From 717511a42864afba9dd50e89b898308d2fb176f6 Mon Sep 17 00:00:00 2001 From: Charles Dang Date: Mon, 26 Mar 2018 02:15:53 +1100 Subject: [PATCH] MP Login: removed Password Reminder functionality Resolves #2748. Essentially, all this did was tell users to go use the forum, so it wasn't worth it to keep it and solve the infinite loading screen issues it was causing. The server backend still needs to be cleaned up. Also removed a dead reference to some "Change Username" button in the Login dialog's code. (cherry-picked from commit ebec4d6ce8fd8e46ce1d8a4bb4f5d04fddd87c72) --- data/gui/window/mp_login.cfg | 14 ---- src/game_initialization/multiplayer.cpp | 84 ++++++++++-------------- src/gui/dialogs/multiplayer/mp_login.cpp | 13 ---- 3 files changed, 36 insertions(+), 75 deletions(-) diff --git a/data/gui/window/mp_login.cfg b/data/gui/window/mp_login.cfg index 89acc6e93b22..c0fb7c6b54f5 100644 --- a/data/gui/window/mp_login.cfg +++ b/data/gui/window/mp_login.cfg @@ -245,20 +245,6 @@ [/column] - [column] - border = "all" - border_size = 5 - horizontal_alignment = "right" - - [button] - definition = "default" - id = "password_reminder" - - label = _ "Password Reminder" - [/button] - - [/column] - [column] border = "all" border_size = 5 diff --git a/src/game_initialization/multiplayer.cpp b/src/game_initialization/multiplayer.cpp index 2fcbeb8fb2b4..5871d64935f0 100644 --- a/src/game_initialization/multiplayer.cpp +++ b/src/game_initialization/multiplayer.cpp @@ -183,8 +183,6 @@ std::pair open_connection(std::string host) // Enter login loop for(;;) { - std::string password_reminder = ""; - std::string login = preferences::login(); config response ; @@ -251,53 +249,49 @@ std::pair open_connection(std::string host) // or request a password reminder. // Otherwise or if the user pressed 'cancel' in the confirmation dialog // above go directly to the username/password dialog - if((is_pw_request || !password_reminder.empty()) && !fall_through) { - if(is_pw_request) { - if((*error)["phpbb_encryption"].to_bool()) { - // Apparently HTML key-characters are passed to the hashing functions of phpbb in this escaped form. - // I will do closer investigations on this, for now let's just hope these are all of them. - - // Note: we must obviously replace '&' first, I wasted some time before I figured that out... :) - for(std::string::size_type pos = 0; (pos = password.find('&', pos)) != std::string::npos; ++pos) - password.replace(pos, 1, "&"); - for(std::string::size_type pos = 0; (pos = password.find('\"', pos)) != std::string::npos; ++pos) - password.replace(pos, 1, """); - for(std::string::size_type pos = 0; (pos = password.find('<', pos)) != std::string::npos; ++pos) - password.replace(pos, 1, "<"); - for(std::string::size_type pos = 0; (pos = password.find('>', pos)) != std::string::npos; ++pos) - password.replace(pos, 1, ">"); - - const std::string salt = (*error)["salt"]; - - if(salt.length() < 12) { - throw wesnothd_error(_("Bad data received from server")); - } + if(is_pw_request && !fall_through) { + if((*error)["phpbb_encryption"].to_bool()) { + // Apparently HTML key-characters are passed to the hashing functions of phpbb in this escaped form. + // I will do closer investigations on this, for now let's just hope these are all of them. + + // Note: we must obviously replace '&' first, I wasted some time before I figured that out... :) + for(std::string::size_type pos = 0; (pos = password.find('&', pos)) != std::string::npos; ++pos) + password.replace(pos, 1, "&"); + for(std::string::size_type pos = 0; (pos = password.find('\"', pos)) != std::string::npos; ++pos) + password.replace(pos, 1, """); + for(std::string::size_type pos = 0; (pos = password.find('<', pos)) != std::string::npos; ++pos) + password.replace(pos, 1, "<"); + for(std::string::size_type pos = 0; (pos = password.find('>', pos)) != std::string::npos; ++pos) + password.replace(pos, 1, ">"); + + const std::string salt = (*error)["salt"]; + + if(salt.length() < 12) { + throw wesnothd_error(_("Bad data received from server")); + } - if(utils::md5::is_valid_prefix(salt)) { - sp["password"] = utils::md5(utils::md5(password, utils::md5::get_salt(salt), - utils::md5::get_iteration_count(salt)).base64_digest(), salt.substr(12, 8)).base64_digest(); - } else if(utils::bcrypt::is_valid_prefix(salt)) { - try { - auto bcrypt_salt = utils::bcrypt::from_salted_salt(salt); - auto hash = utils::bcrypt::hash_pw(password, bcrypt_salt); - std::string outer_salt = salt.substr(bcrypt_salt.iteration_count_delim_pos + 23); - if(outer_salt.size() != 32) - throw utils::hash_error("salt wrong size"); - sp["password"] = utils::md5(hash.base64_digest(), outer_salt).base64_digest(); - } catch(utils::hash_error& err) { - ERR_MP << "bcrypt hash failed: " << err.what() << std::endl; - throw wesnothd_error(_("Bad data received from server")); - } - } else { + if(utils::md5::is_valid_prefix(salt)) { + sp["password"] = utils::md5(utils::md5(password, utils::md5::get_salt(salt), + utils::md5::get_iteration_count(salt)).base64_digest(), salt.substr(12, 8)).base64_digest(); + } else if(utils::bcrypt::is_valid_prefix(salt)) { + try { + auto bcrypt_salt = utils::bcrypt::from_salted_salt(salt); + auto hash = utils::bcrypt::hash_pw(password, bcrypt_salt); + std::string outer_salt = salt.substr(bcrypt_salt.iteration_count_delim_pos + 23); + if(outer_salt.size() != 32) + throw utils::hash_error("salt wrong size"); + sp["password"] = utils::md5(hash.base64_digest(), outer_salt).base64_digest(); + } catch(utils::hash_error& err) { + ERR_MP << "bcrypt hash failed: " << err.what() << std::endl; throw wesnothd_error(_("Bad data received from server")); } } else { - sp["password"] = password; + throw wesnothd_error(_("Bad data received from server")); } + } else { + sp["password"] = password; } - sp["password_reminder"] = password_reminder; - // Once again send our request... sock->send_data(response); sock->wait_and_receive_data(data); @@ -310,8 +304,6 @@ std::pair open_connection(std::string host) if(!*error) break; } - password_reminder = ""; - // Providing a password either was not attempted because we did not // have any or failed: // Now show a dialog that displays the error and allows to @@ -363,10 +355,6 @@ std::pair open_connection(std::string host) //Log in with password case gui2::retval::OK: break; - //Request a password reminder - case 1: - password_reminder = "yes"; - break; // Cancel default: return std::make_pair(wesnothd_connection_ptr(), config()); diff --git a/src/gui/dialogs/multiplayer/mp_login.cpp b/src/gui/dialogs/multiplayer/mp_login.cpp index 3099300799e7..50bd5305f420 100644 --- a/src/gui/dialogs/multiplayer/mp_login.cpp +++ b/src/gui/dialogs/multiplayer/mp_login.cpp @@ -51,9 +51,6 @@ namespace dialogs * A toggle button to offer to remember the password in the * preferences. $ * - * password_reminder & & button & o & - * Request a password reminder. $ - * * change_username & & button & o & * Use a different username. $ * @@ -93,16 +90,6 @@ void mp_login::save_password(window& win) const void mp_login::pre_show(window& win) { - if(button* btn = find_widget