OU/CWE-ou-minkata
1
0
Fork 0
mirror of https://foundry.openuru.org/gitblit/r/CWE-ou-minkata.git synced 2025-07-17 18:59:09 +00:00
Code Releases Activity

Merge pull request #448 from Deledrius/passwords

Browse Source 
Store plClient password using platform-specific credential storage.
This commit is contained in:
Adam Johnson
2015-01-02 22:26:35 -05:00
parent b4206e54c9 0ee8d02852
commit b37307a7b4
12 changed files with 661 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Sources/Plasma/Apps/plClient/CMakeLists.txt
View File

@ -88,6 +88,7 @@ target_link_libraries(plClient pfJournalBook)
target_link_libraries(plClient pfLocalizationMgr) target_link_libraries(plClient pfLocalizationMgr)
target_link_libraries(plClient pfMessage) target_link_libraries(plClient pfMessage)
target_link_libraries(plClient pfMoviePlayer) target_link_libraries(plClient pfMoviePlayer)
target_link_libraries(plClient pfPasswordStore)
target_link_libraries(plClient pfPython) target_link_libraries(plClient pfPython)
target_link_libraries(plClient pfSurface) target_link_libraries(plClient pfSurface)
target_link_libraries(plClient plAgeDescription) target_link_libraries(plClient plAgeDescription)

