Fix regression from build work changes https://github.com/EQEmu/Server/issues/929

loginserver/encryption.cpp

@@ -1,4 +1,5 @@
 #include "encryption.h"
+
 #ifdef EQEMU_USE_OPENSSL
 #include <openssl/des.h>
 #include <openssl/sha.h>
@@ -10,13 +11,18 @@
 #include <mbedtls/sha1.h>
 #include <mbedtls/sha512.h>
 #endif
+
 #include <cstring>
 #include <string>
+
 #ifdef ENABLE_SECURITY
+
 #include <sodium.h>
+
 #endif
 
-std::string GetEncryptionByModeId(uint32 mode) {
+std::string GetEncryptionByModeId(uint32 mode)
+{
 	switch (mode) {
 		case EncryptionModeMD5:
 			return "MD5";
@@ -51,7 +57,8 @@ std::string GetEncryptionByModeId(uint32 mode) {
 	}
 }
 
-const char* eqcrypt_block(const char *buffer_in, size_t buffer_in_sz, char* buffer_out, bool enc) {
+const char *eqcrypt_block(const char *buffer_in, size_t buffer_in_sz, char *buffer_out, bool enc)
+{
 #ifdef EQEMU_USE_MBEDTLS
 	if (enc) {
 		if (buffer_in_sz % 8 != 0) {
@@ -118,7 +125,8 @@ const char* eqcrypt_block(const char *buffer_in, size_t buffer_in_sz, char* buff
 	return buffer_out;
 }
 
-std::string eqcrypt_md5(const std::string &msg) {
+std::string eqcrypt_md5(const std::string &msg)
+{
 	std::string ret;
 	ret.reserve(32);
 
@@ -151,7 +159,8 @@ std::string eqcrypt_md5(const std::string &msg) {
 	return ret;
 }
 
-std::string eqcrypt_sha1(const std::string &msg) {
+std::string eqcrypt_sha1(const std::string &msg)
+{
 	std::string ret;
 	ret.reserve(40);
 
@@ -184,7 +193,8 @@ std::string eqcrypt_sha1(const std::string &msg) {
 	return ret;
 }
 
-std::string eqcrypt_sha512(const std::string &msg) {
+std::string eqcrypt_sha512(const std::string &msg)
+{
 	std::string ret;
 	ret.reserve(128);
 
@@ -219,64 +229,91 @@ std::string eqcrypt_sha512(const std::string &msg) {
 
 #ifdef ENABLE_SECURITY
 
+/**
+ * @param msg
+ * @return
+ */
 std::string eqcrypt_argon2(const std::string &msg)
 {
+	char        buffer[crypto_pwhash_STRBYTES] = {0};
 	std::string ret;
-	ret.resize(crypto_pwhash_STRBYTES);
 
-	if (crypto_pwhash_str(&ret[0], &msg[0], msg.length(), crypto_pwhash_OPSLIMIT_SENSITIVE, crypto_pwhash_MEMLIMIT_SENSITIVE) != 0) {
+	if (crypto_pwhash_str(
+		&buffer[0],
+		&msg[0],
+		msg.length(),
+		crypto_pwhash_OPSLIMIT_INTERACTIVE,
+		crypto_pwhash_MEMLIMIT_INTERACTIVE
+	) != 0) {
 		return "";
 	}
 
+	ret = buffer;
 	return ret;
 }
 
+/**
+ * @param msg
+ * @return
+ */
 std::string eqcrypt_scrypt(const std::string &msg)
 {
+	char        buffer[crypto_pwhash_scryptsalsa208sha256_STRBYTES] = {0};
 	std::string ret;
-	ret.resize(crypto_pwhash_scryptsalsa208sha256_STRBYTES);
 
-	if (crypto_pwhash_scryptsalsa208sha256_str(&ret[0], &msg[0], msg.length(),
-		crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE, crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE) != 0) {
+	if (crypto_pwhash_scryptsalsa208sha256_str(
+		&buffer[0],
+		&msg[0],
+		msg.length(),
+		crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE,
+		crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE
+	) != 0) {
 		return "";
 	}
 
