[Home] [Downloads] [Search] [Help/forum]

Gammon Forum

See www.mushclient.com/spam for dealing with forum spam. Please read the MUSHclient FAQ!

[Folder]  Entire forum
-> [Folder]  SMAUG
. -> [Folder]  SMAUG coding
. . -> [Subject]  Crypt! :)
Home  |  Users  |  Search  |  FAQ
Username:
Register forum user name
Password:
Forgotten password?

Crypt! :)

It is now over 60 days since the last post. This thread is closed.     [Refresh] Refresh page


Posted by Vermithrax   USA  (11 posts)  [Biography] bio
Date Wed 27 Aug 2003 10:17 PM (UTC)
Message
Hey folks... I've been staring at the crypt code for a while, and I see
this in do_password:

if ( strcmp( crypt( arg1, ch->pcdata->pwd ), ch->pcdata->pwd ) )
{
wait_state( ch, 40 );
send_to_char( "Wrong password. Wait 10 seconds.\n\r", ch );
return;
}

So anyhow...

Why in the world are we doing a crypt of arg1 (what you type in for the new
password) and ch->pcdata->pwd??? Isn't ch->pcdata->pwd your password
already encrypted?? Why wouldn't you do a crypt of arg1 and the character's
name and compare it with ch->pcdata->pwd? Can someone explain that, please?

-Verm
[Go to top] top

Posted by Nick Cash   USA  (626 posts)  [Biography] bio
Date Reply #1 on Thu 28 Aug 2003 12:31 AM (UTC)
Message
I believe it crypts arg1 to compage it against the current password to see if they are the same. Same thing could be done by decrypting ch->pcdata->pwd. Anyways, I think thats right, or thats how I understand it. You might wait for a response from someone like Gammon, Boborak, Samson, or someone that knows this a bit more then I do.

~Nick Cash
http://www.nick-cash.com
[Go to top] top

Posted by Vermithrax   USA  (11 posts)  [Biography] bio
Date Reply #2 on Thu 28 Aug 2003 12:56 AM (UTC)
Message
Actually, I have it totally figured out now. :) Cool beans, thanks in advance! :)
[Go to top] top

Posted by Boborak   USA  (228 posts)  [Biography] bio
Date Reply #3 on Thu 28 Aug 2003 05:00 PM (UTC)
Message
Glad you figured it out ;-) For future refrence though, here's how it works.

When a new player is created, the password they supply is ran through the crypt function with their name like so:

crypt("password","Boborak")

Which returns the encrypted 'key' = BodDv430F5Nhs

That key is stored as the players 'password' in ch->pcdata->pwd

Now when the player logs on again and he enters his cleartext password 'password', the mud then takes the crypt() function again and checks the 'key' against the password like so:

crypt("password", "BodDv430F5Nhs")

This will return the exact same 'key' = BodDv430F5Nhs

Since it matches what's stored in ch->pcdata->pwd, the password must be correct.

This can be further demonstrated using the command 'formpass'.

Doing:
'formpass password Boborak' gives you the same as 'formpass password BodDv430F5Nhs'

Nifty eh? ;-)

-Boborak
[Go to top] top

The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).

To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.


5,054 views.

It is now over 60 days since the last post. This thread is closed.     [Refresh] Refresh page

Go to topic:           Search the forum


[Go to top] top

Quick links: MUSHclient. MUSHclient help. Forum shortcuts. Posting templates. Lua modules. Lua documentation.

Information and images on this site are licensed under the Creative Commons Attribution 3.0 Australia License unless stated otherwise.

[Home]


Written by Nick Gammon - 5K   profile for Nick Gammon on Stack Exchange, a network of free, community-driven Q&A sites   Marriage equality

Comments to: Gammon Software support
[RH click to get RSS URL] Forum RSS feed ( https://gammon.com.au/rss/forum.xml )

[Best viewed with any browser - 2K]    [Hosted at FutureQuest]