diff options
| author | starrheld <kevin@starrheld.co.uk> | 2017-03-19 19:18:43 +0100 |
|---|---|---|
| committer | HeartWell <heartwell@list.ru> | 2017-03-19 21:18:43 +0300 |
| commit | a67ceca682a813303de21d8f5a362134004315b6 (patch) | |
| tree | 2dbcd7ee6f610752cb99a1d2f0247eed0f574de7 /src/authserver/Server/AuthSocket.cpp | |
| parent | 6908181569160f2b44b324a1515d1f936f1af8ae (diff) | |
Core/Auth: Per SRP6a protocol, terminate connection of A % N == 0. This resolves another authentication bypass issue
Diffstat (limited to 'src/authserver/Server/AuthSocket.cpp')
| -rw-r--r-- | src/authserver/Server/AuthSocket.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/authserver/Server/AuthSocket.cpp b/src/authserver/Server/AuthSocket.cpp index b9e935a6d0..b9671c0d12 100644 --- a/src/authserver/Server/AuthSocket.cpp +++ b/src/authserver/Server/AuthSocket.cpp @@ -557,7 +557,7 @@ bool AuthSocket::_HandleLogonProof() A.SetBinary(lp.A, 32); // SRP safeguard: abort if A == 0 - if (A.isZero()) + if ((A % N).isZero()) { socket().shutdown(); return true; |