case AUTH_MECHANISM_FIRST_SRP:
break;
case AUTH_MECHANISM_SRP:
+ case AUTH_MECHANISM_LEGACY_PASSWORD:
srp_user_delete((SRPUser *) m_auth_data);
m_auth_data = NULL;
break;
- case AUTH_MECHANISM_LEGACY_PASSWORD:
case AUTH_MECHANISM_NONE:
break;
}
if (mechs & AUTH_MECHANISM_FIRST_SRP)
return AUTH_MECHANISM_FIRST_SRP;
+ if (mechs & AUTH_MECHANISM_LEGACY_PASSWORD)
+ return AUTH_MECHANISM_LEGACY_PASSWORD;
+
return AUTH_MECHANISM_NONE;
}
Send(&resp_pkt);
break;
}
- case AUTH_MECHANISM_SRP: {
- u8 legacy_based_on = 1;
+ case AUTH_MECHANISM_SRP:
+ case AUTH_MECHANISM_LEGACY_PASSWORD: {
+ u8 based_on = 1;
+
+ if (chosen_auth_mechanism == AUTH_MECHANISM_LEGACY_PASSWORD) {
+ m_password = translate_password(getPlayerName(), m_password);
+ based_on = 0;
+ }
std::string playername_u = lowercase(getPlayerName());
m_auth_data = srp_user_new(SRP_SHA256, SRP_NG_2048,
FATAL_ERROR_IF(res != SRP_OK, "Creating local SRP user failed.");
NetworkPacket resp_pkt(TOSERVER_SRP_BYTES_A, 0);
- resp_pkt << std::string(bytes_A, len_A) << legacy_based_on;
+ resp_pkt << std::string(bytes_A, len_A) << based_on;
Send(&resp_pkt);
break;
}
- case AUTH_MECHANISM_LEGACY_PASSWORD:
case AUTH_MECHANISM_NONE:
break; // not handled in this method
}
{
case CSE_AuthAccept:
m_state = CS_AwaitingInit2;
- if (chosen_mech == AUTH_MECHANISM_SRP)
+ if (chosen_mech == AUTH_MECHANISM_SRP ||
+ chosen_mech == AUTH_MECHANISM_LEGACY_PASSWORD)
srp_verifier_delete((SRPVerifier *) auth_data);
chosen_mech = AUTH_MECHANISM_NONE;
break;
break;
case CSE_SetDenied:
m_state = CS_Denied;
- if (chosen_mech == AUTH_MECHANISM_SRP)
+ if (chosen_mech == AUTH_MECHANISM_SRP ||
+ chosen_mech == AUTH_MECHANISM_LEGACY_PASSWORD)
srp_verifier_delete((SRPVerifier *) auth_data);
chosen_mech = AUTH_MECHANISM_NONE;
break;
// we recieved a TOCLIENT_HELLO while auth was already going on
errorstream << "Client: TOCLIENT_HELLO while auth was already going on"
<< "(chosen_mech=" << m_chosen_auth_mech << ")." << std::endl;
- if (m_chosen_auth_mech == AUTH_MECHANISM_SRP) {
+ if (m_chosen_auth_mech == AUTH_MECHANISM_SRP ||
+ m_chosen_auth_mech == AUTH_MECHANISM_LEGACY_PASSWORD) {
srp_user_delete((SRPUser *) m_auth_data);
m_auth_data = 0;
}
void Client::handleCommand_SrpBytesSandB(NetworkPacket* pkt)
{
- if (m_chosen_auth_mech != AUTH_MECHANISM_SRP) {
+ if (m_chosen_auth_mech != AUTH_MECHANISM_SRP &&
+ m_chosen_auth_mech != AUTH_MECHANISM_LEGACY_PASSWORD) {
errorstream << "Client: Received SRP S_B login message,"
<< " but wasn't supposed to (chosen_mech="
<< m_chosen_auth_mech << ")." << std::endl;
DenyAccess(pkt->getPeerId(), SERVER_ACCESSDENIED_SERVER_FAIL);
return;
}
+ } else if (base64_is_valid(encpwd)) {
+ auth_mechs |= AUTH_MECHANISM_LEGACY_PASSWORD;
+ client->enc_pwd = encpwd;
} else {
actionstream << "User " << playername
<< " tried to log in, but password field"
<< "based_on=" << int(based_on) << " and len_A="
<< bytes_A.length() << "." << std::endl;
- AuthMechanism chosen = AUTH_MECHANISM_SRP;
+ AuthMechanism chosen = (based_on == 0) ?
+ AUTH_MECHANISM_LEGACY_PASSWORD : AUTH_MECHANISM_SRP;
if (wantSudo) {
if (!client->isSudoMechAllowed(chosen)) {
return;
}
- if (client->chosen_mech != AUTH_MECHANISM_SRP) {
+ if (client->chosen_mech != AUTH_MECHANISM_SRP &&
+ client->chosen_mech != AUTH_MECHANISM_LEGACY_PASSWORD) {
actionstream << "Server: got SRP _M packet, while auth"
<< "is going on with mech " << client->chosen_mech
<< " from " << getPeerAddress(pkt->getPeerId()).serializeString()
projects / oweals / minetest.git / commitdiff