From 24772ea10f10dedc9a7bd6e07c771624e2023e0b Mon Sep 17 00:00:00 2001 From: David Kindl Date: Thu, 30 Oct 2025 13:17:53 +0100 Subject: [PATCH 1/2] Increase max password size from 16 to 30 (packet limit) --- src/common/sphereproto.h | 2 +- src/game/clients/CAccount.cpp | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/common/sphereproto.h b/src/common/sphereproto.h index b9bbb908e..e26bbaa79 100644 --- a/src/common/sphereproto.h +++ b/src/common/sphereproto.h @@ -754,7 +754,7 @@ enum RACE_TYPE // character race, used in new character creation (0x8D) and sta #define MAX_NAME_SIZE 30 #define MAX_ACCOUNT_NAME_SIZE MAX_NAME_SIZE -#define MAX_ACCOUNT_PASSWORD_ENTER 16 // client only allows n chars. +#define MAX_ACCOUNT_PASSWORD_SIZE 30 // Max size defined by Login Request (0x80) packet. #define ACCOUNT_NAME_VALID_CHAR " !\"#$%&()*,/:;<=>?@[\\]^{|}~" #define MAX_CHARS_PER_ACCT (byte) 7 diff --git a/src/game/clients/CAccount.cpp b/src/game/clients/CAccount.cpp index c125c3100..052127c44 100644 --- a/src/game/clients/CAccount.cpp +++ b/src/game/clients/CAccount.cpp @@ -1015,7 +1015,7 @@ bool CAccount::SetPassword( lpctstr pszPassword, bool isMD5Hash ) return true; } - size_t actualPasswordBufferSize = minimum(MAX_ACCOUNT_PASSWORD_ENTER, enteredPasswordLength) + 1; + size_t actualPasswordBufferSize = minimum(MAX_ACCOUNT_PASSWORD_SIZE, enteredPasswordLength) + 1; char * actualPassword = new char[actualPasswordBufferSize]; Str_CopyLimitNull(actualPassword, pszPassword, actualPasswordBufferSize); @@ -1066,10 +1066,10 @@ void CAccount::SetNewPassword( lpctstr pszPassword ) static constexpr tchar passwdChars[] = "ABCDEFGHJKLMNPQRTUVWXYZ2346789"; int len = (int)strlen(passwdChars); int charsCnt = g_Rand.GetVal(4) + 6; // 6 - 10 chars - if ( charsCnt > (MAX_ACCOUNT_PASSWORD_ENTER - 1) ) - charsCnt = MAX_ACCOUNT_PASSWORD_ENTER - 1; + if ( charsCnt > (MAX_ACCOUNT_PASSWORD_SIZE - 1) ) + charsCnt = MAX_ACCOUNT_PASSWORD_SIZE - 1; - tchar szTmp[MAX_ACCOUNT_PASSWORD_ENTER + 1]; + tchar szTmp[MAX_ACCOUNT_PASSWORD_SIZE + 1]; for ( int i = 0; i < charsCnt; ++i ) szTmp[i] = passwdChars[g_Rand.GetVal(len)]; @@ -1079,8 +1079,8 @@ void CAccount::SetNewPassword( lpctstr pszPassword ) } m_sNewPassword = pszPassword; - if ( m_sNewPassword.GetLength() > MAX_ACCOUNT_PASSWORD_ENTER ) - m_sNewPassword.Resize(MAX_ACCOUNT_PASSWORD_ENTER); + if ( m_sNewPassword.GetLength() > MAX_ACCOUNT_PASSWORD_SIZE ) + m_sNewPassword.Resize(MAX_ACCOUNT_PASSWORD_SIZE); } bool CAccount::SetResDisp(RESDISPLAY_VERSION what) From 0ee47179ddb13a8d7a2b0a6126792e617df73bf3 Mon Sep 17 00:00:00 2001 From: David Kindl Date: Mon, 16 Mar 2026 14:55:54 +0100 Subject: [PATCH 2/2] Changelog entry --- Changelog.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Changelog.txt b/Changelog.txt index 91b9a58f2..ba5511162 100644 --- a/Changelog.txt +++ b/Changelog.txt @@ -4111,3 +4111,5 @@ When setting a property like MORE to the a spell or skill defname, trying to rea 11-03-2026, Mulambo - Added: New experimental flag EF_WalkBypassMonsters. This will override hardcoded client behaviour that prevents stepping over NPCs without max stamina (like GM can). However, this could cause flickering or lags to clients and should be used with caution. +16-03-2026, Mulambo +- Changed: Sphere now accepts passwords with length up to 30 characters (was 16). WARNING: most clients still has a cap of 16 characters, be carefull with longer passwords.