From 1d711d6cf0b4eedb272a97a2fcb9f54e7c34c8eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20M=C3=BCller?= <robytemueller@gmail.com>
Date: Fri, 22 Sep 2023 20:55:27 +0200
Subject: [PATCH] Correctly update auth keys when using `auth_remove`

When using `auth_remove`, the key indices for the default helper, mod and admin passwords were not properly adjusted, causing the wrong passwords to be used for the username-less logins.

The key indices for connected clients were also not properly adjusted, causing the wrong identity to be shown for currently authenticated clients when using the `status` command.

Closes #6427.
---
 src/engine/server/authmanager.cpp |  8 ++++----
 src/engine/server/authmanager.h   |  2 +-
 src/engine/server/server.cpp      | 16 ++++++++++------
 3 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/src/engine/server/authmanager.cpp b/src/engine/server/authmanager.cpp
index 62b7be582..6014af70f 100644
--- a/src/engine/server/authmanager.cpp
+++ b/src/engine/server/authmanager.cpp
@@ -65,21 +65,21 @@ int CAuthManager::AddKey(const char *pIdent, const char *pPw, int AuthLevel)
 	return AddKeyHash(pIdent, HashPassword(pPw, aSalt), aSalt, AuthLevel);
 }
 
-int CAuthManager::RemoveKey(int Slot)
+void CAuthManager::RemoveKey(int Slot)
 {
 	m_vKeys.erase(m_vKeys.begin() + Slot);
+	// Update indices of default keys
 	for(int &Default : m_aDefault)
 	{
 		if(Default == Slot)
 		{
 			Default = -1;
 		}
-		else if(Default == (int)m_vKeys.size())
+		else if(Default > Slot)
 		{
-			Default = Slot;
+			--Default;
 		}
 	}
-	return m_vKeys.size();
 }
 
 int CAuthManager::FindKey(const char *pIdent) const
diff --git a/src/engine/server/authmanager.h b/src/engine/server/authmanager.h
index feea4ac4f..9845100e8 100644
--- a/src/engine/server/authmanager.h
+++ b/src/engine/server/authmanager.h
@@ -30,7 +30,7 @@ public:
 	void Init();
 	int AddKeyHash(const char *pIdent, MD5_DIGEST Hash, const unsigned char *pSalt, int AuthLevel);
 	int AddKey(const char *pIdent, const char *pPw, int AuthLevel);
-	int RemoveKey(int Slot); // Returns the old key slot that is now in the named one.
+	void RemoveKey(int Slot);
 	int FindKey(const char *pIdent) const;
 	bool CheckKey(int Slot, const char *pPw) const;
 	int DefaultKey(int AuthLevel) const;
diff --git a/src/engine/server/server.cpp b/src/engine/server/server.cpp
index aeff8a1ab..77223869b 100644
--- a/src/engine/server/server.cpp
+++ b/src/engine/server/server.cpp
@@ -3107,16 +3107,20 @@ static int GetAuthLevel(const char *pLevel)
 
 void CServer::AuthRemoveKey(int KeySlot)
 {
-	int NewKeySlot = KeySlot;
-	int OldKeySlot = m_AuthManager.RemoveKey(KeySlot);
+	m_AuthManager.RemoveKey(KeySlot);
 	LogoutKey(KeySlot, "key removal");
 
 	// Update indices.
-	if(OldKeySlot != NewKeySlot)
+	for(auto &Client : m_aClients)
 	{
-		for(auto &Client : m_aClients)
-			if(Client.m_AuthKey == OldKeySlot)
-				Client.m_AuthKey = NewKeySlot;
+		if(Client.m_AuthKey == KeySlot)
+		{
+			Client.m_AuthKey = -1;
+		}
+		else if(Client.m_AuthKey > KeySlot)
+		{
+			--Client.m_AuthKey;
+		}
 	}
 }