summaryrefslogblamecommitdiff
path: root/src/login/ipban_sql.c
blob: 911ae23db2666bc1f921a2643d5ce3acde4a80c3 (plain) (tree)















































































































































































































                                                                                                                                                                                            
// Copyright (c) Athena Dev Teams - Licensed under GNU GPL
// For more information, see LICENCE in the main folder

#include "../common/cbasetypes.h"
#include "../common/db.h"
#include "../common/malloc.h"
#include "../common/sql.h"
#include "../common/socket.h"
#include "../common/strlib.h"
#include "../common/timer.h"
#include "login.h"
#include "ipban.h"
#include <stdlib.h>
#include <string.h>

// database options
static char   ipban_db_hostname[32] = "127.0.0.1";
static uint16 ipban_db_port = 3306;
static char   ipban_db_username[32] = "ragnarok";
static char   ipban_db_password[32] = "ragnarok";
static char   ipban_db_database[32] = "ragnarok";
static char   ipban_table[32] = "ipbanlist";

static char   log_db_hostname[32] = "127.0.0.1";
static uint16 log_db_port = 3306;
static char   log_db_username[32] = "ragnarok";
static char   log_db_password[32] = "ragnarok";
static char   log_db_database[32] = "ragnarok";
static char   loginlog_table[32] = "loginlog";

static char default_codepage[32] = "";

// globals
static Sql* sql_handle;
static Sql* logsql_handle;
static int cleanup_timer_id = INVALID_TIMER;

int ipban_cleanup(int tid, unsigned int tick, int id, intptr data);


// initialize
void ipban_init(void)
{
	// establish connections
	sql_handle = Sql_Malloc();
	if( SQL_ERROR == Sql_Connect(sql_handle, ipban_db_username, ipban_db_password, ipban_db_hostname, ipban_db_port, ipban_db_database) )
	{
		Sql_ShowDebug(sql_handle);
		Sql_Free(sql_handle);
		exit(EXIT_FAILURE);
	}
	if( default_codepage[0] != '\0' && SQL_ERROR == Sql_SetEncoding(sql_handle, default_codepage) )
		Sql_ShowDebug(sql_handle);

	logsql_handle = Sql_Malloc();
	if( SQL_ERROR == Sql_Connect(logsql_handle, log_db_username, log_db_password, log_db_hostname, log_db_port, log_db_database) )
	{
		Sql_ShowDebug(logsql_handle);
		Sql_Free(logsql_handle);
		exit(EXIT_FAILURE);
	}
	if( default_codepage[0] != '\0' && SQL_ERROR == Sql_SetEncoding(logsql_handle, default_codepage) )
		Sql_ShowDebug(logsql_handle);

	// set up periodic cleanup of connection history and active bans
	add_timer_func_list(ipban_cleanup, "ipban_cleanup");
	cleanup_timer_id = add_timer_interval(gettick()+10, ipban_cleanup, 0, 0, 60*1000);
}

// finalize
void ipban_final(void)
{
	// release data
	delete_timer(cleanup_timer_id, ipban_cleanup);

	// close connections
	Sql_Free(sql_handle);
	sql_handle = NULL;
	Sql_Free(logsql_handle);
	logsql_handle = NULL;
}

// load configuration options
bool ipban_config_read(const char* key, const char* value)
{
	// login server settings
	if( strcmpi(key, "ipban.enable") == 0 )
		login_config.ipban = (bool)config_switch(value);
	else
	if( strcmpi(key, "ipban.dynamic_pass_failure_ban") == 0 )
		login_config.dynamic_pass_failure_ban = (bool)config_switch(value);
	else
	if( strcmpi(key, "ipban.dynamic_pass_failure_ban_interval") == 0 )
		login_config.dynamic_pass_failure_ban_interval = atoi(value);
	else
	if( strcmpi(key, "ipban.dynamic_pass_failure_ban_limit") == 0 )
		login_config.dynamic_pass_failure_ban_limit = atoi(value);
	else
	if( strcmpi(key, "ipban.dynamic_pass_failure_ban_duration") == 0 )
		login_config.dynamic_pass_failure_ban_duration = atoi(value);
	else

