vlad.os/LuaCsForBarotraumaEP
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Heavier password encryption

Browse Source 
I don't think this fixes actual bugs but the encryption seemed kinda weak.
This commit is contained in:
juanjp600
2016-08-29 07:13:19 -03:00
parent 8f675e625b
commit e284ff5f38
4 changed files with 23 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
Subsurface/Source/Networking/GameServerLogin.cs
View File

@@ -62,11 +62,14 @@ namespace Barotrauma.Networking
{
unauthenticatedClients.Remove(unauthenticatedClient);
NetEncryption algo = new NetXtea(server, password);
string saltedPw = password;
saltedPw = saltedPw + Convert.ToString(unauthenticatedClient.Nonce);
saltedPw = Encoding.UTF8.GetString(NetUtility.ComputeSHAHash(Encoding.UTF8.GetBytes(saltedPw)));
NetEncryption algo = new NetXtea(server, saltedPw);
inc.Decrypt(algo);
int nonce = inc.ReadInt32();
if (nonce != unauthenticatedClient.Nonce)
string rdPw = inc.ReadString();
if (rdPw != saltedPw)
{
inc.SenderConnection.Disconnect("Wrong password!");
return;