180
Sources/Plasma/Apps/plClient/winmain.cpp
View File

@ -60,7 +60,7 @@ You can contact Cyan Worlds, Inc. by email legal@cyan.com
#include "plResMgr/plResManager.h" #include "plResMgr/plResManager.h"
#include "plResMgr/plLocalization.h" #include "plResMgr/plLocalization.h"
#include "plFile/plEncryptedStream.h" #include "plFile/plEncryptedStream.h"
#include "pfPasswordStore/pfPasswordStore.h"
#include "pnEncryption/plChallengeHash.h" #include "pnEncryption/plChallengeHash.h"
#include "plStatusLog/plStatusLog.h" #include "plStatusLog/plStatusLog.h"
#include "plProduct.h" #include "plProduct.h"
@ -155,7 +155,6 @@ struct LoginDialogParam {
}; };
static bool AuthenticateNetClientComm(ENetError* result, HWND parentWnd); static bool AuthenticateNetClientComm(ENetError* result, HWND parentWnd);
static void GetCryptKey(uint32_t* cryptKey, unsigned size);
static void SaveUserPass (LoginDialogParam *pLoginParam, char *password); static void SaveUserPass (LoginDialogParam *pLoginParam, char *password);
static void LoadUserPass (LoginDialogParam *pLoginParam); static void LoadUserPass (LoginDialogParam *pLoginParam);
static void AuthFailedStrings (ENetError authError, static void AuthFailedStrings (ENetError authError,
@ -766,114 +765,90 @@ BOOL CALLBACK UruTOSDialogProc( HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM l
return FALSE; return FALSE;
} }
static void SaveUserPass (LoginDialogParam *pLoginParam, char *password) static void StoreHash(const plString& username, const plString& password, LoginDialogParam *pLoginParam)
{ {
uint32_t cryptKey[4]; // Hash username and password before sending over the 'net.
memset(cryptKey, 0, sizeof(cryptKey)); // -- Legacy compatibility: @gametap (and other usernames with domains in them) need
GetCryptKey(cryptKey, arrsize(cryptKey)); // to be hashed differently.
std::vector<plString> match = username.RESearch("[^@]+@([^.]+\\.)*([^.]+)\\.[^.]+");
if (match.empty() || match[2].CompareI("gametap") == 0) {
// Plain Usernames...
plSHA1Checksum shasum(password.GetSize(), reinterpret_cast<const uint8_t*>(password.c_str()));
uint32_t* dest = reinterpret_cast<uint32_t*>(pLoginParam->namePassHash);
const uint32_t* from = reinterpret_cast<const uint32_t*>(shasum.GetValue());
dest[0] = hsToBE32(from[0]);
dest[1] = hsToBE32(from[1]);
dest[2] = hsToBE32(from[2]);
dest[3] = hsToBE32(from[3]);
dest[4] = hsToBE32(from[4]);
}
else {
// Domain-based Usernames...
CryptHashPassword(username, password, pLoginParam->namePassHash);
}
}
static void SaveUserPass(LoginDialogParam *pLoginParam, char *password)
{
plString theUser = pLoginParam->username; plString theUser = pLoginParam->username;
plString thePass = plString(password).Left(kMaxPasswordLength); plString thePass = password;
// if the password field is the fake string then we've already HKEY hKey;
// loaded the namePassHash from the file RegCreateKeyEx(HKEY_CURRENT_USER, plFormat("Software\\Cyan, Inc.\\{}\\{}", plProduct::LongName(), GetServerDisplayName()).c_str(), 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hKey, NULL);
RegSetValueEx(hKey, "LastAccountName", NULL, REG_SZ, (LPBYTE) pLoginParam->username, kMaxAccountNameLength);
RegSetValueEx(hKey, "RememberPassword", NULL, REG_DWORD, (LPBYTE) &(pLoginParam->remember), sizeof(LPBYTE));
RegCloseKey(hKey);
// If the password field is the fake string
// then we've already loaded the hash.
if (thePass.Compare(FAKE_PASS_STRING) != 0) if (thePass.Compare(FAKE_PASS_STRING) != 0)
{ {
// Regex search for primary email domain StoreHash(theUser, thePass, pLoginParam);
std::vector<plString> match = theUser.RESearch("[^@]+@([^.]+\\.)*([^.]+)\\.[^.]+");
if (match.empty() || match[2].CompareI("gametap") == 0) { pfPasswordStore* store = pfPasswordStore::Instance();
plSHA1Checksum shasum(StrLen(password) * sizeof(password[0]), (uint8_t*)password); if (pLoginParam->remember)
uint32_t* dest = reinterpret_cast<uint32_t*>(pLoginParam->namePassHash); store->SetPassword(pLoginParam->username, thePass);
const uint32_t* from = reinterpret_cast<const uint32_t*>(shasum.GetValue());
// I blame eap for this ass shit
dest[0] = hsToBE32(from[0]);
dest[1] = hsToBE32(from[1]);
dest[2] = hsToBE32(from[2]);
dest[3] = hsToBE32(from[3]);
dest[4] = hsToBE32(from[4]);
}
else else
{ store->SetPassword(pLoginParam->username, plString::Null);
CryptHashPassword(theUser, thePass, pLoginParam->namePassHash);
}
} }
