mangos-mirror/server
0
0
Fork 0
mirror of https://github.com/mangosfour/server.git synced 2025-12-14 16:37:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[8445] Fixed redundant calculation of v and s on every login

Browse source 
The SRP-6 specifications clearly say, that v and s are only to be
calculated on registering a user and changing his password; calculating
them on every login is plain waste.
This commit is contained in:
arrai 2009-09-01 02:31:36 +02:00
parent 4d0088e7a9
commit 3b1b68595b
8 changed files with 47 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/game/AccountMgr.cpp
View file

@ -142,7 +142,8 @@ AccountOpResult AccountMgr::ChangePassword(uint32 accid, std::string new_passwd)
normalizeString(new_passwd);
loginDatabase.escape_string(new_passwd);
if(!loginDatabase.PExecute("UPDATE account SET sha_pass_hash=SHA1("_CONCAT3_("username","':'","'%s'")") WHERE id='%d'", new_passwd.c_str(), accid))
// also reset s and v to force update at next realmd login
if(!loginDatabase.PExecute("UPDATE account SET v='0', s='0', sha_pass_hash=SHA1("_CONCAT3_("username","':'","'%s'")") WHERE id='%d'", new_passwd.c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
return AOR_OK;