Browse Source

Changed password hashing to try SHA-1 first and if that doesn't work then try SHA-0. This should allow shard owners to chose either SHA-1 or SHA-0 for their password hash without interfering with other shards. And allow them to change their password hash without requiring everyone to reset their passwords.

This also allows for future expansion of new hash techniques to be added, of course the more hash techniques added the more delay at login for the lowest on the totem pole.
I have tested this against the MOULa shard that uses SHA-0 and it works, there is a slight flash of the "Connecting dialog" as it re-tries sending the login but if the user saves the password, there is no flash and no delay.
mdeforest/changed-password-hashing-to-try-sha1-fir-1492090943988
CyanWorlds 8 years ago
parent
commit
947a64c05f
  1. 69
      MOULOpenSourceClientPlugin/Plasma20/Sources/Plasma/Apps/plClient/winmain.cpp

69
MOULOpenSourceClientPlugin/Plasma20/Sources/Plasma/Apps/plClient/winmain.cpp

@ -206,7 +206,7 @@ bool GetDisksProperty(HANDLE hDevice, PSTORAGE_DEVICE_DESCRIPTOR pDevDesc);
void GetOldCryptKey(UInt32* cryptKey, unsigned size); void GetOldCryptKey(UInt32* cryptKey, unsigned size);
void GetCryptKey(UInt32* cryptKey, unsigned size); void GetCryptKey(UInt32* cryptKey, unsigned size);
static void SaveUserPass (char *username, char *password, ShaDigest *pNamePassHash, bool remember_password, static void SaveUserPass (char *username, char *password, ShaDigest *pNamePassHash, bool remember_password,
bool fromGT); int whichHash);
static void LoadUserPass (const wchar *accountName, char *username, ShaDigest *pNamePassHash, bool *pRemember, static void LoadUserPass (const wchar *accountName, char *username, ShaDigest *pNamePassHash, bool *pRemember,
bool fromGT, int *pFocus); bool fromGT, int *pFocus);
static void AuthFailedStrings (ENetError authError, bool fromGT, static void AuthFailedStrings (ENetError authError, bool fromGT,
@ -322,11 +322,25 @@ static bool TGRunLoginDialog (const wchar *accountName, bool fromGT)
if (Remember[0] == 'y') if (Remember[0] == 'y')
bRemember = true; bRemember = true;
SaveUserPass (Username, Password, &NamePassHash, bRemember, fromGT); // cycle through the hash types until we find one that matches or errors out
int whichHash = 1;
ENetError auth;
bool cancelled;
while (whichHash >= 0 )
{
SaveUserPass (Username, Password, &NamePassHash, bRemember, whichHash);
// Do login & see if it failed // Do login & see if it failed
ENetError auth; cancelled = AuthenticateNetClientComm(&auth, NULL);
bool cancelled = AuthenticateNetClientComm(&auth, NULL); // if the password was successful then go to the end processing
if (IS_NET_SUCCESS(auth) && !cancelled)
break;
// if it was cancelled or any error other than wrong password then go to end processing
if (cancelled || auth != kNetErrAuthenticationFailed)
break;
// otherwise try then next Hash type
whichHash--;
}
if (IS_NET_SUCCESS (auth) && !cancelled) if (IS_NET_SUCCESS (auth) && !cancelled)
break; break;
@ -1081,7 +1095,7 @@ BOOL CALLBACK UruTOSDialogProc( HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM l
} }
static void SaveUserPass (char *username, char *password, ShaDigest *pNamePassHash, bool remember_password, static void SaveUserPass (char *username, char *password, ShaDigest *pNamePassHash, bool remember_password,
bool fromGT) int whichHash)
{ {
UInt32 cryptKey[4]; UInt32 cryptKey[4];
ZeroMemory(cryptKey, sizeof(cryptKey)); ZeroMemory(cryptKey, sizeof(cryptKey));
