Add disallow_empty_password setting

This commit is contained in:
Perttu Ahola 2012-06-07 02:11:28 +03:00
parent a8eb68142e
commit 4b2cc38aba
3 changed files with 23 additions and 11 deletions

@ -152,6 +152,8 @@
#enable_pvp = true
# If this is set, players will always (re)spawn at the given position
#static_spawnpoint = 0, 10, 0
# If true, new players cannot join with an empty password
#disallow_empty_password = false
# Profiler data print interval. #0 = disable.
#profiler_print_interval = 0

@ -119,6 +119,7 @@ void set_default_settings(Settings *settings)
settings->setDefault("default_privs", "interact, shout");
settings->setDefault("unlimited_player_transfer_distance", "true");
settings->setDefault("enable_pvp", "true");
settings->setDefault("disallow_empty_password", "false");
settings->setDefault("profiler_print_interval", "0");
settings->setDefault("enable_mapgen_debug_info", "false");

@ -2089,41 +2089,50 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
<<m_con.GetPeerAddress(peer_id).serializeString()<<std::endl;
// Get password
char password[PASSWORD_SIZE];
char given_password[PASSWORD_SIZE];
if(datasize < 2+1+PLAYERNAME_SIZE+PASSWORD_SIZE)
{
// old version - assume blank password
password[0] = 0;
given_password[0] = 0;
}
else
{
for(u32 i=0; i<PASSWORD_SIZE-1; i++)
{
password[i] = data[23+i];
given_password[i] = data[23+i];
}
password[PASSWORD_SIZE-1] = 0;
given_password[PASSWORD_SIZE-1] = 0;
}
if(!base64_is_valid(password)){
infostream<<"Server: "<<playername<<" supplied invalid password hash"<<std::endl;
if(!base64_is_valid(given_password)){
infostream<<"Server: "<<playername
<<" supplied invalid password hash"<<std::endl;
SendAccessDenied(m_con, peer_id, L"Invalid password hash");
return;
}
std::string checkpwd;
std::string checkpwd; // Password hash to check against
bool has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL);
// If no authentication info exists for user, create it
if(!has_auth){
if(!isSingleplayer() &&
g_settings->getBool("disallow_empty_password") &&
std::string(given_password) == ""){
SendAccessDenied(m_con, peer_id, L"Empty passwords are "
L"disallowed. Set a password and try again.");
return;
}
std::wstring raw_default_password =
narrow_to_wide(g_settings->get("default_password"));
std::string use_password =
std::string initial_password =
translatePassword(playername, raw_default_password);
// If default_password is empty, allow any initial password
if (raw_default_password.length() == 0)
use_password = password;
initial_password = given_password;
scriptapi_create_auth(m_lua, playername, use_password);
scriptapi_create_auth(m_lua, playername, initial_password);
}
has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL);
@ -2133,7 +2142,7 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
return;
}
if(password != checkpwd){
if(given_password != checkpwd){
infostream<<"Server: peer_id="<<peer_id
<<": supplied invalid password for "
<<playername<<std::endl;