From 309cc134916ea23be201055e9d858b0b7042e30a Mon Sep 17 00:00:00 2001 From: Jesusaves Date: Sun, 6 Feb 2022 01:14:27 -0300 Subject: All new accounts will now have their passwords stored in SHA256. Supersedes all previous authentication methods, except VAULT TOKEN. --- src/login/login.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'src/login/login.c') diff --git a/src/login/login.c b/src/login/login.c index 2f40498bf..68b53608f 100644 --- a/src/login/login.c +++ b/src/login/login.c @@ -1033,7 +1033,10 @@ static int login_mmo_auth_new(const char *userid, const char *pass, const char s memset(&acc, '\0', sizeof(acc)); acc.account_id = -1; // assigned by account db safestrncpy(acc.userid, userid, sizeof(acc.userid)); - safestrncpy(acc.pass, pass, sizeof(acc.pass)); + char *spass; + spass = (char *)aMalloc((64+1)*sizeof(char)); + md5->sha256(pass, spass); + safestrncpy(acc.pass, spass, sizeof(acc.pass)); acc.sex = sex; safestrncpy(acc.email, "a@a.com", sizeof(acc.email)); acc.expiration_time = (login->config->start_limited_time != -1) ? time(NULL) + login->config->start_limited_time : 0; -- cgit v1.2.3-60-g2f50