Browse Source

Merge pull request #448 from Deledrius/passwords

Store plClient password using platform-specific credential storage.
Adam Johnson 10 years ago
parent
commit
b37307a7b4
  1. 1
      Sources/Plasma/Apps/plClient/CMakeLists.txt
  2. 166
      Sources/Plasma/Apps/plClient/winmain.cpp
  3. 1
      Sources/Plasma/FeatureLib/CMakeLists.txt
  4. 43
      Sources/Plasma/FeatureLib/pfPasswordStore/CMakeLists.txt
  5. 144
      Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore.cpp
  6. 59
      Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore.h
  7. 91
      Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Mac.cpp
  8. 58
      Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Unix.cpp
  9. 103
      Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Win.cpp
  10. 97
      Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_impl.h
  11. 2
      Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp
  12. 2
      Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h

1
Sources/Plasma/Apps/plClient/CMakeLists.txt

@ -88,6 +88,7 @@ target_link_libraries(plClient pfJournalBook)
target_link_libraries(plClient pfLocalizationMgr) target_link_libraries(plClient pfLocalizationMgr)
target_link_libraries(plClient pfMessage) target_link_libraries(plClient pfMessage)
target_link_libraries(plClient pfMoviePlayer) target_link_libraries(plClient pfMoviePlayer)
target_link_libraries(plClient pfPasswordStore)
target_link_libraries(plClient pfPython) target_link_libraries(plClient pfPython)
target_link_libraries(plClient pfSurface) target_link_libraries(plClient pfSurface)
target_link_libraries(plClient plAgeDescription) target_link_libraries(plClient plAgeDescription)

