Installation Instructions - MD5 Replacement
-------------------------------------------

1. Place the sha256.c and sha256.h files in your src directory.

   In the Makefile, add sha256.c and sha256.o to the appropriate sections.

2. Open act_info.c and locate the following in do_password:

   /*
    * No tilde allowed because of player file format.
    */
   pwdnew = smaug_crypt( arg2 );
   for( p = pwdnew; *p != '\0'; p++ )
   {
      if( *p == '~' )
      {
         send_to_char( "New password not acceptable, try again.\n\r", ch );
         return;
      }
   }

   Replace that with the following:

   pwdnew = sha256_crypt( arg2 );   /* SHA-256 Encryption */

3. Open act_wiz.c and find the do_form_password function.

   Replace that function with the following:

void do_form_password( CHAR_DATA* ch, const char* argument )
{
   char *pwcheck;

   set_char_color( AT_IMMORT, ch );

   if( !argument || argument[0] == '\0' )
   {
      send_to_char( "Usage: formpass <password>\r\n", ch );
      return;
   }

   /*
    * This is arbitrary to discourage weak passwords 
    */
   if( strlen( argument ) < 5 )
   {
      send_to_char( "Usage: formpass <password>\r\n", ch );
      send_to_char( "New password must be at least 5 characters in length.\r\n", ch );
      return;
   }

   if( argument[0] == '!' )
   {
      send_to_char( "Usage: formpass <password>\r\n", ch );
      send_to_char( "New password cannot begin with the '!' character.\r\n", ch );
      return;
   }

   pwcheck = sha256_crypt( argument );
   ch_printf( ch, "%s results in the encrypted string: %s\r\n", argument, pwcheck );
}

4. Open build.c, and directly below the include statement for mud.h, add the following:

#include "sha256.h"

   Then locate the following in do_mset:

      /*
       * No tilde allowed because of player file format.
       */
      pwdnew = smaug_crypt( arg3 );
      for( p = pwdnew; *p != '\0'; p++ )
      {
         if( *p == '~' )
         {
            send_to_char( "New password not acceptable, try again.\n\r", ch );
            return;
         }
      }

   Replace that with the following:

      pwdnew = sha256_crypt( arg3 );   /* SHA-256 Encryption */

5. Open save.c and locate the SAVEVERSION definition.
   Add one too it.

   Then in fread_char, locate the following line:

            KEY( "Version", file_ver, fread_number( fp ) );

   Replace it with the following:

            if( !str_cmp( word, "Version" ) )
            {
               file_ver = fread_number( fp );
               ch->pcdata->version = file_ver;
               fMatch = TRUE;
               break;
            }

6. Open comm.c and directly below the include statement for mud.h, add the following:

#include "sha256.h"

   Then in nanny, locate the following:

    case CON_GET_OLD_PASSWORD:
	write_to_buffer( d, "\r\n", 2 );

         if( str_cmp( smaug_crypt( argument ), ch->pcdata->pwd ) )
         {
            write_to_buffer( d, "Wrong password, disconnecting.\n\r", 0 );
            /*
             * clear descriptor pointer to get rid of bug message in log 
             */
            d->character->desc = NULL;
            close_socket( d, FALSE );
            return;
         }

	write_to_buffer( d, echo_on_str, 0 );

	if ( check_playing( d, ch->pcdata->filename, TRUE ) )
	    return;

	chk = check_reconnect( d, ch->pcdata->filename, TRUE );
	if ( chk == BERR )
	{
	    if ( d->character && d->character->desc )
	      d->character->desc = NULL;
	    close_socket( d, FALSE );
	    return;
	}
	if ( chk == TRUE )
	  return;

	sprintf( buf, ch->pcdata->filename );
	d->character->desc = NULL;
	free_char( d->character );
	d->character = NULL;
	fOld = load_char_obj( d, buf, FALSE );
	ch = d->character;
        if ( ch->position ==  POS_FIGHTING
          || ch->position ==  POS_EVASIVE
          || ch->position ==  POS_DEFENSIVE
          || ch->position ==  POS_AGGRESSIVE
          || ch->position ==  POS_BERSERK )
		ch->position = POS_STANDING;

	sprintf( log_buf, "%s@%s(%s) has connected.", ch->pcdata->filename, 
		d->host, d->user );
	if ( ch->level < LEVEL_DEMI )
	{
	  /*to_channel( log_buf, CHANNEL_MONITOR, "Monitor", ch->level );*/
	  log_string_plus( log_buf, LOG_COMM, sysdata.log_level );
	}
	else
	  log_string_plus( log_buf, LOG_COMM, ch->level );
	show_title(d);
	break;

