Context Navigation

AuthSocket.cpp @ 35

Revision 35, 30.9 kB (checked in by yumileroy, 17 years ago)

[svn] * Fixing some typos in SQL files.
* Applying proper structure to SQL updates.
* Fixing ImpConfig? compile problems.
* Moving INSTALL to INSTALL.linux to avoid autoconf collisions.

Original author: XTZGZoReX
Date: 2008-10-10 15:20:27-05:00

Line
1	/*
2	* Copyright (C) 2005-2008 MaNGOS <http://www.mangosproject.org/>
3	*
4	* This program is free software; you can redistribute it and/or modify
5	* it under the terms of the GNU General Public License as published by
6	* the Free Software Foundation; either version 2 of the License, or
7	* (at your option) any later version.
8	*
9	* This program is distributed in the hope that it will be useful,
10	* but WITHOUT ANY WARRANTY; without even the implied warranty of
11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12	* GNU General Public License for more details.
13	*
14	* You should have received a copy of the GNU General Public License
15	* along with this program; if not, write to the Free Software
16	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17	*/
18
19	/** \file
20	\ingroup realmd
21	*/
22
23	#include "Common.h"
24	#include "Database/DatabaseEnv.h"
25	#include "ByteBuffer.h"
26	#include "Config/ConfigEnv.h"
27	#include "Log.h"
28	#include "RealmList.h"
29	#include "AuthSocket.h"
30	#include "AuthCodes.h"
31	#include <openssl/md5.h>
32	#include "Auth/Sha1.h"
33	//#include "Util.h" -- for commented utf8ToUpperOnlyLatin
34
35	extern RealmList m_realmList;
36
37	extern DatabaseType dbRealmServer;
38
39	#define ChunkSize 2048
40
41	enum eAuthCmd
42	{
43	//AUTH_NO_CMD = 0xFF,
44	AUTH_LOGON_CHALLENGE = 0x00,
45	AUTH_LOGON_PROOF = 0x01,
46	//AUTH_RECONNECT_CHALLENGE = 0x02,
47	//AUTH_RECONNECT_PROOF = 0x03,
48	//update srv =4
49	REALM_LIST = 0x10,
50	XFER_INITIATE = 0x30,
51	XFER_DATA = 0x31,
52	XFER_ACCEPT = 0x32,
53	XFER_RESUME = 0x33,
54	XFER_CANCEL = 0x34
55	};
56
57	enum eStatus
58	{
59	STATUS_CONNECTED = 0,
60	STATUS_AUTHED
61	};
62
63	// GCC have alternative #pragma pack(N) syntax and old gcc version not support pack(push,N), also any gcc version not support it at some paltform
64	#if defined( __GNUC__ )
65	#pragma pack(1)
66	#else
67	#pragma pack(push,1)
68	#endif
69
70	typedef struct AUTH_LOGON_CHALLENGE_C
71	{
72	uint8 cmd;
73	uint8 error;
74	uint16 size;
75	uint8 gamename[4];
76	uint8 version1;
77	uint8 version2;
78	uint8 version3;
79	uint16 build;
80	uint8 platform[4];
81	uint8 os[4];
82	uint8 country[4];
83	uint32 timezone_bias;
84	uint32 ip;
85	uint8 I_len;
86	uint8 I[1];
87	} sAuthLogonChallenge_C;
88
89	//typedef sAuthLogonChallenge_C sAuthReconnectChallenge_C;
90	/*
91	typedef struct
92	{
93	uint8 cmd;
94	uint8 error;
95	uint8 unk2;
96	uint8 B[32];
97	uint8 g_len;
98	uint8 g[1];
99	uint8 N_len;
100	uint8 N[32];
101	uint8 s[32];
102	uint8 unk3[16];
103	} sAuthLogonChallenge_S;
104	*/
105
106	typedef struct AUTH_LOGON_PROOF_C
107	{
108	uint8 cmd;
109	uint8 A[32];
110	uint8 M1[20];
111	uint8 crc_hash[20];
112	uint8 number_of_keys;
113	uint8 unk; // Added in 1.12.x client branch
114	} sAuthLogonProof_C;
115	/*
116	typedef struct
117	{
118	uint16 unk1;
119	uint32 unk2;
120	uint8 unk3[4];
121	uint16 unk4[20];
122	} sAuthLogonProofKey_C;
123	*/
124	typedef struct AUTH_LOGON_PROOF_S
125	{
126	uint8 cmd;
127	uint8 error;