166
Sources/Plasma/Apps/plClient/winmain.cpp

@ -60,7 +60,7 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com
#include "plResMgr/plResManager.h" #include "plResMgr/plResManager.h"
#include "plResMgr/plLocalization.h" #include "plResMgr/plLocalization.h"
#include "plFile/plEncryptedStream.h" #include "plFile/plEncryptedStream.h"
#include "pfPasswordStore/pfPasswordStore.h"
#include "pnEncryption/plChallengeHash.h" #include "pnEncryption/plChallengeHash.h"
#include "plStatusLog/plStatusLog.h" #include "plStatusLog/plStatusLog.h"
#include "plProduct.h" #include "plProduct.h"
@ -155,7 +155,6 @@ struct LoginDialogParam {
}; };
static bool AuthenticateNetClientComm(ENetError* result, HWND parentWnd); static bool AuthenticateNetClientComm(ENetError* result, HWND parentWnd);
static void GetCryptKey(uint32_t* cryptKey, unsigned size);
static void SaveUserPass (LoginDialogParam *pLoginParam, char *password); static void SaveUserPass (LoginDialogParam *pLoginParam, char *password);
static void LoadUserPass (LoginDialogParam *pLoginParam); static void LoadUserPass (LoginDialogParam *pLoginParam);
static void AuthFailedStrings (ENetError authError, static void AuthFailedStrings (ENetError authError,
@ -766,114 +765,90 @@ BOOL CALLBACK UruTOSDialogProc( HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM l
return FALSE; return FALSE;
} }
static void SaveUserPass (LoginDialogParam *pLoginParam, char *password) static void StoreHash(const plString& username, const plString& password, LoginDialogParam *pLoginParam)
{ {
uint32_t cryptKey[4]; // Hash username and password before sending over the 'net.
memset(cryptKey, 0, sizeof(cryptKey)); // -- Legacy compatibility: @gametap (and other usernames with domains in them) need
GetCryptKey(cryptKey, arrsize(cryptKey)); // to be hashed differently.
std::vector<plString> match = username.RESearch("[^@]+@([^.]+\\.)*([^.]+)\\.[^.]+");
plString theUser = pLoginParam->username;
plString thePass = plString(password).Left(kMaxPasswordLength);
// if the password field is the fake string then we've already
// loaded the namePassHash from the file
if (thePass.Compare(FAKE_PASS_STRING) != 0)
{
// Regex search for primary email domain
std::vector<plString> match = theUser.RESearch("[^@]+@([^.]+\\.)*([^.]+)\\.[^.]+");
if (match.empty() || match[2].CompareI("gametap") == 0) { if (match.empty() || match[2].CompareI("gametap") == 0) {
plSHA1Checksum shasum(StrLen(password) * sizeof(password[0]), (uint8_t*)password); // Plain Usernames...
plSHA1Checksum shasum(password.GetSize(), reinterpret_cast<const uint8_t*>(password.c_str()));
uint32_t* dest = reinterpret_cast<uint32_t*>(pLoginParam->namePassHash); uint32_t* dest = reinterpret_cast<uint32_t*>(pLoginParam->namePassHash);
const uint32_t* from = reinterpret_cast<const uint32_t*>(shasum.GetValue()); const uint32_t* from = reinterpret_cast<const uint32_t*>(shasum.GetValue());
// I blame eap for this ass shit
dest[0] = hsToBE32(from[0]); dest[0] = hsToBE32(from[0]);
dest[1] = hsToBE32(from[1]); dest[1] = hsToBE32(from[1]);
dest[2] = hsToBE32(from[2]); dest[2] = hsToBE32(from[2]);
dest[3] = hsToBE32(from[3]); dest[3] = hsToBE32(from[3]);
dest[4] = hsToBE32(from[4]); dest[4] = hsToBE32(from[4]);
} }
else else {
{ // Domain-based Usernames...
CryptHashPassword(theUser, thePass, pLoginParam->namePassHash); CryptHashPassword(username, password, pLoginParam->namePassHash);
}
} }
}
NetCommSetAccountUsernamePassword(theUser.ToWchar(), pLoginParam->namePassHash); static void SaveUserPass(LoginDialogParam *pLoginParam, char *password)
{
plString theUser = pLoginParam->username;
plString thePass = password;
// FIXME: Real OS detection HKEY hKey;
NetCommSetAuthTokenAndOS(nil, L"win"); RegCreateKeyEx(HKEY_CURRENT_USER, plFormat("Software\\Cyan, Inc.\\{}\\{}", plProduct::LongName(), GetServerDisplayName()).c_str(), 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hKey, NULL);
RegSetValueEx(hKey, "LastAccountName", NULL, REG_SZ, (LPBYTE) pLoginParam->username, kMaxAccountNameLength);
RegSetValueEx(hKey, "RememberPassword", NULL, REG_DWORD, (LPBYTE) &(pLoginParam->remember), sizeof(LPBYTE));
RegCloseKey(hKey);
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat"); // If the password field is the fake string
#ifndef PLASMA_EXTERNAL_RELEASE // then we've already loaded the hash.
// internal builds can use the local init directory if (thePass.Compare(FAKE_PASS_STRING) != 0)
