X-Git-Url: https://git.quassel-irc.org/?a=blobdiff_plain;f=src%2Fcore%2Fsqlitestorage.cpp;h=46e2c70e981b580bb798660c6a5fad4852a1792d;hb=d0e9b7a1d5e73041ade519189eea012500440ba9;hp=3b95cf01167da0a5fd42901a142334911cbf336a;hpb=694f9bfbf7f1af19108461c7e00d133e55082bce;p=quassel.git

diff --git a/src/core/sqlitestorage.cpp b/src/core/sqlitestorage.cpp
index 3b95cf01..46e2c70e 100644
--- a/src/core/sqlitestorage.cpp
+++ b/src/core/sqlitestorage.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2005-07 by the Quassel Project                          *
+ *   Copyright (C) 2005-2015 by the Quassel Project                        *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -15,7 +15,7 @@
  *   You should have received a copy of the GNU General Public License     *
  *   along with this program; if not, write to the                         *
  *   Free Software Foundation, Inc.,                                       *
- *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             *
+ *   51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.         *
  ***************************************************************************/
 
 #include "sqlitestorage.h"
@@ -129,7 +129,8 @@ UserId SqliteStorage::addUser(const QString &user, const QString &password)
         QSqlQuery query(db);
         query.prepare(queryString("insert_quasseluser"));
         query.bindValue(":username", user);
-        query.bindValue(":password", cryptedPassword(password));
+        query.bindValue(":password", hashPassword(password));
+        query.bindValue(":hashversion", Storage::HashVersion::Latest);
         lockForWrite();
         safeExec(query);
         if (query.lastError().isValid() && query.lastError().number() == 19) { // user already exists - sadly 19 seems to be the general constraint violation error...
@@ -158,7 +159,8 @@ bool SqliteStorage::updateUser(UserId user, const QString &password)
         QSqlQuery query(db);
         query.prepare(queryString("update_userpassword"));
         query.bindValue(":userid", user.toInt());
-        query.bindValue(":password", cryptedPassword(password));
+        query.bindValue(":password", hashPassword(password));
+        query.bindValue(":hashversion", Storage::HashVersion::Latest);
         lockForWrite();
         safeExec(query);
         success = query.numRowsAffected() != 0;
@@ -190,23 +192,30 @@ void SqliteStorage::renameUser(UserId user, const QString &newName)
 UserId SqliteStorage::validateUser(const QString &user, const QString &password)
 {
     UserId userId;
+    QString hashedPassword;
+    Storage::HashVersion hashVersion;
 
     {
         QSqlQuery query(logDb());
         query.prepare(queryString("select_authuser"));
         query.bindValue(":username", user);
-        query.bindValue(":password", cryptedPassword(password));
 
         lockForRead();
         safeExec(query);
 
         if (query.first()) {
             userId = query.value(0).toInt();
+            hashedPassword = query.value(1).toString();
+            hashVersion = static_cast<Storage::HashVersion>(query.value(2).toInt());
         }
     }
     unlock();
 
-    return userId;
+    UserId returnUserId;
+    if (userId != 0 && checkHashedPassword(userId, password, hashedPassword, hashVersion)) {
+        returnUserId = userId;
+    }
+    return returnUserId;
 }
 
 
@@ -828,9 +837,9 @@ QList<NetworkInfo> SqliteStorage::networks(UserId user)
                 net.networkId = networksQuery.value(0).toInt();
                 net.networkName = networksQuery.value(1).toString();
                 net.identity = networksQuery.value(2).toInt();
-                net.codecForServer = networksQuery.value(3).toString().toAscii();
-                net.codecForEncoding = networksQuery.value(4).toString().toAscii();
-                net.codecForDecoding = networksQuery.value(5).toString().toAscii();
+                net.codecForServer = networksQuery.value(3).toString().toLatin1();
+                net.codecForEncoding = networksQuery.value(4).toString().toLatin1();
+                net.codecForDecoding = networksQuery.value(5).toString().toLatin1();
                 net.useRandomServer = networksQuery.value(6).toInt() == 1 ? true : false;
                 net.perform = networksQuery.value(7).toString().split("\n");
                 net.useAutoIdentify = networksQuery.value(8).toInt() == 1 ? true : false;
@@ -1110,7 +1119,7 @@ BufferInfo SqliteStorage::bufferInfo(UserId user, const NetworkId &networkId, Bu
                 qCritical() << "  bound Values:";
                 QList<QVariant> list = query.boundValues().values();
                 for (int i = 0; i < list.size(); ++i)
-                    qCritical() << i << ":" << list.at(i).toString().toAscii().data();
+                    qCritical() << i << ":" << list.at(i).toString().toLatin1().data();
                 Q_ASSERT(false);
             }
         }