implement rudimentary password authentication

4 files changed, 29 insertions, 2 deletions

diff --git a/bouncer/client.cpp b/bouncer/client.cpp
index 79e97a2..ab133b6 100644
--- a/bouncer/client.cpp
+++ b/bouncer/client.cpp
@@ -150,10 +150,14 @@ void Client::handlePacket(Packet::Type type, char *data, int size) {
 
 			uint32_t lastReceivedByClient = pkt.readU32();
 
+			char pwBuf[512] = "";
+			pkt.readStr(pwBuf, sizeof(pwBuf));
+			if (strcmp(pwBuf, netCore->bouncerPassword.c_str()) != 0)
+				error = 3;
+
 			if (!pkt.readRemains(SESSION_KEY_SIZE))
 				error = 2;
 
-			// Authentication goes here at some point, too
 
 
 			if (error != 0) {
diff --git a/bouncer/core.h b/bouncer/core.h
index 28db1e8..a8f5d9b 100644
--- a/bouncer/core.h
+++ b/bouncer/core.h
@@ -396,6 +396,8 @@ public:
 
 	bool quitFlag;
 
+	std::string bouncerPassword;
+
 	int execute();
 
 	Client *findClientWithSessionKey(uint8_t *key) const;
diff --git a/bouncer/netcore.cpp b/bouncer/netcore.cpp
index f8c484e..98f13a1 100644
--- a/bouncer/netcore.cpp
+++ b/bouncer/netcore.cpp
@@ -329,6 +329,10 @@ void NetCore::loadConfig() {
 	auto sections = INI::load("config.ini");
 
 	for (auto &section : sections) {
+		if (section.title == "Header") {
+			bouncerPassword = section.data["password"];
+		}
+
 		if (section.title == "Server" && serverCount < SERVER_LIMIT) {
 			Server *s = constructServer(section.data["type"].c_str());
 			if (s) {
@@ -342,6 +346,13 @@ void NetCore::loadConfig() {
 void NetCore::saveConfig() {
 	std::list<INI::Section> sections;
 
+	INI::Section header;
+	header.title = "Header";
+
+	header.data["password"] = bouncerPassword;
+
+	sections.push_back(header);
+
 	for (int i = 0; i < serverCount; i++) {
 		INI::Section section;
 		section.title = "Server";
diff --git a/python_client.py b/python_client.py
index fc0ff9b..d30993c 100644
--- a/python_client.py
+++ b/python_client.py
@@ -40,6 +40,7 @@ nextID = 1
 lastReceivedPacketID = 0
 packetCache = []
 packetLock = threading.Lock()
+password = ''
 
 u32 = struct.Struct('<I')
 
@@ -552,7 +553,10 @@ class MainWindow(QtWidgets.QMainWindow):
 		authed = False
 
 	def handleLogin(self):
-		writePacket(0x8001, struct.pack('<II 16s', protocolVer, lastReceivedPacketID, sessionKey), True)
+		encPW = password.encode('utf-8')
+		piece1 = struct.pack('<III', protocolVer, lastReceivedPacketID, len(encPW))
+		piece2 = struct.pack('16s', sessionKey)
+		writePacket(0x8001, piece1 + encPW + piece2, True)
 
 	def handleDebug(self, text):
 		with packetLock:
@@ -569,6 +573,12 @@ class MainWindow(QtWidgets.QMainWindow):
 				writePacket(0x102, struct.pack('<II', wid, len(data)) + data)
 
 
+
+if len(sys.argv) > 1:
+	password = sys.argv[1]
+else:
+	print('No password entered on command line!')
+
 app = QtWidgets.QApplication(sys.argv)
 
 mainwin = MainWindow()