128	uint8 M2[20];
129	uint32 unk1;
130	uint32 unk2;
131	uint16 unk3;
132	} sAuthLogonProof_S;
133
134	typedef struct XFER_INIT
135	{
136	uint8 cmd; // XFER_INITIATE
137	uint8 fileNameLen; // strlen(fileName);
138	uint8 fileName[1]; // fileName[fileNameLen]
139	uint64 file_size; // file size (bytes)
140	uint8 md5[MD5_DIGEST_LENGTH]; // MD5
141	}XFER_INIT;
142
143	typedef struct XFER_DATA
144	{
145	uint8 opcode;
146	uint16 data_size;
147	uint8 data[ChunkSize];
148	}XFER_DATA_STRUCT;
149
150	typedef struct AuthHandler
151	{
152	eAuthCmd cmd;
153	uint32 status;
154	bool (AuthSocket::*handler)(void);
155	}AuthHandler;
156
157	// GCC have alternative #pragma pack() syntax and old gcc version not support pack(pop), also any gcc version not support it at some paltform
158	#if defined( __GNUC__ )
159	#pragma pack()
160	#else
161	#pragma pack(pop)
162	#endif
163
164	/// Launch a thread to transfer a patch to the client
165	class PatcherRunnable: public ZThread::Runnable
166	{
167	public:
168	PatcherRunnable(class AuthSocket *);
169	void run();
170
171	private:
172	AuthSocket * mySocket;
173	};
174
175	typedef struct PATCH_INFO
176	{
177	uint8 md5[MD5_DIGEST_LENGTH];
178	}PATCH_INFO;
179
180	/// Caches MD5 hash of client patches present on the server
181	class Patcher
182	{
183	public:
184	typedef std::map<std::string, PATCH_INFO*> Patches;
185	~Patcher();
186	Patcher();
187	Patches::const_iterator begin() const { return _patches.begin(); }
188	Patches::const_iterator end() const { return _patches.end(); }
189	void LoadPatchMD5(char*);
190	bool GetHash(char * pat,uint8 mymd5[16]);
191
192	private:
193	void LoadPatchesInfo();
194	Patches _patches;
195	};
196
197	const AuthHandler table[] =
198	{
199	{ AUTH_LOGON_CHALLENGE, STATUS_CONNECTED, &AuthSocket::_HandleLogonChallenge},
200	{ AUTH_LOGON_PROOF, STATUS_CONNECTED, &AuthSocket::_HandleLogonProof },
201	{ REALM_LIST, STATUS_AUTHED, &AuthSocket::_HandleRealmList },
202	{ XFER_ACCEPT, STATUS_CONNECTED, &AuthSocket::_HandleXferAccept },
203	{ XFER_RESUME, STATUS_CONNECTED, &AuthSocket::_HandleXferResume },
204	{ XFER_CANCEL, STATUS_CONNECTED, &AuthSocket::_HandleXferCancel }
205	};
206
207	#define AUTH_TOTAL_COMMANDS sizeof(table)/sizeof(AuthHandler)
208
209	///Holds the MD5 hash of client patches present on the server
210	Patcher PatchesCache;
211
212	/// Constructor - set the N and g values for SRP6
213	AuthSocket::AuthSocket(ISocketHandler &h) : TcpSocket(h)
214	{
215	N.SetHexStr("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7");
216	g.SetDword(7);
217	_authed = false;
218	pPatch=NULL;
219
220	_accountSecurityLevel = SEC_PLAYER;
221	}
222
223	/// Close patch file descriptor before leaving
224	AuthSocket::~AuthSocket()
225	{
226	if(pPatch)
227	fclose(pPatch);
228	}
229
230	/// Accept the connection and set the s random value for SRP6
231	void AuthSocket::OnAccept()
232	{
233	sLog.outBasic("Accepting connection from '%s:%d'",
234	GetRemoteAddress().c_str(), GetRemotePort());
235
236	s.SetRand(s_BYTE_SIZE * 8);
237	}
238
239	/// Read the packet from the client
240	void AuthSocket::OnRead()
241	{
242	///- Read the packet
243	TcpSocket::OnRead();
244	uint8 _cmd;
245	while (1)
246	{
247	if (!ibuf.GetLength())
248	return;
249
250	///- Get the command out of it
251	ibuf.SoftRead((char *)&_cmd, 1); // UQ1: No longer exists in new net code ???
