mirror of
https://github.com/EQEmu/Server.git
synced 2025-12-13 06:21:28 +00:00
Fix regression from build work changes https://github.com/EQEmu/Server/issues/929
This commit is contained in:
Akkadius
parent
40c835c576
commit
c90bed9f69
@ -1,4 +1,5 @@
|
|||||||
#include "encryption.h"
|
#include "encryption.h"
|
||||||
|
|
||||||
#ifdef EQEMU_USE_OPENSSL
|
#ifdef EQEMU_USE_OPENSSL
|
||||||
#include <openssl/des.h>
|
#include <openssl/des.h>
|
||||||
#include <openssl/sha.h>
|
#include <openssl/sha.h>
|
||||||
@ -10,48 +11,54 @@
|
|||||||
#include <mbedtls/sha1.h>
|
#include <mbedtls/sha1.h>
|
||||||
#include <mbedtls/sha512.h>
|
#include <mbedtls/sha512.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include <cstring>
|
#include <cstring>
|
||||||
#include <string>
|
#include <string>
|
||||||
|
|
||||||
#ifdef ENABLE_SECURITY
|
#ifdef ENABLE_SECURITY
|
||||||
|
|
||||||
#include <sodium.h>
|
#include <sodium.h>
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
std::string GetEncryptionByModeId(uint32 mode) {
|
std::string GetEncryptionByModeId(uint32 mode)
|
||||||
|
{
|
||||||
switch (mode) {
|
switch (mode) {
|
||||||
case EncryptionModeMD5:
|
case EncryptionModeMD5:
|
||||||
return "MD5";
|
return "MD5";
|
||||||
case EncryptionModeMD5PassUser:
|
case EncryptionModeMD5PassUser:
|
||||||
return "MD5PassUser";
|
return "MD5PassUser";
|
||||||
case EncryptionModeMD5UserPass:
|
case EncryptionModeMD5UserPass:
|
||||||
return "MD5UserPass";
|
return "MD5UserPass";
|
||||||
case EncryptionModeMD5Triple:
|
case EncryptionModeMD5Triple:
|
||||||
return "MD5Triple";
|
return "MD5Triple";
|
||||||
case EncryptionModeSHA:
|
case EncryptionModeSHA:
|
||||||
return "SHA";
|
return "SHA";
|
||||||
case EncryptionModeSHAPassUser:
|
case EncryptionModeSHAPassUser:
|
||||||
return "SHAPassUser";
|
return "SHAPassUser";
|
||||||
case EncryptionModeSHAUserPass:
|
case EncryptionModeSHAUserPass:
|
||||||
return "SHAUserPass";
|
return "SHAUserPass";
|
||||||
case EncryptionModeSHATriple:
|
case EncryptionModeSHATriple:
|
||||||
return "SHATriple";
|
return "SHATriple";
|
||||||
case EncryptionModeSHA512:
|
case EncryptionModeSHA512:
|
||||||
return "SHA512";
|
return "SHA512";
|
||||||
case EncryptionModeSHA512PassUser:
|
case EncryptionModeSHA512PassUser:
|
||||||
return "SHA512PassUser";
|
return "SHA512PassUser";
|
||||||
case EncryptionModeSHA512UserPass:
|
case EncryptionModeSHA512UserPass:
|
||||||
return "SHA512UserPass";
|
return "SHA512UserPass";
|
||||||
case EncryptionModeSHA512Triple:
|
case EncryptionModeSHA512Triple:
|
||||||
return "SHA512Triple";
|
return "SHA512Triple";
|
||||||
case EncryptionModeArgon2:
|
case EncryptionModeArgon2:
|
||||||
return "Argon2";
|
return "Argon2";
|
||||||
case EncryptionModeSCrypt:
|
case EncryptionModeSCrypt:
|
||||||
return "SCrypt";
|
return "SCrypt";
|
||||||
default:
|
default:
|
||||||
return "";
|
return "";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
const char* eqcrypt_block(const char *buffer_in, size_t buffer_in_sz, char* buffer_out, bool enc) {
|
const char *eqcrypt_block(const char *buffer_in, size_t buffer_in_sz, char *buffer_out, bool enc)
