Follow-up Comment #13, bug #18170 (project freeciv):

New development: it turns out that when new users are created by
freeciv-server when the --Newusers option is specified, the password stored in
the database is hashed by MySQL's MD5 implementation, not Freeciv's. See the
short-lived bug #18261.

If so, then there are no polluted databases out there, and the
bug-compatibility mode isn't needed; nor is the new "hash" parameter in the
conf file. We just need a new MD5 implementation, which I'm more or less done

However, if this is true, the bug then becomes that login after user creation
can never have been possible on big-endian servers -- if we assume the
password in the database is hashed correctly (either by freeciv-server or by a
bespoke registration process), then at auth-existing-user time, Freeciv will
generate the wrong hash for comparison and not let any user log in.

Question for akfaew: how did you discover this bug? Was it in the course of
investigating an actual problem, and if so, what was the problem?


Reply to this item at:


  Message sent via/by Gna!

Freeciv-dev mailing list

Reply via email to