Update settings to support hashed passwords
This commit is contained in:
parent
162d8badda
commit
995a062f29
2
bbs.h
2
bbs.h
@ -153,6 +153,8 @@ extern void disconnect(int socket, char *calledby);
|
|||||||
extern void display_info(int socket);
|
extern void display_info(int socket);
|
||||||
extern void display_last10_callers(int socket, struct user_record *user);
|
extern void display_last10_callers(int socket, struct user_record *user);
|
||||||
|
|
||||||
|
extern void gen_salt(char **s);
|
||||||
|
extern char *hash_sha256(char *pass, char *salt);
|
||||||
extern int save_user(struct user_record *user);
|
extern int save_user(struct user_record *user);
|
||||||
extern int check_user(char *loginname);
|
extern int check_user(char *loginname);
|
||||||
extern struct user_record *new_user(int socket);
|
extern struct user_record *new_user(int socket);
|
||||||
|
11
settings.c
11
settings.c
@ -8,6 +8,7 @@ void settings_menu(int sock, struct user_record *user) {
|
|||||||
char buffer[256];
|
char buffer[256];
|
||||||
int dosettings = 0;
|
int dosettings = 0;
|
||||||
char c;
|
char c;
|
||||||
|
char *hash;
|
||||||
|
|
||||||
while (!dosettings) {
|
while (!dosettings) {
|
||||||
s_putstring(sock, "\e[2J\e[1;32mYour Settings\r\n");
|
s_putstring(sock, "\e[2J\e[1;32mYour Settings\r\n");
|
||||||
@ -25,13 +26,17 @@ void settings_menu(int sock, struct user_record *user) {
|
|||||||
{
|
{
|
||||||
s_putstring(sock, "\r\nEnter your current password: ");
|
s_putstring(sock, "\r\nEnter your current password: ");
|
||||||
s_readpass(sock, buffer, 16);
|
s_readpass(sock, buffer, 16);
|
||||||
if (strcmp(buffer, user->password) == 0) {
|
hash = hash_sha256(buffer, user->salt);
|
||||||
|
if (strcmp(hash, user->password) == 0) {
|
||||||
s_putstring(sock, "\r\nEnter your new password (8 chars min): ");
|
s_putstring(sock, "\r\nEnter your new password (8 chars min): ");
|
||||||
s_readstring(sock, buffer, 16);
|
s_readstring(sock, buffer, 16);
|
||||||
if (strlen(buffer) >= 8) {
|
if (strlen(buffer) >= 8) {
|
||||||
free(user->password);
|
free(user->password);
|
||||||
user->password = (char *)malloc(strlen(buffer) + 1);
|
free(user->salt);
|
||||||
strcpy(user->password, buffer);
|
|
||||||
|
gen_salt(&user->salt);
|
||||||
|
user->password = hash_sha256(buffer, user->salt);
|
||||||
|
|
||||||
save_user(user);
|
save_user(user);
|
||||||
s_putstring(sock, "\r\nPassword Changed!\r\n");
|
s_putstring(sock, "\r\nPassword Changed!\r\n");
|
||||||
} else {
|
} else {
|
||||||
|
Reference in New Issue
Block a user