1) Fix the conditional for gametap domains to use the same regular expression that the client uses. It might have otherwise picked the wrong branch for some cases (e.g. "foo@bar" or "me@tld.gametap.com").
2) Actually use BuggyHashPassword when creating an account with an email-based username. Previously, BuggyHashPassword wasn't ever used anywhere, and the SHA-1 hash was used unconditionally when adding accounts.
1) Fix the conditional for gametap domains to use the same regular expression that the client uses. It might have otherwise picked the wrong branch for some cases (e.g. "foo@bar" or "me@tld.gametap.com"). 2) Actually use
BuggyHashPassword
when creating an account with an email-based username. Previously,BuggyHashPassword
wasn't ever used anywhere, and the SHA-1 hash was used unconditionally when adding accounts.