From e3657ab2d5e3004f927e5e1ba316712eb79cfa81 Mon Sep 17 00:00:00 2001 From: heinrich5991 Date: Sat, 6 Apr 2019 02:47:00 +0200 Subject: [PATCH] Use SHA256 instead of MD5 in some places This only works in places where the actual choice of hashing function doesn't matter. --- src/engine/client/serverbrowser.cpp | 10 +++++----- src/engine/shared/network_server.cpp | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/engine/client/serverbrowser.cpp b/src/engine/client/serverbrowser.cpp index f0f036ad0..5998f03cc 100644 --- a/src/engine/client/serverbrowser.cpp +++ b/src/engine/client/serverbrowser.cpp @@ -92,11 +92,11 @@ const CServerInfo *CServerBrowser::SortedGet(int Index) const int CServerBrowser::GenerateToken(const NETADDR &Addr) const { - MD5_CTX Md5; - md5_init(&Md5); - md5_update(&Md5, m_aTokenSeed, sizeof(m_aTokenSeed)); - md5_update(&Md5, (unsigned char *)&Addr, sizeof(Addr)); - MD5_DIGEST Digest = md5_finish(&Md5); + SHA256_CTX Sha256; + sha256_init(&Sha256); + sha256_update(&Sha256, m_aTokenSeed, sizeof(m_aTokenSeed)); + sha256_update(&Sha256, (unsigned char *)&Addr, sizeof(Addr)); + SHA256_DIGEST Digest = sha256_finish(&Sha256); return (Digest.data[0] << 16) | (Digest.data[1] << 8) | Digest.data[2]; } diff --git a/src/engine/shared/network_server.cpp b/src/engine/shared/network_server.cpp index 07fa4aee4..150f504f6 100644 --- a/src/engine/shared/network_server.cpp +++ b/src/engine/shared/network_server.cpp @@ -145,12 +145,12 @@ int CNetServer::Update() SECURITY_TOKEN CNetServer::GetToken(const NETADDR &Addr) { - MD5_CTX Md5; - md5_init(&Md5); - md5_update(&Md5, (unsigned char*)m_SecurityTokenSeed, sizeof(m_SecurityTokenSeed)); - md5_update(&Md5, (unsigned char*)&Addr, sizeof(Addr)); + SHA256_CTX Sha256; + sha256_init(&Sha256); + sha256_update(&Sha256, (unsigned char*)m_SecurityTokenSeed, sizeof(m_SecurityTokenSeed)); + sha256_update(&Sha256, (unsigned char*)&Addr, sizeof(Addr)); - SECURITY_TOKEN SecurityToken = ToSecurityToken(md5_finish(&Md5).data); + SECURITY_TOKEN SecurityToken = ToSecurityToken(sha256_finish(&Sha256).data); if (SecurityToken == NET_SECURITY_TOKEN_UNKNOWN || SecurityToken == NET_SECURITY_TOKEN_UNSUPPORTED)