Change: disable the insecure admin login by default

src/network/network_admin.cpp

@@ -639,6 +639,11 @@ NetworkRecvStatus ServerNetworkAdminSocketHandler::Receive_ADMIN_JOIN(Packet &p)
 {
 	if (this->status != ADMIN_STATUS_INACTIVE) return this->SendError(NETWORK_ERROR_NOT_EXPECTED);
 
+	if (!_settings_client.network.allow_insecure_admin_login) {
+		/* You're not authorized to login using this method. */
+		return this->SendError(NETWORK_ERROR_NOT_AUTHORIZED);
+	}
+
 	std::string password = p.Recv_string(NETWORK_PASSWORD_LENGTH);
 
 	if (_settings_client.network.admin_password.empty() ||

src/settings_type.h

@@ -324,6 +324,7 @@ struct NetworkSettings {
 	NetworkAuthorizedKeys server_authorized_keys; ///< Public keys of clients that are authorized to connect to the game.
 	std::string rcon_password;                            ///< password for rconsole (server side)
 	NetworkAuthorizedKeys rcon_authorized_keys; ///< Public keys of clients that are authorized to use the rconsole (server side).
+	bool allow_insecure_admin_login; ///< Whether to allow logging in as admin using the insecure old JOIN packet.
 	std::string admin_password;                           ///< password for the admin network
 	NetworkAuthorizedKeys admin_authorized_keys; ///< Public keys of clients that are authorized to use the admin network.
 	std::string client_name;                              ///< name of the player (as client)

src/table/settings/network_settings.ini

@@ -177,6 +177,12 @@ flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
 def      = true
 cat      = SC_EXPERT
 
+[SDTC_BOOL]
+var      = network.allow_insecure_admin_login
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
+def      = false
+cat      = SC_EXPERT
+
 [SDTC_OMANY]
 var      = network.server_game_type
 type     = SLE_UINT8