Add minetest.check_password_entry callback

Gives a convenient way to check a player's password. This entirely bypasses the SRP protocol, so should be used with great care. This function is not intended to be used in-game, but solely by external protocols, where no authentication of the minetest engine is provided, and also only for protocols, in which the user already gives the server the plaintext password. Examples for good use are the classical http form, or irc, an example for a bad use is a password change dialog inside formspec. Users should be aware that they lose the advantages of the SRP protocol if they enter their passwords for servers outside the normal entry box, like in in-game formspec menus, or through irc /msg s, This patch also fixes an auth.h mistake which has mixed up the order of params inside the decode_srp_verifier_and_salt function. Zeno-: Added errorstream message for invalid format when I committed
2025-06-27 16:36:03 +00:00 · 2016-05-30 23:27:48 +10:00 · 2016-05-30 23:27:48 +10:00 · 27db929252
commit 27db929252
parent 4134d8ad13
4 changed files with 43 additions and 1 deletions
--- a/src/util/auth.h
+++ b/src/util/auth.h
@ -45,6 +45,6 @@ std::string encode_srp_verifier(const std::string &verifier,
 /// Reads the DB-formatted SRP verifier and gets the verifier
 /// and salt components.
 bool decode_srp_verifier_and_salt(const std::string &encoded,
-	std::string *salt, std::string *bytes_v);
+	std::string *verifier, std::string *salt);

 #endif