static void SaveUserPass (LoginDialogParam *pLoginParam, char *password)
{
uint32_t cryptKey[4];
memset(cryptKey, 0, sizeof(cryptKey));
GetCryptKey(cryptKey, arrsize(cryptKey));
plString theUser = pLoginParam->username;
plString thePass = plString(password).Left(kMaxPasswordLength);
// if the password field is the fake string then we've already
// loaded the namePassHash from the file
if (thePass.Compare(FAKE_PASS_STRING) != 0)
{
// Regex search for primary email domain
std::vector<plString> match = theUser.RESearch("[^@]+@([^.]+\\.)*([^.]+)\\.[^.]+");
if (match.empty() || match[2].CompareI("gametap") == 0) {
plSHA1Checksum shasum(StrLen(password) * sizeof(password[0]), (uint8_t*)password);
uint32_t* dest = reinterpret_cast<uint32_t*>(pLoginParam->namePassHash);
const uint32_t* from = reinterpret_cast<const uint32_t*>(shasum.GetValue());
// I blame eap for this ass shit
dest[0] = hsToBE32(from[0]);
dest[1] = hsToBE32(from[1]);
dest[2] = hsToBE32(from[2]);
dest[3] = hsToBE32(from[3]);
dest[4] = hsToBE32(from[4]);
}
else
{
CryptHashPassword(theUser, thePass, pLoginParam->namePassHash);
}
}
NetCommSetAccountUsernamePassword(theUser.ToWchar(), pLoginParam->namePassHash);
// FIXME: Real OS detection
NetCommSetAuthTokenAndOS(nil, L"win");
plFileName loginDat = plFileName::Join(plFileSystem::GetInitPath(), "login.dat");
#ifndef PLASMA_EXTERNAL_RELEASE
// internal builds can use the local init directory
plFileName local("init\\login.dat");
if (plFileInfo(local).Exists())
loginDat = local;
#endif
hsStream* stream = plEncryptedStream::OpenEncryptedFileWrite(loginDat, cryptKey);
if (stream)
{
stream->Write(sizeof(cryptKey), cryptKey);
stream->WriteSafeString(pLoginParam->username);
stream->WriteBool(pLoginParam->remember);
if (pLoginParam->remember)
stream->Write(sizeof(pLoginParam->namePassHash), pLoginParam->namePassHash);
stream->Close();
delete stream;
}
}
uint32_t hsStream::ReadBE32()
{
uint32_t value;
Read4Bytes(&value);
value = hsToBE32(value);
return value;
}
static void StoreHash(const plString& username, const plString& password, LoginDialogParam *pLoginParam)
{
// Hash username and password before sending over the 'net.
// -- Legacy compatibility: @gametap (and other usernames with domains in them) need
// to be hashed differently.
std::vector<plString> match = username.RESearch("[^@]+@([^.]+\\.)*([^.]+)\\.[^.]+");
if (match.empty() || match[2].CompareI("gametap") == 0) {
// Plain Usernames...
plSHA1Checksum shasum(password.GetSize(), reinterpret_cast<const uint8_t*>(password.c_str()));
uint32_t* dest = reinterpret_cast<uint32_t*>(pLoginParam->namePassHash);
const uint32_t* from = reinterpret_cast<const uint32_t*>(shasum.GetValue());
dest[0] = hsToBE32(from[0]);
dest[1] = hsToBE32(from[1]);
dest[2] = hsToBE32(from[2]);
dest[3] = hsToBE32(from[3]);
dest[4] = hsToBE32(from[4]);
}
else {
// Domain-based Usernames...
CryptHashPassword(username, password, pLoginParam->namePassHash);
}
}
void hsStream::WriteBE32(uint32_t value)
{
value = hsToBE32(value);
this->Write(sizeof(int32_t), &value);
}