   Replace all that with the following:

    case CON_GET_OLD_PASSWORD:
      write_to_buffer( d, "\r\n", 2 );

      if( ch->pcdata->version < THE_NEW_VALUE_YOU_CHANGED_SAVEVERSION_TO )
      {
	   if( str_cmp( smaug_crypt( argument ), ch->pcdata->pwd ) )
	   {
	      write_to_buffer( d, "Wrong password, disconnecting.\r\n", 0 );
	      /* clear descriptor pointer to get rid of bug message in log */
	      d->character->desc = NULL;
	      close_socket( d, FALSE );
	      return;
	   }
      }
      else
      {
         /* This if check is what you will want to keep once it is no longer necessary to convert pfiles */
         if( str_cmp( sha256_crypt( argument ), ch->pcdata->pwd ) )
         {
            write_to_buffer( d, "Wrong password, disconnecting.\r\n", 0 );
            /* clear descriptor pointer to get rid of bug message in log */
            d->character->desc = NULL;
            close_socket( d, FALSE );
            return;
         }
      }

      write_to_buffer( d, echo_on_str, 0 );

      if( check_playing( d, ch->pcdata->filename, TRUE ) )
         return;

      chk = check_reconnect( d, ch->pcdata->filename, TRUE );
      if( chk == BERR )
      {
         if( d->character && d->character->desc )
            d->character->desc = NULL;
         close_socket( d, FALSE );
         return;
      }
      if( chk == TRUE )
         return;

      strncpy( buf, ch->pcdata->filename, MAX_STRING_LENGTH );
      d->character->desc = NULL;
      free_char( d->character );
      d->character = NULL;
      fOld = load_char_obj( d, buf, FALSE );
      ch = d->character;
      if( ch->position > POS_SITTING && ch->position < POS_STANDING )
         ch->position = POS_STANDING;

      sprintf( log_buf, "%s@%s(%s) has connected.", ch->pcdata->filename, d->host, d->user );
      log_string_plus( log_buf, LOG_COMM, sysdata.log_level );
      if( ch->pcdata->version < THE_NEW_VALUE_YOU_CHANGED_SAVEVERSION_TO )
      {
         DISPOSE( ch->pcdata->pwd );
         ch->pcdata->pwd = str_dup( sha256_crypt( argument ) );
      }
      show_title(d);
      break;

   Then further down in CON_GET_NEW_PASSWORD, locate the following line:

         pwdnew = smaug_crypt( argument );   /* MD5 Encryption */
         for( p = pwdnew; *p != '\0'; p++ )
         {
            if( *p == '~' )
            {
               write_to_buffer( d, "New password not acceptable, cannot use the ~ character.\n\rPassword: ", 0 );
               return;
            }
         }

   Replace it with the following:

         pwdnew = sha256_crypt( argument );   /* SHA-256 Encryption */

   Then further down in CON_CONFIRM_NEW_PASSWORD, locate the following:

         if( str_cmp( smaug_crypt( argument ), ch->pcdata->pwd ) )
         {
            write_to_buffer( d, "Passwords don't match.\n\rRetype password: ", 0 );
            d->connected = CON_GET_NEW_PASSWORD;
            return;
         }

   Replace it with the following:

         if( str_cmp( sha256_crypt( argument ), ch->pcdata->pwd ) )
         {
            write_to_buffer( d, "Passwords don't match.\r\nRetype password: ", 0 );
            d->connected = CON_GET_NEW_PASSWORD;
            return;
         }

7. Make clean, and compile. Before rebooting, it would be wise at this stage to backup your pfiles just in case.