NetCommSetAccountUsernamePassword(theUser.ToWchar(), pLoginParam->namePassHash); NetCommSetAccountUsernamePassword(theUser.ToWchar(), pLoginParam->namePassHash);
// FIXME: Real OS detection // FIXME: Real OS detection
NetCommSetAuthTokenAndOS(nil, L"win"); NetCommSetAuthTokenAndOS(nil, L"win");
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat");
#ifndef PLASMA_EXTERNAL_RELEASE
// internal builds can use the local init directory
plFileName local("init\\login.dat");
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFileWrite(loginDat, cryptKey);
if (stream)
{
stream->Write(sizeof(cryptKey), cryptKey);
stream->WriteSafeString(pLoginParam->username);
stream->WriteBool(pLoginParam->remember);
if (pLoginParam->remember)
stream->Write(sizeof(pLoginParam->namePassHash), pLoginParam->namePassHash);
stream->Close();
delete stream;
}
} }
static void LoadUserPass(LoginDialogParam *pLoginParam)
static void LoadUserPass (LoginDialogParam *pLoginParam)
{ {
uint32_t cryptKey[4]; HKEY hKey;
ZeroMemory(cryptKey, sizeof(cryptKey)); char accountName[kMaxAccountNameLength];
GetCryptKey(cryptKey, arrsize(cryptKey)); memset(accountName, 0, kMaxAccountNameLength);
uint32_t rememberAccount = 0;
DWORD acctLen = kMaxAccountNameLength, remLen = sizeof(rememberAccount);
RegOpenKeyEx(HKEY_CURRENT_USER, plFormat("Software\\Cyan, Inc.\\{}\\{}", plProduct::LongName(), GetServerDisplayName()).c_str(), 0, KEY_QUERY_VALUE, &hKey);
RegQueryValueEx(hKey, "LastAccountName", 0, NULL, (LPBYTE) &accountName, &acctLen);
RegQueryValueEx(hKey, "RememberPassword", 0, NULL, (LPBYTE) &rememberAccount, &remLen);
RegCloseKey(hKey);
plString temp;
pLoginParam->remember = false; pLoginParam->remember = false;
pLoginParam->username[0] = '\0'; pLoginParam->username[0] = '\0';
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat"); if (acctLen > 0)
#ifndef PLASMA_EXTERNAL_RELEASE strncpy(pLoginParam->username, accountName, kMaxAccountNameLength);
// internal builds can use the local init directory pLoginParam->remember = (rememberAccount != 0);
plFileName local("init\\login.dat"); if (pLoginParam->remember && pLoginParam->username[0] != '\0')
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFile(loginDat, cryptKey);
if (stream && !stream->AtEnd())
{ {
uint32_t savedKey[4]; pfPasswordStore* store = pfPasswordStore::Instance();
stream->Read(sizeof(savedKey), savedKey); plString password = store->GetPassword(pLoginParam->username);
if (!password.IsNull())
if (memcmp(cryptKey, savedKey, sizeof(savedKey)) == 0) StoreHash(pLoginParam->username, password, pLoginParam);
{ pLoginParam->focus = IDOK;
temp = stream->ReadSafeString();
if (!temp.IsEmpty())
{
StrCopy(pLoginParam->username, temp.c_str(), kMaxAccountNameLength);
}
pLoginParam->remember = stream->ReadBool();
if (pLoginParam->remember)
{
stream->Read(sizeof(pLoginParam->namePassHash), pLoginParam->namePassHash);
pLoginParam->focus = IDOK;
}
else
{
pLoginParam->focus = IDC_URULOGIN_PASSWORD;
}
}
stream->Close();
delete stream;
} }
else if (pLoginParam->username[0] == '\0')
pLoginParam->focus = IDC_URULOGIN_USERNAME;
else
pLoginParam->focus = IDC_URULOGIN_PASSWORD;
} }
static size_t CurlCallback(void *buffer, size_t size, size_t nmemb, void *param) static size_t CurlCallback(void *buffer, size_t size, size_t nmemb, void *param)
@ -1430,37 +1405,6 @@ int WINAPI WinMain(HINSTANCE hInst, HINSTANCE hPrevInst, LPSTR lpCmdLine, int nC
return PARABLE_NORMAL_EXIT; return PARABLE_NORMAL_EXIT;
} }
static void GetCryptKey(uint32_t* cryptKey, unsigned numElements)
{
char volName[] = "C:\\";
int index = 0;
DWORD logicalDrives = GetLogicalDrives();
for (int i = 0; i < 32; ++i)
{
if (logicalDrives & (1 << i))
{
volName[0] = ('C' + i);
DWORD volSerialNum = 0;
BOOL result = GetVolumeInformation(
volName, //LPCTSTR lpRootPathName,
NULL, //LPTSTR lpVolumeNameBuffer,
0, //DWORD nVolumeNameSize,
&volSerialNum, //LPDWORD lpVolumeSerialNumber,
NULL, //LPDWORD lpMaximumComponentLength,
NULL, //LPDWORD lpFileSystemFlags,
NULL, //LPTSTR lpFileSystemNameBuffer,
0 //DWORD nFileSystemNameSize
);
cryptKey[index] = (cryptKey[index] ^ volSerialNum);
index = (++index) % numElements;
}
}
}
/* Enable themes in Windows XP and later */ /* Enable themes in Windows XP and later */
#pragma comment(linker,"\"/manifestdependency:type='win32' \ #pragma comment(linker,"\"/manifestdependency:type='win32' \
name='Microsoft.Windows.Common-Controls' version='6.0.0.0' \ name='Microsoft.Windows.Common-Controls' version='6.0.0.0' \

