diff options
| -rw-r--r-- | Changelog-Trunk.txt | 4 | ||||
| -rw-r--r-- | src/common/md5calc.c | 48 | ||||
| -rw-r--r-- | src/common/md5calc.h | 2 | ||||
| -rw-r--r-- | src/common/strlib.c | 22 | ||||
| -rw-r--r-- | src/common/strlib.h | 4 | ||||
| -rw-r--r-- | src/ladmin/ladmin.c | 2 | ||||
| -rw-r--r-- | src/login/login.c | 12 |
7 files changed, 59 insertions, 35 deletions
diff --git a/Changelog-Trunk.txt b/Changelog-Trunk.txt index 84a8528af..ba258b6d4 100644 --- a/Changelog-Trunk.txt +++ b/Changelog-Trunk.txt @@ -3,6 +3,10 @@ Date Added AS OF SVN REV. 5091, WE ARE NOW USING TRUNK. ALL UNTESTED BUGFIXES/FEATURES GO INTO TRUNK. IF YOU HAVE A WORKING AND TESTED BUGFIX PUT IT INTO STABLE AS WELL AS TRUNK. +2008/08/09 + * Fixed login printing raw passwdenc passwords to console (bugreport:826) [ultramage] + - added strlib function bin2hex() + - cleaned up the md5calc interface a bit 2008/08/07 * Added another GM trust config for party invitations (bugreport:2004) [SketchyPhoenix] 2008/08/04 diff --git a/src/common/md5calc.c b/src/common/md5calc.c index 701a9db6c..d6a38b865 100644 --- a/src/common/md5calc.c +++ b/src/common/md5calc.c @@ -141,27 +141,22 @@ static void MD5_Round_Calculate(const unsigned char *block, memset(pX, 0, sizeof(X)); } -//------------------------------------------------------------------- -// The function for the exteriors - -/** output is the coded binary in the character sequence which wants to code string. */ -void MD5_String2binary(const char * string, char * output) +static void MD5_String2binary(const char * string, unsigned char * output) { //var /*8bit*/ unsigned char padding_message[64]; //Extended message 512bit 64byte - unsigned char *pstring; //The position of string in the present scanning notes is held. + unsigned char *pstring; //The position of string in the present scanning notes is held. -// unsigned char digest[16]; /*32bit*/ - unsigned int string_byte_len, //The byte chief of string is held. - string_bit_len, //The bit length of string is held. - copy_len, //The number of bytes which is used by 1-3 and which remained - msg_digest[4]; //Message digest 128bit 4byte + unsigned int string_byte_len, //The byte chief of string is held. + string_bit_len, //The bit length of string is held. + copy_len, //The number of bytes which is used by 1-3 and which remained + msg_digest[4]; //Message digest 128bit 4byte unsigned int *A = &msg_digest[0], //The message digest in accordance with RFC (reference) - *B = &msg_digest[1], - *C = &msg_digest[2], - *D = &msg_digest[3]; + *B = &msg_digest[1], + *C = &msg_digest[2], + *D = &msg_digest[3]; int i; //prog @@ -193,7 +188,6 @@ void MD5_String2binary(const char * string, char * output) memset(padding_message, 0, 56); //56 bytes is newly fill uped with 0. } - //Step 2.Append Length (the information on length is added) string_bit_len = string_byte_len * 8; //From the byte chief to bit length (32 bytes of low rank) memcpy(&padding_message[56], &string_bit_len, 4); //32 bytes of low rank is set. @@ -208,26 +202,26 @@ void MD5_String2binary(const char * string, char * output) //Step 4.Process Message in 16-Word Blocks (calculation of MD5) MD5_Round_Calculate(padding_message, A,B,C,D); - //Step 5.Output (output) memcpy(output,msg_digest,16); -// memcpy (digest, msg_digest, and 16); //8 byte*4 < - 32byte conversion A function called Encode as used in the field of RFC -/* sprintf(output, - "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - digest[ 0], digest[ 1], digest[ 2], digest[ 3], - digest[ 4], digest[ 5], digest[ 6], digest[ 7], - digest[ 8], digest[ 9], digest[10], digest[11], - digest[12], digest[13], digest[14], digest[15]);*/ +} + +//------------------------------------------------------------------- +// The function for the exteriors + +/** output is the coded binary in the character sequence which wants to code string. */ +void MD5_Binary(const char * string, unsigned char * output) +{ + MD5_String2binary(string,output); } /** output is the coded character sequence in the character sequence which wants to code string. */ void MD5_String(const