From 62d15ac7c1fcd7214a9e45d46bbc560f998edb95 Mon Sep 17 00:00:00 2001 From: red-001 Date: Sat, 28 May 2016 04:37:28 +0100 Subject: Add base64 encoding and decoding to the lua api. (#3919) --- src/script/lua_api/l_util.h | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/script/lua_api/l_util.h') diff --git a/src/script/lua_api/l_util.h b/src/script/lua_api/l_util.h index 6fac7e7eb..779dbe281 100644 --- a/src/script/lua_api/l_util.h +++ b/src/script/lua_api/l_util.h @@ -95,6 +95,12 @@ private: // request_insecure_environment() static int l_request_insecure_environment(lua_State *L); + // encode_base64(string) + static int l_encode_base64(lua_State *L); + + // decode_base64(string) + static int l_decode_base64(lua_State *L); + public: static void Initialize(lua_State *L, int top); -- cgit v1.2.3 From 27db92925261ed6646d0a1c0512711ab3aeb5fb8 Mon Sep 17 00:00:00 2001 From: est31 Date: Mon, 30 May 2016 23:27:48 +1000 Subject: Add minetest.check_password_entry callback Gives a convenient way to check a player's password. This entirely bypasses the SRP protocol, so should be used with great care. This function is not intended to be used in-game, but solely by external protocols, where no authentication of the minetest engine is provided, and also only for protocols, in which the user already gives the server the plaintext password. Examples for good use are the classical http form, or irc, an example for a bad use is a password change dialog inside formspec. Users should be aware that they lose the advantages of the SRP protocol if they enter their passwords for servers outside the normal entry box, like in in-game formspec menus, or through irc /msg s, This patch also fixes an auth.h mistake which has mixed up the order of params inside the decode_srp_verifier_and_salt function. Zeno-: Added errorstream message for invalid format when I committed --- doc/lua_api.txt | 9 +++++++++ src/script/lua_api/l_util.cpp | 30 ++++++++++++++++++++++++++++++ src/script/lua_api/l_util.h | 3 +++ src/util/auth.h | 2 +- 4 files changed, 43 insertions(+), 1 deletion(-) (limited to 'src/script/lua_api/l_util.h') diff --git a/doc/lua_api.txt b/doc/lua_api.txt index 03f2dad32..82a0acbee 100644 --- a/doc/lua_api.txt +++ b/doc/lua_api.txt @@ -1951,12 +1951,21 @@ Call these functions only at load time! * `minetest.notify_authentication_modified(name)` * Should be called by the authentication handler if privileges changes. * To report everybody, set `name=nil`. +* `minetest.check_password_entry(name, entry, password)` + * Returns true if the "db entry" for a player with name matches given + * password, false otherwise. + * The "db entry" is the usually player-individual value that is derived + * from the player's chosen password and stored on the server in order to allow + * authentication whenever the player desires to log in. + * Only use this function for making it possible to log in via the password from + * via protocols like IRC, other uses for inside the game are frowned upon. * `minetest.get_password_hash(name, raw_password)` * Convert a name-password pair to a password hash that Minetest can use. * The returned value alone is not a good basis for password checks based * on comparing the password hash in the database with the password hash * from the function, with an externally provided password, as the hash * in the db might use the new SRP verifier format. + * For this purpose, use minetest.check_password_entry instead. * `minetest.string_to_privs(str)`: returns `{priv1=true,...}` * `minetest.privs_to_string(privs)`: returns `"priv1,priv2,..."