diff options
| author | in2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2006-04-15 11:05:40 +0800 |
|---|---|---|
| committer | in2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2006-04-15 11:05:40 +0800 |
| commit | a4186319d48edc1b1dd8a86a1fd08702a82d72d7 (patch) | |
| tree | 26f6e983075525c00009b37861f5a07f701f4d29 /mbbsd | |
| parent | 93a1a6ad0d5e23ecdf26650b6db6a44fb64f11fd (diff) | |
| download | pttbbs-a4186319d48edc1b1dd8a86a1fd08702a82d72d7.tar pttbbs-a4186319d48edc1b1dd8a86a1fd08702a82d72d7.tar.gz pttbbs-a4186319d48edc1b1dd8a86a1fd08702a82d72d7.tar.bz2 pttbbs-a4186319d48edc1b1dd8a86a1fd08702a82d72d7.tar.lz pttbbs-a4186319d48edc1b1dd8a86a1fd08702a82d72d7.tar.xz pttbbs-a4186319d48edc1b1dd8a86a1fd08702a82d72d7.tar.zst pttbbs-a4186319d48edc1b1dd8a86a1fd08702a82d72d7.zip | |
re-generate new regcodes every time instead of calculating from userid.
XXX: not complete. there should be a program to clean used regcode
files in jobspool/.
git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@3346 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
Diffstat (limited to 'mbbsd')
| -rw-r--r-- | mbbsd/user.c | 79 |
1 files changed, 43 insertions, 36 deletions
diff --git a/mbbsd/user.c b/mbbsd/user.c index 1f9b2130..e043e2da 100644 --- a/mbbsd/user.c +++ b/mbbsd/user.c @@ -483,34 +483,45 @@ void Customize(void) vmsg("設定完成"); } - -char * -getregcode(char *buf) +static char * +makeregcode(char *buf) { - char *uid = &cuser.userid[0]; - int i; + char fpath[PATHLEN]; + int fd, i; + static char *alphabet = "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM"; - /* init seed with magic */ - strlcpy(buf, REGCODE_MAGIC, 14); /* des keys are only 13 byte */ + /* generate a new regcode */ + buf[13] = 0; + buf[0] = 'v'; + buf[1] = '6'; + for( i = 2 ; i < 13 ; ++i ) + buf[i] = alphabet[rand() % 52]; + + /* write to file */ + snprintf(fpath, PATHLEN, "jobspool/.regcode.%s", cuser.userid); + if( (fd = open(fpath, O_WRONLY | O_CREAT, 0600)) == -1 ){ + perror("open"); + exit(1); + } + write(fd, buf, 13); + close(fd); - /* scramble with user id */ - for (i = 0; i < IDLEN && uid[i]; i++) - { - buf[i] ^= uid[i]; - while (!(buf[i] >= '0' && buf[i] <= 'z')) - { - buf[i] = (buf[i] + '0') & 0xff; - buf[i+1] = (buf[i+1] + 0x17) & 0xff; - } + return buf; +} + +static char * +getregcode(char *buf) +{ + int fd; + char fpath[PATHLEN]; + snprintf(fpath, PATHLEN, "jobspool/.regcode.%s", cuser.userid); + if( (fd = open(fpath, O_RDONLY)) == -1 ){ + buf[0] = 0; + return buf; } - /* leave last character untouched anyway */ + read(fd, buf, 13); + close(fd); buf[13] = 0; - - /* real encryption */ - strcpy(buf, crypt(buf, "pd")); - /* hack to prevent trailing dots */ - if (buf[strlen(buf)-1] == '.') - buf[strlen(buf)-1] = 'd'; return buf; } @@ -575,7 +586,7 @@ static void email_justify(const userec_t *muser) * by evil mail servers. */ snprintf(buf, sizeof(buf), - " " BBSENAME " - [ %s ]", getregcode(genbuf)); + " " BBSENAME " - [ %s ]", makeregcode(genbuf)); strlcpy(tmp, cuser.userid, sizeof(tmp)); // XXX dirty, set userid=SYSOP @@ -1650,21 +1661,17 @@ u_register(void) do{ getdata(10, 0, "您的輸入: ", inregcode, sizeof(inregcode), DOECHO); - if ((inregcode[0] == '0' && inregcode[1] == '2') || - (inregcode[0] == 'p' && inregcode[1] == 't') || - 0 - ) - { - /* old regcode */ - vmsg("您輸入的認證碼因系統昇級已失效," - "請輸入 x 重填一次 E-Mail"); - } else if( strcmp(inregcode, "x") == 0 || - strcmp(inregcode, "X") == 0 || - strlen(inregcode) == 13 ) + strcmp(inregcode, "X") == 0 ) break; - if( strlen(inregcode) != 13 ) + if( inregcode[0] != 'v' || inregcode[1] != '6' ) { + /* old regcode */ + vmsg("您輸入的認證碼因系統昇級已失效," + "請輸入 x 重填一次 E-Mail"); + } else if( strlen(inregcode) != 13 ) vmsg("認證碼輸入不完全,應該一共有十三碼。"); + else + break; } while( 1 ); if (strcmp(inregcode, getregcode(regcode)) == 0) { |