diff options
author | ultramage <ultramage@54d463be-8e91-2dee-dedb-b68131a5f0ec> | 2008-01-08 14:30:28 +0000 |
---|---|---|
committer | ultramage <ultramage@54d463be-8e91-2dee-dedb-b68131a5f0ec> | 2008-01-08 14:30:28 +0000 |
commit | 7a7e1130253ea6b3b9624a91a75f002fa5ec9f53 (patch) | |
tree | 9529c16cd48ba053ce6f54af6d7bbe1a2256c4b3 /src/char_sql | |
parent | 5d658f9d7b68c96839baf7932dc8a3cb30adef5f (diff) | |
download | hercules-7a7e1130253ea6b3b9624a91a75f002fa5ec9f53.tar.gz hercules-7a7e1130253ea6b3b9624a91a75f002fa5ec9f53.tar.bz2 hercules-7a7e1130253ea6b3b9624a91a75f002fa5ec9f53.tar.xz hercules-7a7e1130253ea6b3b9624a91a75f002fa5ec9f53.zip |
Added missing session auth checks to charserver.
Packets from non-authed clients will now be discarded.
git-svn-id: https://rathena.svn.sourceforge.net/svnroot/rathena/trunk@12034 54d463be-8e91-2dee-dedb-b68131a5f0ec
Diffstat (limited to 'src/char_sql')
-rw-r--r-- | src/char_sql/char.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/src/char_sql/char.c b/src/char_sql/char.c index 233b87050..8dd8738b2 100644 --- a/src/char_sql/char.c +++ b/src/char_sql/char.c @@ -133,8 +133,9 @@ struct s_subnet { int subnet_count = 0; struct char_session_data { + bool auth; // whether the session is authed or not int account_id, login_id1, login_id2, sex; - int found_char[MAX_CHARS]; + int found_char[MAX_CHARS]; // ids of chars on this account char email[40]; // e-mail (default: a@a.com) by [Yor] time_t connect_until_time; // # of seconds 1/1/1970 (timestamp): Validity limit of the account (0 = unlimited) }; @@ -1488,8 +1489,6 @@ int mmo_char_send006b(int fd, struct char_session_data* sd) { int j; - set_char_online(-1, 99, sd->account_id); - if (save_log) ShowInfo("Loading Char Data ("CL_BOLD"%d"CL_RESET")\n",sd->account_id); @@ -1581,7 +1580,7 @@ static void char_auth_ok(int fd, struct char_session_data *sd) return; } - if (online_check && (character = idb_get(online_char_db, sd->account_id))) + if( online_check && (character = idb_get(online_char_db, sd->account_id)) != NULL ) { // check if character is not online already. [Skotlex] if (character->server > -1) { //Character already online. KICK KICK KICK @@ -1602,6 +1601,7 @@ static void char_auth_ok(int fd, struct char_session_data *sd) } character->fd = fd; } + if (login_fd > 0) { // request to login-server to obtain e-mail/time limit WFIFOHEAD(login_fd,6); @@ -1609,6 +1609,13 @@ static void char_auth_ok(int fd, struct char_session_data *sd) WFIFOL(login_fd,2) = sd->account_id; WFIFOSET(login_fd,6); } + + // mark session as 'authed' + sd->auth = true; + + // set char online on charserver + set_char_online(-1, 99, sd->account_id); + // send characters to player mmo_char_send006b(fd, sd); } @@ -2817,7 +2824,7 @@ int parse_char(int fd) while( RFIFOREST(fd) >= 2 ) { //For use in packets that depend on an sd being present [Skotlex] - #define FIFOSD_CHECK(rest) { if(RFIFOREST(fd) < rest) return 0; if (sd==NULL) { RFIFOSKIP(fd,rest); return 0; } } + #define FIFOSD_CHECK(rest) { if(RFIFOREST(fd) < rest) return 0; if (sd==NULL || !sd->auth) { RFIFOSKIP(fd,rest); return 0; } } cmd = RFIFOW(fd,0); switch( cmd ) @@ -2844,6 +2851,7 @@ int parse_char(int fd) sd->login_id1 = RFIFOL(fd,6); sd->login_id2 = RFIFOL(fd,10); sd->sex = RFIFOB(fd,16); + sd->auth = false; // not authed yet // send back account_id WFIFOHEAD(fd,4); @@ -3155,8 +3163,7 @@ int parse_char(int fd) // char rename request // R 028d <account ID>.l <char ID>.l <new name>.24B case 0x28d: - if (RFIFOREST(fd) < 34) - return 0; + FIFOSD_CHECK(34); //not implemented RFIFOSKIP(fd,34); break; |