forked from github/server
Bug 2611: password_cmd erzeugt ungültige Passworte.
This commit is contained in:
parent
ef9567897f
commit
b6edc0b940
3 changed files with 73 additions and 42 deletions
29
src/laws.c
29
src/laws.c
|
@ -2181,6 +2181,21 @@ int email_cmd(unit * u, struct order *ord)
|
|||
return 0;
|
||||
}
|
||||
|
||||
bool password_wellformed(const char *password)
|
||||
{
|
||||
unsigned char *c = (unsigned char *)password;
|
||||
int i;
|
||||
if (!password || password[0]=='\0') {
|
||||
return false;
|
||||
}
|
||||
for (i = 0; c[i] && i != PASSWORD_MAXSIZE; ++i) {
|
||||
if (!isalnum(c[i])) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
int password_cmd(unit * u, struct order *ord)
|
||||
{
|
||||
char pwbuf[PASSWORD_MAXSIZE + 1];
|
||||
|
@ -2194,19 +2209,11 @@ int password_cmd(unit * u, struct order *ord)
|
|||
pwbuf[PASSWORD_MAXSIZE - 1] = '\0';
|
||||
}
|
||||
|
||||
if (s && *s) {
|
||||
unsigned char *c = (unsigned char *)pwbuf;
|
||||
int i, r = 0;
|
||||
|
||||
for (i = 0; c[i] && i != PASSWORD_MAXSIZE; ++i) {
|
||||
if (!isalnum(c[i])) {
|
||||
c[i] = 'X';
|
||||
++r;
|
||||
}
|
||||
}
|
||||
if (r != 0) {
|
||||
if (!s || !password_wellformed(s)) {
|
||||
if (s) {
|
||||
cmistake(u, ord, 283, MSG_EVENT);
|
||||
}
|
||||
password_generate(pwbuf, PASSWORD_MAXSIZE);
|
||||
}
|
||||
faction_setpassword(u->faction, password_hash(pwbuf, PASSWORD_DEFAULT));
|
||||
ADDMSG(&u->faction->msgs, msg_message("changepasswd", "value", pwbuf));
|
||||
|
|
|
@ -48,6 +48,7 @@ extern "C" {
|
|||
void sinkships(struct region * r);
|
||||
void do_enter(struct region *r, bool is_final_attempt);
|
||||
bool long_order_allowed(const struct unit *u);
|
||||
bool password_wellformed(const char *password);
|
||||
|
||||
int password_cmd(struct unit *u, struct order *ord);
|
||||
int banner_cmd(struct unit *u, struct order *ord);
|
||||
|
|
|
@ -49,37 +49,6 @@ static void test_new_building_can_be_renamed(CuTest * tc)
|
|||
test_teardown();
|
||||
}
|
||||
|
||||
static void test_password_cmd(CuTest * tc)
|
||||
{
|
||||
unit *u;
|
||||
faction * f;
|
||||
test_setup();
|
||||
u = test_create_unit(f = test_create_faction(NULL), test_create_plain(0, 0));
|
||||
|
||||
u->thisorder = create_order(K_PASSWORD, f->locale, "abcdefgh");
|
||||
password_cmd(u, u->thisorder);
|
||||
CuAssertPtrNotNull(tc, faction_getpassword(f));
|
||||
CuAssertTrue(tc, checkpasswd(f, "abcdefgh"));
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "changepasswd"));
|
||||
free_order(u->thisorder);
|
||||
|
||||
u->thisorder = create_order(K_PASSWORD, f->locale, "abc*de*");
|
||||
password_cmd(u, u->thisorder);
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "error283"));
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "changepasswd"));
|
||||
CuAssertTrue(tc, !checkpasswd(f, "abc*de*"));
|
||||
CuAssertTrue(tc, checkpasswd(f, "abcXdeX"));
|
||||
free_order(u->thisorder);
|
||||
|
||||
u->thisorder = create_order(K_PASSWORD, f->locale, "1234567890123456789012345678901234567890");
|
||||
password_cmd(u, u->thisorder);
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "error321"));
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "changepasswd"));
|
||||
CuAssertTrue(tc, checkpasswd(f, "1234567890123456789012345678901"));
|
||||
|
||||
test_teardown();
|
||||
}
|
||||
|
||||
static void test_rename_building(CuTest * tc)
|
||||
{
|
||||
region *r;
|
||||
|
@ -1949,6 +1918,60 @@ static void test_long_order_on_ocean(CuTest *tc) {
|
|||
test_teardown();
|
||||
}
|
||||
|
||||
static void test_password_cmd(CuTest *tc) {
|
||||
unit *u;
|
||||
message *msg;
|
||||
faction * f;
|
||||
|
||||
CuAssertTrue(tc, password_wellformed("PASSword"));
|
||||
CuAssertTrue(tc, password_wellformed("1234567"));
|
||||
CuAssertTrue(tc, !password_wellformed("$password"));
|
||||
CuAssertTrue(tc, !password_wellformed("no space"));
|
||||
|
||||
test_setup();
|
||||
mt_create_error(283);
|
||||
mt_create_error(321);
|
||||
mt_create_va(mt_new("changepasswd", NULL), "value:string", MT_NEW_END);
|
||||
u = test_create_unit(f = test_create_faction(NULL), test_create_plain(0, 0));
|
||||
u->thisorder = create_order(K_PASSWORD, f->locale, "password1234", NULL);
|
||||
password_cmd(u, u->thisorder);
|
||||
CuAssertTrue(tc, checkpasswd(f, "password1234"));
|
||||
CuAssertPtrNotNull(tc, msg = test_find_messagetype(f->msgs, "changepasswd"));
|
||||
free_order(u->thisorder);
|
||||
test_clear_messages(f);
|
||||
|
||||
u->thisorder = create_order(K_PASSWORD, f->locale, "bad-password", NULL);
|
||||
password_cmd(u, u->thisorder);
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "error283"));
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "changepasswd"));
|
||||
CuAssertTrue(tc, !checkpasswd(f, "password1234"));
|
||||
free_order(u->thisorder);
|
||||
test_clear_messages(f);
|
||||
|
||||
u->thisorder = create_order(K_PASSWORD, f->locale, "''", NULL);
|
||||
password_cmd(u, u->thisorder);
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "error283"));
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "changepasswd"));
|
||||
free_order(u->thisorder);
|
||||
test_clear_messages(f);
|
||||
|
||||
u->thisorder = create_order(K_PASSWORD, f->locale, NULL);
|
||||
password_cmd(u, u->thisorder);
|
||||
CuAssertTrue(tc, !checkpasswd(f, "password1234"));
|
||||
CuAssertPtrEquals(tc, NULL, test_find_messagetype(f->msgs, "error283"));
|
||||
CuAssertPtrNotNull(tc, msg = test_find_messagetype(f->msgs, "changepasswd"));
|
||||
free_order(u->thisorder);
|
||||
test_clear_messages(f);
|
||||
|
||||
u->thisorder = create_order(K_PASSWORD, f->locale, "1234567890123456789012345678901234567890");
|
||||
password_cmd(u, u->thisorder);
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "error321"));
|
||||
CuAssertPtrNotNull(tc, test_find_messagetype(f->msgs, "changepasswd"));
|
||||
CuAssertTrue(tc, checkpasswd(f, "1234567890123456789012345678901"));
|
||||
|
||||
test_teardown();
|
||||
}
|
||||
|
||||
static void test_peasant_migration(CuTest *tc) {
|
||||
region *r1, *r2;
|
||||
int rmax;
|
||||
|
|
Loading…
Reference in a new issue