Skip to content

Commit

Permalink
Remove IRC password functionality
Browse files Browse the repository at this point in the history
  • Loading branch information
Askaholic committed Oct 15, 2023
1 parent 455912e commit 102a2f5
Showing 1 changed file with 7 additions and 24 deletions.
31 changes: 7 additions & 24 deletions server/lobbyconnection.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,11 @@
from binascii import hexlify
from datetime import datetime
from functools import wraps
from hashlib import md5
from typing import Optional

import aiohttp
from sqlalchemy import and_, func, select
from sqlalchemy.exc import DBAPIError, OperationalError, ProgrammingError
from sqlalchemy.exc import DBAPIError

import server.metrics as metrics
from server.db import FAFDatabase
Expand Down Expand Up @@ -511,14 +510,16 @@ async def command_auth(self, message):

username = row.login

new_irc_password = hexlify(os.urandom(16)).decode()
# DEPRECATED: IRC passwords are handled outside of the lobby server.
# This message remains here for backwards compatibility, but the data
# sent is meaningless and can be ignored by clients.
await self.send({
"command": "irc_password",
"password": new_irc_password
"password": hexlify(os.urandom(16)).decode()
})

await self.on_player_login(
player_id, username, new_irc_password, unique_id, auth_method
player_id, username, unique_id, auth_method
)

async def command_hello(self, message):
Expand All @@ -543,14 +544,13 @@ async def command_hello(self, message):
)

await self.on_player_login(
player_id, username, password, unique_id, "password"
player_id, username, unique_id, "password"
)

async def on_player_login(
self,
player_id: int,
username: str,
password: str,
unique_id: str,
method: str
):
Expand Down Expand Up @@ -582,7 +582,6 @@ async def on_player_login(
last_login=func.now()
)
)
await self.update_irc_password(conn, username, password)

self.player = Player(
login=username,
Expand Down Expand Up @@ -679,22 +678,6 @@ async def on_player_login(

await self.send_game_list()

async def update_irc_password(self, conn, login, password):
# Since the password is hashed on the client, what we get at this point
# is really md5(md5(sha256(password))). This is entirely insane.
temp = md5(password.encode()).hexdigest()
irc_pass = "md5:" + md5(temp.encode()).hexdigest()

try:
await conn.execute(
"UPDATE anope.anope_db_NickCore "
"SET pass = :passwd WHERE display = :display",
passwd=irc_pass,
display=login
)
except (OperationalError, ProgrammingError):
self._logger.error("Failure updating NickServ password for %s", login)

async def command_restore_game_session(self, message):
assert self.player is not None

Expand Down

0 comments on commit 102a2f5

Please sign in to comment.