server-side.
     msg.writeString(email);
 
     Net::AccountServer::connection->send(msg);
 }
 
-void Net::AccountServer::Account::getEmail()
-{
-    MessageOut msg(PAMSG_EMAIL_GET);
-
-    Net::AccountServer::connection->send(msg);
-}
-
 void Net::AccountServer::Account::changePassword(
-        const std::string &oldPassword, const std::string &newPassword)
+                            const std::string &username,
+                            const std::string &oldPassword,
+                            const std::string &newPassword)
 {
     MessageOut msg(PAMSG_PASSWORD_CHANGE);
 
-    msg.writeString(oldPassword);
-    msg.writeString(newPassword);
+    // Change password using SHA2 encryption
+    msg.writeString(Encryption::GetSHA2Hash(
+                    std::string (username + oldPassword)));
+    msg.writeString(Encryption::GetSHA2Hash(
+                    std::string (username + newPassword)));
 
     Net::AccountServer::connection->send(msg);
 }
author	Yohann Ferreira <bertram@cegetel.net>	2008-04-21 16:18:03 +0000
committer	Yohann Ferreira <bertram@cegetel.net>	2008-04-21 16:18:03 +0000
commit	ac1a456a90d06ba7765716643257ec33cc513f76 (patch)
tree	5cc5a9ce24942bcac3d2fa4b45d8d92375313cc1 /src/net/accountserver/account.cpp
parent	24681ad4312d804aa06c8ace7d1a9f2f9605a4eb (diff)
download	Mana-ac1a456a90d06ba7765716643257ec33cc513f76.tar.gz Mana-ac1a456a90d06ba7765716643257ec33cc513f76.tar.bz2 Mana-ac1a456a90d06ba7765716643257ec33cc513f76.tar.xz Mana-ac1a456a90d06ba7765716643257ec33cc513f76.zip