Follow-up Comment #13, bug #18170 (project freeciv):

New development: it turns out that when new users are created by
freeciv-server when the --Newusers option is specified, the password stored in
the database is hashed by MySQL's MD5 implementation, not Freeciv's. See the
short-lived bug #18261.

If so, then there are no polluted databases out there, and the
bug-compatibility mode isn't needed; nor is the new "hash" parameter in the
conf file. We just need a new MD5 implementation, which I'm more or less done
with.

However, if this is true, the bug then becomes that login after user creation
can never have been possible on big-endian servers -- if we assume the
password in the database is hashed correctly (either by freeciv-server or by a
bespoke registration process), then at auth-existing-user time, Freeciv will
generate the wrong hash for comparison and not let any user log in.

Question for akfaew: how did you discover this bug? Was it in the course of
investigating an actual problem, and if so, what was the problem?

    _______________________________________________________

Reply to this item at:

  <http://gna.org/bugs/?18170>

_______________________________________________
  Message sent via/by Gna!
  http://gna.org/


_______________________________________________
Freeciv-dev mailing list
Freeciv-dev@gna.org
https://mail.gna.org/listinfo/freeciv-dev

Reply via email to