plFileName local("init\\login.dat");
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFileWrite(loginDat, cryptKey);
if (stream)
{ {
stream->Write(sizeof(cryptKey), cryptKey); StoreHash(theUser, thePass, pLoginParam);
stream->WriteSafeString(pLoginParam->username);
stream->WriteBool(pLoginParam->remember); pfPasswordStore* store = pfPasswordStore::Instance();
if (pLoginParam->remember) if (pLoginParam->remember)
stream->Write(sizeof(pLoginParam->namePassHash), pLoginParam->namePassHash); store->SetPassword(pLoginParam->username, thePass);
stream->Close(); else
delete stream; store->SetPassword(pLoginParam->username, plString::Null);
} }
}
NetCommSetAccountUsernamePassword(theUser.ToWchar(), pLoginParam->namePassHash);
// FIXME: Real OS detection
NetCommSetAuthTokenAndOS(nil, L"win");
}
static void LoadUserPass (LoginDialogParam *pLoginParam) static void LoadUserPass(LoginDialogParam *pLoginParam)
{ {
uint32_t cryptKey[4]; HKEY hKey;
ZeroMemory(cryptKey, sizeof(cryptKey)); char accountName[kMaxAccountNameLength];
GetCryptKey(cryptKey, arrsize(cryptKey)); memset(accountName, 0, kMaxAccountNameLength);
uint32_t rememberAccount = 0;
DWORD acctLen = kMaxAccountNameLength, remLen = sizeof(rememberAccount);
RegOpenKeyEx(HKEY_CURRENT_USER, plFormat("Software\\Cyan, Inc.\\{}\\{}", plProduct::LongName(), GetServerDisplayName()).c_str(), 0, KEY_QUERY_VALUE, &hKey);
RegQueryValueEx(hKey, "LastAccountName", 0, NULL, (LPBYTE) &accountName, &acctLen);
RegQueryValueEx(hKey, "RememberPassword", 0, NULL, (LPBYTE) &rememberAccount, &remLen);
RegCloseKey(hKey);
plString temp;
pLoginParam->remember = false; pLoginParam->remember = false;
pLoginParam->username[0] = '\0'; pLoginParam->username[0] = '\0';
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat"); if (acctLen > 0)
#ifndef PLASMA_EXTERNAL_RELEASE strncpy(pLoginParam->username, accountName, kMaxAccountNameLength);
// internal builds can use the local init directory pLoginParam->remember = (rememberAccount != 0);
plFileName local("init\\login.dat"); if (pLoginParam->remember && pLoginParam->username[0] != '\0')
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFile(loginDat, cryptKey);
if (stream && !stream->AtEnd())
{
uint32_t savedKey[4];
stream->Read(sizeof(savedKey), savedKey);
if (memcmp(cryptKey, savedKey, sizeof(savedKey)) == 0)
{
temp = stream->ReadSafeString();
if (!temp.IsEmpty())
{
StrCopy(pLoginParam->username, temp.c_str(), kMaxAccountNameLength);
}
pLoginParam->remember = stream->ReadBool();
if (pLoginParam->remember)
{ {
stream->Read(sizeof(pLoginParam->namePassHash), pLoginParam->namePassHash); pfPasswordStore* store = pfPasswordStore::Instance();
plString password = store->GetPassword(pLoginParam->username);
if (!password.IsNull())
StoreHash(pLoginParam->username, password, pLoginParam);
pLoginParam->focus = IDOK; pLoginParam->focus = IDOK;
} }
else if (pLoginParam->username[0] == '\0')
pLoginParam->focus = IDC_URULOGIN_USERNAME;
else else
{
pLoginParam->focus = IDC_URULOGIN_PASSWORD; pLoginParam->focus = IDC_URULOGIN_PASSWORD;
}
}
stream->Close();
delete stream;
}
} }
static size_t CurlCallback(void *buffer, size_t size, size_t nmemb, void *param) static size_t CurlCallback(void *buffer, size_t size, size_t nmemb, void *param)
@ -1430,37 +1405,6 @@ int WINAPI WinMain(HINSTANCE hInst, HINSTANCE hPrevInst, LPSTR lpCmdLine, int nC
return PARABLE_NORMAL_EXIT; return PARABLE_NORMAL_EXIT;
} }
static void GetCryptKey(uint32_t* cryptKey, unsigned numElements)
{
char volName[] = "C:\\";
int index = 0;
DWORD logicalDrives = GetLogicalDrives();
for (int i = 0; i < 32; ++i)
{
if (logicalDrives & (1 << i))
{
volName[0] = ('C' + i);
DWORD volSerialNum = 0;
BOOL result = GetVolumeInformation(
volName, //LPCTSTR lpRootPathName,
NULL, //LPTSTR lpVolumeNameBuffer,
0, //DWORD nVolumeNameSize,
&volSerialNum, //LPDWORD lpVolumeSerialNumber,
NULL, //LPDWORD lpMaximumComponentLength,
NULL, //LPDWORD lpFileSystemFlags,
NULL, //LPTSTR lpFileSystemNameBuffer,
0 //DWORD nFileSystemNameSize
);
cryptKey[index] = (cryptKey[index] ^ volSerialNum);
index = (++index) % numElements;
}
}
}
/* Enable themes in Windows XP and later */ /* Enable themes in Windows XP and later */
#pragma comment(linker,"\"/manifestdependency:type='win32' \ #pragma comment(linker,"\"/manifestdependency:type='win32' \
name='Microsoft.Windows.Common-Controls' version='6.0.0.0' \ name='Microsoft.Windows.Common-Controls' version='6.0.0.0' \

