aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorsfan5 <sfan5@live.de>2022-04-27 19:10:03 +0200
committersfan5 <sfan5@live.de>2022-05-14 18:33:42 +0200
commit1ac378063e37e5b1485438e5321252b42471ba79 (patch)
tree5403633c0e9b450e8a96c58d7214cea8ed27bf65 /src
parentd497c926849fc716d486d400fed45063577bd99a (diff)
downloadminetest-1ac378063e37e5b1485438e5321252b42471ba79.tar.gz
minetest-1ac378063e37e5b1485438e5321252b42471ba79.tar.bz2
minetest-1ac378063e37e5b1485438e5321252b42471ba79.zip
Apply disallow_empty_password to password changes too
Diffstat (limited to 'src')
-rw-r--r--src/network/serverpackethandler.cpp16
1 files changed, 13 insertions, 3 deletions
diff --git a/src/network/serverpackethandler.cpp b/src/network/serverpackethandler.cpp
index ee94edc3c..366ec2d28 100644
--- a/src/network/serverpackethandler.cpp
+++ b/src/network/serverpackethandler.cpp
@@ -1476,6 +1476,9 @@ void Server::handleCommand_FirstSrp(NetworkPacket* pkt)
verbosestream << "Server: Got TOSERVER_FIRST_SRP from " << addr_s
<< ", with is_empty=" << (is_empty == 1) << std::endl;
+ const bool empty_disallowed = !isSingleplayer() && is_empty == 1 &&
+ g_settings->getBool("disallow_empty_password");
+
// Either this packet is sent because the user is new or to change the password
if (cstate == CS_HelloSent) {
if (!client->isMechAllowed(AUTH_MECHANISM_FIRST_SRP)) {
@@ -1486,9 +1489,7 @@ void Server::handleCommand_FirstSrp(NetworkPacket* pkt)
return;
}
- if (!isSingleplayer() &&
- g_settings->getBool("disallow_empty_password") &&
- is_empty == 1) {
+ if (empty_disallowed) {
actionstream << "Server: " << playername
<< " supplied empty password from " << addr_s << std::endl;
DenyAccess(peer_id, SERVER_ACCESSDENIED_EMPTY_PASSWORD);
@@ -1521,6 +1522,15 @@ void Server::handleCommand_FirstSrp(NetworkPacket* pkt)
return;
}
m_clients.event(peer_id, CSE_SudoLeave);
+
+ if (empty_disallowed) {
+ actionstream << "Server: " << playername
+ << " supplied empty password" << std::endl;
+ SendChatMessage(peer_id, ChatMessage(CHATMESSAGE_TYPE_SYSTEM,
+ L"Changing to an empty password is not allowed."));
+ return;
+ }
+
std::string pw_db_field = encode_srp_verifier(verification_key, salt);
bool success = m_script->setPassword(playername, pw_db_field);
if (success) {