From e2ea71113672de8189d8e0a5b347c8cf08ea2bf6 Mon Sep 17 00:00:00 2001 From: Perttu Ahola Date: Sun, 3 Jun 2012 20:32:44 +0300 Subject: Check password hash validity --- src/base64.cpp | 7 +++++++ src/base64.h | 1 + src/server.cpp | 13 +++++++++++++ 3 files changed, 21 insertions(+) (limited to 'src') diff --git a/src/base64.cpp b/src/base64.cpp index 0dfba5013..90d4de203 100644 --- a/src/base64.cpp +++ b/src/base64.cpp @@ -38,6 +38,13 @@ static inline bool is_base64(unsigned char c) { return (isalnum(c) || (c == '+') || (c == '/')); } +bool base64_is_valid(std::string const& s) +{ + for(int i=0; i +bool base64_is_valid(std::string const& s); std::string base64_encode(unsigned char const* , unsigned int len); std::string base64_decode(std::string const& s); diff --git a/src/server.cpp b/src/server.cpp index 522916a2f..771eb3652 100644 --- a/src/server.cpp +++ b/src/server.cpp @@ -2080,6 +2080,12 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id) } password[PASSWORD_SIZE-1] = 0; } + + if(!base64_is_valid(password)){ + infostream<<"Server: "<getName()<<" supplied invalid password hash"<