diff options
| author | jackpoz <giacomopoz@gmail.com> | 2016-08-03 23:33:36 +0200 |
|---|---|---|
| committer | jackpoz <giacomopoz@gmail.com> | 2016-08-03 23:33:36 +0200 |
| commit | e4b2e0450f9cf38b8c69c2877068cee4e5f99dbc (patch) | |
| tree | 450f2d2230bc410d2d0dab73aec945aac8185581 /src/server/authserver/Server/AuthSession.cpp | |
| parent | 25dc3dd7a2fe1cea41b68559a7ccc0faa5ec5fa3 (diff) | |
Common/Crypto: Reduce differences between 3.3.5 and 6.x branches
Code functionality shouldn't have been modified.
Diffstat (limited to 'src/server/authserver/Server/AuthSession.cpp')
| -rw-r--r-- | src/server/authserver/Server/AuthSession.cpp | 18 |
1 files changed, 4 insertions, 14 deletions
diff --git a/src/server/authserver/Server/AuthSession.cpp b/src/server/authserver/Server/AuthSession.cpp index 43c327ffda1..ec72651ecb7 100644 --- a/src/server/authserver/Server/AuthSession.cpp +++ b/src/server/authserver/Server/AuthSession.cpp @@ -499,7 +499,7 @@ bool AuthSession::HandleLogonProof() A.SetBinary(logonProof->A, 32); // SRP safeguard: abort if A == 0 - if (A.isZero()) + if (A.IsZero()) { return false; } @@ -575,18 +575,15 @@ bool AuthSession::HandleLogonProof() // Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account // No SQL injection (escaped user name) and IP address as received by socket - const char *K_hex = K.AsHexStr(); PreparedStatement *stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF); - stmt->setString(0, K_hex); + stmt->setString(0, K.AsHexStr()); stmt->setString(1, GetRemoteIpAddress().to_string().c_str()); stmt->setUInt32(2, GetLocaleByName(_localizationName)); stmt->setString(3, _os); stmt->setString(4, _accountInfo.Login); LoginDatabase.DirectExecute(stmt); - OPENSSL_free((void*)K_hex); - // Finish SRP6 and send the final result to the client sha.Initialize(); sha.UpdateBigNumbers(&A, &M, &K, NULL); @@ -959,16 +956,9 @@ void AuthSession::SetVSFields(const std::string& rI) v = g.ModExp(x, N); // No SQL injection (username escaped) - char *v_hex, *s_hex; - v_hex = v.AsHexStr(); - s_hex = s.AsHexStr(); - PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS); - stmt->setString(0, v_hex); - stmt->setString(1, s_hex); + stmt->setString(0, v.AsHexStr()); + stmt->setString(1, s.AsHexStr()); stmt->setString(2, _accountInfo.Login); LoginDatabase.Execute(stmt); - - OPENSSL_free(v_hex); - OPENSSL_free(s_hex); } |