252	//ibuf.Read((char *)&_cmd, 1);
253	/char command = (char *)malloc(1);
254
255	ibuf.Read(command, 1);
256
257	_cmd = (uint8)command;*/
258	// assert(0);
259	size_t i;
260
261	///- Circle through known commands and call the correct command handler
262	for (i=0;i<AUTH_TOTAL_COMMANDS; i++)
263	{
264	if ((uint8)table[i].cmd == _cmd &&
265	(table[i].status == STATUS_CONNECTED \|\|
266	(_authed && table[i].status == STATUS_AUTHED)))
267	{
268	DEBUG_LOG("[Auth] got data for cmd %u ibuf length %u", (uint32)_cmd, ibuf.GetLength());
269
270	if (!(this.table[i].handler)())
271	{
272	DEBUG_LOG("Command handler failed for cmd %u ibuf length %u", (uint32)_cmd, ibuf.GetLength());
273	return;
274	}
275	break;
276	}
277	}
278
279	///- Report unknown commands in the debug log
280	if (i==AUTH_TOTAL_COMMANDS)
281	{
282	DEBUG_LOG("[Auth] got unknown packet %u", (uint32)_cmd);
283	return;
284	}
285	}
286	}
287
288	/// Make the SRP6 calculation from hash in dB
289	void AuthSocket::_SetVSFields(std::string rI)
290	{
291	BigNumber I;
292	I.SetHexStr(rI.c_str());
293
294	//In case of leading zeroes in the rI hash, restore them
295	uint8 mDigest[SHA_DIGEST_LENGTH];
296	memset(mDigest,0,SHA_DIGEST_LENGTH);
297	if (I.GetNumBytes() <= SHA_DIGEST_LENGTH)
298	memcpy(mDigest,I.AsByteArray(),I.GetNumBytes());
299
300	std::reverse(mDigest,mDigest+SHA_DIGEST_LENGTH);
301
302	Sha1Hash sha;
303	sha.UpdateData(s.AsByteArray(), s.GetNumBytes());
304	sha.UpdateData(mDigest, SHA_DIGEST_LENGTH);
305	sha.Finalize();
306	BigNumber x;
307	x.SetBinary(sha.GetDigest(), sha.GetLength());
308	v = g.ModExp(x, N);
309	// No SQL injection (username escaped)
310	const char v_hex, s_hex;
311	v_hex = v.AsHexStr();
312	s_hex = s.AsHexStr();
313	dbRealmServer.PExecute("UPDATE account SET v = '%s', s = '%s' WHERE username = '%s'",v_hex,s_hex, _safelogin.c_str() );
314	OPENSSL_free((void*)v_hex);
315	OPENSSL_free((void*)s_hex);
316	}
317
318	/// Logon Challenge command handler
319	bool AuthSocket::_HandleLogonChallenge()
320	{
321	DEBUG_LOG("Entering _HandleLogonChallenge");
322	if (ibuf.GetLength() < sizeof(sAuthLogonChallenge_C))
323	return false;
324
325	///- Read the first 4 bytes (header) to get the length of the remaining of the packet
326	std::vector<uint8> buf;
327	buf.resize(4);
328
329	ibuf.Read((char *)&buf[0], 4);
330
331	EndianConvert(((uint16)(buf[0])));
332	uint16 remaining = ((sAuthLogonChallenge_C *)&buf[0])->size;
333	DEBUG_LOG("[AuthChallenge] got header, body is %#04x bytes", remaining);
334
335	if ((remaining < sizeof(sAuthLogonChallenge_C) - buf.size()) \|\| (ibuf.GetLength() < remaining))
336	return false;
337
338	//No big fear of memory outage (size is int16, i.e. < 65536)
339	buf.resize(remaining + buf.size() + 1);
340	buf[buf.size() - 1] = 0;
341	sAuthLogonChallenge_C ch = (sAuthLogonChallenge_C)&buf[0];
342
343	// BigEndian code, nop in little endian case
344	// size already converted
345	EndianConvert(((uint32)(&ch->gamename[0])));
346	EndianConvert(ch->build);
347	EndianConvert(((uint32)(&ch->platform[0])));
348	EndianConvert(((uint32)(&ch->os[0])));
349	EndianConvert(((uint32)(&ch->country[0])));
350	EndianConvert(ch->timezone_bias);
351	EndianConvert(ch->ip);
352
353	///- Read the remaining of the packet
354	ibuf.Read((char *)&buf[4], remaining);
355	DEBUG_LOG("[AuthChallenge] got full packet, %#04x bytes", ch->size);
356	DEBUG_LOG("[AuthChallenge] name(%d): '%s'", ch->I_len, ch->I);
357
358	ByteBuffer pkt;
359
360	_login = (const char*)ch->I;
361
362	///- Normalize account name
363	//utf8ToUpperOnlyLatin(_login); -- client already send account in expected form
364
365	//Escape the user login to avoid further SQL injection
