X-Git-Url: https://git.r.bdr.sh/rbdr/mobius/blobdiff_plain/22c599abc18895f73e96095f35b71cf3357d41b4..0db54aa79140c6656f99a851f582c84a0de04233:/hotline/user.go?ds=inline

diff --git a/hotline/user.go b/hotline/user.go
index f80fd72..ff4006a 100644
--- a/hotline/user.go
+++ b/hotline/user.go
@@ -2,6 +2,8 @@ package hotline
 
 import (
 	"encoding/binary"
+	"golang.org/x/crypto/bcrypt"
+	"log"
 )
 
 // User flags are stored as a 2 byte bitmap with the following values:
@@ -12,6 +14,13 @@ const (
 	userFLagRefusePChat = 3 // User refuses private chat
 )
 
+// fieldOptions flags are sent from v1.5+ clients as part of tranAgreed
+const (
+	refusePM     = 0 // User has "Refuse private messages" pref set
+	refuseChat   = 1 // User has "Refuse private chat" pref set
+	autoResponse = 2 // User has "Automatic response" pref set
+)
+
 type User struct {
 	ID    []byte // Size 2
 	Icon  []byte // Size 2
@@ -51,19 +60,35 @@ func ReadUser(b []byte) (*User, error) {
 
 // DecodeUserString decodes an obfuscated user string from a client
 // e.g. 98 8a 9a 8c 8b => "guest"
-func DecodeUserString(encodedString []byte) (decodedString string) {
-	for _, char := range encodedString {
-		decodedString += string(rune(255 - uint(char)))
+func DecodeUserString(obfuText []byte) (clearText string) {
+	for _, char := range obfuText {
+		clearText += string(rune(255 - uint(char)))
+	}
+	return clearText
+}
+
+// negateString takes []byte s containing cleartext and rotates by 255 into obfuscated cleartext.
+// The Hotline protocol uses this format for sending passwords over network.
+// Not secure, but hey, it was the 90s!
+func negateString(clearText []byte) []byte {
+	obfuText := make([]byte, len(clearText))
+	for i := 0; i < len(clearText); i++ {
+		obfuText[i] = 255 - clearText[i]
 	}
-	return decodedString
+	return obfuText
 }
 
-// Take a []byte of uncoded ascii as input and encode it
-// TODO: change the method signature to take a string and return []byte
-func NegatedUserString(encodedString []byte) string {
-	var decodedString string
-	for _, char := range encodedString {
-		decodedString += string(255 - uint8(char))[1:]
+func hashAndSalt(pwd []byte) string {
+	// Use GenerateFromPassword to hash & salt pwd.
+	// MinCost is just an integer constant provided by the bcrypt
+	// package along with DefaultCost & MaxCost.
+	// The cost can be any value you want provided it isn't lower
+	// than the MinCost (4)
+	hash, err := bcrypt.GenerateFromPassword(pwd, bcrypt.MinCost)
+	if err != nil {
+		log.Println(err)
 	}
-	return decodedString
+	// GenerateFromPassword returns a byte slice so we need to
+	// convert the bytes to a string and return it
+	return string(hash)
 }