Argon2ID improvements
This commit is contained in:
parent
8ed1e7879e
commit
6d65fae7e4
|
@ -1,21 +1,19 @@
|
|||
#include "stdafx.h"
|
||||
#include <sstream>
|
||||
#include <common/length.h>
|
||||
#include <argon2.h>
|
||||
|
||||
#include "db.h"
|
||||
|
||||
#include "config.h"
|
||||
#include "desc_client.h"
|
||||
#include "desc_manager.h"
|
||||
#include "char.h"
|
||||
#include "char_manager.h"
|
||||
#include "item.h"
|
||||
#include "item_manager.h"
|
||||
#include "p2p.h"
|
||||
#include "matrix_card.h"
|
||||
#include "log.h"
|
||||
#include "login_data.h"
|
||||
#include "locale_service.h"
|
||||
#include "spam.h"
|
||||
|
||||
extern std::string g_stBlockDate;
|
||||
|
@ -275,8 +273,8 @@ void DBManager::AnalyzeReturnQuery(SQLMsg * pMsg)
|
|||
|
||||
if (pMsg->Get()->uiNumRows == 0)
|
||||
{
|
||||
SPDLOG_DEBUG(" NOID");
|
||||
LoginFailure(d, "NOID");
|
||||
SPDLOG_DEBUG(" WRONGCRD");
|
||||
LoginFailure(d, "WRONGCRD");
|
||||
M2_DELETE(pinfo);
|
||||
}
|
||||
else
|
||||
|
@ -284,23 +282,13 @@ void DBManager::AnalyzeReturnQuery(SQLMsg * pMsg)
|
|||
MYSQL_ROW row = mysql_fetch_row(pMsg->Get()->pSQLResult);
|
||||
int col = 0;
|
||||
|
||||
// '%s', password, securitycode, social_id, id, status
|
||||
char szPlainPassword[128 + 1];
|
||||
// password, securitycode, social_id, id, status
|
||||
char szHashedPassword[128 + 1];
|
||||
char szMatrixCode[MATRIX_CODE_MAX_LEN + 1];
|
||||
char szSocialID[SOCIAL_ID_MAX_LEN + 1];
|
||||
char szStatus[ACCOUNT_STATUS_MAX_LEN + 1];
|
||||
DWORD dwID = 0;
|
||||
|
||||
if (!row[col])
|
||||
{
|
||||
SPDLOG_ERROR("error column {}", col);
|
||||
M2_DELETE(pinfo);
|
||||
break;
|
||||
}
|
||||
|
||||
strlcpy(szPlainPassword, row[col++], sizeof(szPlainPassword));
|
||||
|
||||
if (!row[col])
|
||||
{
|
||||
SPDLOG_ERROR("error column {}", col);
|
||||
|
@ -374,12 +362,12 @@ void DBManager::AnalyzeReturnQuery(SQLMsg * pMsg)
|
|||
SPDLOG_DEBUG("Create_Time {} {}", retValue, szCreateDate);
|
||||
SPDLOG_DEBUG("Block Time {} ", strncmp(szCreateDate, g_stBlockDate.c_str(), 8));
|
||||
|
||||
bool loginStatus = hash_secure_verify(szHashedPassword, szPlainPassword);
|
||||
bool loginStatus = argon2id_verify(szHashedPassword, pinfo->passwd, strlen(pinfo->passwd)) == ARGON2_OK;
|
||||
|
||||
if (!loginStatus)
|
||||
{
|
||||
LoginFailure(d, "WRONGPWD");
|
||||
SPDLOG_DEBUG(" WRONGPWD");
|
||||
LoginFailure(d, "WRONGCRD");
|
||||
SPDLOG_DEBUG(" WRONGCRD");
|
||||
M2_DELETE(pinfo);
|
||||
}
|
||||
else if (bNotAvail)
|
||||
|
|
|
@ -4,9 +4,6 @@
|
|||
#include "input.h"
|
||||
#include "desc_client.h"
|
||||
#include "desc_manager.h"
|
||||
#include "protocol.h"
|
||||
#include "matrix_card.h"
|
||||
#include "locale_service.h"
|
||||
#include "db.h"
|
||||
|
||||
extern time_t get_global_time();
|
||||
|
@ -33,13 +30,6 @@ bool FN_IS_VALID_LOGIN_STRING(const char *str)
|
|||
return true;
|
||||
}
|
||||
|
||||
bool Login_IsInChannelService(const char* c_login)
|
||||
{
|
||||
if (c_login[0] == '[')
|
||||
return true;
|
||||
return false;
|
||||
}
|
||||
|
||||
CInputAuth::CInputAuth()
|
||||
{
|
||||
}
|
||||
|
