|
24
|
1 diff --git a/dgamelaunch.c b/dgamelaunch.c
|
|
|
2 index fbf6ef5..b52b545 100644
|
|
|
3 --- a/dgamelaunch.c
|
|
|
4 +++ b/dgamelaunch.c
|
|
|
5 @@ -1489,7 +1489,10 @@ int
|
|
|
6 changepw (int dowrite)
|
|
|
7 {
|
|
|
8 char buf[DGL_PASSWDLEN+1];
|
|
|
9 + char salt[21];
|
|
|
10 int error = 2;
|
|
|
11 + int i;
|
|
|
12 + FILE *urandom;
|
|
|
13
|
|
|
14 /* A precondition is that struct `me' exists because we can be not-yet-logged-in. */
|
|
|
15 if (!me) {
|
|
|
16 @@ -1553,8 +1556,28 @@ changepw (int dowrite)
|
|
|
17 error = 1;
|
|
|
18 }
|
|
|
19
|
|
|
20 + salt[0] = salt[2] = salt[19] = '$';
|
|
|
21 + salt[1] = '6';
|
|
|
22 + salt[20] = '\0';
|
|
|
23 + urandom = fopen("/dev/urandom", "r");
|
|
|
24 + for (i = 3; i < 19; i++) {
|
|
|
25 + /* This does waste four random bytes. */
|
|
|
26 + fread(salt + i, 1, 1, urandom);
|
|
|
27 + salt[i] &= 0x3f;
|
|
|
28 + if (salt[i] < 26)
|
|
|
29 + salt[i] += 'a';
|
|
|
30 + else if (salt[i] < 52)
|
|
|
31 + salt[i] = 'A' + salt[i] - 26;
|
|
|
32 + else if (salt[i] < 62)
|
|
|
33 + salt[i] = '0' + salt[i] - 52;
|
|
|
34 + else if (salt[i] == 62)
|
|
|
35 + salt[i] = '.';
|
|
|
36 + else
|
|
|
37 + salt[i] = '/';
|
|
|
38 + }
|
|
|
39 + fclose(urandom);
|
|
|
40 free(me->password);
|
|
|
41 - me->password = strdup (crypt (buf, buf));
|
|
|
42 + me->password = strdup (crypt (buf, salt));
|
|
|
43
|
|
|
44 if (dowrite)
|
|
|
45 writefile (0);
|
|
|
46 @@ -2053,6 +2076,8 @@ passwordgood (char *cpw)
|
|
|
47 {
|
|
|
48 assert (me != NULL);
|
|
|
49
|
|
|
50 + if (!strncmp (crypt (cpw, me->password), me->password, DGL_PASSWDLEN))
|
|
|
51 + return 1;
|
|
|
52 if (!strncmp (crypt (cpw, cpw), me->password, DGL_PASSWDLEN))
|
|
|
53 return 1;
|
|
|
54 if (!strncmp (cpw, me->password, DGL_PASSWDLEN))
|
|
|
55 diff --git a/dgamelaunch.h b/dgamelaunch.h
|
|
|
56 index b9ce41c..ca5e11b 100644
|
|
|
57 --- a/dgamelaunch.h
|
|
|
58 +++ b/dgamelaunch.h
|
|
|
59 @@ -20,7 +20,7 @@
|
|
|
60 #define dglsign(x) (x < 0 ? -1 : (x > 0 ? 1 : 0))
|
|
|
61
|
|
|
62 #define DGL_PLAYERNAMELEN 30 /* max. length of player name */
|
|
|
63 -#define DGL_PASSWDLEN 20 /* max. length of passwords */
|
|
|
64 +#define DGL_PASSWDLEN 108 /* max. length of passwords */
|
|
|
65 #define DGL_MAILMSGLEN 80 /* max. length of mail message */
|
|
|
66
|
|
|
67 #define DGL_MAXWATCHCOLS 10
|
|
|
68 diff --git a/dgl-common.c b/dgl-common.c
|
|
|
69 index e5c80bc..fbc4eea 100644
|
|
|
70 --- a/dgl-common.c
|
|
|
71 +++ b/dgl-common.c
|
|
|
72 @@ -593,7 +593,7 @@ game_read_extra_info(struct dg_game *game, const char *extra_info_file)
|
|
|
73 struct dg_game **
|
|
|
74 populate_games (int xgame, int *l, struct dg_user *me)
|
|
|
75 {
|
|
|
76 - int fd, len, n, pid;
|
|
|
77 + int fd, len, n, pid, is_node;
|
|
|
78 DIR *pdir;
|
|
|
79 struct dirent *pdirent;
|
|
|
80 struct stat pstat;
|
|
|
81 @@ -631,13 +631,15 @@ populate_games (int xgame, int *l, struct dg_user *me)
|
|
|
82
|
|
|
83 if (!inprog) continue;
|
|
|
84
|
|
|
85 + is_node = strchr(pdirent->d_name, ':') && !strncmp(strchr(pdirent->d_name, ':'), ":node:", 6);
|
|
|
86 +
|
|
|
87 snprintf (fullname, 130, "%s%s", inprog, pdirent->d_name);
|
|
|
88
|
|
|
89 fd = 0;
|
|
|
90 /* O_RDWR here should be O_RDONLY, but we need to test for
|
|
|
91 * an exclusive lock */
|
|
|
92 fd = open (fullname, O_RDWR);
|
|
|
93 - if (fd >= 0 && (fcntl (fd, F_SETLK, &fl) == -1))
|
|
|
|
