OpenPunk/OpenFusion
1
0
Fork 0
mirror of https://github.com/OpenFusionProject/OpenFusion.git synced 2025-11-08 20:30:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: OpenPunk:1.6
Branches Tags
OpenPunk:master OpenPunk:db OpenPunk:landlock OpenPunk:lua-more-better OpenPunk:refactor OpenPunk:win32-x86 OpenPunk:patchmap OpenPunk:lua
OpenPunk:2.0 OpenPunk:1.6 OpenPunk:1.5.2 OpenPunk:1.5.1 OpenPunk:1.5 OpenPunk:1.4 OpenPunk:1.3 OpenPunk:1.2.1 OpenPunk:1.2 OpenPunk:1.1 OpenPunk:1.0
..
compare: OpenPunk:31c6ff08293fdbe9c85e2ecc9be9e0e4f1e2237b
Branches Tags
OpenPunk:master OpenPunk:db OpenPunk:landlock OpenPunk:lua-more-better OpenPunk:refactor OpenPunk:win32-x86 OpenPunk:patchmap OpenPunk:lua
OpenPunk:2.0 OpenPunk:1.6 OpenPunk:1.5.2 OpenPunk:1.5.1 OpenPunk:1.5 OpenPunk:1.4 OpenPunk:1.3 OpenPunk:1.2.1 OpenPunk:1.2 OpenPunk:1.1 OpenPunk:1.0

7 Commits
1.6 ... 31c6ff0829

Author SHA1 Message Date
Gent Semaj
31c6ff0829 Merge a5a15a54ff into 52833f7fb3 2024-09-10 16:07:07 +00:00
Gent Semaj
a5a15a54ff Change setting to "allowed auth methods" 
This allows plaintext password auth to be disabled altogether
 2024-09-10 12:06:24 -04:00
Gent Semaj
8845138d63 Expiration timestamp instead of valid bit 2024-09-07 13:04:45 -04:00
Gent Semaj
810ccffd9e Fix bad size calculation due to pointer cast 2024-09-06 11:58:26 -04:00
Gent Semaj
3c5eefd9c2 Safe handling of TEGid/auth_id strings 2024-09-05 22:56:58 -04:00
Gent Semaj
c29899f2b9 Add config option for auth cookie support 2024-09-05 13:53:40 -04:00
Gent Semaj
a38b14b79a Auth cookie support 2024-09-05 13:53:39 -04:00
5 changed files with 8 additions and 9 deletions
Expand all files Collapse all files

2
src/db/Database.hpp
View File

@@ -53,7 +53,7 @@ namespace Database {
void updateAccountLevel(int accountId, int accountLevel);
// return true if cookie is valid for the account.
// return true iff cookie is valid for the account.
// invalidates the stored cookie afterwards
bool checkCookie(int accountId, const char *cookie);

5
src/db/login.cpp
View File

@@ -130,8 +130,7 @@ bool Database::checkCookie(int accountId, const char *tryCookie) {
return false;
}
/*
* since cookies are immediately invalidated, we don't need to be concerned about
/* since cookies are immediately invalidated, we don't need to be concerned about
* timing-related side channel attacks, so strcmp is fine here
*/
bool match = (strcmp(cookie, tryCookie) == 0);
@@ -142,7 +141,7 @@ bool Database::checkCookie(int accountId, const char *tryCookie) {
rc = sqlite3_step(stmt);
sqlite3_finalize(stmt);
if (rc != SQLITE_DONE)
std::cout << "[WARN] Database fail on checkCookie(): " << sqlite3_errmsg(db) << std::endl;
std::cout << "[WARN] Database fail on consumeCookie(): " << sqlite3_errmsg(db) << std::endl;
return match;
}

3
src/servers/CNLoginServer.cpp
View File

@@ -682,7 +682,8 @@ bool CNLoginServer::isCharacterNameGood(std::string Firstname, std::string Lastn
bool CNLoginServer::isLoginTypeAllowed(LoginType loginType) {
// the config file specifies "comma-separated" but tbh we don't care
switch (loginType) {
switch (loginType)
{
case LoginType::PASSWORD:
return settings::AUTHMETHODS.find("password") != std::string::npos;
case LoginType::COOKIE:

2
tdata

Submodule tdata updated: bdb611b092...8c98c83682

5
vendor/bcrypt/bcrypt.c vendored
View File

@@ -22,14 +22,13 @@
#endif
#include <errno.h>
#if defined(_WIN32) || defined(_WIN64)
// On windows we need to generate random bytes differently.
#if defined(_WIN32) && !defined(_WIN64)
typedef __int32 ssize_t;
#elif defined(_WIN32) && defined(_WIN64)
typedef __int64 ssize_t;
#endif
#if defined(_WIN32) || defined(_WIN64)
// On windows we need to generate random bytes differently.
#define BCRYPT_HASHSIZE 60
#include "bcrypt.h"