--- deliantra/server/ext/login.ext 2010/05/04 21:45:42 1.109 +++ deliantra/server/ext/login.ext 2010/05/08 10:49:44 1.110 @@ -128,10 +128,21 @@ $ob->goto ($map, $x, $y); } -sub encode_password { - crypt $_[0], - join '', - ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[(cf::rndm 64), (cf::rndm 64)] +sub encode_password($) { +# crypt $_[0], +# join '', +# ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[(cf::rndm 64), (cf::rndm 64)] + "!" . unpack "H*", $_[0] +} + +sub compare_password($$) { + my ($pass, $token) = @_; + + if ($token =~ /\!(.*)/) { + return $pass eq pack "H*", $1; + } else { + return $token eq crypt $pass, $token; + } } # delete a player directory, be non-blocking AND synchronous... @@ -232,9 +243,10 @@ if (my $pl = cf::player::find $user) { aio_stat $pl->path and next; my $mtime = (stat _)[9]; - my $hash = $pl->password; + my $token = $pl->password; - if ($cf::CFG{ext_login_nocheck} or $hash eq crypt $pass, $hash) { + if ($cf::CFG{ext_login_nocheck} or compare_password $pass, $token) { + $pl->password (encode_password $pass); # make sure we store the new encoding #d# nuke_str $pass; # password matches, wonderful my $pl = cf::player::find $user or next;