Upgrade encryption of user passwords

mudcoders / guildmud

A SocketMUD-based Multi-User Dungeon built and managed by the members of The MUD Coders Guild.

MIT License

26 stars 12 forks source link

Upgrade encryption of user passwords #18

Closed rogersm closed 6 years ago

rogersm commented 6 years ago

Currently guildmud is using the old unix crypt(3) function to encrypt user passwords.

Before PR 6 guildmud used the OS crypt, but this required some external linkage and was not supported by some unices. To ensure compilation in as many OS as possibles PR 6 added the crypt code from unix v7 to the guildmud basecode.

The problem is the standard crypt has been broken for more than 10 years and we need to provide something more secure.

Current standard is to deploy bcrypt. My proposal is to deploy bcrypt, but before that I need your opinion:

Should we expect the user to install it so we can link it? or
- we include the three src files (it adds up as an extra 60 kbytes) to our codebase reducing compiling complexity?

For review, package can be found here, filename is crypt_blowfish.1.3.tar.gz

Comments?

zachflower commented 6 years ago

My personal preference is to include the src files to increase portability (a handful of web frameworks I've seen prefer to use a built-in bcrypt over an external library). Anyone else have any thoughts?

xenith commented 6 years ago

I've been a long-time open source developer, so I always tend to err on the side of not bundling dependencies unless you have a good way to keep them updated (like how it works with cargo in Rust, npm in Node, or whatever dependency manager de jour in Go).

That being said, I always bundle Lua when I use it....so there's that. I won't object either way.

zachflower commented 6 years ago

I agree with this, but C is the exception in that it isn't afforded the same package management as more modern languages.

Speaking of which, are there any package managers for C? Because I'd push to use one of there is.

xenith commented 6 years ago

I'm pretty sure the vast majority of people just use the distribution package managers when it comes to C programs/libraries. I seem to recall every time someone tries to build a package manager for C similar to the other tools I mentioned, it turns out awful and gets no uptake.

rogersm commented 6 years ago

Ok, let's add the three files in the codebase for now. I will also create a tool to set/check the passwords from the operating system so the sysadm can change them from outside the mud.

rogersm commented 6 years ago

Closing the issue after PR22 has been merged.