366	//Memory will be freed on AuthSocket object destruction
367	_safelogin=_login;
368	dbRealmServer.escape_string(_safelogin);
369
370	///- Check if the client has one of the expected version numbers
371	bool valid_version=false;
372	int MinBuild = sConfig.GetIntDefault("MinBuild", 8606);
373	int MaxBuild = sConfig.GetIntDefault("MaxBuild", 8606);
374
375	if(ch->build >= MinBuild && ch->build <= MaxBuild) {
376	valid_version=true;
377	} else {
378	valid_version=false;
379	};
380
381	/// <ul><li> if this is a valid version
382	if(valid_version)
383	{
384	pkt << (uint8) AUTH_LOGON_CHALLENGE;
385	pkt << (uint8) 0x00;
386
387	///- Verify that this IP is not in the ip_banned table
388	// No SQL injection possible (paste the IP address as passed by the socket)
389	dbRealmServer.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
390
391	std::string address = GetRemoteAddress();
392	dbRealmServer.escape_string(address);
393	QueryResult result = dbRealmServer.PQuery( "SELECT FROM ip_banned WHERE ip = '%s'",address.c_str());
394	if(result)
395	{
396	pkt << (uint8)REALM_AUTH_ACCOUNT_BANNED;
397	sLog.outBasic("[AuthChallenge] Banned ip %s tries to login!",GetRemoteAddress().c_str ());
398	delete result;
399	}
400	else
401	{
402	///- Get the account details from the account table
403	// No SQL injection (escaped user name)
404
405	result = dbRealmServer.PQuery("SELECT sha_pass_hash,id,locked,last_ip,gmlevel FROM account WHERE username = '%s'",_safelogin.c_str ());
406	if( result )
407	{
408	///- If the IP is 'locked', check that the player comes indeed from the correct IP address
409	bool locked = false;
410	if((*result)[2].GetUInt8() == 1) // if ip is locked
411	{
412	DEBUG_LOG("[AuthChallenge] Account '%s' is locked to IP - '%s'", _login.c_str(), (*result)[3].GetString());
413	DEBUG_LOG("[AuthChallenge] Player address is '%s'", GetRemoteAddress().c_str());
414	if ( strcmp((*result)[3].GetString(),GetRemoteAddress().c_str()) )
415	{
416	DEBUG_LOG("[AuthChallenge] Account IP differs");
417	pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
418	locked=true;
419	}
420	else
421	{
422	DEBUG_LOG("[AuthChallenge] Account IP matches");
423	}
424	}
425	else
426	{
427	DEBUG_LOG("[AuthChallenge] Account '%s' is not locked to ip", _login.c_str());
428	}
429
430	if (!locked)
431	{
432	//set expired bans to inactive
433	dbRealmServer.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
434	///- If the account is banned, reject the logon attempt
435	QueryResult banresult = dbRealmServer.PQuery("SELECT bandate,unbandate FROM account_banned WHERE id = %u AND active = 1", (result)[1].GetUInt32());
436	if(banresult)
437	{
438	if((banresult)[0].GetUInt64() == (banresult)[1].GetUInt64())
439	{
440	pkt << (uint8) REALM_AUTH_ACCOUNT_BANNED;
441	sLog.outBasic("[AuthChallenge] Banned account %s tries to login!",_login.c_str ());
442	}
443	else
444	{
445	pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
446	sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!",_login.c_str ());
447	}
448
449	delete banresult;
450	}
451	else
452	{
453	///- Get the password from the account table, upper it, and make the SRP6 calculation
454	std::string rI = (*result)[0].GetCppString();
455	_SetVSFields(rI);
456
457	b.SetRand(19 * 8);
458	BigNumber gmod=g.ModExp(b, N);
459	B = ((v * 3) + gmod) % N;
460
461	ASSERT(gmod.GetNumBytes() <= 32);
462
463	BigNumber unk3;
464	unk3.SetRand(16*8);
465
466	///- Fill the response packet with the result
467	pkt << (uint8)REALM_AUTH_SUCCESS;
468
469	// B may be calculated < 32B so we force minnimal length to 32B
470	pkt.append(B.AsByteArray(32), 32); // 32 bytes
471	pkt << (uint8)1;
472	pkt.append(g.AsByteArray(), 1);
473	pkt << (uint8)32;
