From 025d7b6260177cc8e53f50421e2a5677c472d2f1 Mon Sep 17 00:00:00 2001 From: kaetemi Date: Tue, 7 Oct 2014 03:00:34 +0200 Subject: [PATCH] Fix crypt --HG-- branch : sha512-auth --- code/ryzom/common/src/game_share/crypt.cpp | 16 +++++++--------- code/ryzom/common/src/game_share/crypt.h | 2 +- .../ryzom/common/src/game_share/crypt_sha512.cpp | 4 +++- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/code/ryzom/common/src/game_share/crypt.cpp b/code/ryzom/common/src/game_share/crypt.cpp index 881b42f1e..9a46281f7 100644 --- a/code/ryzom/common/src/game_share/crypt.cpp +++ b/code/ryzom/common/src/game_share/crypt.cpp @@ -18,16 +18,15 @@ #include "crypt.h" -char * rz_crypt(register const char *key, register const char *setting); +char * rz_crypt(register const char *key, register const char *setting, char *buf); char *__crypt_sha512(const char *key, const char *setting, char *output); // Crypts password using salt std::string CCrypt::crypt(const std::string& password, const std::string& salt) { - std::string result = ::rz_crypt(password.c_str(), salt.c_str()); - - return result; + char buf[128]; + return ::rz_crypt(password.c_str(), salt.c_str(), buf); } @@ -506,7 +505,7 @@ static char cryptresult[1+4+4+11+1]; /* encrypted result */ * Return a pointer to static data consisting of the "setting" * followed by an encryption produced by the "key" and "setting". */ -char * rz_crypt(register const char *key, register const char *setting) { +char * rz_crypt(register const char *key, register const char *setting, char *buf) { register char *encp; register long i; register int t; @@ -521,10 +520,9 @@ char * rz_crypt(register const char *key, register const char *setting) { return buff; #endif - static char buf[128]; - if (key[0] == '$' && key[1] == '6') { - return __crypt_sha512(key, setting, buf); - } + if (setting[0] == '$' && setting[1] == '6') { + return __crypt_sha512(key, setting, buf); + } for (i = 0; i < 8; i++) { if ((t = 2*(unsigned char)(*key)) != 0) diff --git a/code/ryzom/common/src/game_share/crypt.h b/code/ryzom/common/src/game_share/crypt.h index ea479d74f..b9fa8556b 100644 --- a/code/ryzom/common/src/game_share/crypt.h +++ b/code/ryzom/common/src/game_share/crypt.h @@ -32,7 +32,7 @@ class CCrypt public: /// Crypts password using salt - static std::string crypt(const std::string& password, const std::string& salt); + static std::string crypt(const std::string& password, const std::string& salt); }; diff --git a/code/ryzom/common/src/game_share/crypt_sha512.cpp b/code/ryzom/common/src/game_share/crypt_sha512.cpp index f3ebc5997..4d151880d 100644 --- a/code/ryzom/common/src/game_share/crypt_sha512.cpp +++ b/code/ryzom/common/src/game_share/crypt_sha512.cpp @@ -365,9 +365,11 @@ char *__crypt_sha512(const char *key, const char *setting, char *output) char *p, *q; p = sha512crypt(key, setting, output); + /* self test and stack cleanup */ q = sha512crypt(testkey, testsetting, testbuf); - if (!p || q != testbuf || memcmp(testbuf, testhash, sizeof testhash)) + if (!p || q != testbuf || memcmp(testbuf, testhash, sizeof(testhash))) return "*"; + return p; }