1
Sources/Plasma/FeatureLib/CMakeLists.txt
View File

@ -18,6 +18,7 @@ add_subdirectory(pfJournalBook)
add_subdirectory(pfLocalizationMgr) add_subdirectory(pfLocalizationMgr)
add_subdirectory(pfMessage) add_subdirectory(pfMessage)
add_subdirectory(pfMoviePlayer) add_subdirectory(pfMoviePlayer)
add_subdirectory(pfPasswordStore)
add_subdirectory(pfPatcher) add_subdirectory(pfPatcher)
add_subdirectory(pfPython) add_subdirectory(pfPython)
add_subdirectory(pfSurface) add_subdirectory(pfSurface)

43
Sources/Plasma/FeatureLib/pfPasswordStore/CMakeLists.txt Normal file
View File

@ -0,0 +1,43 @@
include_directories("../../CoreLib")
include_directories("../../NucleusLib")
include_directories("../../NucleusLib/inc")
include_directories("../../PubUtilLib")
set(pfPasswordStore_HEADERS
pfPasswordStore.h
pfPasswordStore_impl.h
)
set(pfPasswordStore_SOURCES
pfPasswordStore.cpp
)
if(WIN32 AND NOT CYGWIN)
set(pfPasswordStore_SOURCES ${pfPasswordStore_SOURCES}
pfPasswordStore_Win.cpp
)
endif(WIN32 AND NOT CYGWIN)
if(UNIX)
set(pfPasswordStore_SOURCES ${pfPasswordStore_SOURCES}
pfPasswordStore_Unix.cpp
)
endif(UNIX)
if(APPLE)
set(pfPasswordStore_SOURCES ${pfPasswordStore_SOURCES}
pfPasswordStore_Mac.cpp
)
endif(APPLE)
add_library(pfPasswordStore STATIC ${pfPasswordStore_HEADERS} ${pfPasswordStore_SOURCES})
target_link_libraries(pfPasswordStore CoreLib plFile)
if(APPLE)
find_library(SECURITY_LIBRARY Security)
target_link_libraries(pfPasswordStore ${SECURITY_LIBRARY})
endif(APPLE)
source_group("Header Files" FILES ${pfPasswordStore_HEADERS})
source_group("Source Files" FILES ${pfPasswordStore_SOURCES})

144
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore.cpp Normal file
View File

@ -0,0 +1,144 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "pfPasswordStore.h"
#include "pfPasswordStore_impl.h"
#include "plProduct.h"
#include "plFile/plEncryptedStream.h"
/* Get the pfPasswordStore instance */
pfPasswordStore* pfPasswordStore::Instance()
{
static pfPasswordStore* store = nullptr;
if (store == nullptr) {
#ifdef HS_BUILD_FOR_WIN32
store = new pfWin32PasswordStore();
#else
#ifdef HS_BUILD_FOR_OSX
store = new pfMacPasswordStore();
#else
store = new pfFilePasswordStore();
#endif
#endif
}
return store;
}
/*****************************************************************************
** pfFilePasswordStore **
*****************************************************************************/
pfFilePasswordStore::pfFilePasswordStore()
{
// TODO: Cross-platform CryptKey initialization
uint32_t* product = (uint32_t*)plProduct::UUID();
for (int i = 0; i < 4; i++) {
fCryptKey[i] = product[i];
}
}
const plString pfFilePasswordStore::GetPassword(const plString& username)
{
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat");
plString password = plString::Null;
#ifndef PLASMA_EXTERNAL_RELEASE
// internal builds can use the local init directory
plFileName local("init\\login.dat");
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFile(loginDat, fCryptKey);
if (stream && !stream->AtEnd())
{
uint32_t savedKey[4];
stream->Read(sizeof(savedKey), savedKey);
if (memcmp(fCryptKey, savedKey, sizeof(savedKey)) == 0 && !stream->AtEnd())
{
plString uname = stream->ReadSafeString();
if (username.CompareI(uname) == 0) {
password = stream->ReadSafeString();
}
}
stream->Close();
delete stream;
}
return password;
}
bool pfFilePasswordStore::SetPassword(const plString& username, const plString& password)
{
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat");
#ifndef PLASMA_EXTERNAL_RELEASE
// internal builds can use the local init directory
plFileName local("init\\login.dat");
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFileWrite(loginDat, fCryptKey);
if (stream)
{
stream->Write(sizeof(fCryptKey), fCryptKey);
stream->WriteSafeString(username);
stream->WriteSafeString(password);
stream->Close();
delete stream;
return true;
}
return false;
}