474	pkt.append(N.AsByteArray(), 32);
475	pkt.append(s.AsByteArray(), s.GetNumBytes()); // 32 bytes
476	pkt.append(unk3.AsByteArray(), 16);
477	pkt << (uint8)0; // Added in 1.12.x client branch
478
479	uint8 secLevel = (*result)[4].GetUInt8();
480	_accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
481
482	std::string localeName;
483	localeName.resize(4);
484	for(int i = 0; i <4; ++i)
485	localeName[i] = ch->country[4-i-1];
486
487	_localization = GetLocaleByName(localeName);
488
489	sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3],ch->country[2],ch->country[1],ch->country[0], _localization);
490	}
491	}
492	delete result;
493	}
494	else //no account
495	{
496	pkt<< (uint8) REALM_AUTH_NO_MATCH;
497	}
498	}
499	} //valid version
500	else
501	///<li> else
502	{
503	///- Check if we have the apropriate patch on the disk
504	char tmp[64];
505	// No buffer overflow (fixed length of arguments)
506	sprintf(tmp,"./patches/%d%c%c%c%c.mpq",ch->build,ch->country[3],
507	ch->country[2],ch->country[1],ch->country[0]);
508	// This will be closed at the destruction of the AuthSocket (client deconnection)
509	FILE *pFile=fopen(tmp,"rb");
510	if(!pFile)
511	{
512	pkt << (uint8) AUTH_LOGON_CHALLENGE;
513	pkt << (uint8) 0x00;
514	pkt << (uint8) REALM_AUTH_WRONG_BUILD_NUMBER;
515	DEBUG_LOG("[AuthChallenge] %u is not a valid client version!", ch->build);
516	DEBUG_LOG("[AuthChallenge] Patch %s not found",tmp);
517	}else
518	{ //have patch
519	pPatch=pFile;
520	XFER_INIT xferh;
521
522	///- Get the MD5 hash of the patch file (get it from preloaded Patcher cache or calculate it)
523	if(PatchesCache.GetHash(tmp,(uint8*)&xferh.md5))
524	{
525	DEBUG_LOG("\n[AuthChallenge] Found precached patch info for patch %s",tmp);
526	}
527	else
528	{ //calculate patch md5
529	printf("\n[AuthChallenge] Patch info for %s was not cached.",tmp);
530	PatchesCache.LoadPatchMD5(tmp);
531	PatchesCache.GetHash(tmp,(uint8*)&xferh.md5);
532	}
533
534	///- Send a packet to the client with the file length and MD5 hash
535	uint8 data[2]={AUTH_LOGON_PROOF,REALM_AUTH_UPDATE_CLIENT};
536	SendBuf((const char*)data,sizeof(data));
537
538	memcpy(&xferh,"0\x05Patch",7);
539	xferh.cmd=XFER_INITIATE;
540	fseek(pPatch,0,SEEK_END);
541	xferh.file_size=ftell(pPatch);
542
543	SendBuf((const char*)&xferh,sizeof(xferh));
544	return true;
545	}
546	}
547	/// </ul>
548	SendBuf((char const*)pkt.contents(), pkt.size());
549	return true;
550	}
551
552	/// Logon Proof command handler
553	bool AuthSocket::_HandleLogonProof()
554	{
555	DEBUG_LOG("Entering _HandleLogonProof");
556	///- Read the packet
557	if (ibuf.GetLength() < sizeof(sAuthLogonProof_C))
558	return false;
559
560	sAuthLogonProof_C lp;
561	ibuf.Read((char *)&lp, sizeof(sAuthLogonProof_C));
562
563	///- Continue the SRP6 calculation based on data received from the client
564	BigNumber A;
565	A.SetBinary(lp.A, 32);
566
567	Sha1Hash sha;
568	sha.UpdateBigNumbers(&A, &B, NULL);
569	sha.Finalize();
570	BigNumber u;
571	u.SetBinary(sha.GetDigest(), 20);
572	BigNumber S = (A * (v.ModExp(u, N))).ModExp(b, N);
573
574	uint8 t[32];
575	uint8 t1[16];
576	uint8 vK[40];
577	memcpy(t, S.AsByteArray(), 32);
578	for (int i = 0; i < 16; i++)
579	{
580	t1[i] = t[i*2];
581	}
582	sha.Initialize();
583	sha.UpdateData(t1, 16);
584	sha.Finalize();
585	for (int i = 0; i < 20; i++)
586	{
587	vK[i*2] = sha.GetDigest()[i];
588	}
589	for (int i = 0; i < 16; i++)
590	{
591	t1[i] = t[i*2+1];
592	}
593	sha.Initialize();
594	sha.UpdateData(t1, 16);
595	sha.Finalize();
596	for (int i = 0; i < 20; i++)
597	{
598	vK[i*2+1] = sha.GetDigest()[i];
599	}
600	K.SetBinary(vK, 40);
601
602	uint8 hash[20];
603
604	sha.Initialize();
605	sha.UpdateBigNumbers(&N, NULL);
