Fixed login printing raw passwdenc passwords to console (bugreport:826).

Added strlib function bin2hex().
Cleaned up the md5calc interface a bit.

git-svn-id: https://svn.code.sf.net/p/rathena/svn/trunk@13055 54d463be-8e91-2dee-dedb-b68131a5f0ec

Changelog-Trunk.txt

@@ -3,6 +3,10 @@ Date	Added
 AS OF SVN REV. 5091, WE ARE NOW USING TRUNK.  ALL UNTESTED BUGFIXES/FEATURES GO INTO TRUNK.
 IF YOU HAVE A WORKING AND TESTED BUGFIX PUT IT INTO STABLE AS WELL AS TRUNK.
 
+2008/08/09
+	* Fixed login printing raw passwdenc passwords to console (bugreport:826) [ultramage]
+	- added strlib function bin2hex()
+	- cleaned up the md5calc interface a bit
 2008/08/07
 	* Added another GM trust config for party invitations (bugreport:2004) [SketchyPhoenix]
 2008/08/04

src/common/md5calc.c

@@ -141,27 +141,22 @@ static void MD5_Round_Calculate(const unsigned char *block,
    memset(pX, 0, sizeof(X));
 }
 
-//-------------------------------------------------------------------
-// The function for the exteriors
-
-/** output is the coded binary in the character sequence which wants to code string. */
-void MD5_String2binary(const char * string, char * output)
+static void MD5_String2binary(const char * string, unsigned char * output)
 {
 //var
    /*8bit*/
    unsigned char padding_message[64]; //Extended message   512bit 64byte
-   unsigned char *pstring;             //The position of string in the present scanning notes is held.
+   unsigned char *pstring;            //The position of string in the present scanning notes is held.
 
-//   unsigned char digest[16];
    /*32bit*/
-   unsigned int string_byte_len,    //The byte chief of string is held.
-                   string_bit_len,     //The bit length of string is held.
-                   copy_len,           //The number of bytes which is used by 1-3 and which remained
-                   msg_digest[4];      //Message digest   128bit 4byte
+   unsigned int string_byte_len,     //The byte chief of string is held.
+                string_bit_len,      //The bit length of string is held.
+                copy_len,            //The number of bytes which is used by 1-3 and which remained
+                msg_digest[4];       //Message digest   128bit 4byte
    unsigned int *A = &msg_digest[0], //The message digest in accordance with RFC (reference)
-                   *B = &msg_digest[1],
-                   *C = &msg_digest[2],
-                   *D = &msg_digest[3];
+                *B = &msg_digest[1],
+                *C = &msg_digest[2],
+                *D = &msg_digest[3];
 	int i;
 
 //prog
@@ -193,7 +188,6 @@ void MD5_String2binary(const char * string, char * output)
        memset(padding_message, 0, 56); //56 bytes is newly fill uped with 0.
    }
 
-
    //Step 2.Append Length (the information on length is added)
    string_bit_len = string_byte_len * 8;             //From the byte chief to bit length (32 bytes of low rank)
    memcpy(&padding_message[56], &string_bit_len, 4); //32 bytes of low rank is set.
@@ -208,26 +202,26 @@ void MD5_String2binary(const char * string, char * output)
    //Step 4.Process Message in 16-Word Blocks (calculation of MD5)
    MD5_Round_Calculate(padding_message, A,B,C,D);
 
-
    //Step 5.Output (output)
    memcpy(output,msg_digest,16);
-//   memcpy (digest, msg_digest, and 16);  //8 byte*4 < - 32byte conversion   A function called Encode as used in the field of RFC
-/*   sprintf(output,
-           "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
-           digest[ 0], digest[ 1], digest[ 2], digest[ 3],
-           digest[ 4], digest[ 5], digest[ 6], digest[ 7],
-           digest[ 8], digest[ 9], digest[10], digest[11],
-           digest[12], digest[13], digest[14], digest[15]);*/
+}
+
+//-------------------------------------------------------------------
+// The function for the exteriors
+
+/** output is the coded binary in the character sequence which wants to code string. */
+void MD5_Binary(const char * string, unsigned char * output)
+{
+	MD5_String2binary(string,output);
 }
 
 /** output is the coded character sequence in the character sequence which wants to code string. */
 void MD5_String(const char * string, char * output)
 {
-   unsigned char digest[16];
+	unsigned char digest[16];
 
