All new accounts will now have their passwords stored in SHA256.

Supersedes all previous authentication methods, except VAULT TOKEN.
author: Jesusaves <cpntb1@ymail.com> 2022-02-06 01:14:27 -0300
committer: Jesusaves <cpntb1@ymail.com> 2022-02-06 01:14:27 -0300
commit: 309cc134916ea23be201055e9d858b0b7042e30a (patch)
tree: bdda91a749fb2ba294ba8e48e72968017b75163a /src/login/login.c
parent: f0e92bf379de7971c4a784a26d72bcba8aca8b86 (diff)
download: hercules-309cc134916ea23be201055e9d858b0b7042e30a.tar.gz
hercules-309cc134916ea23be201055e9d858b0b7042e30a.tar.bz2
hercules-309cc134916ea23be201055e9d858b0b7042e30a.tar.xz
hercules-309cc134916ea23be201055e9d858b0b7042e30a.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/login/login.c b/src/login/login.c
index 2f40498bf..68b53608f 100644
--- a/src/login/login.c
+++ b/src/login/login.c
@@ -1033,7 +1033,10 @@ static int login_mmo_auth_new(const char *userid, const char *pass, const char s
 	memset(&acc, '\0', sizeof(acc));
 	acc.account_id = -1; // assigned by account db
 	safestrncpy(acc.userid, userid, sizeof(acc.userid));
-	safestrncpy(acc.pass, pass, sizeof(acc.pass));
+    char *spass;
+    spass = (char *)aMalloc((64+1)*sizeof(char));
+    md5->sha256(pass, spass);
+	safestrncpy(acc.pass, spass, sizeof(acc.pass));
 	acc.sex = sex;
 	safestrncpy(acc.email, "a@a.com", sizeof(acc.email));
 	acc.expiration_time = (login->config->start_limited_time != -1) ? time(NULL) + login->config->start_limited_time : 0;
author	Jesusaves <cpntb1@ymail.com>	2022-02-06 01:14:27 -0300
committer	Jesusaves <cpntb1@ymail.com>	2022-02-06 01:14:27 -0300
commit	309cc134916ea23be201055e9d858b0b7042e30a (patch)
tree	bdda91a749fb2ba294ba8e48e72968017b75163a /src/login/login.c
parent	f0e92bf379de7971c4a784a26d72bcba8aca8b86 (diff)
download	hercules-309cc134916ea23be201055e9d858b0b7042e30a.tar.gz hercules-309cc134916ea23be201055e9d858b0b7042e30a.tar.bz2 hercules-309cc134916ea23be201055e9d858b0b7042e30a.tar.xz hercules-309cc134916ea23be201055e9d858b0b7042e30a.zip