	// ipban table settings
	if( strcmpi(key, "ipban.sql.db_hostname") == 0 )
		safestrncpy(ipban_db_hostname, value, sizeof(ipban_db_hostname));
	else
	if( strcmpi(key, "ipban.sql.db_port") == 0 )
		ipban_db_port = (uint16)strtoul(value, NULL, 10);
	else
	if( strcmpi(key, "ipban.sql.db_username") == 0 )
		safestrncpy(ipban_db_username, value, sizeof(ipban_db_username));
	else
	if( strcmpi(key, "ipban.sql.db_password") == 0 )
		safestrncpy(ipban_db_password, value, sizeof(ipban_db_password));
	else
	if( strcmpi(key, "ipban.sql.db_database") == 0 )
		safestrncpy(ipban_db_database, value, sizeof(ipban_db_database));
	else
	if( strcmpi(key, "ipban.sql.ipban_table") == 0 )
		safestrncpy(ipban_table, value, sizeof(ipban_table));
	else

	// interserver settings
	if( strcmpi(key, "log_db_ip") == 0 )
		safestrncpy(log_db_hostname, value, sizeof(log_db_hostname));
	else
	if( strcmpi(key, "log_db_port") == 0 )
		log_db_port = (uint16)strtoul(value, NULL, 10);
	else
	if( strcmpi(key, "log_db_id") == 0 )
		safestrncpy(log_db_username, value, sizeof(log_db_username));
	else
	if( strcmpi(key, "log_db_pw") == 0 )
		safestrncpy(log_db_password, value, sizeof(log_db_password));
	else
	if( strcmpi(key, "log_db") == 0 )
		safestrncpy(log_db_database, value, sizeof(log_db_database));
	else
	if( strcmpi(key, "loginlog_db") == 0 )
		safestrncpy(loginlog_table, value, sizeof(loginlog_table));
	else
	if( strcmpi(key, "default_codepage") == 0 )
		safestrncpy(default_codepage, value, sizeof(default_codepage));
	else
		return false;

	return true;
}

// check ip against active bans list
bool ipban_check(uint32 ip)
{
	uint8* p = (uint8*)&ip;
	char* data = NULL;
	int matches;

	if( SQL_ERROR == Sql_Query(sql_handle, "SELECT count(*) FROM `%s` WHERE `list` = '%u.*.*.*' OR `list` = '%u.%u.*.*' OR `list` = '%u.%u.%u.*' OR `list` = '%u.%u.%u.%u'",
		ipban_table, p[3], p[3], p[2], p[3], p[2], p[1], p[3], p[2], p[1], p[0]) )
	{
		Sql_ShowDebug(sql_handle);
		// close connection because we can't verify their connectivity.
		return true;
	}

	if( SQL_ERROR == Sql_NextRow(sql_handle) )
		return true;// Shouldn't happen, but just in case...

	Sql_GetData(sql_handle, 0, &data, NULL);
	matches = atoi(data);
	Sql_FreeResult(sql_handle);

	return( matches > 0 );
}

// log failed attempt
void ipban_log(uint32 ip)
{
	unsigned long failures = 0;
	if( SQL_ERROR == Sql_Query(logsql_handle, "SELECT count(*) FROM `%s` WHERE `ip` = '%s' AND `rcode` = '1' AND `time` > NOW() - INTERVAL %d MINUTE",
		loginlog_table, ip2str(ip,NULL), login_config.dynamic_pass_failure_ban_interval) )// how many times failed account? in one ip.
		Sql_ShowDebug(sql_handle);

	//check query result
	if( SQL_SUCCESS == Sql_NextRow(logsql_handle) )
	{
		char* data;
		Sql_GetData(logsql_handle, 0, &data, NULL);
		failures = strtoul(data, NULL, 10);
		Sql_FreeResult(logsql_handle);
	}

	// if over the limit, add a temporary ban entry
	if( failures >= login_config.dynamic_pass_failure_ban_limit )
	{
		uint8* p = (uint8*)&ip;
		if( SQL_ERROR == Sql_Query(sql_handle, "INSERT INTO `%s`(`list`,`btime`,`rtime`,`reason`) VALUES ('%u.%u.%u.*', NOW() , NOW() +  INTERVAL %d MINUTE ,'Password error ban')",
			ipban_table, p[3], p[2], p[1], login_config.dynamic_pass_failure_ban_duration) )
			Sql_ShowDebug(sql_handle);
	}
}

// remove expired bans
int ipban_cleanup(int tid, unsigned int tick, int id, intptr data)
{
	if( SQL_ERROR == Sql_Query(sql_handle, "DELETE FROM `ipbanlist` WHERE `rtime` <= NOW()") )
		Sql_ShowDebug(sql_handle);

	return 0;
}