From 7552998bbef14b06640593674ca5ba294dc7157b Mon Sep 17 00:00:00 2001
From: rsakeys <r@rsakeys.org>
Date: Sun, 17 May 2020 20:20:49 +0100
Subject: [PATCH 1/2] Catch exception when the client sends a false login key
 that isn't found in redis.

---
 houdini/handlers/login/world.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/houdini/handlers/login/world.py b/houdini/handlers/login/world.py
index 65149bc..64dbc4a 100644
--- a/houdini/handlers/login/world.py
+++ b/houdini/handlers/login/world.py
@@ -77,7 +77,11 @@ async def handle_legacy_login(p, credentials: Credentials):
     tr.delete(f'{credentials.username}.lkey', f'{credentials.username}.ckey')
     login_key, _ = await tr.execute()
 
-    login_key = login_key.decode()
+    try:
+        login_key = login_key.decode()
+    except:
+        return await p.close()
+
     login_hash = Crypto.encrypt_password(login_key + p.server.config.auth_key) + login_key
 
     if login_key is None or login_hash != credentials.password:

From 88e78df91a6cc198c4098998bf590e0905b4e7f1 Mon Sep 17 00:00:00 2001
From: rsakeys <r@rsakeys.org>
Date: Sun, 17 May 2020 20:40:06 +0100
Subject: [PATCH 2/2] Specify the type of exception caught

---
 houdini/handlers/login/world.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/houdini/handlers/login/world.py b/houdini/handlers/login/world.py
index 64dbc4a..b4d95b4 100644
--- a/houdini/handlers/login/world.py
+++ b/houdini/handlers/login/world.py
@@ -79,7 +79,7 @@ async def handle_legacy_login(p, credentials: Credentials):
 
     try:
         login_key = login_key.decode()
-    except:
+    except AttributeError:
         return await p.close()
 
     login_hash = Crypto.encrypt_password(login_key + p.server.config.auth_key) + login_key