mirror of
https://github.com/2006-Scape/apollo.git
synced 2026-07-05 16:49:04 +00:00
@@ -30,18 +30,23 @@
|
|||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.jruby</groupId>
|
<groupId>org.jruby</groupId>
|
||||||
<artifactId>jruby-complete</artifactId>
|
<artifactId>jruby-complete</artifactId>
|
||||||
<version>1.7.10</version>
|
<version>1.7.12</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.google.guava</groupId>
|
<groupId>com.google.guava</groupId>
|
||||||
<artifactId>guava</artifactId>
|
<artifactId>guava</artifactId>
|
||||||
<version>16.0</version>
|
<version>17.0</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>io.netty</groupId>
|
<groupId>io.netty</groupId>
|
||||||
<artifactId>netty-all</artifactId>
|
<artifactId>netty-all</artifactId>
|
||||||
<version>4.0.15.Final</version>
|
<version>4.0.18.Final</version>
|
||||||
<scope>compile</scope>
|
<scope>compile</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>com.lambdaworks</groupId>
|
||||||
|
<artifactId>scrypt</artifactId>
|
||||||
|
<version>1.4.0</version>
|
||||||
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
</project>
|
</project>
|
||||||
@@ -25,6 +25,8 @@ import org.apollo.security.PlayerCredentials;
|
|||||||
import org.apollo.util.NameUtil;
|
import org.apollo.util.NameUtil;
|
||||||
import org.apollo.util.StreamUtil;
|
import org.apollo.util.StreamUtil;
|
||||||
|
|
||||||
|
import com.lambdaworks.crypto.SCryptUtil;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A {@link PlayerLoader} implementation that loads data from a binary file.
|
* A {@link PlayerLoader} implementation that loads data from a binary file.
|
||||||
*
|
*
|
||||||
@@ -51,10 +53,13 @@ public final class BinaryPlayerLoader implements PlayerLoader {
|
|||||||
String name = StreamUtil.readString(in);
|
String name = StreamUtil.readString(in);
|
||||||
String pass = StreamUtil.readString(in);
|
String pass = StreamUtil.readString(in);
|
||||||
|
|
||||||
if (!name.equalsIgnoreCase(credentials.getUsername()) || !pass.equalsIgnoreCase(credentials.getPassword())) {
|
if (!name.equalsIgnoreCase(credentials.getUsername()) || !SCryptUtil.check(credentials.getPassword(), pass)) {
|
||||||
return new PlayerLoaderResponse(LoginConstants.STATUS_INVALID_CREDENTIALS);
|
return new PlayerLoaderResponse(LoginConstants.STATUS_INVALID_CREDENTIALS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// set the credentials password to the scrypted one
|
||||||
|
credentials.setPassword(pass);
|
||||||
|
|
||||||
PrivilegeLevel privilegeLevel = PrivilegeLevel.valueOf(in.readByte());
|
PrivilegeLevel privilegeLevel = PrivilegeLevel.valueOf(in.readByte());
|
||||||
boolean members = in.readBoolean();
|
boolean members = in.readBoolean();
|
||||||
|
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ public final class BinaryPlayerSaver implements PlayerSaver {
|
|||||||
try (DataOutputStream out = new DataOutputStream(new FileOutputStream(file))) {
|
try (DataOutputStream out = new DataOutputStream(new FileOutputStream(file))) {
|
||||||
// write credentials and privileges
|
// write credentials and privileges
|
||||||
StreamUtil.writeString(out, player.getUsername());
|
StreamUtil.writeString(out, player.getUsername());
|
||||||
StreamUtil.writeString(out, player.getCredentials().getPassword());
|
StreamUtil.writeString(out, player.getCredentials().getHashedPassword());
|
||||||
out.writeByte(player.getPrivilegeLevel().toInteger());
|
out.writeByte(player.getPrivilegeLevel().toInteger());
|
||||||
out.writeBoolean(player.isMembers());
|
out.writeBoolean(player.isMembers());
|
||||||
|
|
||||||
|
|||||||
@@ -2,6 +2,8 @@ package org.apollo.security;
|
|||||||
|
|
||||||
import org.apollo.util.NameUtil;
|
import org.apollo.util.NameUtil;
|
||||||
|
|
||||||
|
import com.lambdaworks.crypto.SCryptUtil;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds the credentials for a player.
|
* Holds the credentials for a player.
|
||||||
*
|
*
|
||||||
@@ -17,7 +19,7 @@ public final class PlayerCredentials {
|
|||||||
/**
|
/**
|
||||||
* The player's password.
|
* The player's password.
|
||||||
*/
|
*/
|
||||||
private final String password;
|
private String password;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The computer's unique identifier.
|
* The computer's unique identifier.
|
||||||
@@ -59,6 +61,23 @@ public final class PlayerCredentials {
|
|||||||
return encodedUsername;
|
return encodedUsername;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Gets the hashed password
|
||||||
|
* @return The password (either the original loaded from file or scrypted)
|
||||||
|
*/
|
||||||
|
public String getHashedPassword() {
|
||||||
|
return password.startsWith("$s0$") ? password : SCryptUtil.scrypt(password, 16384, 8, 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the player's password
|
||||||
|
*
|
||||||
|
* @param password The player's new password
|
||||||
|
*/
|
||||||
|
public void setPassword(String password) {
|
||||||
|
this.password = password;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets the player's password.
|
* Gets the player's password.
|
||||||
*
|
*
|
||||||
|
|||||||
Reference in New Issue
Block a user