* Tried and fixed md5 password encryption

- login_sql was doing stupid things like re-using one pre-generated key for all connections, and escaping binary md5 data (destroying it)
- added missing code to login_txt when creating new accounts, showing that storing passwords as md5 hashes never really worked for txt
- removed PASSWORDENC's conditional compilation effect, now just a flag
- greatly simplified md5 password checking code, credits to eapp
* login server will now bind only after finishing the init phase

git-svn-id: https://rathena.svn.sourceforge.net/svnroot/rathena/trunk@10384 54d463be-8e91-2dee-dedb-b68131a5f0ec

2 files changed, 130 insertions, 151 deletions

diff --git a/src/login_sql/login.c b/src/login_sql/login.c
index 74e32f740..e56d67056 100644
--- a/src/login_sql/login.c
+++ b/src/login_sql/login.c
@@ -1,19 +1,6 @@
 // Copyright (c) Athena Dev Teams - Licensed under GNU GPL
 // For more information, see LICENCE in the main folder
 
-#include <sys/types.h>
-
-#ifdef __WIN32
-	#define WIN32_LEAN_AND_MEAN
-	#include <windows.h>
-	#include <winsock2.h>
-#else
-	#include <sys/socket.h>
-	#include <netinet/in.h>
-	#include <arpa/inet.h>
-	#include <netdb.h>
-#endif
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/stat.h> // for stat/lstat/fstat
@@ -21,9 +8,6 @@
 #include <fcntl.h>
 #include <string.h>
 
-//add include for DBMS(mysql)
-#include <mysql.h>
-
 #include "../common/cbasetypes.h"
 #include "../common/core.h"
 #include "../common/socket.h"
@@ -37,6 +21,8 @@
 #include "../common/md5calc.h"
 #include "login.h"
 
+//add include for DBMS(mysql)
+#include <mysql.h>
 
 struct Login_Config {
 
@@ -115,6 +101,11 @@ char login_db_level[256] = "level";
 
 //-----------------------------------------------------
 
+struct login_session_data {
+	uint16 md5keylen;
+	char md5key[20];
+};
+
 #define AUTH_FIFO_SIZE 256
 struct {
 	int account_id, login_id1, login_id2;
@@ -133,8 +124,6 @@ struct online_login_data {
 
 //-----------------------------------------------------
 
-static char md5key[20], md5keylen = 16;
-
 struct dbt *online_db;
 
 static void* create_online_user(DBKey key, va_list args)
@@ -416,10 +405,10 @@ int mmo_auth_new(struct mmo_account* account, char sex)
 	mysql_real_escape_string(&mysql_handle, account->userid, account->userid, strlen(account->userid));
 	mysql_real_escape_string(&mysql_handle, account->passwd, account->passwd, strlen(account->passwd));
 
-	if (sex == 'f') sex = 'F';
-	else if (sex == 'm') sex = 'M';
+	sex = TOUPPER(sex);
+
 	if (login_config.use_md5_passwds)
-		MD5_String(account->passwd,user_password);
+		MD5_String(account->passwd, user_password);
 	else
 		jstrescapecpy(user_password, account->passwd);
 
@@ -484,8 +473,39 @@ int charif_sendallwos(int sfd, unsigned char *buf, unsigned int len)
 	return c;
 }
 
+
 //-----------------------------------------------------
-// Auth
+// encrypted/unencrypted password check
+//-----------------------------------------------------
+bool check_encrypted(const char* str1, const char* str2, const char* passwd)
+{
+	char md5str[64], md5bin[32];
+	snprintf(md5str, sizeof(md5str), "%s%s", str1, str2); md5str[sizeof(md5str)-1] = '\0';
+	MD5_String2binary(md5str, md5bin);
+
+	return (0==memcmp(passwd, md5bin, 16));
+}
+
+bool check_password(struct login_session_data* ld, int passwdenc, const char* passwd, const char* refpass)
+{	
+	if(passwdenc == 0)
+	{
+		return (0==strcmp(passwd, refpass));
+	}
+	else if (ld)
+	{
+		// password mode set to 1 -> (md5key, refpass) enable with <passwordencrypt></passwordencrypt>
+		// password mode set to 2 -> (refpass, md5key) enable with <passwordencrypt2></passwordencrypt2>
+		
+		return ((passwdenc&0x01) && check_encrypted(ld->md5key, refpass, passwd)) ||
+		       ((passwdenc&0x02) && check_encrypted(refpass, ld->md5key, passwd));
+	}
+	return false;
+}
+
+
+//-----------------------------------------------------
+// Check/authentication of a connection
 //-----------------------------------------------------
 int mmo_auth(struct mmo_account* account, int fd)
 {
@@ -495,8 +515,6 @@ int mmo_auth(struct mmo_account* account, int fd)
 	long connect_until;
 	int encpasswdok = 0, state;
 
