From 5df4b2d9d40f075dc3de7b3b2fe01ae04c7ca809 Mon Sep 17 00:00:00 2001
From: blobjin <blob.jin@igg.com>
Date: Fri, 4 Aug 2023 13:57:40 +0800
Subject: [PATCH 1/2] =?UTF-8?q?cmangos=E6=97=A0=E6=B3=95=E6=94=B9=E5=AF=86?=
 =?UTF-8?q?=E7=A0=81fix?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/include/functions.php | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/application/include/functions.php b/application/include/functions.php
index 6caa1cf8..437d50d4 100644
--- a/application/include/functions.php
+++ b/application/include/functions.php
@@ -364,15 +364,13 @@ function getRegistrationData($username, $password)
 //From TrinityCore/AOWOW
 function verifySRP6($user, $pass, $salt, $verifier)
 {
-    $g = gmp_init(7);
-    $N = gmp_init('894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7', 16);
-    $x = gmp_import(
-        sha1($salt . sha1(strtoupper($user . ':' . $pass), TRUE), TRUE),
-        1,
-        GMP_LSW_FIRST
-    );
-    $v = gmp_powm($g, $x, $N);
-    return ($verifier === str_pad(gmp_export($v, 1, GMP_LSW_FIRST), 32, chr(0), STR_PAD_RIGHT));
+    $s = $salt;
+    if(get_config('server_core') == 5)
+    {
+        $s = pack("H*",strtolower($salt));
+    }
+    $v = strtoupper(bin2hex(calculateSRP6Verifier($user, $pass, $s)));
+    return ($verifier === $v);
 }
 
 // Get language text

From 16f1e8076e643a37faa461b4840bcaba1c79ea45 Mon Sep 17 00:00:00 2001
From: blobjin <blob.jin@igg.com>
Date: Tue, 5 Sep 2023 15:44:48 +0800
Subject: [PATCH 2/2] change password fix

---
 application/include/functions.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/application/include/functions.php b/application/include/functions.php
index 437d50d4..b229d4fd 100644
--- a/application/include/functions.php
+++ b/application/include/functions.php
@@ -368,8 +368,10 @@ function verifySRP6($user, $pass, $salt, $verifier)
     if(get_config('server_core') == 5)
     {
         $s = pack("H*",strtolower($salt));
+        $v = strtoupper(bin2hex(calculateSRP6Verifier($user, $pass, $s)));
+        return ($verifier === $v);
     }
-    $v = strtoupper(bin2hex(calculateSRP6Verifier($user, $pass, $s)));
+    $v = calculateSRP6Verifier($user, $pass, $s);
     return ($verifier === $v);
 }