@ -70,7 +60,7 @@ void CInputAuth::Login(LPDESC d, const char * c_pData)
|
|||
{
|
||||
SPDLOG_DEBUG("InputAuth::Login : IS_NOT_VALID_LOGIN_STRING({}) desc {}",
|
||||
login, (void*) get_pointer(d));
|
||||
LoginFailure(d, "NOID");
|
||||
LoginFailure(d, "WRONGCRD");
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -100,14 +90,11 @@ void CInputAuth::Login(LPDESC d, const char * c_pData)
|
|||
TPacketCGLogin3 * p = M2_NEW TPacketCGLogin3;
|
||||
memcpy(p, pinfo, sizeof(TPacketCGLogin3));
|
||||
|
||||
char szPasswd[PASSWD_MAX_LEN * 2 + 1];
|
||||
DBManager::instance().EscapeString(szPasswd, sizeof(szPasswd), passwd, strlen(passwd));
|
||||
|
||||
char szLogin[LOGIN_MAX_LEN * 2 + 1];
|
||||
DBManager::instance().EscapeString(szLogin, sizeof(szLogin), login, strlen(login));
|
||||
|
||||
DBManager::instance().ReturnQuery(QID_AUTH_LOGIN, dwKey, p,
|
||||
"SELECT '%s',password,securitycode,social_id,id,status,availDt - NOW() > 0,"
|
||||
"SELECT password,securitycode,social_id,id,status,availDt - NOW() > 0,"
|
||||
"UNIX_TIMESTAMP(silver_expire),"
|
||||
"UNIX_TIMESTAMP(gold_expire),"
|
||||
"UNIX_TIMESTAMP(safebox_expire),"
|
||||
|
@ -117,7 +104,7 @@ void CInputAuth::Login(LPDESC d, const char * c_pData)
|
|||
"UNIX_TIMESTAMP(money_drop_rate_expire),"
|
||||
"UNIX_TIMESTAMP(create_time)"
|
||||
" FROM account WHERE login='%s'",
|
||||
szPasswd, szLogin);
|
||||
szLogin);
|
||||
}
|
||||
|
||||
int CInputAuth::Analyze(LPDESC d, BYTE bHeader, const char * c_pData)
|
||||
|
|
|
@ -26,11 +26,9 @@
|
|||
#include "building.h"
|
||||
#include "login_sim.h"
|
||||
#include "wedding.h"
|
||||
#include "login_data.h"
|
||||
#include "unique_item.h"
|
||||
|
||||
#include "monarch.h"
|
||||
#include "affect.h"
|
||||
#include "castle.h"
|
||||
#include "motion.h"
|
||||
|
||||
|
@ -1956,11 +1954,11 @@ int CInputDB::Analyze(LPDESC d, BYTE bHeader, const char * c_pData)
|
|||
break;
|
||||
|
||||
case HEADER_DG_LOGIN_NOT_EXIST:
|
||||
LoginFailure(DESC_MANAGER::instance().FindByHandle(m_dwHandle), "NOID");
|
||||
LoginFailure(DESC_MANAGER::instance().FindByHandle(m_dwHandle), "WRONGCRD");
|
||||
break;
|
||||
|
||||
case HEADER_DG_LOGIN_WRONG_PASSWD:
|
||||
LoginFailure(DESC_MANAGER::instance().FindByHandle(m_dwHandle), "WRONGPWD");
|
||||
LoginFailure(DESC_MANAGER::instance().FindByHandle(m_dwHandle), "WRONGCRD");
|
||||
break;
|
||||
|
||||
case HEADER_DG_LOGIN_ALREADY:
|
||||
|
|
|
@ -1,11 +1,5 @@
|
|||
#include <argon2.h>
|
||||
#include "stdafx.h"
|
||||
|
||||
bool hash_secure_verify(const char *hashed_pwd, const char *plain_pwd)
|
||||
{
|
||||
return argon2id_verify(hashed_pwd, plain_pwd, strlen(plain_pwd)) == ARGON2_OK;
|
||||
}
|
||||
|
||||
static int global_time_gap = 0;
|
||||
|
||||
time_t get_global_time()
|
||||
|
|
|
@ -9,8 +9,6 @@
|
|||
#define REMOVE_BIT(var, bit) ((var) &= ~(bit))
|
||||
#define TOGGLE_BIT(var, bit) ((var) = (var) ^ (bit))
|
||||
|
||||
bool hash_secure_verify(const char *, const char *);
|
||||
|
||||
inline float DISTANCE_SQRT(int dx, int dy)
|
||||
{
|
||||
return ::sqrt((float)dx * dx + (float)dy * dy);
|
||||
|
|
Loading…
Reference in New Issue