[Freeciv-Dev] Passwd auth with MD5 hash
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
Hi!
Advanced password auth patch for civserver. Enable password
authentication for clients, and passwords stored in MD5 hash.
See attachment.
--
Frank O'Yanco - Auth Gábor -=- Mobil/SMS +36203494743 /+36303687792
Age of The Penguin -=- SuSE Linux 7.1 -=- http://andromeda.rgstudio.hu diff -ruP freeciv-1.12.0/common/player.h freeciv-1.12.0-pl1/common/player.h
--- freeciv-1.12.0/common/player.h Wed Sep 6 23:41:16 2000
+++ freeciv-1.12.0-pl1/common/player.h Tue Aug 21 00:49:30 2001
@@ -129,6 +129,7 @@
struct player {
int player_no;
char name[MAX_LEN_NAME];
+ char passwd[36];
char username[MAX_LEN_NAME];
int is_male;
int government;
diff -ruP freeciv-1.12.0/server/savegame.c freeciv-1.12.0-pl1/server/savegame.c
--- freeciv-1.12.0/server/savegame.c Wed May 23 20:21:29 2001
+++ freeciv-1.12.0-pl1/server/savegame.c Sun Aug 19 13:29:18 2001
@@ -676,6 +676,7 @@
if (is_barbarian(plr)) game.nbarbarians++;
sz_strlcpy(plr->name, secfile_lookup_str(file, "player%d.name", plrno));
+ sz_strlcpy(plr->passwd, secfile_lookup_str(file, "player%d.passwd", plrno));
sz_strlcpy(plr->username,
secfile_lookup_str_default(file, "", "player%d.username", plrno));
plr->nation=secfile_lookup_int(file, "player%d.race", plrno);
@@ -1345,6 +1346,7 @@
char *pbuf=fc_malloc(map.xsize+1);
secfile_insert_str(file, plr->name, "player%d.name", plrno);
+ secfile_insert_str(file, plr->passwd, "player%d.passwd", plrno);
secfile_insert_str(file, plr->username, "player%d.username", plrno);
secfile_insert_int(file, plr->nation, "player%d.race", plrno);
secfile_insert_int(file, plr->government, "player%d.government", plrno);
diff -ruP freeciv-1.12.0/server/srv_main.c freeciv-1.12.0-pl1/server/srv_main.c
--- freeciv-1.12.0/server/srv_main.c Mon Aug 6 22:41:21 2001
+++ freeciv-1.12.0-pl1/server/srv_main.c Tue Aug 21 01:02:14 2001
@@ -20,6 +20,8 @@
#include <string.h>
#include <assert.h>
#include <time.h>
+#include <crypt.h>
+#include <pwd.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
@@ -1094,23 +1096,50 @@
void accept_new_player(char *name, struct connection *pconn)
{
struct player *pplayer = &game.players[game.nplayers];
-
+ char buf_name[MAX_LEN_NAME],buf_passwd[36];
+ char Salt[12];
+ int SaltCount;
+
+ Salt[0]='$';
+ Salt[1]='1';
+ Salt[2]='$';
+ Salt[12]='\0';
+
+ for ( SaltCount=3; SaltCount<11; SaltCount++ )
+ {
+ Salt[SaltCount]=random()%62;
+ if ( Salt[SaltCount]>35 )
+ {
+ Salt[SaltCount]+=61;
+ } else if ( Salt[SaltCount]>=10 )
+ {
+ Salt[SaltCount]+=55;
+ } else
+ {
+ Salt[SaltCount]+=48;
+ }
+ }
+
server_player_init(pplayer, 0);
/* sometimes needed if players connect/disconnect to avoid
* inheriting stale AI status etc
*/
-
- sz_strlcpy(pplayer->name, name);
- sz_strlcpy(pplayer->username, name);
+ sscanf(name, "%[^:]:%s",buf_name,buf_passwd);
+
+ sz_strlcpy(pplayer->name, buf_name );
+ sz_strlcpy(pplayer->passwd, crypt(buf_passwd,Salt) );
+ sz_strlcpy(pplayer->username, buf_name );
+//Debug printf("%s\n",pplayer->passwd);
+
if (pconn) {
associate_player_connection(pplayer, pconn);
join_game_accept(pconn, 0);
} else {
freelog(LOG_NORMAL, _("%s has been added as an AI-controlled player."),
- name);
+ buf_name);
notify_player(0, _("Game: %s has been added as an AI-controlled player."),
- name);
+ buf_name);
}
game.nplayers++;
@@ -1190,10 +1219,21 @@
char msg[MAX_LEN_MSG];
char orig_name[MAX_LEN_NAME];
const char *allow; /* pointer into game.allow_connect */
+ char buf_name[MAX_LEN_NAME],buf_passwd[36];
sz_strlcpy(orig_name, req->name);
remove_leading_trailing_spaces(req->name);
+ if ( sscanf(req->name,"%[^:]:%s",buf_name,buf_passwd)!=2 )
+ {
+ reject_new_player(_("Password authentication failure. You must use
password! Eg: username:password"), pconn);
+ freelog(LOG_NORMAL,_("%s was rejected: authentication failure, not found
password."),buf_name);
+ close_connection(pconn);
+ return;
+ }
+
+ strcpy(req->name,buf_name);
+
/* Name-sanity check: could add more checks? */
if (strlen(req->name)==0) {
my_snprintf(msg, sizeof(msg), _("Invalid name '%s'"), orig_name);
@@ -1263,8 +1303,16 @@
pconn->name);
close_connection(pconn);
return;
- }
- } else if(!pplayer->is_alive) {
+ }
+ } else if( strcmp( pplayer->passwd, crypt(buf_passwd, pplayer->passwd ) )
) {
+//Debug printf("%s,%s\n",pplayer->passwd, crypt(buf_passwd,
pplayer->passwd ));
+ reject_new_player(_("Sorry, password authentication failure."), pconn);
+ freelog(LOG_NORMAL,
+ _("%s was rejected: authentication failure."),
+ pconn->name);
+ close_connection(pconn);
+ return;
+ } else if(!pplayer->is_alive) {
if(!(allow = strchr(game.allow_connect, 'd'))) {
reject_new_player(_("Sorry, no observation of dead players "
"in this game."), pconn);
@@ -1375,8 +1423,9 @@
close_connection(pconn);
return;
}
-
- accept_new_player(req->name, pconn);
+
+ remove_leading_trailing_spaces(orig_name);
+ accept_new_player(orig_name, pconn);
}
/**************************************************************************
- [Freeciv-Dev] Passwd auth with MD5 hash,
Auth Gábor <=
|
|
