campaignd: Use base64-encoded hashes for add-on passphrases again

Fixes #2068.

As pointed out in the ticket, commit
98648ddf63 changed the implementation of
hex_digest() to use hexadecimal numbers instead of base64, causing new
calculated hashes during [upload] and other authenticated operations to
not match what campaignd already had on record.

This commit fixes that by using utils::md5::base64_digest() as
recommended by celticminstrel (which had already been done for wesnothd
but not campaignd, of course). It also matches the 1.12 version of the
campaignd hashing code this way.

Additionally, new uploads/passphrases since the deployment of that change
will need to be re-set by hand to get their base64 versions into the
server config.

changelog

@@ -6,6 +6,9 @@ Version 1.13.10:
    * A list of illegal filenames is sent to the client if any are found during
      the upload validation process. Only clients supporting this new
      functionality can display the list.
+   * Fix an issue where the implementation of the hashing function used for
+     add-on passphrases was changed since 1.13.8, breaking existing hashes
+     (bug #2068).
  * Language and i18n:
    * Updated translations: British English
  * Multiplayer:

src/campaign_server/campaign_server.cpp

@@ -71,7 +71,7 @@ namespace {
 /* Secure password storage functions */
 bool authenticate(config& campaign, const config::attribute_value& passphrase)
 {
-	return utils::md5(passphrase, campaign["passsalt"]).hex_digest() == campaign["passhash"];
+	return utils::md5(passphrase, campaign["passsalt"]).base64_digest() == campaign["passhash"];
 }
 
 std::string generate_salt(size_t len)
@@ -93,7 +93,7 @@ void set_passphrase(config& campaign, std::string passphrase)
 {
 	std::string salt = generate_salt(16);
 	campaign["passsalt"] = salt;
-	campaign["passhash"] = utils::md5(passphrase, salt).hex_digest();
+	campaign["passhash"] = utils::md5(passphrase, salt).base64_digest();
 }
 
 } // end anonymous namespace