|
||||||
|
{
|
||||||
#ifdef EQEMU_USE_MBEDTLS
|
#ifdef EQEMU_USE_MBEDTLS
|
||||||
if (enc) {
|
if (enc) {
|
||||||
if (buffer_in_sz % 8 != 0) {
|
if (buffer_in_sz % 8 != 0) {
|
||||||
@ -118,10 +125,11 @@ const char* eqcrypt_block(const char *buffer_in, size_t buffer_in_sz, char* buff
|
|||||||
return buffer_out;
|
return buffer_out;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string eqcrypt_md5(const std::string &msg) {
|
std::string eqcrypt_md5(const std::string &msg)
|
||||||
|
{
|
||||||
std::string ret;
|
std::string ret;
|
||||||
ret.reserve(32);
|
ret.reserve(32);
|
||||||
|
|
||||||
#ifdef EQEMU_USE_MBEDTLS
|
#ifdef EQEMU_USE_MBEDTLS
|
||||||
unsigned char digest[16];
|
unsigned char digest[16];
|
||||||
char temp[4];
|
char temp[4];
|
||||||
@ -151,7 +159,8 @@ std::string eqcrypt_md5(const std::string &msg) {
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string eqcrypt_sha1(const std::string &msg) {
|
std::string eqcrypt_sha1(const std::string &msg)
|
||||||
|
{
|
||||||
std::string ret;
|
std::string ret;
|
||||||
ret.reserve(40);
|
ret.reserve(40);
|
||||||
|
|
||||||
@ -184,7 +193,8 @@ std::string eqcrypt_sha1(const std::string &msg) {
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string eqcrypt_sha512(const std::string &msg) {
|
std::string eqcrypt_sha512(const std::string &msg)
|
||||||
|
{
|
||||||
std::string ret;
|
std::string ret;
|
||||||
ret.reserve(128);
|
ret.reserve(128);
|
||||||
|
|
||||||
@ -219,87 +229,120 @@ std::string eqcrypt_sha512(const std::string &msg) {
|
|||||||
|
|
||||||
#ifdef ENABLE_SECURITY
|
#ifdef ENABLE_SECURITY
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param msg
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
std::string eqcrypt_argon2(const std::string &msg)
|
std::string eqcrypt_argon2(const std::string &msg)
|
||||||
{
|
{
|
||||||
|
char buffer[crypto_pwhash_STRBYTES] = {0};
|
||||||
std::string ret;
|
std::string ret;
|
||||||
ret.resize(crypto_pwhash_STRBYTES);
|
|
||||||
|
|
||||||
if (crypto_pwhash_str(&ret[0], &msg[0], msg.length(), crypto_pwhash_OPSLIMIT_SENSITIVE, crypto_pwhash_MEMLIMIT_SENSITIVE) != 0) {
|
if (crypto_pwhash_str(
|
||||||
|
&buffer[0],
|
||||||
|
&msg[0],
|
||||||
|
msg.length(),
|
||||||
|
crypto_pwhash_OPSLIMIT_INTERACTIVE,
|
||||||
|
crypto_pwhash_MEMLIMIT_INTERACTIVE
|
||||||
|
) != 0) {
|
||||||
return "";
|
return "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ret = buffer;
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param msg
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
std::string eqcrypt_scrypt(const std::string &msg)
|
std::string eqcrypt_scrypt(const std::string &msg)
|
||||||
{
|
{
|
||||||
|
char buffer[crypto_pwhash_scryptsalsa208sha256_STRBYTES] = {0};
|
||||||
std::string ret;
|
std::string ret;
|
||||||
ret.resize(crypto_pwhash_scryptsalsa208sha256_STRBYTES);
|
|
||||||
|
|
||||||
if (crypto_pwhash_scryptsalsa208sha256_str(&ret[0], &msg[0], msg.length(),
|
if (crypto_pwhash_scryptsalsa208sha256_str(
|
||||||
