/*
*Set user password
*/
void set_pass(packet *pkt, int fd) {
int i = 0;
char *args[16];
char cpy[BUFFERSIZE];
char *tmp = cpy;
unsigned char *curr_pass_hash = (unsigned char *)malloc(SHA256_DIGEST);
strcpy(tmp, pkt->buf);
args[i] = strsep(&tmp, " \t");
while ((i < sizeof(args) - 1) && (args[i] != '\0')) {
args[++i] = strsep(&tmp, " \t");
}
if (i > 3) {
if (!validPassword(args[2], args[3], fd)) {
free(curr_pass_hash);
return;
}
User *user = get_user(®istered_users_list, pkt->username, registered_users_mutex);
if (user != NULL) {
// Hash for pw compare
SHA256_CTX sha256;
SHA256_Init(&sha256);
SHA256_Update(&sha256, args[1], strlen(args[1]));
SHA256_Final(curr_pass_hash, &sha256);
if (comparePasswords(user->password, curr_pass_hash, 32) == 0) {
memset(user->password, 0, 32);
// Hash new password
SHA256_CTX sha256;
SHA256_Init(&sha256);
SHA256_Update(&sha256, args[2], strlen(args[2]));
SHA256_Final(user->password, &sha256);
//pthread_mutex_lock(®istered_users_mutex);
writeUserFile(®istered_users_list, USERS_FILE, registered_users_mutex);
//pthread_mutex_unlock(®istered_users_mutex);
pkt->options = PASSSUC;
}
else {
pkt->options = SERV_ERR;
strcpy(pkt->buf, "Password change failed, password mismatch.");
}
}
else {
pkt->options = SERV_ERR;
strcpy(pkt->buf, "Password change failed, for some reason we couldn't find you.");
}
}
else {
pkt->options = SERV_ERR;
strcpy(pkt->buf, "Password change failed, malformed request.");
}
free(curr_pass_hash);
strcpy(pkt->username, SERVER_NAME);
strcpy(pkt->realname, SERVER_NAME);
pkt->timestamp = time(NULL);
send(fd, (void *)pkt, sizeof(packet), MSG_NOSIGNAL);
}
/*
*Register
*/
int register_user(packet *in_pkt, int fd) {
int i = 0;
char *args[16];
char cpy[BUFFERSIZE];
char *tmp = cpy;
strcpy(tmp, in_pkt->buf);
args[i] = strsep(&tmp, " \t");
while ((i < sizeof(args) - 1) && (args[i] != '\0')) {
args[++i] = strsep(&tmp, " \t");
}
// Check there are enough arguements to safely inspect them
if (i > 3) {
// Ensure requested username is valid
if (!validUsername(args[1], fd)) { return 0; }
// Check if the requested username is unique
if(strcmp(get_real_name(®istered_users_list, args[1], registered_users_mutex), "ERROR") !=0 || \
!(strcmp(SERVER_NAME, args[1])) || \
strcmp(args[2], args[3]) != 0) {
sendError("Username unavailable.", fd);
return 0;
}
// Ensure password requested is valid
if (!validPassword(args[2], args[3], fd)) { return 0; }
// Allocate memory space for new user node, populate node with new user data
User *user = (User *)malloc(sizeof(User));
strcpy(user->username, args[1]);
strcpy(user->real_name, args[1]);
// Hash password
SHA256_CTX sha256;
SHA256_Init(&sha256);
SHA256_Update(&sha256, args[2], strlen(args[2]));
SHA256_Final(user->password, &sha256);
user->sock = fd;
user->next = NULL;
// Insert user as registered user, write new user data to file
insertUser(®istered_users_list, user, registered_users_mutex);
writeUserFile(®istered_users_list, USERS_FILE, registered_users_mutex);
// Reform packet as valid login, pass new user data to login
memset(&in_pkt->buf, 0, sizeof(in_pkt->buf));
sprintf(in_pkt->buf, "/login %s %s", args[1], args[2]);
return login(in_pkt, fd);
}
// There were not enough arguements received to correctly read them
else {
printf("%s --- %sError:%s Malformed reg packet received from %s on %d, ignoring.\n", \
WHITE, RED, NORMAL, args[1], fd);
}
return 0;
}
void LoginComponent::sendLoginRequest()
{
QString username = ui->usernameEdit->text();
QString password = ui->passwordEdit->text();
if (!validUsername(username)) {
if (username == "")
initialize("Error: empty username given.");
else
initialize("Error: illegal username, " + username + ".");
}
else if (!validPassword(password))
initialize("Error: illegal password.");
else {
m_manager->requestLogin(username, password);
}
}