606	sha.Finalize();
607	memcpy(hash, sha.GetDigest(), 20);
608	sha.Initialize();
609	sha.UpdateBigNumbers(&g, NULL);
610	sha.Finalize();
611	for (int i = 0; i < 20; i++)
612	{
613	hash[i] ^= sha.GetDigest()[i];
614	}
615	BigNumber t3;
616	t3.SetBinary(hash, 20);
617
618	sha.Initialize();
619	sha.UpdateData(_login);
620	sha.Finalize();
621	uint8 t4[SHA_DIGEST_LENGTH];
622	memcpy(t4, sha.GetDigest(), SHA_DIGEST_LENGTH);
623
624	sha.Initialize();
625	sha.UpdateBigNumbers(&t3, NULL);
626	sha.UpdateData(t4, SHA_DIGEST_LENGTH);
627	sha.UpdateBigNumbers(&s, &A, &B, &K, NULL);
628	sha.Finalize();
629	BigNumber M;
630	M.SetBinary(sha.GetDigest(), 20);
631
632	///- Check if SRP6 results match (password is correct), else send an error
633	if (!memcmp(M.AsByteArray(), lp.M1, 20))
634	{
635	sLog.outBasic("User '%s' successfully authenticated", _login.c_str());
636
637	///- Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account
638	// No SQL injection (escaped user name) and IP address as received by socket
639	const char* K_hex = K.AsHexStr();
640	dbRealmServer.PExecute("UPDATE account SET sessionkey = '%s', last_ip = '%s', last_login = NOW(), locale = '%u', failed_logins = 0 WHERE username = '%s'", K_hex, GetRemoteAddress().c_str(), _localization, _safelogin.c_str() );
641	OPENSSL_free((void*)K_hex);
642
643	///- Finish SRP6 and send the final result to the client
644	sha.Initialize();
645	sha.UpdateBigNumbers(&A, &M, &K, NULL);
646	sha.Finalize();
647
648	sAuthLogonProof_S proof;
649	memcpy(proof.M2, sha.GetDigest(), 20);
650	proof.cmd = AUTH_LOGON_PROOF;
651	proof.error = 0;
652	proof.unk1 = 0x00800000;
653	proof.unk2 = 0x00;
654	proof.unk3 = 0x00;
655
656	SendBuf((char *)&proof, sizeof(proof));
657
658	///- Set _authed to true!
659	_authed = true;
660	}
661	else
662	{
663	char data[4]={AUTH_LOGON_PROOF,REALM_AUTH_NO_MATCH,3,0};
664	SendBuf(data,sizeof(data));
665	sLog.outBasic("[AuthChallenge] account %s tried to login with wrong password!",_login.c_str ());
666
667	uint32 MaxWrongPassCount = sConfig.GetIntDefault("WrongPass.MaxCount", 0);
668	if(MaxWrongPassCount > 0)
669	{
670	//Increment number of failed logins by one and if it reaches the limit temporarily ban that account or IP
671	dbRealmServer.PExecute("UPDATE account SET failed_logins = failed_logins + 1 WHERE username = '%s'",_safelogin.c_str());
672
673	if(QueryResult *loginfail = dbRealmServer.PQuery("SELECT id, failed_logins FROM account WHERE username = '%s'", _safelogin.c_str()))
674	{
675	Field* fields = loginfail->Fetch();
676	uint32 failed_logins = fields[1].GetUInt32();
677
678	if( failed_logins >= MaxWrongPassCount )
679	{
680	uint32 WrongPassBanTime = sConfig.GetIntDefault("WrongPass.BanTime", 600);
681	bool WrongPassBanType = sConfig.GetBoolDefault("WrongPass.BanType", false);
682
683	if(WrongPassBanType)
684	{
685	uint32 acc_id = fields[0].GetUInt32();
686	dbRealmServer.PExecute("INSERT INTO account_banned VALUES ('%u',UNIX_TIMESTAMP(),UNIX_TIMESTAMP()+'%u','MaNGOS realmd','Failed login autoban',1)",
687	acc_id, WrongPassBanTime);
688	sLog.outBasic("[AuthChallenge] account %s got banned for '%u' seconds because it failed to authenticate '%u' times",
689	_login.c_str(), WrongPassBanTime, failed_logins);
690	}
691	else
692	{
693	std::string current_ip = GetRemoteAddress();
694	dbRealmServer.escape_string(current_ip);
695	dbRealmServer.PExecute("INSERT INTO ip_banned VALUES ('%s',UNIX_TIMESTAMP(),UNIX_TIMESTAMP()+'%u','MaNGOS realmd','Failed login autoban')",
696	current_ip.c_str(), WrongPassBanTime);
697	sLog.outBasic("[AuthChallenge] IP %s got banned for '%u' seconds because account %s failed to authenticate '%u' times",
