129 lines
3.7 KiB
Diff
129 lines
3.7 KiB
Diff
diff --git a/dgamelaunch.c b/dgamelaunch.c
|
|
index fc831a9..cb03355 100644
|
|
--- a/dgamelaunch.c
|
|
+++ b/dgamelaunch.c
|
|
@@ -1489,7 +1489,10 @@ int
|
|
changepw (int dowrite)
|
|
{
|
|
char buf[DGL_PASSWDLEN+1];
|
|
+ char salt[21];
|
|
int error = 2;
|
|
+ int i;
|
|
+ FILE *urandom;
|
|
|
|
/* A precondition is that struct `me' exists because we can be not-yet-logged-in. */
|
|
if (!me) {
|
|
@@ -1553,8 +1556,28 @@ changepw (int dowrite)
|
|
error = 1;
|
|
}
|
|
|
|
+ salt[0] = salt[2] = salt[19] = '$';
|
|
+ salt[1] = '6';
|
|
+ salt[20] = '\0';
|
|
+ urandom = fopen("/dev/urandom", "r");
|
|
+ for (i = 3; i < 19; i++) {
|
|
+ /* This does waste four random bytes. */
|
|
+ fread(salt + i, 1, 1, urandom);
|
|
+ salt[i] &= 0x3f;
|
|
+ if (salt[i] < 26)
|
|
+ salt[i] += 'a';
|
|
+ else if (salt[i] < 52)
|
|
+ salt[i] = 'A' + salt[i] - 26;
|
|
+ else if (salt[i] < 62)
|
|
+ salt[i] = '0' + salt[i] - 52;
|
|
+ else if (salt[i] == 62)
|
|
+ salt[i] = '.';
|
|
+ else
|
|
+ salt[i] = '/';
|
|
+ }
|
|
+ fclose(urandom);
|
|
free(me->password);
|
|
- me->password = strdup (crypt (buf, buf));
|
|
+ me->password = strdup (crypt (buf, salt));
|
|
|
|
if (dowrite)
|
|
writefile (0);
|
|
@@ -2054,6 +2077,12 @@ passwordgood (char *cpw)
|
|
char *crypted;
|
|
assert (me != NULL);
|
|
|
|
+ crypted = crypt (cpw, me->password);
|
|
+ if (crypted == NULL)
|
|
+ return 0;
|
|
+ if (!strncmp (crypted, me->password, DGL_PASSWDLEN))
|
|
+ return 1;
|
|
+
|
|
crypted = crypt (cpw, cpw);
|
|
if (crypted == NULL)
|
|
return 0;
|
|
@@ -2870,6 +2899,8 @@ main (int argc, char** argv)
|
|
}
|
|
}
|
|
|
|
+ umask(0002);
|
|
+
|
|
if (globalconfig.locale) {
|
|
setlocale(LC_CTYPE, globalconfig.locale);
|
|
}
|
|
diff --git a/dgamelaunch.h b/dgamelaunch.h
|
|
index e298adf..411c7c3 100644
|
|
--- a/dgamelaunch.h
|
|
+++ b/dgamelaunch.h
|
|
@@ -20,7 +20,7 @@
|
|
#define dglsign(x) (x < 0 ? -1 : (x > 0 ? 1 : 0))
|
|
|
|
#define DGL_PLAYERNAMELEN 30 /* max. length of player name */
|
|
-#define DGL_PASSWDLEN 20 /* max. length of passwords */
|
|
+#define DGL_PASSWDLEN 108 /* max. length of passwords */
|
|
#define DGL_MAILMSGLEN 80 /* max. length of mail message */
|
|
|
|
#define DGL_MAXWATCHCOLS 10
|
|
diff --git a/dgl-common.c b/dgl-common.c
|
|
index 80560b5..94f7b69 100644
|
|
--- a/dgl-common.c
|
|
+++ b/dgl-common.c
|
|
@@ -608,7 +608,7 @@ game_read_extra_info(struct dg_game *game, const char *extra_info_file)
|
|
struct dg_game **
|
|
populate_games (int xgame, int *l, struct dg_user *me)
|
|
{
|
|
- int fd, len, n, pid;
|
|
+ int fd, len, n, pid, is_node;
|
|
DIR *pdir;
|
|
struct dirent *pdirent;
|
|
struct stat pstat;
|
|
@@ -646,13 +646,15 @@ populate_games (int xgame, int *l, struct dg_user *me)
|
|
|
|
if (!inprog) continue;
|
|
|
|
+ is_node = strchr(pdirent->d_name, ':') && !strncmp(strchr(pdirent->d_name, ':'), ":node:", 6);
|
|
+
|
|
snprintf (fullname, 130, "%s%s", inprog, pdirent->d_name);
|
|
|
|
fd = 0;
|
|
/* O_RDWR here should be O_RDONLY, but we need to test for
|
|
* an exclusive lock */
|
|
fd = open (fullname, O_RDWR);
|
|
- if (fd >= 0 && (fcntl (fd, F_SETLK, &fl) == -1))
|
|
+ if (fd >= 0 && (is_node || (fcntl (fd, F_SETLK, &fl) == -1)))
|
|
{
|
|
char *ttrecdir = NULL;
|
|
strncpy(playername, pdirent->d_name, DGL_PLAYERNAMELEN);
|
|
@@ -666,6 +668,9 @@ populate_games (int xgame, int *l, struct dg_user *me)
|
|
graceful_exit(145);
|
|
}
|
|
replacestr++;
|
|
+ if (is_node) {
|
|
+ replacestr += 5;
|
|
+ }
|
|
|
|
ttrecdir = dgl_format_str(game, me, myconfig[game]->ttyrecdir, playername);
|
|
if (!ttrecdir) continue;
|
|
@@ -688,6 +693,8 @@ populate_games (int xgame, int *l, struct dg_user *me)
|
|
strlcpy (games[len]->name, pdirent->d_name,
|
|
strlen (pdirent->d_name) + 1);
|
|
|
|
+ if (is_node)
|
|
+ replacestr += 5;
|
|
games[len]->date = malloc (11);
|
|
strlcpy (games[len]->date, replacestr + 1, 11);
|
|
|