1
Sources/Plasma/FeatureLib/CMakeLists.txt

@ -18,6 +18,7 @@ add_subdirectory(pfJournalBook)
add_subdirectory(pfLocalizationMgr) add_subdirectory(pfLocalizationMgr)
add_subdirectory(pfMessage) add_subdirectory(pfMessage)
add_subdirectory(pfMoviePlayer) add_subdirectory(pfMoviePlayer)
add_subdirectory(pfPasswordStore)
add_subdirectory(pfPatcher) add_subdirectory(pfPatcher)
add_subdirectory(pfPython) add_subdirectory(pfPython)
add_subdirectory(pfSurface) add_subdirectory(pfSurface)

43
Sources/Plasma/FeatureLib/pfPasswordStore/CMakeLists.txt

@ -0,0 +1,43 @@
include_directories("../../CoreLib")
include_directories("../../NucleusLib")
include_directories("../../NucleusLib/inc")
include_directories("../../PubUtilLib")
set(pfPasswordStore_HEADERS
pfPasswordStore.h
pfPasswordStore_impl.h
)
set(pfPasswordStore_SOURCES
pfPasswordStore.cpp
)
if(WIN32 AND NOT CYGWIN)
set(pfPasswordStore_SOURCES ${pfPasswordStore_SOURCES}
pfPasswordStore_Win.cpp
)
endif(WIN32 AND NOT CYGWIN)
if(UNIX)
set(pfPasswordStore_SOURCES ${pfPasswordStore_SOURCES}
pfPasswordStore_Unix.cpp
)
endif(UNIX)
if(APPLE)
set(pfPasswordStore_SOURCES ${pfPasswordStore_SOURCES}
pfPasswordStore_Mac.cpp
)
endif(APPLE)
add_library(pfPasswordStore STATIC ${pfPasswordStore_HEADERS} ${pfPasswordStore_SOURCES})
target_link_libraries(pfPasswordStore CoreLib plFile)
if(APPLE)
find_library(SECURITY_LIBRARY Security)
target_link_libraries(pfPasswordStore ${SECURITY_LIBRARY})
endif(APPLE)
source_group("Header Files" FILES ${pfPasswordStore_HEADERS})
source_group("Source Files" FILES ${pfPasswordStore_SOURCES})

