From a57d83b46af03313355d83924cfb53f4987cc48f Mon Sep 17 00:00:00 2001
From: est31 <MTest31@outlook.com>
Date: Tue, 21 Jul 2015 17:57:57 +0200
Subject: [PATCH] Ask auth handler to create auth when a default password is
 set

-> Fix server crash with protocol >=25 if a default password is set.
-> Remove some useless and possibly confusion causing code for the TOCLIENT_FIRST_SRP packet handler
---
 src/clientiface.h                   |  2 ++
 src/network/serverpackethandler.cpp | 24 +++++++++++++++++-------
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/src/clientiface.h b/src/clientiface.h
index ec6ba9e9e..f6c4294e2 100644
--- a/src/clientiface.h
+++ b/src/clientiface.h
@@ -232,6 +232,7 @@ class RemoteClient
 
 	/* Authentication information */
 	std::string enc_pwd;
+	bool create_player_on_auth_success;
 	AuthMechanism chosen_mech;
 	void * auth_data;
 	u32 allowed_auth_mechs;
@@ -246,6 +247,7 @@ class RemoteClient
 		peer_id(PEER_ID_INEXISTENT),
 		serialization_version(SER_FMT_VER_INVALID),
 		net_proto_version(0),
+		create_player_on_auth_success(false),
 		chosen_mech(AUTH_MECHANISM_NONE),
 		auth_data(NULL),
 		m_time_from_building(9999),
diff --git a/src/network/serverpackethandler.cpp b/src/network/serverpackethandler.cpp
index 5493dfec1..f756d80ef 100644
--- a/src/network/serverpackethandler.cpp
+++ b/src/network/serverpackethandler.cpp
@@ -263,6 +263,8 @@ void Server::handleCommand_Init(NetworkPacket* pkt)
 			// Take care of default passwords.
 			client->enc_pwd = getSRPVerifier(playerName, default_password);
 			auth_mechs |= AUTH_MECHANISM_SRP;
+			// Create auth, but only on successful login
+			client->create_player_on_auth_success = true;
 		}
 	}
 
@@ -1858,14 +1860,8 @@ void Server::handleCommand_FirstSrp(NetworkPacket* pkt)
 		}
 
 		std::string initial_ver_key;
-		std::string raw_default_password = g_settings->get("default_password");
-		// If default_password is empty, allow any initial password
-		if (raw_default_password.length() == 0) {
-			initial_ver_key = encodeSRPVerifier(verification_key, salt);
-		} else {
-			initial_ver_key = getSRPVerifier(playername, raw_default_password);
-		}
 
+		initial_ver_key = encodeSRPVerifier(verification_key, salt);
 		m_script->createAuth(playername, initial_ver_key);
 
 		acceptAuth(pkt->getPeerId(), false);
@@ -2072,5 +2068,19 @@ void Server::handleCommand_SrpBytesM(NetworkPacket* pkt)
 		}
 	}
 
+	if (client->create_player_on_auth_success) {
+		std::string playername = client->getName();
+		m_script->createAuth(playername, client->enc_pwd);
+
+		std::string checkpwd; // not used, but needed for passing something
+		if (!m_script->getAuth(playername, &checkpwd, NULL)) {
+			actionstream << "Server: " << playername << " cannot be authenticated"
+				<< " (auth handler does not work?)" << std::endl;
+			DenyAccess(pkt->getPeerId(), SERVER_ACCESSDENIED_SERVER_FAIL);
+			return;
+		}
+		client->create_player_on_auth_success = false;
+	}
+
 	acceptAuth(pkt->getPeerId(), wantSudo);
 }
-- 
GitLab