diff options
| author | Jesusaves <cpntb1@ymail.com> | 2022-02-06 01:15:11 -0300 |
|---|---|---|
| committer | Jesusaves <cpntb1@ymail.com> | 2022-02-06 01:15:11 -0300 |
| commit | 9bf7e921e7807def51f32ff48ad6920618735a8d (patch) | |
| tree | bc326d6fe86cb538a724d064788cbaae96ba1edf /src/elogin/login.c | |
| parent | 660b9e5afc01a2db7c0a796b599f80deddc0cfd2 (diff) | |
| download | evol-hercules-9bf7e921e7807def51f32ff48ad6920618735a8d.tar.gz evol-hercules-9bf7e921e7807def51f32ff48ad6920618735a8d.tar.bz2 evol-hercules-9bf7e921e7807def51f32ff48ad6920618735a8d.tar.xz evol-hercules-9bf7e921e7807def51f32ff48ad6920618735a8d.zip | |
All new accounts will now have their passwords stored in SHA256.
Supersedes all previous authentication methods, except VAULT TOKEN.
This is done on registration and when changing password.
Diffstat (limited to 'src/elogin/login.c')
| -rw-r--r-- | src/elogin/login.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/elogin/login.c b/src/elogin/login.c index 854ba97..d7074ca 100644 --- a/src/elogin/login.c +++ b/src/elogin/login.c @@ -24,7 +24,8 @@ bool elogin_check_password_pre(const char **md5key __attribute__ ((unused)), const char **refpassPtr) { if (!strcmp(*passwdPtr, *refpassPtr) || - pass_ok(*passwdPtr, *refpassPtr)) + pass_ok(*passwdPtr, *refpassPtr) || + pass_sha256(*passwdPtr, *refpassPtr)) { hookStop(); return 1; @@ -33,3 +34,9 @@ bool elogin_check_password_pre(const char **md5key __attribute__ ((unused)), hookStop(); return 0; } + +// For new accounts (currently saved in plain text): +// Intercept: account.c account_db_sql_create +// Set acc->pass to hashed version + + |