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE, crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE) != 0) {
|
&buffer[0],
|
||||||
|
&msg[0],
|
||||||
|
msg.length(),
|
||||||
|
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE,
|
||||||
|
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE
|
||||||
|
) != 0) {
|
||||||
return "";
|
return "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ret = buffer;
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
std::string eqcrypt_hash(const std::string &username, const std::string &password, int mode) {
|
/**
|
||||||
switch (mode)
|
* @param username
|
||||||
{
|
* @param password
|
||||||
case 1:
|
* @param mode
|
||||||
return eqcrypt_md5(password);
|
* @return
|
||||||
case 2:
|
*/
|
||||||
return eqcrypt_md5(password + ":" + username);
|
std::string eqcrypt_hash(const std::string &username, const std::string &password, int mode)
|
||||||
case 3:
|
{
|
||||||
return eqcrypt_md5(username + ":" + password);
|
switch (mode) {
|
||||||
case 4:
|
case EncryptionModeMD5:
|
||||||
return eqcrypt_md5(eqcrypt_md5(username) + eqcrypt_md5(password));
|
return eqcrypt_md5(password);
|
||||||
case 5:
|
case EncryptionModeMD5PassUser:
|
||||||
return eqcrypt_sha1(password);
|
return eqcrypt_md5(password + ":" + username);
|
||||||
case 6:
|
case EncryptionModeMD5UserPass:
|
||||||
return eqcrypt_sha1(password + ":" + username);
|
return eqcrypt_md5(username + ":" + password);
|
||||||
case 7:
|
case EncryptionModeMD5Triple:
|
||||||
return eqcrypt_sha1(username + ":" + password);
|
return eqcrypt_md5(eqcrypt_md5(username) + eqcrypt_md5(password));
|
||||||
case 8:
|
case EncryptionModeSHA:
|
||||||
return eqcrypt_sha1(eqcrypt_sha1(username) + eqcrypt_sha1(password));
|
return eqcrypt_sha1(password);
|
||||||
case 9:
|
case EncryptionModeSHAPassUser:
|
||||||
return eqcrypt_sha512(password);
|
return eqcrypt_sha1(password + ":" + username);
|
||||||
case 10:
|
case EncryptionModeSHAUserPass:
|
||||||
return eqcrypt_sha512(password + ":" + username);
|
return eqcrypt_sha1(username + ":" + password);
|
||||||
case 11:
|
case EncryptionModeSHATriple:
|
||||||
return eqcrypt_sha512(username + ":" + password);
|
return eqcrypt_sha1(eqcrypt_sha1(username) + eqcrypt_sha1(password));
|
||||||
case 12:
|
case EncryptionModeSHA512:
|
||||||
return eqcrypt_sha512(eqcrypt_sha512(username) + eqcrypt_sha512(password));
|
return eqcrypt_sha512(password);
|
||||||
|
case EncryptionModeSHA512PassUser:
|
||||||
|
return eqcrypt_sha512(password + ":" + username);
|
||||||
|
case EncryptionModeSHA512UserPass:
|
||||||
|
return eqcrypt_sha512(username + ":" + password);
|
||||||
|
case EncryptionModeSHA512Triple:
|
||||||
|
return eqcrypt_sha512(eqcrypt_sha512(username) + eqcrypt_sha512(password));
|
||||||
#ifdef ENABLE_SECURITY
|
#ifdef ENABLE_SECURITY
|
||||||
case 13:
|
case EncryptionModeArgon2:
|
||||||
return eqcrypt_argon2(password);
|
return eqcrypt_argon2(password);
|
||||||
case 14:
|
case EncryptionModeSCrypt:
|
||||||
return eqcrypt_scrypt(password);
|
return eqcrypt_scrypt(password);
|
||||||
#endif
|
#endif
|
||||||
//todo bcrypt? pbkdf2?
|
//todo bcrypt? pbkdf2?
