forked from Mirrorlandia_minetest/minetest
27db929252
Gives a convenient way to check a player's password. This entirely bypasses the SRP protocol, so should be used with great care. This function is not intended to be used in-game, but solely by external protocols, where no authentication of the minetest engine is provided, and also only for protocols, in which the user already gives the server the plaintext password. Examples for good use are the classical http form, or irc, an example for a bad use is a password change dialog inside formspec. Users should be aware that they lose the advantages of the SRP protocol if they enter their passwords for servers outside the normal entry box, like in in-game formspec menus, or through irc /msg s, This patch also fixes an auth.h mistake which has mixed up the order of params inside the decode_srp_verifier_and_salt function. Zeno-: Added errorstream message for invalid format when I committed
51 lines
1.8 KiB
C++
51 lines
1.8 KiB
C++
/*
|
|
Minetest
|
|
Copyright (C) 2015, 2016 est31 <MTest31@outlook.com>
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU Lesser General Public License as published by
|
|
the Free Software Foundation; either version 2.1 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Lesser General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public License along
|
|
with this program; if not, write to the Free Software Foundation, Inc.,
|
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*/
|
|
|
|
#ifndef AUTH_H
|
|
#define AUTH_H
|
|
|
|
/// Gets the base64 encoded legacy password db entry.
|
|
std::string translate_password(const std::string &name,
|
|
const std::string &password);
|
|
|
|
/// Creates a verification key with given salt and password.
|
|
std::string generate_srp_verifier(const std::string &name,
|
|
const std::string &password, const std::string &salt);
|
|
|
|
/// Creates a verification key and salt with given password.
|
|
void generate_srp_verifier_and_salt(const std::string &name,
|
|
const std::string &password, std::string *verifier,
|
|
std::string *salt);
|
|
|
|
/// Gets an SRP verifier, generating a salt,
|
|
/// and encodes it as DB-ready string.
|
|
std::string get_encoded_srp_verifier(const std::string &name,
|
|
const std::string &password);
|
|
|
|
/// Converts the passed SRP verifier into a DB-ready format.
|
|
std::string encode_srp_verifier(const std::string &verifier,
|
|
const std::string &salt);
|
|
|
|
/// Reads the DB-formatted SRP verifier and gets the verifier
|
|
/// and salt components.
|
|
bool decode_srp_verifier_and_salt(const std::string &encoded,
|
|
std::string *verifier, std::string *salt);
|
|
|
|
#endif
|