-	char md5str[64], md5bin[32];
-
 	char ip[16];
 	uint32 ipl = session[fd]->client_addr;
 	uint8* sin_addr = (uint8*)&ipl;
@@ -594,49 +612,15 @@ int mmo_auth(struct mmo_account* account, int fd)
 	}
 
 	if (login_config.use_md5_passwds)
-		MD5_String(account->passwd,user_password);
+		MD5_String(account->passwd, user_password);
 	else
-		jstrescapecpy(user_password, account->passwd);
+		memcpy(user_password, account->passwd, NAME_LENGTH);
 
-#ifdef PASSWORDENC
-	if (account->passwdenc > 0) {
-		int j = account->passwdenc;
-
-		if (j > 2)
-			j = 1;
-		do {
-			if (j == 1) {
-				sprintf(md5str, "%s%s", md5key, password);
-			} else if (j == 2) {
-				sprintf(md5str, "%s%s", password, md5key);
-			} else
-				md5str[0] = 0;
-			MD5_String2binary(md5str, md5bin);
-			encpasswdok = (memcmp(user_password, md5bin, 16) == 0);
-		} while (j < 2 && !encpasswdok && (j++) != account->passwdenc);
-	}
-#endif
-	if ((strcmp(user_password, password) && !encpasswdok)) {
-		if (account->passwdenc == 0) {
-			ShowInfo("auth failed pass error %s %s" RETCODE, account->userid, user_password);
-#ifdef PASSWORDENC
-		} else {
-			char logbuf[1024], *p = logbuf;
-			int j;
-			p += sprintf(p, "auth failed pass error %s recv-md5[", account->userid);
-			for(j = 0; j < 16; j++)
-				p += sprintf(p, "%02x", ((unsigned char *)user_password)[j]);
-			p += sprintf(p, "] calc-md5[");
-			for(j = 0; j < 16; j++)
-				p += sprintf(p, "%02x", ((unsigned char *)md5bin)[j]);
-			p += sprintf(p, "] md5key[");
-			for(j = 0; j < md5keylen; j++)
-				p += sprintf(p, "%02x", ((unsigned char *)md5key)[j]);
-			p += sprintf(p, "]" RETCODE);
-			ShowInfo("%s\n", p);
-#endif
-		}
-		return 1;
+	if (!check_password(session[fd]->session_data, account->passwdenc, user_password, password))
+	{
+		ShowInfo("Invalid password (account: %s, pass: %s, received pass: %s, ip: %s)" RETCODE,
+		         account->userid, password, (account->passwdenc) ? "[MD5]" : account->passwd, ip);
+		return 1; // 1 = Incorrect Password
 	}
 
 	if (ban_until_time != 0) { // if account is banned
@@ -747,30 +731,32 @@ int parse_fromchar(int fd)
 	for(id = 0; id < MAX_SERVERS; id++)
 		if (server_fd[id] == fd)
 			break;
-
-	if (id == MAX_SERVERS)
+	if (id == MAX_SERVERS) { // not a char server
 		session[fd]->eof = 1;
+		do_close(fd);
+		return 0;
+	}
+
 	if(session[fd]->eof) {
-		if (id < MAX_SERVERS) {
-			ShowStatus("Char-server '%s' has disconnected.\n", server[id].name);
-			server_fd[id] = -1;
-			memset(&server[id], 0, sizeof(struct mmo_char_server));
-			online_db->foreach(online_db,online_db_setoffline,id); //Set all chars from this char server to offline.
-			// server delete
-			sprintf(tmpsql, "DELETE FROM `sstatus` WHERE `index`='%d'", id);
-			// query
-			if (mysql_query(&mysql_handle, tmpsql)) {
-				ShowSQL("DB error - %s\n",mysql_error(&mysql_handle));
-				ShowDebug("at %s:%d - %s\n", __FILE__,__LINE__,tmpsql);
-			}
+		ShowStatus("Char-server '%s' has disconnected.\n", server[id].name);
+		server_fd[id] = -1;
+		memset(&server[id], 0, sizeof(struct mmo_char_server));
+		online_db->foreach(online_db,online_db_setoffline,id); //Set all chars from this char server to offline.
+		sprintf(tmpsql, "DELETE FROM `sstatus` WHERE `index`='%d'", id);
+		if (mysql_query(&mysql_handle, tmpsql)) {
+			ShowSQL("DB error - %s\n",mysql_error(&mysql_handle));
+			ShowDebug("at %s:%d - %s\n", __FILE__,__LINE__,tmpsql);
 		}
 		do_close(fd);
 		return 0;
 	}
 
