Add disallow_empty_password setting
authorPerttu Ahola <celeron55@gmail.com>
Wed, 6 Jun 2012 23:11:28 +0000 (02:11 +0300)
committerPerttu Ahola <celeron55@gmail.com>
Wed, 6 Jun 2012 23:11:28 +0000 (02:11 +0300)
minetest.conf.example
src/defaultsettings.cpp
src/server.cpp

index 7a8a2719cba2168c804162ba6889a378088c0907..ebfa70aacbfc8e3d8692350d94d41855f639b083 100644 (file)
 #enable_pvp = true
 # If this is set, players will always (re)spawn at the given position
 #static_spawnpoint = 0, 10, 0
+# If true, new players cannot join with an empty password
+#disallow_empty_password = false
 
 # Profiler data print interval. #0 = disable.
 #profiler_print_interval = 0
index f13ab3670b3953ba0309160580c90c4c85b3a5ba..13cfab72b8dc1a64b52003978110cb9bc7e690a8 100644 (file)
@@ -119,6 +119,7 @@ void set_default_settings(Settings *settings)
        settings->setDefault("default_privs", "interact, shout");
        settings->setDefault("unlimited_player_transfer_distance", "true");
        settings->setDefault("enable_pvp", "true");
+       settings->setDefault("disallow_empty_password", "false");
 
        settings->setDefault("profiler_print_interval", "0");
        settings->setDefault("enable_mapgen_debug_info", "false");
index 212be19ae0544737aa98ac4069c259160eb0c1dd..a7bd5e9539491658b7ccfd243921fd0ab4ea98eb 100644 (file)
@@ -2089,41 +2089,50 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
                                <<m_con.GetPeerAddress(peer_id).serializeString()<<std::endl;
 
                // Get password
-               char password[PASSWORD_SIZE];
+               char given_password[PASSWORD_SIZE];
                if(datasize < 2+1+PLAYERNAME_SIZE+PASSWORD_SIZE)
                {
                        // old version - assume blank password
-                       password[0] = 0;
+                       given_password[0] = 0;
                }
                else
                {
                        for(u32 i=0; i<PASSWORD_SIZE-1; i++)
                        {
-                               password[i] = data[23+i];
+                               given_password[i] = data[23+i];
                        }
-                       password[PASSWORD_SIZE-1] = 0;
+                       given_password[PASSWORD_SIZE-1] = 0;
                }
 
-               if(!base64_is_valid(password)){
-                       infostream<<"Server: "<<playername<<" supplied invalid password hash"<<std::endl;
+               if(!base64_is_valid(given_password)){
+                       infostream<<"Server: "<<playername
+                                       <<" supplied invalid password hash"<<std::endl;
                        SendAccessDenied(m_con, peer_id, L"Invalid password hash");
                        return;
                }
                
-               std::string checkpwd;
+               std::string checkpwd; // Password hash to check against
                bool has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL);
                
+               // If no authentication info exists for user, create it
                if(!has_auth){
+                       if(!isSingleplayer() &&
+                                       g_settings->getBool("disallow_empty_password") &&
+                                       std::string(given_password) == ""){
+                               SendAccessDenied(m_con, peer_id, L"Empty passwords are "
+                                               L"disallowed. Set a password and try again.");
+                               return;
+                       }
                        std::wstring raw_default_password =
                                narrow_to_wide(g_settings->get("default_password"));
-                       std::string use_password =
+                       std::string initial_password =
                                translatePassword(playername, raw_default_password);
 
                        // If default_password is empty, allow any initial password
                        if (raw_default_password.length() == 0)
-                               use_password = password;
+                               initial_password = given_password;
 
-                       scriptapi_create_auth(m_lua, playername, use_password);
+                       scriptapi_create_auth(m_lua, playername, initial_password);
                }
                
                has_auth = scriptapi_get_auth(m_lua, playername, &checkpwd, NULL);
@@ -2133,7 +2142,7 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
                        return;
                }
 
-               if(password != checkpwd){
+               if(given_password != checkpwd){
                        infostream<<"Server: peer_id="<<peer_id
                                        <<": supplied invalid password for "
                                        <<playername<<std::endl;