daradaaryan
commented
4 days ago thanks for reporting the issue, the code was by default taking bank.auth as the auth file instead of the input provided due to it being hardcoded. It should be running fine now, no issue with authentication
When the bank server is started with bank1.auth and the ATM client uses bank.auth, the connection is established successfully. This behaviour is incorrect; the connection should fail because the authentication files do not match.
The issue indicates a flaw in the server's authentication validation logic, where mismatched credentials are not properly compared. This compromises the security of the system, as it allows unauthorized clients to connect and potentially perform transactions without valid authentication.