char * string, char * output) { - unsigned char digest[16]; + unsigned char digest[16]; - MD5_String2binary(string,(char*)digest); - sprintf(output, - "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + MD5_String2binary(string,digest); + sprintf(output, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", digest[ 0], digest[ 1], digest[ 2], digest[ 3], digest[ 4], digest[ 5], digest[ 6], digest[ 7], digest[ 8], digest[ 9], digest[10], digest[11], diff --git a/src/common/md5calc.h b/src/common/md5calc.h index fc1c274f2..e35e64219 100644 --- a/src/common/md5calc.h +++ b/src/common/md5calc.h @@ -2,6 +2,6 @@ #define _MD5CALC_H_ void MD5_String(const char * string, char * output); -void MD5_String2binary(const char * string, char * output); +void MD5_Binary(const char * string, unsigned char * output); #endif /* _MD5CALC_H_ */ diff --git a/src/common/strlib.c b/src/common/strlib.c index 88de59cb9..93b69ab54 100644 --- a/src/common/strlib.c +++ b/src/common/strlib.c @@ -363,6 +363,28 @@ int strline(const char* str, size_t pos) return line; } +/// Produces the hexadecimal representation of the given input. +/// The output buffer must be at least count*2+1 in size. +/// Returns true on success, false on failure. +/// +/// @param output Output string +/// @param input Binary input buffer +/// @param count Number of bytes to convert +bool bin2hex(char* output, unsigned char* input, size_t count) +{ + char toHex[] = "0123456789abcdef"; + size_t i; + + for( i = 0; i < count; ++i ) + { + *output++ = toHex[(*input & 0xF0) >> 4]; + *output++ = toHex[(*input & 0x0F) >> 0]; + ++input; + } + *output = '\0'; + return true; +} + ///////////////////////////////////////////////////////////////////// diff --git a/src/common/strlib.h b/src/common/strlib.h index 074c7eae3..1ba26ca4c 100644 --- a/src/common/strlib.h +++ b/src/common/strlib.h @@ -46,6 +46,10 @@ int safesnprintf(char* buf, size_t sz, const char* fmt, ...); /// Lines start at 1. int strline(const char* str, size_t pos); +/// Produces the hexadecimal representation of the given input. +/// The output buffer must be at least count*2+1 in size. +/// Returns true on success, false on failure. +bool bin2hex(char* output, unsigned char* input, size_t count); /// Bitfield determining the behaviour of sv_parse and sv_split. diff --git a/src/ladmin/ladmin.c b/src/ladmin/ladmin.c index 56e08bde5..3f02a240a 100644 --- a/src/ladmin/ladmin.c +++ b/src/ladmin/ladmin.c @@ -2343,7 +2343,7 @@ int parse_fromlogin(int fd) strncpy(md5str, loginserveradminpassword, sizeof(loginserveradminpassword)); strcat(md5str, (const char*)RFIFOP(fd,4)); } - MD5_String2binary(md5str, md5bin); + MD5_Binary(md5str, md5bin); WFIFOW(login_fd,0) = 0x7918; // Request for administation login (encrypted password) WFIFOW(login_fd,2) = passenc; // Encrypted type memcpy(WFIFOP(login_fd,4), md5bin, 16); diff --git a/src/login/login.c b/src/login/login.c index 9bcc5ba79..d458a8b88 100644 --- a/src/login/login.c +++ b/src/login/login.c @@ -230,12 +230,12 @@ static int sync_ip_addresses(int tid, unsigned int tick, int id, intptr data) //----------------------------------------------------- bool check_encrypted(const char* str1, const char* str2, const char* passwd) { - char md5str[64], md5bin[32]; + char tmpstr[64+1], md5str[32+1]; - safesnprintf(md5str, sizeof(md5str), "%s%s", str1, str2); - MD5_String2binary(md5str, md5bin); + safesnprintf(tmpstr, sizeof(tmpstr), "%s%s", str1, str2); + MD5_String(tmpstr, md5str); - return (0==memcmp(passwd, md5bin, 16)); + return (0==strcmp(passwd, md5str)); } bool check_password(const char* md5key, int passwdenc, const char* passwd, const char* refpass) @@ -1316,8 +1316,8 @@ int parse_login(int fd) } else { - ShowStatus("Request for connection (encryption mode) of %s (ip: %s).\n", sd->userid, ip); - memcpy(sd->passwd, passwd, 16); sd->passwd[16] = '\0'; // raw binary data here! + ShowStatus("Request for connection (passwdenc mode) of %s (ip: %s).\n", sd->userid, ip); + bin2hex(sd->passwd, (unsigned char*)passwd, 16); // raw binary data here! sd->passwdenc = PASSWORDENC; } |