--- deliantra/server/ext/login.ext 2012/11/15 07:08:15 1.122 +++ deliantra/server/ext/login.ext 2012/11/17 11:13:54 1.126 @@ -8,6 +8,8 @@ CONF MAX_DISCONNECT_TIME = 3600; +our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>; + sub query { my ($ns, $flags, $text) = @_; @@ -150,102 +152,135 @@ IO::AIO::aio_rmtree $temp; } -sub login_done { +sub login { my ($pl) = @_; - if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) { - $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR); - } -} - -sub chargen { - my ($ns, $user, $pass) = @_; - + # handle character creation, if neccessary # the rest of this function is character creation - $Coro::current->{desc} = "addme($user) chargen"; - # just to make sure nothing is left over - # normally, nothing is there. - nuke_playerdir $user; - - my $pl = cf::player::new $user; - $pl->password (encode_password $pass); - $pl->connect ($ns); + my $ns = $pl->ns; my $ob = $pl->ob; - $ob->goto ($pl->maplevel, $ob->x, $ob->y); + $Coro::current->{desc} = "addme(" . $ob->name . ") login"; - while () { - $ob->update_stats; - $pl->save_stats; + delete $pl->{deny_save}; # set by new - my $res = query $ns, cf::CS_QUERY_SINGLECHAR, - "[y] to roll new stats [n] to use stats\n[1-7] [1-7] to swap stats.\nRoll again (y/n/1-7)?"; + if ($pl->{chargen} eq "init") { + # create the playerdir, if necessary, as chargen_race_done did it before + # presumably because of unique maps + aio_mkdir playerdir $pl, 0770; + $pl->save; - if ($res =~ /^[Nn]/) { - last; - } elsif ($res > 0 && $res <= 7) { - my $swap = query $ns, cf::CS_QUERY_SINGLECHAR, "Swap stat with (will not roll new stats) [1-7]?"; + $ob->goto ($pl->maplevel, $ob->x, $ob->y); - if ($swap > 0 && $swap <= 7) { - $ob->swap_stats ($res - 1, $swap - 1); + $pl->{chargen} = "stats"; + } + + if ($pl->{chargen} eq "stats") { + while () { + $ob->update_stats; + $pl->save_stats; + + my $res = query $ns, cf::CS_QUERY_SINGLECHAR, + "[y] to roll new stats [n] to use stats\n[1-7] [1-7] to swap stats.\nRoll again (y/n/1-7)?"; + + if ($res =~ /^[Nn]/) { + last; + } elsif ($res > 0 && $res <= 7) { + my $swap = query $ns, cf::CS_QUERY_SINGLECHAR, "Swap stat with (will not roll new stats) [1-7]?"; + + if ($swap > 0 && $swap <= 7) { + $ob->swap_stats ($res - 1, $swap - 1); + } + } else { + $ob->roll_stats; } - } else { - $ob->roll_stats; + + Coro::Timer::sleep 0.05; } - Coro::Timer::sleep 0.05; + $ob->set_animation (2); + $ob->add_statbonus; + + $pl->{chargen} = "race"; } - $ob->set_animation (2); - $ob->add_statbonus; + if ($pl->{chargen} eq "race") { + while () { + $ns->send_msg ("chargen-race-title", ucfirst $pl->title, -1); + my $msg = $ob->msg; + $msg =~ s/(?<=\S)\n(?=\S)/ /g; + $ns->send_msg ("chargen-race-description", $msg, cf::NDI_BLUE); + + my $res = query $ns, cf::CS_QUERY_SINGLECHAR, + "Now choose a character.\nPress any key to change outlook.\nPress `d' when you're pleased.\n"; - while () { - $ns->send_msg ("chargen-race-title", ucfirst $pl->title, -1); - my $msg = $ob->msg; - $msg =~ s/(?<=\S)\n(?=\S)/ /g; - $ns->send_msg ("chargen-race-description", $msg, cf::NDI_BLUE); + last if $res =~ /[dD]/; - my $res = query $ns, cf::CS_QUERY_SINGLECHAR, - "Now choose a character.\nPress any key to change outlook.\nPress `d' when you're pleased.\n"; + $pl->chargen_race_next; + Coro::Timer::sleep 0.05; + } - last if $res =~ /[dD]/; + $pl->chargen_race_done; + $pl->{chargen} = "gender"; + } - $pl->chargen_race_next; - Coro::Timer::sleep 0.05; + if ($pl->{chargen} eq "race") { + while () { + my $res = query $ns, cf::CS_QUERY_SINGLECHAR, + "Now choose a gender.\nPress 'f' to become female, and 'm' to become male.\n"; + + if ($res =~ /^[fF]/) { + $pl->gender (1); + last; + } elsif ($res =~ /^[mM]/) { + $pl->gender (0); + last; + } + Coro::Timer::sleep 0.05; + } + $pl->{chargen} = "done"; } - # create the playerdir, if necessary, as chargen_race_done did it before - # presumably because of unique maps - aio_mkdir playerdir $pl, 0770; - $pl->chargen_race_done; - - while () { - my $res = query $ns, cf::CS_QUERY_SINGLECHAR, - "Now choose a gender.\nPress 'f' to become female, and 'm' to become male.