+	ret = buffer;
 	return ret;
 }
 
 #endif
 
-std::string eqcrypt_hash(const std::string &username, const std::string &password, int mode) {
-	switch (mode)
+/**
+ * @param username
+ * @param password
+ * @param mode
+ * @return
+ */
+std::string eqcrypt_hash(const std::string &username, const std::string &password, int mode)
 {
-	case 1:
+	switch (mode) {
+		case EncryptionModeMD5:
 			return eqcrypt_md5(password);
-	case 2:
+		case EncryptionModeMD5PassUser:
 			return eqcrypt_md5(password + ":" + username);
-	case 3:
+		case EncryptionModeMD5UserPass:
 			return eqcrypt_md5(username + ":" + password);
-	case 4:
+		case EncryptionModeMD5Triple:
 			return eqcrypt_md5(eqcrypt_md5(username) + eqcrypt_md5(password));
-	case 5:
+		case EncryptionModeSHA:
 			return eqcrypt_sha1(password);
-	case 6:
+		case EncryptionModeSHAPassUser:
 			return eqcrypt_sha1(password + ":" + username);
-	case 7:
+		case EncryptionModeSHAUserPass:
 			return eqcrypt_sha1(username + ":" + password);
-	case 8:
+		case EncryptionModeSHATriple:
 			return eqcrypt_sha1(eqcrypt_sha1(username) + eqcrypt_sha1(password));
-	case 9:
+		case EncryptionModeSHA512:
 			return eqcrypt_sha512(password);
-	case 10:
+		case EncryptionModeSHA512PassUser:
 			return eqcrypt_sha512(password + ":" + username);
-	case 11:
+		case EncryptionModeSHA512UserPass:
 			return eqcrypt_sha512(username + ":" + password);
-	case 12:
+		case EncryptionModeSHA512Triple:
 			return eqcrypt_sha512(eqcrypt_sha512(username) + eqcrypt_sha512(password));
 #ifdef ENABLE_SECURITY
-	case 13:
+		case EncryptionModeArgon2:
 			return eqcrypt_argon2(password);
-	case 14:
+		case EncryptionModeSCrypt:
 			return eqcrypt_scrypt(password);
 #endif
 			//todo bcrypt? pbkdf2?
@@ -286,17 +323,23 @@ std::string eqcrypt_hash(const std::string &username, const std::string &passwor
 	}
 }
 
-bool eqcrypt_verify_hash(const std::string &username, const std::string &password, const std::string &pwhash, int mode) {
-	switch (mode)
+/**
+ * @param username
+ * @param password
+ * @param pwhash
+ * @param mode
+ * @return
+ */
+bool eqcrypt_verify_hash(const std::string &username, const std::string &password, const std::string &pwhash, int mode)
 {
+	switch (mode) {
 #ifdef ENABLE_SECURITY
 		case 13:
 			return crypto_pwhash_str_verify(&pwhash[0], &password[0], password.length()) == 0;
 		case 14:
 			return crypto_pwhash_scryptsalsa208sha256_str_verify(&pwhash[0], &password[0], password.length()) == 0;
 #endif
-	default:
-	{
+		default: {
 			auto hash = eqcrypt_hash(username, password, mode);
 			return hash.compare(pwhash) == 0;
 		}

loginserver/login_util/login.json

@@ -1,39 +1,37 @@
 {
   "database": {
-    "host": "127.0.0.1", // database host
-    "port": "3306", // database port
-    "db": "peq", // database name
-    "user": "root", // database user
-    "password": "eqemu" // database password
+    "host": "127.0.0.1",
+    "port": "3306",
+    "db": "peq",
+    "user": "root",
+    "password": "eqemu"
   },
   "account": {
-    // ideal for local LAN setups, if you want a login attempt to automatically create an account
-    // this will automatically create the account using the username and password if it doesn't exist
     "auto_create_accounts": true
   },
   "worldservers": {
-    "unregistered_allowed": true, // allows worldservers to connect to your loginserver without server admin authentication
-    "reject_duplicate_servers": false // if enabled, rejects duplicate worldservers
+    "unregistered_allowed": true,
+    "reject_duplicate_servers": false
   },
   "web_api": {
-    "enabled": true, // enable/disable embedded webserver api
-    "port": 6000 // the port you want the web api to serve on (recommended not to change)
+    "enabled": true,
+    "port": 6000
   },
   "security": {
-    "mode": 14, // encryption mode (dont touch) (14=scrypt)
-    "allow_password_login": true, // allows users to login via password, most cases, leave this on
-    "allow_token_login": true // allows token based login directly from launching game
+    "mode": 14,
+    "allow_password_login": true,
+    "allow_token_login": true
   },
   "logging": {
-    "trace": false, // For debugging general packet messaging
-    "world_trace": false, // For debugging world to loginserver messaging
-    "dump_packets_in": false, // for debugging inbound packets
-    "dump_packets_out": false // for debugging outbound packets
+    "trace": false,
+    "world_trace": false,
+    "dump_packets_in": false,
+    "dump_packets_out": false
   },
   "client_configuration": {
-    "titanium_port": 5998, // don't change
-    "titanium_opcodes": "login_opcodes.conf", // opcodes for the titanium era clients
-    "sod_port": 5999, // don't change
-    "sod_opcodes": "login_opcodes_sod.conf" // opcodes for sod and higher era clients
+    "titanium_port": 5998,
+    "titanium_opcodes": "login_opcodes.conf",
+    "sod_port": 5999,
+    "sod_opcodes": "login_opcodes_sod.conf"
   }
 }