[Freeciv-Dev] Re: Passwd auth with MD5 hash
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
On Tue, 21 Aug 2001, Raimar Falke wrote:
> On Tue, Aug 21, 2001 at 01:09:23AM +0200, Auth Gábor wrote:
> > Advanced password auth patch for civserver. Enable password
> > authentication for clients, and passwords stored in MD5 hash.
>
> I don't see the md5 method.
It was in the call to crypt(), except my crypt manpage says it uses a
variation of DES not md5. Is crypt() portable to non-UNIX systems though?
This patch also had debugging cruft left in that was commented out with c++
comments. Bad.
The salt generation code looked like a mess to me. My manpage says salt is
just a two characters. There is no need to mess with it so much either, just
use the player's name as the salt. It looks like whoever wrote it didn't even
read the freeciv style guide too.
> > + char passwd[36];
>
> A symbolic define would be nice.
My manpage says that crypt will return a 13 character string, I think that
it's the two character salt followed by a base64 encoded 64-bit hash value.
> > + int SaltCount;
Looks like the author didn't notice that every single other variable is in
lower case...
|
|