\n"; + $ns->state (cf::ST_PLAYING); - if ($res =~ /^[fF]/) { - $pl->gender (1); - last; - } elsif ($res =~ /^[mM]/) { - $pl->gender (0); - last; - } - Coro::Timer::sleep 0.05; + if ($pl->{chargen} eq "done") { + # XXX: Workaround for delayed client ext protocol handshake + $pl->esrv_new_player; + + $pl->{chargen} = "done"; } $ob->reply (undef, "Welcome to Deliantra!"); - # XXX: Workaround for delayed client ext protocol handshake - $pl->esrv_new_player; + if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) { + $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR); + } +} - delete $pl->{deny_save}; +sub chargen { + my ($ns, $user, $hasah) = @_; + + # lock again, too lazy to make this nicer + local $cf::LOGIN_LOCK{$user} = 1; + + # just to make sure nothing is left over + # normally, nothing is there. + nuke_playerdir $user; + + my $pl = cf::player::new $user; + $pl->password (encode_password $pass); + $pl->connect ($ns); + + $pl->{chargen} = "init"; + + login $pl; } cf::client->attach (on_addme => sub { my ($ns) = @_; - $ns->pl and return $ns->destroy; + $ns->{addme}++ and return $ns->destroy; $ns->async (sub { $Coro::current->{desc} = "addme init"; @@ -272,7 +307,7 @@ . "Chose another, or wait till the other session has ended.", cf::NDI_RED ); - } elsif ($user =~ /^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z/) { + } elsif ($user =~ $VALID_LOGIN) { last; } else { $ns->send_drawinfo ( @@ -336,7 +371,7 @@ my $pl = cf::player::find $user or next; $pl->connect ($ns); enter_map $pl; - login_done $pl; + login $pl; return; } elsif (can_cleanup $pl, $mtime) { Coro::Timer::sleep 1; @@ -397,11 +432,7 @@ last; } - # lock again, too layz to make this nicer - local $cf::LOGIN_LOCK{$user} = 1; - - chargen $ns, $user, $pass; - login_done $ns->pl; + chargen $ns, $user, Deliantra::Util::hash_pw $pass; }); }); @@ -409,20 +440,92 @@ on_version => sub { my ($ns, $arg) = @_; - $ns->ext_msg (nonces => map { join "", map { chr rand 256 } 0..63 } 1..2); + # perl probably uses lrand48, which is not secure at all + # maybe require linux and use /dev/urandom. + $ns->{nonces} = [map { join "", map { chr rand 256 } 0..63 } 1..2]; + $ns->ext_msg (nonces => @{ $ns->{nonces} }); }, ); -#cf::register_async_exticmd create_login => sub { -# my ($ns, $reply, $user, $pass) = @_; -# -# $ns->pl and return $ns->destroy; -#}; +cf::register_async_exticmd create_login => sub { + my ($ns, $reply, $user, $pass) = @_; + + $ns->{addme}++ and return $ns->destroy; + + $ns->async (sub { + my $fail = sub { + $reply->(0, $_[0]); + $ns->flush; # does not ensure that the data reaches the client - TODO + # need to do this in another thread, as this one gets canceled + Coro::async_pool { + Coro::AnyEvent::sleep 0.1; # TODO, see above, extra hack + $ns->destroy if $ns->valid; + }; + Coro::schedule; # do the destroy, should not return + }; + + $user =~ $VALID_LOGIN + or return $fail ( + "Your username contains illegal characters (only a-z, A-Z and 0-9 are allowed), " + . "or is not between 3 and 20 characters in length." + ); + + cf::player::find $user + and return $fail->("User '$user' already exists - choose another login name."); + + chargen $ns, $user, Deliantra::Util::hash_pw $pass; + }); +}; cf::register_async_exticmd login => sub { my ($ns, $reply, $user, $hash) = @_; - $ns->pl and return $ns->destroy; + $ns->{addme}++ and return $ns->destroy; + + $ns->async (sub { + local $cf::LOGIN_LOCK{$user} = 1; + + $Coro::current->{desc} = "login($user) check"; + + my $fail = sub { + $reply->(0, $_[0]); + $ns->flush; # does not ensure that the data reaches the client - TODO + # need to do this in another thread, as this one gets canceled + Coro::async_pool { + Coro::AnyEvent::sleep 0.1; # TODO, see above, extra hack + $ns->destroy if $ns->valid; + }; + Coro::schedule; # do the destroy, should not return + }; + + # try to read the user file and check the password + my $pl = cf::player::find $user + or return $fail->("User '$user' does not exist - wrong spelling?"); + + aio_stat $pl->path + and return $ns->destroy; + + my $mtime = (stat _)[9]; + my $token = $pl->password; + + $token = $token =~ /^!/ + ? Deliantra::Util::hash_pw pack "H*", substr $token, 1 + : pack "H*", $token; + + $token = Deliantra::Util::auth_pw $token, $ns->{nonces}[0], $ns->{nonces}[1]; + + $token eq $hash + or $cf::CFG{ext_login_nocheck} + or return $fail->("User exists, but the password doesn't match - check your spelling, NumLock/CapsLock etc."); + + # player exists and passwords match - we can proceed + + $reply->(1, "Success"); + + $pl->connect ($ns); + enter_map $pl; + login $pl; + }); }; cf::register_command password => sub { @@ -435,6 +538,11 @@ return; } + $pl->message (#d# + "Passwords cannot currently be changed.",#d# + cf::NDI_UNIQUE | cf::NDI_REPLY);#d# + return;#d# + my (@args) = split /\s+/, $arg; my ($player, $new_pw) = @args;