Ask auth handler to create auth when a default password is set

-> Fix server crash with protocol >=25 if a default password is set.
-> Remove some useless and possibly confusion causing code for the TOCLIENT_FIRST_SRP packet handler

diff --git a/src/clientiface.h b/src/clientiface.h
index ec6ba9e9e39e370991aae68dd42defe4a93c6942..f6c4294e2b335c5823082d2c096b9dddb7109dfb 100644 (file)
--- a/src/clientiface.h
+++ b/src/clientiface.h
@@ -232,6 +232,7 @@ class RemoteClient
 
        /* Authentication information */
        std::string enc_pwd;
+       bool create_player_on_auth_success;
        AuthMechanism chosen_mech;
        void * auth_data;
        u32 allowed_auth_mechs;
@@ -246,6 +247,7 @@ class RemoteClient
                peer_id(PEER_ID_INEXISTENT),
                serialization_version(SER_FMT_VER_INVALID),
                net_proto_version(0),
+               create_player_on_auth_success(false),
                chosen_mech(AUTH_MECHANISM_NONE),
                auth_data(NULL),
                m_time_from_building(9999),

diff --git a/src/network/serverpackethandler.cpp b/src/network/serverpackethandler.cpp
index 5493dfec133d92ae7244d901c157cabfb265a4ee..f756d80ef68fe29460c166cc04576bcc9f273b1a 100644 (file)
--- a/src/network/serverpackethandler.cpp
+++ b/src/network/serverpackethandler.cpp
@@ -263,6 +263,8 @@ void Server::handleCommand_Init(NetworkPacket* pkt)
                        // Take care of default passwords.
                        client->enc_pwd = getSRPVerifier(playerName, default_password);
                        auth_mechs |= AUTH_MECHANISM_SRP;
+                       // Create auth, but only on successful login
+                       client->create_player_on_auth_success = true;
                }
        }
 
@@ -1858,14 +1860,8 @@ void Server::handleCommand_FirstSrp(NetworkPacket* pkt)
                }
 
                std::string initial_ver_key;
-               std::string raw_default_password = g_settings->get("default_password");
-               // If default_password is empty, allow any initial password
-               if (raw_default_password.length() == 0) {
-                       initial_ver_key = encodeSRPVerifier(verification_key, salt);
-               } else {
-                       initial_ver_key = getSRPVerifier(playername, raw_default_password);
-               }
 
+               initial_ver_key = encodeSRPVerifier(verification_key, salt);
                m_script->createAuth(playername, initial_ver_key);
 
                acceptAuth(pkt->getPeerId(), false);
@@ -2072,5 +2068,19 @@ void Server::handleCommand_SrpBytesM(NetworkPacket* pkt)
                }
        }
 
+       if (client->create_player_on_auth_success) {
+               std::string playername = client->getName();
+               m_script->createAuth(playername, client->enc_pwd);
+
+               std::string checkpwd; // not used, but needed for passing something
+               if (!m_script->getAuth(playername, &checkpwd, NULL)) {
+                       actionstream << "Server: " << playername << " cannot be authenticated"
+                               << " (auth handler does not work?)" << std::endl;
+                       DenyAccess(pkt->getPeerId(), SERVER_ACCESSDENIED_SERVER_FAIL);
+                       return;
+               }
+               client->create_player_on_auth_success = false;
+       }
+
        acceptAuth(pkt->getPeerId(), wantSudo);
 }