Why passwords cannot start with *0?

mudcoders / guildmud

A SocketMUD-based Multi-User Dungeon built and managed by the members of The MUD Coders Guild.

MIT License

26 stars 12 forks source link

Closed rogersm closed 6 years ago

rogersm commented 6 years ago

Reminder to check!

rogersm commented 6 years ago

Checked and passwords can be created starting with 0 & 1. The line

if(0 == strncmp("*0", dsock->player->password, 2) checks the encrypted password because blowfish api returns 0 and 1 to indicate an error.