/* *Set user password */ void set_pass(packet *pkt, int fd) { int i = 0; char *args[16]; char cpy[BUFFERSIZE]; char *tmp = cpy; unsigned char *curr_pass_hash = (unsigned char *)malloc(SHA256_DIGEST); strcpy(tmp, pkt->buf); args[i] = strsep(&tmp, " \t"); while ((i < sizeof(args) - 1) && (args[i] != '\0')) { args[++i] = strsep(&tmp, " \t"); } if (i > 3) { if (!validPassword(args[2], args[3], fd)) { free(curr_pass_hash); return; } User *user = get_user(®istered_users_list, pkt->username, registered_users_mutex); if (user != NULL) { // Hash for pw compare SHA256_CTX sha256; SHA256_Init(&sha256); SHA256_Update(&sha256, args[1], strlen(args[1])); SHA256_Final(curr_pass_hash, &sha256); if (comparePasswords(user->password, curr_pass_hash, 32) == 0) { memset(user->password, 0, 32); // Hash new password SHA256_CTX sha256; SHA256_Init(&sha256); SHA256_Update(&sha256, args[2], strlen(args[2])); SHA256_Final(user->password, &sha256); //pthread_mutex_lock(®istered_users_mutex); writeUserFile(®istered_users_list, USERS_FILE, registered_users_mutex); //pthread_mutex_unlock(®istered_users_mutex); pkt->options = PASSSUC; } else { pkt->options = SERV_ERR; strcpy(pkt->buf, "Password change failed, password mismatch."); } } else { pkt->options = SERV_ERR; strcpy(pkt->buf, "Password change failed, for some reason we couldn't find you."); } } else { pkt->options = SERV_ERR; strcpy(pkt->buf, "Password change failed, malformed request."); } free(curr_pass_hash); strcpy(pkt->username, SERVER_NAME); strcpy(pkt->realname, SERVER_NAME); pkt->timestamp = time(NULL); send(fd, (void *)pkt, sizeof(packet), MSG_NOSIGNAL); }
/* *Register */ int register_user(packet *in_pkt, int fd) { int i = 0; char *args[16]; char cpy[BUFFERSIZE]; char *tmp = cpy; strcpy(tmp, in_pkt->buf); args[i] = strsep(&tmp, " \t"); while ((i < sizeof(args) - 1) && (args[i] != '\0')) { args[++i] = strsep(&tmp, " \t"); } // Check there are enough arguements to safely inspect them if (i > 3) { // Ensure requested username is valid if (!validUsername(args[1], fd)) { return 0; } // Check if the requested username is unique if(strcmp(get_real_name(®istered_users_list, args[1], registered_users_mutex), "ERROR") !=0 || \ !(strcmp(SERVER_NAME, args[1])) || \ strcmp(args[2], args[3]) != 0) { sendError("Username unavailable.", fd); return 0; } // Ensure password requested is valid if (!validPassword(args[2], args[3], fd)) { return 0; } // Allocate memory space for new user node, populate node with new user data User *user = (User *)malloc(sizeof(User)); strcpy(user->username, args[1]); strcpy(user->real_name, args[1]); // Hash password SHA256_CTX sha256; SHA256_Init(&sha256); SHA256_Update(&sha256, args[2], strlen(args[2])); SHA256_Final(user->password, &sha256); user->sock = fd; user->next = NULL; // Insert user as registered user, write new user data to file insertUser(®istered_users_list, user, registered_users_mutex); writeUserFile(®istered_users_list, USERS_FILE, registered_users_mutex); // Reform packet as valid login, pass new user data to login memset(&in_pkt->buf, 0, sizeof(in_pkt->buf)); sprintf(in_pkt->buf, "/login %s %s", args[1], args[2]); return login(in_pkt, fd); } // There were not enough arguements received to correctly read them else { printf("%s --- %sError:%s Malformed reg packet received from %s on %d, ignoring.\n", \ WHITE, RED, NORMAL, args[1], fd); } return 0; }
void LoginComponent::sendLoginRequest() { QString username = ui->usernameEdit->text(); QString password = ui->passwordEdit->text(); if (!validUsername(username)) { if (username == "") initialize("Error: empty username given."); else initialize("Error: illegal username, " + username + "."); } else if (!validPassword(password)) initialize("Error: illegal password."); else { m_manager->requestLogin(username, password); } }