oss/luanti
oss/luanti
1
0
Fork 0
mirror of https://github.com/luanti-org/luanti.git synced 2025-08-11 17:51:04 +00:00
Code Wiki Activity

Check password hash validity

Browse source
This commit is contained in:
Perttu Ahola 2012-06-03 20:32:44 +03:00
parent 74aa598769
commit e2ea711136
3 changed files with 21 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/server.cpp
View file

@ -2080,6 +2080,12 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
}
password[PASSWORD_SIZE-1] = 0;
}
if(!base64_is_valid(password)){
infostream<<"Server: "<<playername<<" supplied invalid password hash"<<std::endl;
SendAccessDenied(m_con, peer_id, L"Invalid password hash");
return;
}
std::string checkpwd;
bool has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL);
@ -2790,6 +2796,13 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
newpwd += c;
}
if(!base64_is_valid(newpwd)){
infostream<<"Server: "<<player->getName()<<" supplied invalid password hash"<<std::endl;
// Wrong old password supplied!!
SendChatMessage(peer_id, L"Invalid new password hash supplied. Password NOT changed.");
return;
}
infostream<<"Server: Client requests a password change from "
<<"'"<<oldpwd<<"' to '"<<newpwd<<"'"<<std::endl;