59
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore.h Normal file
View File

@ -0,0 +1,59 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#ifndef pfPasswordStore_inc
#define pfPasswordStore_inc
#include "HeadSpin.h"
#include "plString.h"
class pfPasswordStore
{
public:
static pfPasswordStore* Instance();
virtual const plString GetPassword(const plString& username) = 0;
virtual bool SetPassword(const plString& username, const plString& password) = 0;
};
#endif //pfPasswordStore_inc

91
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Mac.cpp Normal file
View File

@ -0,0 +1,91 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "pfPasswordStore.h"
#include "pfPasswordStore_impl.h"
#include "pnNetBase/pnNbSrvs.h"
#include <Security/Security.h>
/*****************************************************************************
** pfMacPasswordStore **
*****************************************************************************/
const plString pfMacPasswordStore::GetPassword(const plString& username)
{
plString service = GetServerDisplayName();
void* passwd = nullptr;
uint32_t passwd_len = 0;
if (SecKeychainFindGenericPassword(nullptr,
service.GetSize(),
service.c_str(),
username.GetSize(),
username.c_str(),
&passwd_len,
&passwd,
nullptr) != errSecSuccess)
{
return plString::Null;
}
plString ret(reinterpret_cast<const char*>(passwd), size_t(passwd_len));
SecKeychainItemFreeContent(nullptr, passwd);
return ret;
}
bool pfMacPasswordStore::SetPassword(const plString& username, const plString& password)
{
plString service = GetServerDisplayName();
return SecKeychainAddGenericPassword(nullptr,
service.GetSize(),
service.c_str(),
username.GetSize(),
username.c_str(),
password.GetSize(),
password.c_str(),
nullptr) == errSecSuccess;
}

58
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Unix.cpp Normal file
View File

@ -0,0 +1,58 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "pfPasswordStore.h"
#include "pfPasswordStore_impl.h"
#include "plProduct.h"
/*****************************************************************************
** pfUnixPasswordStore **
*****************************************************************************/
const plString pfUnixPasswordStore::GetPassword(const plString& username)
{
}
bool pfUnixPasswordStore::SetPassword(const plString& username, const plString& password)
{
}

103
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_Win.cpp Normal file
View File

@ -0,0 +1,103 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#include "pfPasswordStore.h"
#include "pfPasswordStore_impl.h"
#include "plFormat.h"
#include "pnNetBase/pnNbSrvs.h"
#include "hsWindows.h"
#include <wincred.h>
/*****************************************************************************
** pfWin32PasswordStore **
*****************************************************************************/
const plString pfWin32PasswordStore::GetPassword(const plString& username)
{
PCREDENTIALW credential;
plString target = plFormat("{}__{}", GetServerDisplayName(), username);
plString password = plString::Null;
if (!CredReadW(target.ToWchar().GetData(), CRED_TYPE_GENERIC, 0, &credential)) {
return password;
}
password = plString::FromUtf8(reinterpret_cast<const char *>(credential->CredentialBlob), credential->CredentialBlobSize);
memset(credential->CredentialBlob, 0, credential->CredentialBlobSize);
CredFree(credential);
return password;
}
bool pfWin32PasswordStore::SetPassword(const plString& username, const plString& password)
{
CREDENTIALW credential;
plString target = plFormat("{}__{}", GetServerDisplayName(), username);
if (password.IsNull()) {
if (CredDeleteW(target.ToWchar().GetData(), CRED_TYPE_GENERIC, 0)) {
return true;
}
return false;
}
plStringBuffer<wchar_t> tbuff = target.ToWchar();
plStringBuffer<char> pbuff = password.ToUtf8();
plStringBuffer<wchar_t> ubuff = username.ToWchar();
memset(&credential, 0, sizeof(CREDENTIALW));
credential.Type = CRED_TYPE_GENERIC;
credential.TargetName = (LPWSTR)tbuff.GetData();
credential.CredentialBlobSize = pbuff.GetSize();
credential.CredentialBlob = (LPBYTE)pbuff.GetData();
credential.Persist = CRED_PERSIST_LOCAL_MACHINE;
credential.UserName = (LPWSTR)ubuff.GetData();
if (!CredWriteW(&credential, 0)) {
return false;
}
return true;
}

