From c964aa2708ed2839ded3c35eed7338f3e81f568f Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Mon, 24 Aug 2009 04:47:54 +0200 Subject: =?UTF-8?q?Authentifikation:=20=C3=9Cbertrage=20Passw=C3=B6rter=20?= =?UTF-8?q?gehasht?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Authenticators/PasswordAuthenticator.cpp | 48 +++++++++++++++++++++- src/Client/Authenticators/PasswordAuthenticator.h | 6 ++- 2 files changed, 50 insertions(+), 4 deletions(-) (limited to 'src/Client/Authenticators') diff --git a/src/Client/Authenticators/PasswordAuthenticator.cpp b/src/Client/Authenticators/PasswordAuthenticator.cpp index 3aa9f41..6690b22 100644 --- a/src/Client/Authenticators/PasswordAuthenticator.cpp +++ b/src/Client/Authenticators/PasswordAuthenticator.cpp @@ -19,7 +19,9 @@ #include "PasswordAuthenticator.h" +#include #include +#include namespace Mad { namespace Client { @@ -29,9 +31,14 @@ void PasswordAuthenticator::PasswordAuthRequest::sendRequest() { Common::XmlPacket packet; packet.setType("Authenticate"); packet.set("method", "Password"); + packet.set("subMethod", hash); packet.set("user", username); - packet.set("data", std::vector(password.begin(), password.end())); + + if(hash == "Clear") + packet.set("data", password); + else + packet.set("data", Common::Hash::hash(std::vector(password.begin(), password.end()), hash)); sendPacket(packet); } @@ -51,7 +58,44 @@ void PasswordAuthenticator::PasswordAuthRequest::handlePacket(boost::shared_ptr< } void PasswordAuthenticator::authenticate(Common::Application *application, Common::Connection *con, const std::string &username, const std::string &password) throw (Core::Exception) { - boost::shared_ptr request(new PasswordAuthRequest(application, username, password)); + std::string hash; + + { + boost::shared_ptr request(new Common::Requests::AuthMethodRequest(application)); + + application->getRequestManager()->sendRequest(con, request); + request->wait(); + + std::pair, Core::Exception> result = request->getResult(); + + if(!result.first || result.second) + throw result.second; + + const Common::XmlPacket::List *methods = result.first->getList("methods"); + + for(Common::XmlPacket::List::const_iterator method = methods->begin(); method != methods->end(); ++method) { + if(method->get("name") != "Password") + continue; + + const Common::XmlPacket::List *subMethods = method->getList("subMethods"); + + for(Common::XmlPacket::List::const_iterator subMethod = subMethods->begin(); subMethod != subMethods->end(); ++subMethod) { + if(Common::Hash::isHashSupported(subMethod->get("name"))) { + hash = subMethod->get("name"); + break; + } + } + + break; + } + + if(hash.empty()) + throw Core::Exception(Core::Exception::NOT_AVAILABLE); + } + + application->logf(Core::LoggerBase::LOG_VERBOSE, "Authenticating with method 'Password' using hash '%s'...", hash.c_str()); + + boost::shared_ptr request(new PasswordAuthRequest(application, username, password, hash)); application->getRequestManager()->sendRequest(con, request); request->wait(); diff --git a/src/Client/Authenticators/PasswordAuthenticator.h b/src/Client/Authenticators/PasswordAuthenticator.h index 70c3cf1..8fdd87c 100644 --- a/src/Client/Authenticators/PasswordAuthenticator.h +++ b/src/Client/Authenticators/PasswordAuthenticator.h @@ -35,13 +35,15 @@ class MAD_CLIENT_EXPORT PasswordAuthenticator { std::string username; std::string password; + std::string hash; + protected: virtual void sendRequest(); virtual void handlePacket(boost::shared_ptr packet); public: - PasswordAuthRequest(Common::Application *application, const std::string &username0, const std::string &password0) - : Common::Request(application), username(username0), password(password0) {} + PasswordAuthRequest(Common::Application *application, const std::string &username0, const std::string &password0, const std::string &hash0) + : Common::Request(application), username(username0), password(password0), hash(hash0) {} }; PasswordAuthenticator(); -- cgit v1.2.3