Added a method of updating the passwords of an existing database

To be removed sometime soon.
author: Thorbjørn Lindeijer <thorbjorn@lindeijer.nl> 2009-12-06 23:07:18 +0100
committer: Thorbjørn Lindeijer <thorbjorn@lindeijer.nl> 2009-12-06 23:07:18 +0100
commit: a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2 (patch)
tree: 616301b8be71dbfcf77d8ce23ed1873478cae14d /src/account-server
parent: 61dba077fdb780eb481afe4b0921d3de04b62f59 (diff)
download: manaserv-a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2.tar.gz
manaserv-a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2.tar.bz2
manaserv-a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2.tar.xz
manaserv-a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2.zip
2 files changed, 51 insertions, 4 deletions
diff --git a/src/account-server/storage.cpp b/src/account-server/storage.cpp
index 60532b02..e40e19da 100644
--- a/src/account-server/storage.cpp
+++ b/src/account-server/storage.cpp
@@ -34,6 +34,7 @@
 #include "utils/functors.h"
 #include "utils/logger.h"
 #include "utils/xml.hpp"
+#include "utils/sha256.h"
 
 // TODO: make data/items.xml a constant or read it from config file
 static const char *DEFAULT_ITEM_FILE = "data/items.xml";
@@ -137,6 +138,13 @@ void Storage::open()
         std::ostringstream sql;
         sql << "DELETE FROM " << ONLINE_USERS_TBL_NAME;
         mDb->execSql(sql.str());
+
+        /* Uncomment this and run the account server once to update existing
+         * password hashes. Making backup of the database is recommended, since
+         * it doesn't check whether the passwords are already hashed, and the
+         * operation is not reversible!
+         */
+        //updatePasswordHashes();
     }
     catch (const DbConnectionFailure& e) {
         std::ostringstream errmsg;
@@ -155,6 +163,46 @@ void Storage::close()
 }
 
 /**
+ * Temporary function to hash all account passwords, for updating a database
+ * of accounts to the change to hashing passwords on both the server and the
+ * client.
+ */
+void Storage::updatePasswordHashes()
+{
+    using namespace dal;
+
+    std::ostringstream sql2;
+    sql2 << "SELECT id, password FROM " << ACCOUNTS_TBL_NAME;
+
+    const RecordSet &results = mDb->execSql(sql2.str());
+    if (!results.isEmpty()) {
+        std::vector<std::pair <unsigned, std::string > > hashed;
+
+        const unsigned nRows = results.rows();
+
+        for (unsigned row = 0; row < nRows; row++)
+        {
+            string_to< unsigned > toUint;
+            const int id = toUint(results(row, 0));
+            const std::string password = results(row, 1);
+            const std::string hashedPassword = sha256(password);
+
+            hashed.push_back(std::pair<unsigned, std::string >(id, hashedPassword));
+        }
+
+        for (unsigned i = 0; i < hashed.size(); ++i)
+        {
+            std::ostringstream setsql;
+            setsql << "UPDATE " << ACCOUNTS_TBL_NAME << " SET password = '"
+                    << hashed[i].second << "' WHERE id = '" << hashed[i].first << "'";
+            mDb->execSql(setsql.str());
+        }
+
+        std::cout << "Hashed the passwords of " << nRows << " accounts!" << std::endl;
+    }
+}
+
+/**
  * Gets an account from a prepared SQL statement
  *
  * @return the account found
@@ -1118,7 +1166,6 @@ void Storage::addGuild(Guild *guild)
     {
         mDb->bindValue(1, guild->getName());
     }
-    //mDb->execSql(insertSql.str());
     mDb->processSql();
 
     std::ostringstream selectSql;
@@ -1129,7 +1176,6 @@ void Storage::addGuild(Guild *guild)
     {
         mDb->bindValue(1, guild->getName());
     }
-    //const dal::RecordSet& guildInfo = mDb->execSql(selectSql.str());
     const dal::RecordSet& guildInfo = mDb->processSql();
 
     string_to<unsigned int> toUint;
@@ -1881,7 +1927,6 @@ void Storage::syncDatabase()
                         << "  VALUES ( " << id << ", ?, ?, '"
                         << image << "', " << weight << ", '"
                         << type << "', ?, '" << dye << "' )";
-                    //mDb->execSql(sql.str());
                     if (mDb->prepareSql(sql.str()))
                     {
                         mDb->bindValue(1, name);
diff --git a/src/account-server/storage.hpp b/src/account-server/storage.hpp
index 7c725ca2..c376e94f 100644
--- a/src/account-server/storage.hpp
+++ b/src/account-server/storage.hpp
@@ -49,6 +49,8 @@ class Storage
         void open();
         void close();
 
+        void updatePasswordHashes();
+
         Account *getAccount(const std::string &userName);
         Account *getAccount(int accountID);
 
@@ -110,7 +112,7 @@ class Storage
 
         void storeLetter(Letter *letter);
         Post *getStoredPost(int playerId);
-        void deletePost(Letter* letter);
+        void deletePost(Letter *letter);
 
         /**
          * Returns the version of the local item database.
author	Thorbjørn Lindeijer <thorbjorn@lindeijer.nl>	2009-12-06 23:07:18 +0100
committer	Thorbjørn Lindeijer <thorbjorn@lindeijer.nl>	2009-12-06 23:07:18 +0100
commit	a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2 (patch)
tree	616301b8be71dbfcf77d8ce23ed1873478cae14d /src/account-server
parent	61dba077fdb780eb481afe4b0921d3de04b62f59 (diff)
download	manaserv-a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2.tar.gz manaserv-a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2.tar.bz2 manaserv-a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2.tar.xz manaserv-a09d4aa14c6a7b4486080b4cfbe1c76c4fae6fd2.zip