Follow-up Comment #4, bug #18170 (project freeciv):

Hmm.

Unfortunately it's not possible to provide a one-time procedure to fix the
hashed passwords in corrupted databases, by the nature of the one-way hash.

I think the SWAP() macro is only used on input -- the hash is still MD5, it's
just that its input octets are in a funny order.
So it would be technically possible to have the server hash the password in
both the "wrong" and "correct" ways and accept either, but obviously that
would reduce security a bit on every server (a lucky incorrect password would
be accepted).

How about a server option for bug-compatibility, allowing server operators
who are afflicted with such databases to carry on? Or a flag which can be put
in the database itself?

Or we could just carry on with the status quo, ugly as it is... this shifts
the trouble to people migrating their servers to new hardware.

We can't know how many server operators use big-endian machines, but I'd
expect the majority to be Intel (little-endian). Still, we know at least one
operator (akfaew) who's been bitten :/

(Do we want to do something about this for 2.3.0?)

    _______________________________________________________

Reply to this item at:

  <http://gna.org/bugs/?18170>

_______________________________________________
  Message sent via/by Gna!
  http://gna.org/


_______________________________________________
Freeciv-dev mailing list
Freeciv-dev@gna.org
https://mail.gna.org/listinfo/freeciv-dev

Reply via email to