144
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore.cpp

@ -0,0 +1,144 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "pfPasswordStore.h"
#include "pfPasswordStore_impl.h"
#include "plProduct.h"
#include "plFile/plEncryptedStream.h"
/* Get the pfPasswordStore instance */
pfPasswordStore* pfPasswordStore::Instance()
{
static pfPasswordStore* store = nullptr;
if (store == nullptr) {
#ifdef HS_BUILD_FOR_WIN32
store = new pfWin32PasswordStore();
#else
#ifdef HS_BUILD_FOR_OSX
store = new pfMacPasswordStore();
#else
store = new pfFilePasswordStore();
#endif
#endif
}
return store;
}
/*****************************************************************************
** pfFilePasswordStore **
*****************************************************************************/
pfFilePasswordStore::pfFilePasswordStore()
{
// TODO: Cross-platform CryptKey initialization
uint32_t* product = (uint32_t*)plProduct::UUID();
for (int i = 0; i < 4; i++) {
fCryptKey[i] = product[i];
}
}
const plString pfFilePasswordStore::GetPassword(const plString& username)
{
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat");
plString password = plString::Null;
#ifndef PLASMA_EXTERNAL_RELEASE
// internal builds can use the local init directory
plFileName local("init\\login.dat");
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFile(loginDat, fCryptKey);
if (stream && !stream->AtEnd())
{
uint32_t savedKey[4];
stream->Read(sizeof(savedKey), savedKey);
if (memcmp(fCryptKey, savedKey, sizeof(savedKey)) == 0 && !stream->AtEnd())
{
plString uname = stream->ReadSafeString();
if (username.CompareI(uname) == 0) {
password = stream->ReadSafeString();
}
}
stream->Close();
delete stream;
}
return password;
}
bool pfFilePasswordStore::SetPassword(const plString& username, const plString& password)
{
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat");
#ifndef PLASMA_EXTERNAL_RELEASE
// internal builds can use the local init directory
plFileName local("init\\login.dat");
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFileWrite(loginDat, fCryptKey);
if (stream)
{
stream->Write(sizeof(fCryptKey), fCryptKey);
stream->WriteSafeString(username);
stream->WriteSafeString(password);
stream->Close();
delete stream;
return true;
}
return false;
}

59
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore.h

@ -0,0 +1,59 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#ifndef pfPasswordStore_inc
#define pfPasswordStore_inc
#include "HeadSpin.h"
#include "plString.h"
class pfPasswordStore
{
public:
static pfPasswordStore* Instance();
virtual const plString GetPassword(const plString& username) = 0;
virtual bool SetPassword(const plString& username, const plString& password) = 0;
};
#endif //pfPasswordStore_inc

91
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Mac.cpp

@ -0,0 +1,91 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "pfPasswordStore.h"
#include "pfPasswordStore_impl.h"
#include "pnNetBase/pnNbSrvs.h"
#include <Security/Security.h>
/*****************************************************************************
** pfMacPasswordStore **
*****************************************************************************/
const plString pfMacPasswordStore::GetPassword(const plString& username)
{
plString service = GetServerDisplayName();
void* passwd = nullptr;
uint32_t passwd_len = 0;
if (SecKeychainFindGenericPassword(nullptr,
service.GetSize(),
service.c_str(),
username.GetSize(),
username.c_str(),
&passwd_len,
&passwd,
nullptr) != errSecSuccess)
{
return plString::Null;
}
plString ret(reinterpret_cast<const char*>(passwd), size_t(passwd_len));
SecKeychainItemFreeContent(nullptr, passwd);
return ret;
}
bool pfMacPasswordStore::SetPassword(const plString& username, const plString& password)
{
plString service = GetServerDisplayName();
return SecKeychainAddGenericPassword(nullptr,
service.GetSize(),
service.c_str(),
username.GetSize(),
username.c_str(),
password.GetSize(),
password.c_str(),
nullptr) == errSecSuccess;
}

58
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Unix.cpp

@ -0,0 +1,58 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "pfPasswordStore.h"
#include "pfPasswordStore_impl.h"
#include "plProduct.h"
/*****************************************************************************
** pfUnixPasswordStore **
*****************************************************************************/
const plString pfUnixPasswordStore::GetPassword(const plString& username)
{
}
bool pfUnixPasswordStore::SetPassword(const plString& username, const plString& password)
{
}

