diff options
-rw-r--r-- | minetest.conf.example | 2 | ||||
-rw-r--r-- | src/defaultsettings.cpp | 1 | ||||
-rw-r--r-- | src/server.cpp | 31 |
3 files changed, 23 insertions, 11 deletions
diff --git a/minetest.conf.example b/minetest.conf.example index 7a8a2719c..ebfa70aac 100644 --- a/minetest.conf.example +++ b/minetest.conf.example @@ -152,6 +152,8 @@ #enable_pvp = true # If this is set, players will always (re)spawn at the given position #static_spawnpoint = 0, 10, 0 +# If true, new players cannot join with an empty password +#disallow_empty_password = false # Profiler data print interval. #0 = disable. #profiler_print_interval = 0 diff --git a/src/defaultsettings.cpp b/src/defaultsettings.cpp index f13ab3670..13cfab72b 100644 --- a/src/defaultsettings.cpp +++ b/src/defaultsettings.cpp @@ -119,6 +119,7 @@ void set_default_settings(Settings *settings) settings->setDefault("default_privs", "interact, shout"); settings->setDefault("unlimited_player_transfer_distance", "true"); settings->setDefault("enable_pvp", "true"); + settings->setDefault("disallow_empty_password", "false"); settings->setDefault("profiler_print_interval", "0"); settings->setDefault("enable_mapgen_debug_info", "false"); diff --git a/src/server.cpp b/src/server.cpp index 212be19ae..a7bd5e953 100644 --- a/src/server.cpp +++ b/src/server.cpp @@ -2089,41 +2089,50 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id) <<m_con.GetPeerAddress(peer_id).serializeString()<<std::endl; // Get password - char password[PASSWORD_SIZE]; + char given_password[PASSWORD_SIZE]; if(datasize < 2+1+PLAYERNAME_SIZE+PASSWORD_SIZE) { // old version - assume blank password - password[0] = 0; + given_password[0] = 0; } else { for(u32 i=0; i<PASSWORD_SIZE-1; i++) { - password[i] = data[23+i]; + given_password[i] = data[23+i]; } - password[PASSWORD_SIZE-1] = 0; + given_password[PASSWORD_SIZE-1] = 0; } - if(!base64_is_valid(password)){ - infostream<<"Server: "<<playername<<" supplied invalid password hash"<<std::endl; + if(!base64_is_valid(given_password)){ + infostream<<"Server: "<<playername + <<" supplied invalid password hash"<<std::endl; SendAccessDenied(m_con, peer_id, L"Invalid password hash"); return; } - std::string checkpwd; + std::string checkpwd; // Password hash to check against bool has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL); + // If no authentication info exists for user, create it if(!has_auth){ + if(!isSingleplayer() && + g_settings->getBool("disallow_empty_password") && + std::string(given_password) == ""){ + SendAccessDenied(m_con, peer_id, L"Empty passwords are " + L"disallowed. Set a password and try again."); + return; + } std::wstring raw_default_password = narrow_to_wide(g_settings->get("default_password")); - std::string use_password = + std::string initial_password = translatePassword(playername, raw_default_password); // If default_password is empty, allow any initial password if (raw_default_password.length() == 0) - use_password = password; + initial_password = given_password; - scriptapi_create_auth(m_lua, playername, use_password); + scriptapi_create_auth(m_lua, playername, initial_password); } has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL); @@ -2133,7 +2142,7 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id) return; } - if(password != checkpwd){ + if(given_password != checkpwd){ infostream<<"Server: peer_id="<<peer_id <<": supplied invalid password for " <<playername<<std::endl; |