From 30cbdb0981462229295aa0588b9916dc86058d0f Mon Sep 17 00:00:00 2001 From: Perttu Ahola Date: Sun, 3 Jun 2012 20:32:44 +0300 Subject: [PATCH] Check password hash validity --- src/base64.cpp | 7 +++++++ src/base64.h | 1 + src/server.cpp | 14 ++++++++++++++ 3 files changed, 22 insertions(+) diff --git a/src/base64.cpp b/src/base64.cpp index 0dfba5013..90d4de203 100644 --- a/src/base64.cpp +++ b/src/base64.cpp @@ -38,6 +38,13 @@ static inline bool is_base64(unsigned char c) { return (isalnum(c) || (c == '+') || (c == '/')); } +bool base64_is_valid(std::string const& s) +{ + for(int i=0; i +bool base64_is_valid(std::string const& s); std::string base64_encode(unsigned char const* , unsigned int len); std::string base64_decode(std::string const& s); diff --git a/src/server.cpp b/src/server.cpp index 52e9dc879..97d609503 100644 --- a/src/server.cpp +++ b/src/server.cpp @@ -39,6 +39,7 @@ with this program; if not, write to the Free Software Foundation, Inc., #include "settings.h" #include "profiler.h" #include "log.h" +#include "base64.h" #define PP(x) "("<<(x).X<<","<<(x).Y<<","<<(x).Z<<")" @@ -1961,6 +1962,12 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id) } password[PASSWORD_SIZE-1] = 0; } + + if(!base64_is_valid(password)){ + infostream<<"Server: "<getName()<<" supplied invalid password hash"<