-	MD5_String2binary(string,(char*)digest);
-	sprintf(output,
-		"%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+	MD5_String2binary(string,digest);
+	sprintf(output,	"%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
 		digest[ 0], digest[ 1], digest[ 2], digest[ 3],
 		digest[ 4], digest[ 5], digest[ 6], digest[ 7],
 		digest[ 8], digest[ 9], digest[10], digest[11],

src/common/md5calc.h

@@ -2,6 +2,6 @@
 #define _MD5CALC_H_
 
 void MD5_String(const char * string, char * output);
-void MD5_String2binary(const char * string, char * output);
+void MD5_Binary(const char * string, unsigned char * output);
 
 #endif /* _MD5CALC_H_ */

src/common/strlib.c

@@ -363,6 +363,28 @@ int strline(const char* str, size_t pos)
 	return line;
 }
 
+/// Produces the hexadecimal representation of the given input.
+/// The output buffer must be at least count*2+1 in size.
+/// Returns true on success, false on failure.
+///
+/// @param output Output string
+/// @param input Binary input buffer
+/// @param count Number of bytes to convert
+bool bin2hex(char* output, unsigned char* input, size_t count)
+{
+	char toHex[] = "0123456789abcdef";
+	size_t i;
+
+	for( i = 0; i < count; ++i )
+	{
+		*output++ = toHex[(*input & 0xF0) >> 4];
+		*output++ = toHex[(*input & 0x0F) >> 0];
+		++input;
+	}
+	*output = '\0';
+	return true;
+}
+
 
 
 /////////////////////////////////////////////////////////////////////

src/common/strlib.h

@@ -46,6 +46,10 @@ int safesnprintf(char* buf, size_t sz, const char* fmt, ...);
 /// Lines start at 1.
 int strline(const char* str, size_t pos);
 
+/// Produces the hexadecimal representation of the given input.
+/// The output buffer must be at least count*2+1 in size.
+/// Returns true on success, false on failure.
+bool bin2hex(char* output, unsigned char* input, size_t count);
 
 
 /// Bitfield determining the behaviour of sv_parse and sv_split.

src/ladmin/ladmin.c

@@ -2343,7 +2343,7 @@ int parse_fromlogin(int fd)
 				strncpy(md5str, loginserveradminpassword, sizeof(loginserveradminpassword));
 				strcat(md5str, (const char*)RFIFOP(fd,4));
 			}
-			MD5_String2binary(md5str, md5bin);
+			MD5_Binary(md5str, md5bin);
 			WFIFOW(login_fd,0) = 0x7918; // Request for administation login (encrypted password)
 			WFIFOW(login_fd,2) = passenc; // Encrypted type
 			memcpy(WFIFOP(login_fd,4), md5bin, 16);

src/login/login.c

@@ -230,12 +230,12 @@ static int sync_ip_addresses(int tid, unsigned int tick, int id, intptr data)
 //-----------------------------------------------------
 bool check_encrypted(const char* str1, const char* str2, const char* passwd)
 {
-	char md5str[64], md5bin[32];
+	char tmpstr[64+1], md5str[32+1];
 
-	safesnprintf(md5str, sizeof(md5str), "%s%s", str1, str2);
-	MD5_String2binary(md5str, md5bin);
+	safesnprintf(tmpstr, sizeof(tmpstr), "%s%s", str1, str2);
+	MD5_String(tmpstr, md5str);
 
-	return (0==memcmp(passwd, md5bin, 16));
+	return (0==strcmp(passwd, md5str));
 }
 
 bool check_password(const char* md5key, int passwdenc, const char* passwd, const char* refpass)
@@ -1316,8 +1316,8 @@ int parse_login(int fd)
 			}
 			else
 			{
-				ShowStatus("Request for connection (encryption mode) of %s (ip: %s).\n", sd->userid, ip);
-				memcpy(sd->passwd, passwd, 16); sd->passwd[16] = '\0'; // raw binary data here!
+				ShowStatus("Request for connection (passwdenc mode) of %s (ip: %s).\n", sd->userid, ip);
+				bin2hex(sd->passwd, (unsigned char*)passwd, 16); // raw binary data here!
 				sd->passwdenc = PASSWORDENC;
 			}