Notice: Any messages purporting to come from this site telling you that your password has expired, or that you need to verify your details, confirm your email, resolve issues, making threats, or asking for money, are
spam. We do not email users with any such messages. If you have lost your password you can obtain a new one by using the
password reset link.
Due to spam on this forum, all posts now need moderator approval.
Entire forum
➜ SMAUG
➜ SMAUG coding
➜ Crypt! :)
It is now over 60 days since the last post. This thread is closed.
Refresh page
| Posted by
| Vermithrax
USA (11 posts) Bio
|
| Date
| Wed 27 Aug 2003 10:17 PM (UTC) |
| Message
| Hey folks... I've been staring at the crypt code for a while, and I see
this in do_password:
if ( strcmp( crypt( arg1, ch->pcdata->pwd ), ch->pcdata->pwd ) )
{
wait_state( ch, 40 );
send_to_char( "Wrong password. Wait 10 seconds.\n\r", ch );
return;
}
So anyhow...
Why in the world are we doing a crypt of arg1 (what you type in for the new
password) and ch->pcdata->pwd??? Isn't ch->pcdata->pwd your password
already encrypted?? Why wouldn't you do a crypt of arg1 and the character's
name and compare it with ch->pcdata->pwd? Can someone explain that, please?
-Verm
| | Top |
|
| Posted by
| Nick Cash
USA (626 posts) Bio
|
| Date
| Reply #1 on Thu 28 Aug 2003 12:31 AM (UTC) |
| Message
| | I believe it crypts arg1 to compage it against the current password to see if they are the same. Same thing could be done by decrypting ch->pcdata->pwd. Anyways, I think thats right, or thats how I understand it. You might wait for a response from someone like Gammon, Boborak, Samson, or someone that knows this a bit more then I do. |
~Nick Cash
http://www.nick-cash.com | | Top |
|
| Posted by
| Vermithrax
USA (11 posts) Bio
|
| Date
| Reply #2 on Thu 28 Aug 2003 12:56 AM (UTC) |
| Message
| | Actually, I have it totally figured out now. :) Cool beans, thanks in advance! :) | | Top |
|
| Posted by
| Boborak
USA (228 posts) Bio
|
| Date
| Reply #3 on Thu 28 Aug 2003 05:00 PM (UTC) |
| Message
| Glad you figured it out ;-) For future refrence though, here's how it works.
When a new player is created, the password they supply is ran through the crypt function with their name like so:
crypt("password","Boborak")
Which returns the encrypted 'key' = BodDv430F5Nhs
That key is stored as the players 'password' in ch->pcdata->pwd
Now when the player logs on again and he enters his cleartext password 'password', the mud then takes the crypt() function again and checks the 'key' against the password like so:
crypt("password", "BodDv430F5Nhs")
This will return the exact same 'key' = BodDv430F5Nhs
Since it matches what's stored in ch->pcdata->pwd, the password must be correct.
This can be further demonstrated using the command 'formpass'.
Doing:
'formpass password Boborak' gives you the same as 'formpass password BodDv430F5Nhs'
Nifty eh? ;-)
-Boborak | | Top |
|
The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).
To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.
15,037 views.
It is now over 60 days since the last post. This thread is closed.
Refresh page
![[Go to top]](/images/gototop.gif)
top