aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorest31 <MTest31@outlook.com>2015-12-02 18:26:09 +0100
committerest31 <MTest31@outlook.com>2015-12-02 18:32:14 +0100
commit89168a7ec8fe31715a4ca321a6e0ccb2d4972257 (patch)
tree24972faeec510c02a0c90771314ec3f3d853f59a /doc
parente51ea66bd087e56b2e446f64bd4d185b4786325c (diff)
downloadminetest-89168a7ec8fe31715a4ca321a6e0ccb2d4972257.tar.gz
minetest-89168a7ec8fe31715a4ca321a6e0ccb2d4972257.tar.bz2
minetest-89168a7ec8fe31715a4ca321a6e0ccb2d4972257.zip
Document limitations of minetest.get_password_hash
Diffstat (limited to 'doc')
-rw-r--r--doc/lua_api.txt6
1 files changed, 5 insertions, 1 deletions
diff --git a/doc/lua_api.txt b/doc/lua_api.txt
index 11f90ba03..4799a30fa 100644
--- a/doc/lua_api.txt
+++ b/doc/lua_api.txt
@@ -1921,7 +1921,11 @@ Call these functions only at load time!
* Should be called by the authentication handler if privileges changes.
* To report everybody, set `name=nil`.
* `minetest.get_password_hash(name, raw_password)`
- * Convert a name-password pair to a password hash that Minetest can use
+ * Convert a name-password pair to a password hash that Minetest can use.
+ * The returned value alone is not a good basis for password checks based
+ * on comparing the password hash in the database with the password hash
+ * from the function, with an externally provided password, as the hash
+ * in the db might use the new SRP verifier format.
* `minetest.string_to_privs(str)`: returns `{priv1=true,...}`
* `minetest.privs_to_string(privs)`: returns `"priv1,priv2,..."`
* Convert between two privilege representations