aboutsummaryrefslogtreecommitdiff
path: root/src/util/auth.cpp
diff options
context:
space:
mode:
authorest31 <MTest31@outlook.com>2016-08-22 04:27:44 +0200
committerest31 <MTest31@outlook.com>2016-08-22 20:23:28 +0200
commitd767f025cb0d5cca29c1f2147d2a0931a088b717 (patch)
treeeddc886ed5e6f09e43fa6c4224e4e14d5a840608 /src/util/auth.cpp
parent0b0075e6ad0b3110cabdfc92cedb0a24d2b5ec42 (diff)
downloadminetest-d767f025cb0d5cca29c1f2147d2a0931a088b717.tar.gz
minetest-d767f025cb0d5cca29c1f2147d2a0931a088b717.tar.bz2
minetest-d767f025cb0d5cca29c1f2147d2a0931a088b717.zip
Client: disable pre v25 init sending by default
Disable the ability to connect to old servers by default to improve password security. If people still want to connect to old (0.4.12 and earlier) servers, they can flip the send_pre_v25_init setting. Add the ability to detect if we've tried to connect to a server which only supports the pre v25 init protocol, and show an apropriate error message. Most times the error will already be catched at the serverlist level, the detection mechanism only acts as last resort, because the "Connection timed out" error message that would be shown otherwise would be very confusing. Automatic "fixing" of this condition is not desired, as it would allow for downgrade attacks. As already 161 of the 167 servers on the serverlist support the new srp based auth protocol (> 96%), the breakage should be minimal. Follow up of commit af30183124d40a969040d7de4b3a487feec466e4 "Add option to not send pre v25 init packet" Also change the pessimistic assumption of masterlist server versions to optimistic, in order to avoid buggy behaviour (favourites not in the serverlist would be denied to connect to, etc).
Diffstat (limited to 'src/util/auth.cpp')
0 files changed, 0 insertions, 0 deletions