(svn r11557) -Codechange: send and store the passwords a little more secure to/in the servers.

Each server and game yield a (usually) different 'salt'. This salt is used by the clients to hash their passwords. This way the passwords are not sent in clear text and it is not trivial to use those hashes on other servers.
NOTE: It is still NOT safe to use your trusted passwords and it will not stop people from being able to 'hijack' your password, it only makes it harder to do and certainly much less trivial than just dumping passwords from the memory.

1 files changed, 4 insertions, 0 deletions

diff --git a/src/network/network_server.cpp b/src/network/network_server.cpp
index 0c484d516..1c10996db 100644
--- a/src/network/network_server.cpp
+++ b/src/network/network_server.cpp
@@ -224,6 +224,8 @@ DEF_SERVER_SEND_COMMAND_PARAM(PACKET_SERVER_NEED_PASSWORD)(NetworkTCPSocketHandl
 
 	Packet *p = NetworkSend_Init(PACKET_SERVER_NEED_PASSWORD);
 	p->Send_uint8(type);
+	p->Send_uint32(_patches.generation_seed);
+	p->Send_string(_network_unique_id);
 	cs->Send_Packet(p);
 }
 
@@ -247,6 +249,8 @@ DEF_SERVER_SEND_COMMAND(PACKET_SERVER_WELCOME)
 
 	p = NetworkSend_Init(PACKET_SERVER_WELCOME);
 	p->Send_uint16(cs->index);
+	p->Send_uint32(_patches.generation_seed);
+	p->Send_string(_network_unique_id);
 	cs->Send_Packet(p);
 
 		// Transmit info about all the active clients