nchebrov/azerothcore-wotlk
1
0
Fork 0
mirror of https://github.com/mod-playerbots/azerothcore-wotlk.git synced 2026-01-23 05:36:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Core/Auth: Per SRP6a protocol, terminate connection of A % N == 0. This resolves another authentication bypass issue

Browse Source
This commit is contained in:
starrheld
2017-03-19 19:18:43 +01:00
committed by HeartWell
parent 6908181569
commit a67ceca682
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/authserver/Server/AuthSocket.cpp
View File

@@ -557,7 +557,7 @@ bool AuthSocket::_HandleLogonProof()
A.SetBinary(lp.A, 32);
// SRP safeguard: abort if A == 0
if (A.isZero())
if ((A % N).isZero())
{
socket().shutdown();
return true;