summaryrefslogtreecommitdiffstats
path: root/src/Client
diff options
context:
space:
mode:
authorMatthias Schiffer <matthias@gamezock.de>2009-08-24 04:47:54 +0200
committerMatthias Schiffer <matthias@gamezock.de>2009-08-24 04:47:54 +0200
commitc964aa2708ed2839ded3c35eed7338f3e81f568f (patch)
tree21f17452e648cd25c7cdf80d844b1a366767f14b /src/Client
parent84a5ceeb7db03d75425d72e8a23a0bb0f267bc01 (diff)
downloadmad-c964aa2708ed2839ded3c35eed7338f3e81f568f.tar
mad-c964aa2708ed2839ded3c35eed7338f3e81f568f.zip
Authentifikation: Übertrage Passwörter gehasht
Diffstat (limited to 'src/Client')
-rw-r--r--src/Client/Authenticators/PasswordAuthenticator.cpp48
-rw-r--r--src/Client/Authenticators/PasswordAuthenticator.h6
2 files changed, 50 insertions, 4 deletions
diff --git a/src/Client/Authenticators/PasswordAuthenticator.cpp b/src/Client/Authenticators/PasswordAuthenticator.cpp
index 3aa9f41..6690b22 100644
--- a/src/Client/Authenticators/PasswordAuthenticator.cpp
+++ b/src/Client/Authenticators/PasswordAuthenticator.cpp
@@ -19,7 +19,9 @@
#include "PasswordAuthenticator.h"
+#include <Common/Hash.h>
#include <Common/RequestManager.h>
+#include <Common/Requests/AuthMethodRequest.h>
namespace Mad {
namespace Client {
@@ -29,9 +31,14 @@ void PasswordAuthenticator::PasswordAuthRequest::sendRequest() {
Common::XmlPacket packet;
packet.setType("Authenticate");
packet.set("method", "Password");
+ packet.set("subMethod", hash);
packet.set("user", username);
- packet.set("data", std::vector<boost::uint8_t>(password.begin(), password.end()));
+
+ if(hash == "Clear")
+ packet.set("data", password);
+ else
+ packet.set("data", Common::Hash::hash(std::vector<boost::uint8_t>(password.begin(), password.end()), hash));
sendPacket(packet);
}
@@ -51,7 +58,44 @@ void PasswordAuthenticator::PasswordAuthRequest::handlePacket(boost::shared_ptr<
}
void PasswordAuthenticator::authenticate(Common::Application *application, Common::Connection *con, const std::string &username, const std::string &password) throw (Core::Exception) {
- boost::shared_ptr<PasswordAuthRequest> request(new PasswordAuthRequest(application, username, password));
+ std::string hash;
+
+ {
+ boost::shared_ptr<Common::Requests::AuthMethodRequest> request(new Common::Requests::AuthMethodRequest(application));
+
+ application->getRequestManager()->sendRequest(con, request);
+ request->wait();
+
+ std::pair<boost::shared_ptr<const Common::XmlPacket>, Core::Exception> result = request->getResult();
+
+ if(!result.first || result.second)
+ throw result.second;
+
+ const Common::XmlPacket::List *methods = result.first->getList("methods");
+
+ for(Common::XmlPacket::List::const_iterator method = methods->begin(); method != methods->end(); ++method) {
+ if(method->get<const std::string&>("name") != "Password")
+ continue;
+
+ const Common::XmlPacket::List *subMethods = method->getList("subMethods");
+
+ for(Common::XmlPacket::List::const_iterator subMethod = subMethods->begin(); subMethod != subMethods->end(); ++subMethod) {
+ if(Common::Hash::isHashSupported(subMethod->get<const std::string&>("name"))) {
+ hash = subMethod->get<const std::string&>("name");
+ break;
+ }
+ }
+
+ break;
+ }
+
+ if(hash.empty())
+ throw Core::Exception(Core::Exception::NOT_AVAILABLE);
+ }
+
+ application->logf(Core::LoggerBase::LOG_VERBOSE, "Authenticating with method 'Password' using hash '%s'...", hash.c_str());
+
+ boost::shared_ptr<PasswordAuthRequest> request(new PasswordAuthRequest(application, username, password, hash));
application->getRequestManager()->sendRequest(con, request);
request->wait();
diff --git a/src/Client/Authenticators/PasswordAuthenticator.h b/src/Client/Authenticators/PasswordAuthenticator.h
index 70c3cf1..8fdd87c 100644
--- a/src/Client/Authenticators/PasswordAuthenticator.h
+++ b/src/Client/Authenticators/PasswordAuthenticator.h
@@ -35,13 +35,15 @@ class MAD_CLIENT_EXPORT PasswordAuthenticator {
std::string username;
std::string password;
+ std::string hash;
+
protected:
virtual void sendRequest();
virtual void handlePacket(boost::shared_ptr<const Common::XmlPacket> packet);
public:
- PasswordAuthRequest(Common::Application *application, const std::string &username0, const std::string &password0)
- : Common::Request(application), username(username0), password(password0) {}
+ PasswordAuthRequest(Common::Application *application, const std::string &username0, const std::string &password0, const std::string &hash0)
+ : Common::Request(application), username(username0), password(password0), hash(hash0) {}
};
PasswordAuthenticator();