From 096a77bac2168c2e899e254c9d18900a45c2e690 Mon Sep 17 00:00:00 2001
From: Chaosvex <ch@osvex.com>
Date: Fri, 18 Nov 2016 16:22:51 +0100
Subject: Core/Auth: Resolved critical vulnerability on auth system bypass

---
 src/authserver/Server/AuthSocket.h | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'src/authserver/Server/AuthSocket.h')

diff --git a/src/authserver/Server/AuthSocket.h b/src/authserver/Server/AuthSocket.h
index db7f3d9a36..ac00528b4c 100644
--- a/src/authserver/Server/AuthSocket.h
+++ b/src/authserver/Server/AuthSocket.h
@@ -14,6 +14,16 @@
 class ACE_INET_Addr;
 struct Realm;
 
+enum eStatus
+{
+    STATUS_CHALLENGE,
+    STATUS_LOGON_PROOF,
+    STATUS_RECON_PROOF,
+    STATUS_PATCH,      // unused in CMaNGOS
+    STATUS_AUTHED,
+    STATUS_CLOSED
+};
+
 // Handle login commands
 class AuthSocket: public RealmSocket::Session
 {
@@ -54,7 +64,7 @@ private:
     BigNumber K;
     BigNumber _reconnectProof;
 
-    bool _authed;
+    eStatus _status;
 
     std::string _login;
 
-- 
cgit v1.2.3