698	current_ip.c_str(), WrongPassBanTime, _login.c_str(), failed_logins);
699	}
700	}
701	delete loginfail;
702	}
703	}
704	}
705	return true;
706	}
707
708	/// %Realm List command handler
709	bool AuthSocket::_HandleRealmList()
710	{
711	DEBUG_LOG("Entering _HandleRealmList");
712	if (ibuf.GetLength() < 5)
713	return false;
714
715	ibuf.Remove(5);
716
717	///- Get the user id (else close the connection)
718	// No SQL injection (escaped user name)
719
720	QueryResult *result = dbRealmServer.PQuery("SELECT id,sha_pass_hash FROM account WHERE username = '%s'",_safelogin.c_str());
721	if(!result)
722	{
723	sLog.outError("[ERROR] user %s tried to login and we cannot find him in the database.",_login.c_str());
724	SetCloseAndDelete();
725	return false;
726	}
727
728	uint32 id = (*result)[0].GetUInt32();
729	std::string rI = (*result)[1].GetCppString();
730	delete result;
731
732	///- Update realm list if need
733	m_realmList.UpdateIfNeed();
734
735	///- Circle through realms in the RealmList and construct the return packet (including # of user characters in each realm)
736	ByteBuffer pkt;
737	pkt << (uint32) 0;
738	pkt << (uint16) m_realmList.size();
739	RealmList::RealmMap::const_iterator i;
740	for( i = m_realmList.begin(); i != m_realmList.end(); i++ )
741	{
742	uint8 AmountOfCharacters;
743
744	// No SQL injection. id of realm is controlled by the database.
745	result = dbRealmServer.PQuery( "SELECT numchars FROM realmcharacters WHERE realmid = '%d' AND acctid='%u'",i->second.m_ID,id);
746	if( result )
747	{
748	Field *fields = result->Fetch();
749	AmountOfCharacters = fields[0].GetUInt8();
750	delete result;
751	}
752	else
753	AmountOfCharacters = 0;
754
755	uint8 lock = (i->second.allowedSecurityLevel > _accountSecurityLevel) ? 1 : 0;
756
757	pkt << i->second.icon; // realm type
758	pkt << lock; // if 1, then realm locked
759	pkt << i->second.color; // if 2, then realm is offline
760	pkt << i->first;
761	pkt << i->second.address;
762	pkt << i->second.populationLevel;
763	pkt << AmountOfCharacters;
764	pkt << i->second.timezone; // realm category
765	pkt << (uint8) 0x2C; // unk, may be realm number/id?
766	}
767	pkt << (uint8) 0x10;
768	pkt << (uint8) 0x00;
769
770	ByteBuffer hdr;
771	hdr << (uint8) REALM_LIST;
772	hdr << (uint16)pkt.size();
773	hdr.append(pkt);
774
775	SendBuf((char const*)hdr.contents(), hdr.size());
776
777	// Set check field before possible relogin to realm
778	_SetVSFields(rI);
779	return true;
780	}
781
782	/// Resume patch transfer
783	bool AuthSocket::_HandleXferResume()
784	{
785	DEBUG_LOG("Entering _HandleXferResume");
786	///- Check packet length and patch existence
787	if (ibuf.GetLength()<9 \|\| !pPatch)
788	{
789	sLog.outError("Error while resuming patch transfer (wrong packet)");
790	return false;
791	}
792
793	///- Launch a PatcherRunnable thread starting at given patch file offset
794	uint64 start;
795	ibuf.Remove(1);
796	ibuf.Read((char*)&start,sizeof(start));
797	fseek(pPatch,start,0);
798
799	ZThread::Thread u(new PatcherRunnable(this));
800	return true;
801	}
802
803	/// Cancel patch transfer
804	bool AuthSocket::_HandleXferCancel()
805	{
806	DEBUG_LOG("Entering _HandleXferCancel");
807
808	///- Close and delete the socket
809	ibuf.Remove(1); //clear input buffer
810
811	//ZThread::Thread::sleep(15);
812	SetCloseAndDelete();
813
814	return true;
815	}
816
817	/// Accept patch transfer
818	bool AuthSocket::_HandleXferAccept()
819	{
820	DEBUG_LOG("Entering _HandleXferAccept");
821
822	///- Check packet length and patch existence
823	if (!pPatch)
824	{
825	sLog.outError("Error while accepting patch transfer (wrong packet)");
826	return false;
827	}
828
829	///- Launch a PatcherRunnable thread, starting at the begining of the patch file
