From 14abd1f5875d8c8e98ac9c76789d8b439008eba2 Mon Sep 17 00:00:00 2001
From: Shauren <shauren.trinity@gmail.com>
Date: Wed, 15 Mar 2017 21:41:58 +0100
Subject: Core/Auth: Per SRP6a protocol, terminate connection of A % N == 0. 
 This resolves another authentication bypass issue

(cherry picked from commit cmangos/mangos-wotlk@ea3e08a8123fbce0082b8aae8eb9b2541f083a9c)
---
 src/server/authserver/Server/AuthSession.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/server/authserver/Server/AuthSession.cpp')

diff --git a/src/server/authserver/Server/AuthSession.cpp b/src/server/authserver/Server/AuthSession.cpp
index e77a6dd4090..dfd77c39cb5 100644
--- a/src/server/authserver/Server/AuthSession.cpp
+++ b/src/server/authserver/Server/AuthSession.cpp
@@ -477,7 +477,7 @@ bool AuthSession::HandleLogonProof()
     A.SetBinary(logonProof->A, 32);
 
     // SRP safeguard: abort if A == 0
-    if (A.IsZero())
+    if ((A % N).IsZero())
         return false;
 
     SHA1Hash sha;
-- 
cgit v1.2.3