` * Convert between two privilege representations diff --git a/src/script/lua_api/l_util.cpp b/src/script/lua_api/l_util.cpp index e90b7fbcf..d090fc91c 100644 --- a/src/script/lua_api/l_util.cpp +++ b/src/script/lua_api/l_util.cpp @@ -246,6 +246,35 @@ int ModApiUtil::l_get_hit_params(lua_State *L) return 1; } +// check_password_entry(name, entry, password) +int ModApiUtil::l_check_password_entry(lua_State *L) +{ + NO_MAP_LOCK_REQUIRED; + std::string name = luaL_checkstring(L, 1); + std::string entry = luaL_checkstring(L, 2); + std::string password = luaL_checkstring(L, 3); + + if (base64_is_valid(entry)) { + std::string hash = translate_password(name, password); + lua_pushboolean(L, hash == entry); + return 1; + } + + std::string salt; + std::string verifier; + + if (!decode_srp_verifier_and_salt(entry, &verifier, &salt)) { + // invalid format + warningstream << "Invalid password format for " << name << std::endl; + lua_pushboolean(L, false); + return 1; + } + std::string gen_verifier = generate_srp_verifier(name, password, salt); + + lua_pushboolean(L, gen_verifier == verifier); + return 1; +} + // get_password_hash(name, raw_password) int ModApiUtil::l_get_password_hash(lua_State *L) { @@ -449,6 +478,7 @@ void ModApiUtil::Initialize(lua_State *L, int top) API_FCT(get_dig_params); API_FCT(get_hit_params); + API_FCT(check_password_entry); API_FCT(get_password_hash); API_FCT(is_yes); diff --git a/src/script/lua_api/l_util.h b/src/script/lua_api/l_util.h index 779dbe281..3012d55aa 100644 --- a/src/script/lua_api/l_util.h +++ b/src/script/lua_api/l_util.h @@ -71,6 +71,9 @@ private: // get_hit_params(groups, tool_capabilities[, time_from_last_punch]) static int l_get_hit_params(lua_State *L); + // check_password_entry(name, entry, password) + static int l_check_password_entry(lua_State *L); + // get_password_hash(name, raw_password) static int l_get_password_hash(lua_State *L); diff --git a/src/util/auth.h b/src/util/auth.h index 1fd6ab453..7cdc7d74d 100644 --- a/src/util/auth.h +++ b/src/util/auth.h @@ -45,6 +45,6 @@ std::string encode_srp_verifier(const std::string &verifier, /// Reads the DB-formatted SRP verifier and gets the verifier /// and salt components. bool decode_srp_verifier_and_salt(const std::string &encoded, - std::string *salt, std::string *bytes_v); + std::string *verifier, std::string *salt); #endif -- cgit v1.2.3 From 7607b0ac2065a50a9b68b22909ab40738f2d08e8 Mon Sep 17 00:00:00 2001 From: ShadowNinja Date: Tue, 6 May 2014 22:31:35 -0400 Subject: Add version API --- builtin/mainmenu/tab_credits.lua | 3 ++- doc/lua_api.txt | 11 +++++++++++ src/script/lua_api/l_mainmenu.cpp | 9 --------- src/script/lua_api/l_mainmenu.h | 2 -- src/script/lua_api/l_util.cpp | 29 +++++++++++++++++++++++++++++ src/script/lua_api/l_util.h | 3 +++ 6 files changed, 45 insertions(+), 12 deletions(-) (limited to 'src/script/lua_api/l_util.h') diff --git a/builtin/mainmenu/tab_credits.lua b/builtin/mainmenu/tab_credits.lua index 4d2ffd7f4..9b6045263 100644 --- a/builtin/mainmenu/tab_credits.lua +++ b/builtin/mainmenu/tab_credits.lua @@ -76,8 +76,9 @@ return { caption = fgettext("Credits"), cbf_formspec = function(tabview, name, tabdata) local logofile = defaulttexturedir .. "logo.png" + local version = core.get_version() return "image[0.5,1;" .. core.formspec_escape(logofile) .. "]" .. - "label[0.5,3.2;Minetest " .. core.get_version() .. "]" .. + "label[0.5,3.2;" .. version.project .. " " .. version.string .. "]" .. "label[0.5,3.5;http://minetest.net]" .. "tablecolumns[color;text]" .. "tableoptions[background=#00000000;highlight=#00000000;border=false]" .. diff --git a/doc/lua_api.txt b/doc/lua_api.txt index da90f93d2..497864fac 100644 --- a/doc/lua_api.txt +++ b/doc/lua_api.txt @@ -1908,6 +1908,17 @@ Helper functions * nil: return all entries, * true: return only subdirectory names, or * false: return only file names. +* `minetest.get_version()`: returns a table containing components of the + engine version. Components: + * `project`: Name of the project, eg, "Minetest" + * `string`: Simple version, eg, "1.2.3-dev" + * `hash`: Full git version (only set if available), eg, "1.2.3-dev-01234567-dirty" + Use this for informational purposes only. The information in the returned + table does not represent the capabilities of the engine, nor is it + reliable or verifyable. Compatible forks will have a different name and + version entirely. To check for the presence of engine features, test + whether the functions exported by the wanted features exist. For example: + `if core.nodeupdate then ... end`. ### Logging * `minetest.debug(...)