|
||||||
default:
|
default:
|
||||||
return "";
|
return "";
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
bool eqcrypt_verify_hash(const std::string &username, const std::string &password, const std::string &pwhash, int mode) {
|
/**
|
||||||
switch (mode)
|
* @param username
|
||||||
{
|
* @param password
|
||||||
|
* @param pwhash
|
||||||
|
* @param mode
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
bool eqcrypt_verify_hash(const std::string &username, const std::string &password, const std::string &pwhash, int mode)
|
||||||
|
{
|
||||||
|
switch (mode) {
|
||||||
#ifdef ENABLE_SECURITY
|
#ifdef ENABLE_SECURITY
|
||||||
case 13:
|
case 13:
|
||||||
return crypto_pwhash_str_verify(&pwhash[0], &password[0], password.length()) == 0;
|
return crypto_pwhash_str_verify(&pwhash[0], &password[0], password.length()) == 0;
|
||||||
case 14:
|
case 14:
|
||||||
return crypto_pwhash_scryptsalsa208sha256_str_verify(&pwhash[0], &password[0], password.length()) == 0;
|
return crypto_pwhash_scryptsalsa208sha256_str_verify(&pwhash[0], &password[0], password.length()) == 0;
|
||||||
#endif
|
#endif
|
||||||
default:
|
default: {
|
||||||
{
|
auto hash = eqcrypt_hash(username, password, mode);
|
||||||
auto hash = eqcrypt_hash(username, password, mode);
|
return hash.compare(pwhash) == 0;
|
||||||
return hash.compare(pwhash) == 0;
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
|
|||||||
@ -1,39 +1,37 @@
|
|||||||
{
|
{
|
||||||
"database": {
|
"database": {
|
||||||
"host": "127.0.0.1", // database host
|
"host": "127.0.0.1",
|
||||||
"port": "3306", // database port
|
"port": "3306",
|
||||||
"db": "peq", // database name
|
"db": "peq",
|
||||||
"user": "root", // database user
|
"user": "root",
|
||||||
"password": "eqemu" // database password
|
"password": "eqemu"
|
||||||
},
|
},
|
||||||
"account": {
|
"account": {
|
||||||
// ideal for local LAN setups, if you want a login attempt to automatically create an account
|
|
||||||
// this will automatically create the account using the username and password if it doesn't exist
|
|
||||||
"auto_create_accounts": true
|
"auto_create_accounts": true
|
||||||
},
|
},
|
||||||
"worldservers": {
|
"worldservers": {
|
||||||
"unregistered_allowed": true, // allows worldservers to connect to your loginserver without server admin authentication
|
"unregistered_allowed": true,
|
||||||
"reject_duplicate_servers": false // if enabled, rejects duplicate worldservers
|
"reject_duplicate_servers": false
|
||||||
},
|
},
|
||||||
"web_api": {
|
"web_api": {
|
||||||
"enabled": true, // enable/disable embedded webserver api
|
"enabled": true,
|
||||||
"port": 6000 // the port you want the web api to serve on (recommended not to change)
|
"port": 6000
|
||||||
},
|
},
|
||||||
"security": {
|
"security": {
|
||||||
"mode": 14, // encryption mode (dont touch) (14=scrypt)
|
"mode": 14,
|
||||||
"allow_password_login": true, // allows users to login via password, most cases, leave this on
|
"allow_password_login": true,
|
||||||
"allow_token_login": true // allows token based login directly from launching game
|
"allow_token_login": true
|
||||||
},
|
},
|
||||||
"logging": {
|
"logging": {
|
||||||
"trace": false, // For debugging general packet messaging
|
"trace": false,
|
||||||
"world_trace": false, // For debugging world to loginserver messaging
|
"world_trace": false,
|
||||||
"dump_packets_in": false, // for debugging inbound packets
|
"dump_packets_in": false,
|
||||||
"dump_packets_out": false // for debugging outbound packets
|
"dump_packets_out": false
|
||||||
},
|
},
|
||||||
"client_configuration": {
|
"client_configuration": {
|
||||||
"titanium_port": 5998, // don't change
|
"titanium_port": 5998,
|
||||||
"titanium_opcodes": "login_opcodes.conf", // opcodes for the titanium era clients
|
"titanium_opcodes": "login_opcodes.conf",
|
||||||
"sod_port": 5999, // don't change
|
"sod_port": 5999,
|
||||||
"sod_opcodes": "login_opcodes_sod.conf" // opcodes for sod and higher era clients
|
"sod_opcodes": "login_opcodes_sod.conf"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user