diff options
author | Perttu Ahola <celeron55@gmail.com> | 2012-06-03 20:32:44 +0300 |
---|---|---|
committer | Perttu Ahola <celeron55@gmail.com> | 2012-06-03 20:32:44 +0300 |
commit | e2ea71113672de8189d8e0a5b347c8cf08ea2bf6 (patch) | |
tree | f5ac19d887cb7a17db1ff40e8334284bb5e96172 /src/server.cpp | |
parent | 74aa598769b7d6b34af8a3c022ff9b3b79a293eb (diff) | |
download | hax-minetest-server-e2ea71113672de8189d8e0a5b347c8cf08ea2bf6.tar.gz hax-minetest-server-e2ea71113672de8189d8e0a5b347c8cf08ea2bf6.zip |
Check password hash validity
Diffstat (limited to '')
-rw-r--r-- | src/server.cpp | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/server.cpp b/src/server.cpp index 522916a2f..771eb3652 100644 --- a/src/server.cpp +++ b/src/server.cpp @@ -2080,6 +2080,12 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id) } password[PASSWORD_SIZE-1] = 0; } + + if(!base64_is_valid(password)){ + infostream<<"Server: "<<playername<<" supplied invalid password hash"<<std::endl; + SendAccessDenied(m_con, peer_id, L"Invalid password hash"); + return; + } std::string checkpwd; bool has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL); @@ -2790,6 +2796,13 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id) newpwd += c; } + if(!base64_is_valid(newpwd)){ + infostream<<"Server: "<<player->getName()<<" supplied invalid password hash"<<std::endl; + // Wrong old password supplied!! + SendChatMessage(peer_id, L"Invalid new password hash supplied. Password NOT changed."); + return; + } + infostream<<"Server: Client requests a password change from " <<"'"<<oldpwd<<"' to '"<<newpwd<<"'"<<std::endl; |