103
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Win.cpp

@ -0,0 +1,103 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "pfPasswordStore.h"
#include "pfPasswordStore_impl.h"
#include "plFormat.h"
#include "pnNetBase/pnNbSrvs.h"
#include "hsWindows.h"
#include <wincred.h>
/*****************************************************************************
** pfWin32PasswordStore **
*****************************************************************************/
const plString pfWin32PasswordStore::GetPassword(const plString& username)
{
PCREDENTIALW credential;
plString target = plFormat("{}__{}", GetServerDisplayName(), username);
plString password = plString::Null;
if (!CredReadW(target.ToWchar().GetData(), CRED_TYPE_GENERIC, 0, &credential)) {
return password;
}
password = plString::FromUtf8(reinterpret_cast<const char *>(credential->CredentialBlob), credential->CredentialBlobSize);
memset(credential->CredentialBlob, 0, credential->CredentialBlobSize);
CredFree(credential);
return password;
}
bool pfWin32PasswordStore::SetPassword(const plString& username, const plString& password)
{
CREDENTIALW credential;
plString target = plFormat("{}__{}", GetServerDisplayName(), username);
if (password.IsNull()) {
if (CredDeleteW(target.ToWchar().GetData(), CRED_TYPE_GENERIC, 0)) {
return true;
}
return false;
}
plStringBuffer<wchar_t> tbuff = target.ToWchar();
plStringBuffer<char> pbuff = password.ToUtf8();
plStringBuffer<wchar_t> ubuff = username.ToWchar();
memset(&credential, 0, sizeof(CREDENTIALW));
credential.Type = CRED_TYPE_GENERIC;
credential.TargetName = (LPWSTR)tbuff.GetData();
credential.CredentialBlobSize = pbuff.GetSize();
credential.CredentialBlob = (LPBYTE)pbuff.GetData();
credential.Persist = CRED_PERSIST_LOCAL_MACHINE;
credential.UserName = (LPWSTR)ubuff.GetData();
if (!CredWriteW(&credential, 0)) {
return false;
}
return true;
}

97
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_impl.h

@ -0,0 +1,97 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#ifndef pfPasswordStore_impl_inc
#define pfPasswordStore_impl_inc
#include "pfPasswordStore.h"
/**
* An encrypted file-based password storage mechanism.
*/
class pfFilePasswordStore : public pfPasswordStore
{
private:
uint32_t fCryptKey[4];
public:
pfFilePasswordStore();
virtual const plString GetPassword(const plString& username);
virtual bool SetPassword(const plString& username, const plString& password);
};
#ifdef HS_BUILD_FOR_WIN32
/**
* A Windows Credential Vault password storage mechanism.
*/
class pfWin32PasswordStore : public pfPasswordStore
{
public:
pfWin32PasswordStore() { }
virtual const plString GetPassword(const plString& username);
virtual bool SetPassword(const plString& username, const plString& password);
};
#endif //HS_BUILD_FOR_WIN32
/**
* @todo A Linux libsecret-based storage mechanism.
*/
#ifdef HS_BUILD_FOR_OSX
/**
* An OSX Keychain password storage mechanism.
*/
class pfMacPasswordStore : public pfPasswordStore
{
public:
pfMacPasswordStore() { }
virtual const plString GetPassword(const plString& username);
virtual bool SetPassword(const plString& username, const plString& password);
};
#endif //HS_BUILD_FOR_OSX
#endif //pfPasswordStore_impl_inc

2
Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp

@ -362,7 +362,7 @@ bool plSHAChecksum::operator==(const plSHAChecksum& rhs) const
//============================================================================ //============================================================================
plSHA1Checksum::plSHA1Checksum(size_t size, uint8_t* buffer) plSHA1Checksum::plSHA1Checksum(size_t size, const uint8_t* buffer)
{ {
fValid = false; fValid = false;
Start(); Start();

2
Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h

@ -153,7 +153,7 @@ class plSHA1Checksum
ShaDigest fChecksum; ShaDigest fChecksum;
public: public:
plSHA1Checksum(size_t size, uint8_t* buffer); plSHA1Checksum(size_t size, const uint8_t* buffer);
plSHA1Checksum(); plSHA1Checksum();
plSHA1Checksum(const plSHA1Checksum& rhs); plSHA1Checksum(const plSHA1Checksum& rhs);
plSHA1Checksum(const plFileName& fileName); plSHA1Checksum(const plFileName& fileName);

Loading…
Cancel
Save