` diff --git a/src/script/lua_api/l_mainmenu.cpp b/src/script/lua_api/l_mainmenu.cpp index 8b078eafd..4a2484613 100644 --- a/src/script/lua_api/l_mainmenu.cpp +++ b/src/script/lua_api/l_mainmenu.cpp @@ -955,13 +955,6 @@ int ModApiMainMenu::l_show_file_open_dialog(lua_State *L) return 0; } -/******************************************************************************/ -int ModApiMainMenu::l_get_version(lua_State *L) -{ - lua_pushstring(L, g_version_string); - return 1; -} - /******************************************************************************/ int ModApiMainMenu::l_sound_play(lua_State *L) { @@ -1157,7 +1150,6 @@ void ModApiMainMenu::Initialize(lua_State *L, int top) API_FCT(extract_zip); API_FCT(get_mainmenu_path); API_FCT(show_file_open_dialog); - API_FCT(get_version); API_FCT(download_file); API_FCT(get_modstore_details); API_FCT(get_modstore_list); @@ -1188,7 +1180,6 @@ void ModApiMainMenu::InitializeAsync(AsyncEngine& engine) ASYNC_API_FCT(delete_dir); ASYNC_API_FCT(copy_dir); //ASYNC_API_FCT(extract_zip); //TODO remove dependency to GuiEngine - ASYNC_API_FCT(get_version); ASYNC_API_FCT(download_file); ASYNC_API_FCT(get_modstore_details); ASYNC_API_FCT(get_modstore_list); diff --git a/src/script/lua_api/l_mainmenu.h b/src/script/lua_api/l_mainmenu.h index 405af25e8..ad5155ac6 100644 --- a/src/script/lua_api/l_mainmenu.h +++ b/src/script/lua_api/l_mainmenu.h @@ -79,8 +79,6 @@ private: static int l_delete_favorite(lua_State *L); - static int l_get_version(lua_State *L); - static int l_sound_play(lua_State *L); static int l_sound_stop(lua_State *L); diff --git a/src/script/lua_api/l_util.cpp b/src/script/lua_api/l_util.cpp index fa2d15b03..818c1aeeb 100644 --- a/src/script/lua_api/l_util.cpp +++ b/src/script/lua_api/l_util.cpp @@ -33,8 +33,11 @@ with this program; if not, write to the Free Software Foundation, Inc., #include "settings.h" #include "util/auth.h" #include "util/base64.h" +#include "config.h" +#include "version.h" #include + // log([level,] text) // Writes a line to the logger. // The one-argument version logs to infostream. @@ -302,12 +305,14 @@ int ModApiUtil::l_is_yes(lua_State *L) return 1; } +// get_builtin_path() int ModApiUtil::l_get_builtin_path(lua_State *L) { NO_MAP_LOCK_REQUIRED; std::string path = porting::path_share + DIR_DELIM + "builtin"; lua_pushstring(L, path.c_str()); + return 1; } @@ -460,6 +465,26 @@ int ModApiUtil::l_request_insecure_environment(lua_State *L) return 1; } +// get_version() +int ModApiUtil::l_get_version(lua_State *L) +{ + lua_createtable(L, 0, 3); + int table = lua_gettop(L); + + lua_pushstring(L, PROJECT_NAME_C); + lua_setfield(L, table, "project"); + + lua_pushstring(L, g_version_string); + lua_setfield(L, table, "string"); + + if (strcmp(g_version_string, g_version_hash)) { + lua_pushstring(L, g_version_hash); + lua_setfield(L, table, "hash"); + } + + return 1; +} + void ModApiUtil::Initialize(lua_State *L, int top) { @@ -496,6 +521,8 @@ void ModApiUtil::Initialize(lua_State *L, int top) API_FCT(encode_base64); API_FCT(decode_base64); + + API_FCT(get_version); } void ModApiUtil::InitializeAsync(AsyncEngine& engine) @@ -525,5 +552,7 @@ void ModApiUtil::InitializeAsync(AsyncEngine& engine) ASYNC_API_FCT(encode_base64); ASYNC_API_FCT(decode_base64); + + ASYNC_API_FCT(get_version); } diff --git a/src/script/lua_api/l_util.h b/src/script/lua_api/l_util.h index 3012d55aa..9910704b3 100644 --- a/src/script/lua_api/l_util.h +++ b/src/script/lua_api/l_util.h @@ -104,6 +104,9 @@ private: // decode_base64(string) static int l_decode_base64(lua_State *L); + // get_version() + static int l_get_version(lua_State *L); + public: static void Initialize(lua_State *L, int top); -- cgit v1.2.3