830	ibuf.Remove(1); //clear input buffer
831	fseek(pPatch,0,0);
832
833	ZThread::Thread u(new PatcherRunnable(this));
834
835	return true;
836	}
837
838	/// Check if there is lag on the connection to the client
839	bool AuthSocket::IsLag()
840	{
841	return (TCP_BUFSIZE_READ-GetOutputLength()< 2*ChunkSize);
842	}
843
844	PatcherRunnable::PatcherRunnable(class AuthSocket * as)
845	{
846	mySocket=as;
847	}
848
849	/// Send content of patch file to the client
850	void PatcherRunnable::run()
851	{
852	XFER_DATA_STRUCT xfdata;
853	xfdata.opcode = XFER_DATA;
854
855	while(!feof(mySocket->pPatch) && mySocket->Ready())
856	{
857	///- Wait until output buffer is reasonably empty
858	while(mySocket->Ready() && mySocket->IsLag())
859	{
860	ZThread::Thread::sleep(1);
861	}
862	///- And send content of the patch file to the client
863	xfdata.data_size=fread(&xfdata.data,1,ChunkSize,mySocket->pPatch);
864	mySocket->SendBuf((const char*)&xfdata,xfdata.data_size +(sizeof(XFER_DATA_STRUCT)-ChunkSize));
865	}
866	}
867
868	/// Preload MD5 hashes of existing patch files on server
869	#ifndef _WIN32
870	#include <sys/dir.h>
871	#include <errno.h>
872	void Patcher::LoadPatchesInfo()
873	{
874	DIR * dirp;
875	//int errno;
876	struct dirent * dp;
877	dirp = opendir("./patches/");
878	if(!dirp)
879	return;
880	while (dirp)
881	{
882	errno = 0;
883	if ((dp = readdir(dirp)) != NULL)
884	{
885	int l=strlen(dp->d_name);
886	if(l<8)continue;
887	if(!memcmp(&dp->d_name[l-4],".mpq",4))
888	LoadPatchMD5(dp->d_name);
889	}
890	else
891	{
892	if(errno != 0)
893	{
894	closedir(dirp);
895	return;
896	}
897	break;
898	}
899	}
900
901	if(dirp)
902	closedir(dirp);
903	}
904
905	#else
906	void Patcher::LoadPatchesInfo()
907	{
908	WIN32_FIND_DATA fil;
909	HANDLE hFil=FindFirstFile("./patches/*.mpq",&fil);
910	if(hFil==INVALID_HANDLE_VALUE)
911	return; //no patches were found
912
913	LoadPatchMD5(fil.cFileName);
914
915	while(FindNextFile(hFil,&fil))
916	LoadPatchMD5(fil.cFileName);
917	}
918	#endif
919
920	/// Calculate and store MD5 hash for a given patch file
921	void Patcher::LoadPatchMD5(char * szFileName)
922	{
923	///- Try to open the patch file
924	std::string path = "./patches/";
925	path += szFileName;
926	FILE * pPatch=fopen(path.c_str(),"rb");
927	sLog.outDebug("Loading patch info from %s\n",path.c_str());
928	if(!pPatch)
929	{
930	sLog.outError("Error loading patch %s\n",path.c_str());
931	return;
932	}
933
934	///- Calculate the MD5 hash
935	MD5_CTX ctx;
936	MD5_Init(&ctx);
937	uint8* buf = new uint8[512*1024];
938
939	while (!feof(pPatch))
940	{
941	size_t read = fread(buf, 1, 512*1024, pPatch);
942	MD5_Update(&ctx, buf, read);
943	}
944	delete [] buf;
945	fclose(pPatch);
946
947	///- Store the result in the internal patch hash map
948	_patches[path] = new PATCH_INFO;
949	MD5_Final((uint8 *)&_patches[path]->md5 , &ctx);
950	}
951
952	/// Get cached MD5 hash for a given patch file
953	bool Patcher::GetHash(char * pat,uint8 mymd5[16])
954	{
955	for( Patches::iterator i = _patches.begin(); i != _patches.end(); i++ )
956	if(!stricmp(pat,i->first.c_str () ))
957	{
958	memcpy(mymd5,i->second->md5,16);
959	return true;
960	}
961
962	return false;
963	}
964
965	/// Launch the patch hashing mechanism on object creation
966	Patcher::Patcher()
967	{
968	LoadPatchesInfo();
969	}
970
971	/// Empty and delete the patch map on termination
972	Patcher::~Patcher()
973	{
974	for(Patches::iterator i = _patches.begin(); i != _patches.end(); i++ )
975	delete i->second;
976	}

Note: See TracBrowser for help on using the browser.

Context Navigation

root/trunk/src/trinityrealm/AuthSocket.cpp @ 35

Download in other formats: