forked from Mirrorlandia_minetest/minetest
Compare commits
5 Commits
master
...
stable-0.3
Author | SHA1 | Date | |
---|---|---|---|
|
1a3d25c5ad | ||
|
30cbdb0981 | ||
|
073964a12f | ||
|
d7442aecbe | ||
|
1596628850 |
@ -10,7 +10,7 @@ project(minetest)
|
|||||||
# Also remember to set PROTOCOL_VERSION in clientserver.h when releasing
|
# Also remember to set PROTOCOL_VERSION in clientserver.h when releasing
|
||||||
set(VERSION_MAJOR 0)
|
set(VERSION_MAJOR 0)
|
||||||
set(VERSION_MINOR 3)
|
set(VERSION_MINOR 3)
|
||||||
set(VERSION_PATCH 1)
|
set(VERSION_PATCH 3)
|
||||||
set(VERSION_STRING "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}")
|
set(VERSION_STRING "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}")
|
||||||
|
|
||||||
MESSAGE(STATUS "*** Will build version ${VERSION_STRING} ***")
|
MESSAGE(STATUS "*** Will build version ${VERSION_STRING} ***")
|
||||||
|
@ -3,6 +3,13 @@ Minetest-c55 changelog
|
|||||||
This should contain all the major changes.
|
This should contain all the major changes.
|
||||||
For minor stuff, refer to the commit log of the repository.
|
For minor stuff, refer to the commit log of the repository.
|
||||||
|
|
||||||
|
0.3.3: (tagged on 2013-03-05)
|
||||||
|
- Fix a password-related vulnerability (late backport from some early 0.4)
|
||||||
|
|
||||||
|
0.3.2: (tagged on 2012-05-12)
|
||||||
|
- Include unistd.h in filesys.cpp
|
||||||
|
- Add wooden planks to creative inventory
|
||||||
|
|
||||||
0.3.1: (released on 2011-11-09)
|
0.3.1: (released on 2011-11-09)
|
||||||
- Fix frustum culling (previous versions have rendered too much stuff that is not actually visible (about 180 degrees, while should have been more like 100.))
|
- Fix frustum culling (previous versions have rendered too much stuff that is not actually visible (about 180 degrees, while should have been more like 100.))
|
||||||
- Add occlusion culling (improves performance a lot)
|
- Add occlusion culling (improves performance a lot)
|
||||||
|
@ -38,6 +38,13 @@ static inline bool is_base64(unsigned char c) {
|
|||||||
return (isalnum(c) || (c == '+') || (c == '/'));
|
return (isalnum(c) || (c == '+') || (c == '/'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool base64_is_valid(std::string const& s)
|
||||||
|
{
|
||||||
|
for(int i=0; i<s.size(); i++)
|
||||||
|
if(!is_base64(s[i])) return false;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
std::string base64_encode(unsigned char const* bytes_to_encode, unsigned int in_len) {
|
std::string base64_encode(unsigned char const* bytes_to_encode, unsigned int in_len) {
|
||||||
std::string ret;
|
std::string ret;
|
||||||
int i = 0;
|
int i = 0;
|
||||||
|
@ -1,4 +1,5 @@
|
|||||||
#include <string>
|
#include <string>
|
||||||
|
|
||||||
|
bool base64_is_valid(std::string const& s);
|
||||||
std::string base64_encode(unsigned char const* , unsigned int len);
|
std::string base64_encode(unsigned char const* , unsigned int len);
|
||||||
std::string base64_decode(std::string const& s);
|
std::string base64_decode(std::string const& s);
|
||||||
|
@ -505,6 +505,7 @@ void craft_set_creative_inventory(Player *player)
|
|||||||
CONTENT_CLAY,
|
CONTENT_CLAY,
|
||||||
CONTENT_BRICK,
|
CONTENT_BRICK,
|
||||||
CONTENT_TREE,
|
CONTENT_TREE,
|
||||||
|
CONTENT_WOOD,
|
||||||
CONTENT_LEAVES,
|
CONTENT_LEAVES,
|
||||||
CONTENT_CACTUS,
|
CONTENT_CACTUS,
|
||||||
CONTENT_PAPYRUS,
|
CONTENT_PAPYRUS,
|
||||||
|
@ -171,6 +171,7 @@ bool RecursiveDelete(std::string path)
|
|||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
#include <sys/wait.h>
|
#include <sys/wait.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
std::vector<DirListNode> GetDirListing(std::string pathstring)
|
std::vector<DirListNode> GetDirListing(std::string pathstring)
|
||||||
{
|
{
|
||||||
|
@ -39,6 +39,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||||||
#include "settings.h"
|
#include "settings.h"
|
||||||
#include "profiler.h"
|
#include "profiler.h"
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
|
#include "base64.h"
|
||||||
|
|
||||||
#define PP(x) "("<<(x).X<<","<<(x).Y<<","<<(x).Z<<")"
|
#define PP(x) "("<<(x).X<<","<<(x).Y<<","<<(x).Z<<")"
|
||||||
|
|
||||||
@ -1962,6 +1963,12 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
|
|||||||
password[PASSWORD_SIZE-1] = 0;
|
password[PASSWORD_SIZE-1] = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!base64_is_valid(password)){
|
||||||
|
infostream<<"Server: "<<playername<<" supplied invalid password hash"<<std::endl;
|
||||||
|
SendAccessDenied(m_con, peer_id, L"Invalid password hash");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
std::string checkpwd;
|
std::string checkpwd;
|
||||||
if(m_authmanager.exists(playername))
|
if(m_authmanager.exists(playername))
|
||||||
{
|
{
|
||||||
@ -3265,6 +3272,13 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
|
|||||||
newpwd += c;
|
newpwd += c;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!base64_is_valid(newpwd)){
|
||||||
|
infostream<<"Server: "<<player->getName()<<" supplied invalid password hash"<<std::endl;
|
||||||
|
// Wrong old password supplied!!
|
||||||
|
SendChatMessage(peer_id, L"Invalid new password hash supplied. Password NOT changed.");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
infostream<<"Server: Client requests a password change from "
|
infostream<<"Server: Client requests a password change from "
|
||||||
<<"'"<<oldpwd<<"' to '"<<newpwd<<"'"<<std::endl;
|
<<"'"<<oldpwd<<"' to '"<<newpwd<<"'"<<std::endl;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user