97
Sources/Plasma/FeatureLib/pfPasswordStore/pfPasswordStore_impl.h Normal file
View File

@ -0,0 +1,97 @@
/*==LICENSE==*
CyanWorlds.com Engine - MMOG client, server and tools
Copyright (C) 2011 Cyan Worlds, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Additional permissions under GNU GPL version 3 section 7
If you modify this Program, or any covered work, by linking or
combining it with any of RAD Game Tools Bink SDK, Autodesk 3ds Max SDK,
NVIDIA PhysX SDK, Microsoft DirectX SDK, OpenSSL library, Independent
JPEG Group JPEG library, Microsoft Windows Media SDK, or Apple QuickTime SDK
(or a modified version of those libraries),
containing parts covered by the terms of the Bink SDK EULA, 3ds Max EULA,
PhysX SDK EULA, DirectX SDK EULA, OpenSSL and SSLeay licenses, IJG
JPEG Library README, Windows Media SDK EULA, or QuickTime SDK EULA, the
licensors of this Program grant you additional
permission to convey the resulting work. Corresponding Source for a
non-source form of such a combination shall include the source code for
the parts of OpenSSL and IJG JPEG Library used as well as that of the covered
work.
You can contact Cyan Worlds, Inc. by email legal@cyan.com
or by snail mail at:
Cyan Worlds, Inc.
14617 N Newport Hwy
Mead, WA 99021
*==LICENSE==*/
#ifndef pfPasswordStore_impl_inc
#define pfPasswordStore_impl_inc
#include "pfPasswordStore.h"
/**
* An encrypted file-based password storage mechanism.
*/
class pfFilePasswordStore : public pfPasswordStore
{
private:
uint32_t fCryptKey[4];
public:
pfFilePasswordStore();
virtual const plString GetPassword(const plString& username);
virtual bool SetPassword(const plString& username, const plString& password);
};
#ifdef HS_BUILD_FOR_WIN32
/**
* A Windows Credential Vault password storage mechanism.
*/
class pfWin32PasswordStore : public pfPasswordStore
{
public:
pfWin32PasswordStore() { }
virtual const plString GetPassword(const plString& username);
virtual bool SetPassword(const plString& username, const plString& password);
};
#endif //HS_BUILD_FOR_WIN32
/**
* @todo A Linux libsecret-based storage mechanism.
*/
#ifdef HS_BUILD_FOR_OSX
/**
* An OSX Keychain password storage mechanism.
*/
class pfMacPasswordStore : public pfPasswordStore
{
public:
pfMacPasswordStore() { }
virtual const plString GetPassword(const plString& username);
virtual bool SetPassword(const plString& username, const plString& password);
};
#endif //HS_BUILD_FOR_OSX
#endif //pfPasswordStore_impl_inc

2
Sources/Plasma/NucleusLib/pnEncryption/plChecksum.cpp
View File

@ -362,7 +362,7 @@ bool plSHAChecksum::operator==(const plSHAChecksum& rhs) const
//============================================================================ //============================================================================
plSHA1Checksum::plSHA1Checksum(size_t size, uint8_t* buffer) plSHA1Checksum::plSHA1Checksum(size_t size, const uint8_t* buffer)
{ {
fValid = false; fValid = false;
Start(); Start();

2
Sources/Plasma/NucleusLib/pnEncryption/plChecksum.h
View File

@ -153,7 +153,7 @@ class plSHA1Checksum
ShaDigest fChecksum; ShaDigest fChecksum;
public: public:
plSHA1Checksum(size_t size, uint8_t* buffer); plSHA1Checksum(size_t size, const uint8_t* buffer);
plSHA1Checksum(); plSHA1Checksum();
plSHA1Checksum(const plSHA1Checksum& rhs); plSHA1Checksum(const plSHA1Checksum& rhs);
plSHA1Checksum(const plFileName& fileName); plSHA1Checksum(const plFileName& fileName);