diff options
-rw-r--r-- | src/base64.cpp | 7 | ||||
-rw-r--r-- | src/base64.h | 1 | ||||
-rw-r--r-- | src/server.cpp | 13 |
3 files changed, 21 insertions, 0 deletions
diff --git a/src/base64.cpp b/src/base64.cpp index 0dfba5013..90d4de203 100644 --- a/src/base64.cpp +++ b/src/base64.cpp @@ -38,6 +38,13 @@ static inline bool is_base64(unsigned char c) { return (isalnum(c) || (c == '+') || (c == '/')); } +bool base64_is_valid(std::string const& s) +{ + for(int i=0; i<s.size(); i++) + if(!is_base64(s[i])) return false; + return true; +} + std::string base64_encode(unsigned char const* bytes_to_encode, unsigned int in_len) { std::string ret; int i = 0; diff --git a/src/base64.h b/src/base64.h index 65d5db8b2..a29e69687 100644 --- a/src/base64.h +++ b/src/base64.h @@ -1,4 +1,5 @@ #include <string> +bool base64_is_valid(std::string const& s); std::string base64_encode(unsigned char const* , unsigned int len); std::string base64_decode(std::string const& s); diff --git a/src/server.cpp b/src/server.cpp index 522916a2f..771eb3652 100644 --- a/src/server.cpp +++ b/src/server.cpp @@ -2080,6 +2080,12 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id) } password[PASSWORD_SIZE-1] = 0; } + + if(!base64_is_valid(password)){ + infostream<<"Server: "<<playername<<" supplied invalid password hash"<<std::endl; + SendAccessDenied(m_con, peer_id, L"Invalid password hash"); + return; + } std::string checkpwd; bool has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL); @@ -2790,6 +2796,13 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id) newpwd += c; } + if(!base64_is_valid(newpwd)){ + infostream<<"Server: "<<player->getName()<<" supplied invalid password hash"<<std::endl; + // Wrong old password supplied!! + SendChatMessage(peer_id, L"Invalid new password hash supplied. Password NOT changed."); + return; + } + infostream<<"Server: Client requests a password change from " <<"'"<<oldpwd<<"' to '"<<newpwd<<"'"<<std::endl; |