@ -1097,7 +1111,30 @@ static void SaveUserPass (char *username, char *password, ShaDigest *pNamePassHa
if (StrCmp(password, FAKE_PASS_STRING) != 0) if (StrCmp(password, FAKE_PASS_STRING) != 0)
{ {
StrToUnicode(wpassword, password, arrsize(wpassword)); StrToUnicode(wpassword, password, arrsize(wpassword));
switch( whichHash )
{
case 1:
CryptDigest(
kCryptSha1,
pNamePassHash,
StrLen(password) * sizeof(password[0]),
password
);
if (IsMachineLittleEndian()) {
pNamePassHash->data[0] = ToBigEndian(pNamePassHash->data[0]);
pNamePassHash->data[1] = ToBigEndian(pNamePassHash->data[1]);
pNamePassHash->data[2] = ToBigEndian(pNamePassHash->data[2]);
pNamePassHash->data[3] = ToBigEndian(pNamePassHash->data[3]);
pNamePassHash->data[4] = ToBigEndian(pNamePassHash->data[4]);
}
break;
default:
CryptHashPassword(wusername, wpassword, pNamePassHash); CryptHashPassword(wusername, wpassword, pNamePassHash);
break;
}
} }
NetCommSetAccountUsernamePassword(wusername, *pNamePassHash); NetCommSetAccountUsernamePassword(wusername, *pNamePassHash);
@ -1106,7 +1143,6 @@ static void SaveUserPass (char *username, char *password, ShaDigest *pNamePassHa
else else
NetCommSetAuthTokenAndOS(nil, L"win"); NetCommSetAuthTokenAndOS(nil, L"win");
if (!fromGT) {
wchar fileAndPath[MAX_PATH]; wchar fileAndPath[MAX_PATH];
PathGetInitDirectory(fileAndPath, arrsize(fileAndPath)); PathGetInitDirectory(fileAndPath, arrsize(fileAndPath));
PathAddFilename(fileAndPath, fileAndPath, L"login.dat", arrsize(fileAndPath)); PathAddFilename(fileAndPath, fileAndPath, L"login.dat", arrsize(fileAndPath));
@ -1129,7 +1165,6 @@ static void SaveUserPass (char *username, char *password, ShaDigest *pNamePassHa
delete stream; delete stream;
} }
} }
}
static void LoadUserPass (const wchar *accountName, char *username, ShaDigest *pNamePassHash, bool *pRemember, static void LoadUserPass (const wchar *accountName, char *username, ShaDigest *pNamePassHash, bool *pRemember,
@ -1418,11 +1453,25 @@ BOOL CALLBACK UruLoginDialogProc( HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM
GetDlgItemText(hwndDlg, IDC_URULOGIN_PASSWORD, password, kMaxPasswordLength); GetDlgItemText(hwndDlg, IDC_URULOGIN_PASSWORD, password, kMaxPasswordLength);
remember_password = (IsDlgButtonChecked(hwndDlg, IDC_URULOGIN_REMEMBERPASS) == BST_CHECKED); remember_password = (IsDlgButtonChecked(hwndDlg, IDC_URULOGIN_REMEMBERPASS) == BST_CHECKED);
SaveUserPass (username, password, &namePassHash, remember_password, loginParam->fromGT); // cycle through the hash types until we find one that matches or errors out
int whichHash = 1;
LoginDialogParam loginParam; LoginDialogParam loginParam;
bool cancelled;
while (whichHash >= 0 )
{
SaveUserPass (username, password, &namePassHash, remember_password, whichHash);
MemSet(&loginParam, 0, sizeof(loginParam)); MemSet(&loginParam, 0, sizeof(loginParam));
bool cancelled = AuthenticateNetClientComm(&loginParam.authError, hwndDlg); cancelled = AuthenticateNetClientComm(&loginParam.authError, hwndDlg);
// if the password was successful then go to the end processing
if (IS_NET_SUCCESS(loginParam.authError) && !cancelled)
break;
// if it was cancelled or any error other than wrong password then go to end processing
if (cancelled || loginParam.authError != kNetErrAuthenticationFailed)
break;
// otherwise try then next Hash type
whichHash--;
}
if (IS_NET_SUCCESS(loginParam.authError) && !cancelled) if (IS_NET_SUCCESS(loginParam.authError) && !cancelled)
EndDialog(hwndDlg, ok); EndDialog(hwndDlg, ok);

Loading…
Cancel
Save