-	while (RFIFOREST(fd) >= 2) {
+	while (RFIFOREST(fd) >= 2)
+	{
+		uint16 command = RFIFOW(fd,0);
 
-		switch (RFIFOW(fd,0)) {
+		switch (command)
+		{
 
 		case 0x2709: // request from map-server via char-server to reload GM accounts
 			if (login_config.log_login)
@@ -795,11 +781,11 @@ int parse_fromchar(int fd)
 			WFIFOHEAD(fd,51);
 			account_id = RFIFOL(fd,2); // speed up
 			for(i = 0; i < AUTH_FIFO_SIZE; i++) {
-				if(auth_fifo[i].account_id == account_id &&
-					auth_fifo[i].login_id1 == RFIFOL(fd,6) &&
-					auth_fifo[i].login_id2 == RFIFOL(fd,10) && // relate to the versions higher than 18
-					auth_fifo[i].sex == RFIFOB(fd,14) &&
-					auth_fifo[i].ip == ntohl(RFIFOL(fd,15)) &&
+				if( auth_fifo[i].account_id == account_id &&
+					auth_fifo[i].login_id1  == RFIFOL(fd,6) &&
+					auth_fifo[i].login_id2  == RFIFOL(fd,10) && // relate to the versions higher than 18
+					auth_fifo[i].sex        == RFIFOB(fd,14) &&
+					auth_fifo[i].ip         == ntohl(RFIFOL(fd,15)) &&
 					!auth_fifo[i].delflag)
 				{
 					auth_fifo[i].delflag = 1;
@@ -1319,7 +1305,6 @@ int parse_login(int fd)
 {
 	char t_uid[100];
 	struct mmo_account account;
-
 	int result, i;
 	uint32 ipl = session[fd]->client_addr;
 	char ip[16];
@@ -1330,31 +1315,31 @@ int parse_login(int fd)
 	memset(&account, 0, sizeof(account));
 
 	if (session[fd]->eof) {
-		for(i = 0; i < MAX_SERVERS; i++)
-			if (server_fd[i] == fd)
-				server_fd[i] = -1;
 		do_close(fd);
 		return 0;
 	}
 
-	while(RFIFOREST(fd) >= 2) {
+	while (RFIFOREST(fd) >= 2)
+	{
+		uint16 command = RFIFOW(fd,0);
 
-		switch(RFIFOW(fd,0)) {
-		case 0x200:		// New alive packet: structure: 0x200 <account.userid>.24B. used to verify if client is always alive.
+		switch(command)
+		{
+		case 0x0200:		// New alive packet: structure: 0x200 <account.userid>.24B. used to verify if client is always alive.
 			if (RFIFOREST(fd) < 26)
 				return 0;
 			RFIFOSKIP(fd,26);
 			break;
 
-		case 0x204:		// New alive packet: structure: 0x204 <encrypted.account.userid>.16B. (new ragexe from 22 june 2004)
+		case 0x0204:		// New alive packet: structure: 0x204 <encrypted.account.userid>.16B. (new ragexe from 22 june 2004)
 			if (RFIFOREST(fd) < 18)
 				return 0;
 			RFIFOSKIP(fd,18);
 			break;
 
-		case 0x277:		// New login packet
-		case 0x64:		// request client login
-		case 0x01dd:	// request client login with encrypt
+		case 0x0064:		// request client login
+		case 0x0277:		// New login packet (layout is same as 0x64 but different length)
+		case 0x01dd:		// request client login (encryption mode)
 		{
 			int packet_len = RFIFOREST(fd);
 
@@ -1370,37 +1355,24 @@ int parse_login(int fd)
 				break;
 			}
 
-			switch(RFIFOW(fd,0)){
-				case 0x64:
-					if(packet_len < 55)
-						return 0;
-					break;
-				case 0x01dd:
-					if(packet_len < 47)
-						return 0;
-					break;
-				case 0x277:
-					if(packet_len < 84)
-						return 0;
-					break;
-			}
+			if ((command == 0x0064 && packet_len < 55) ||
+				(command == 0x0277 && packet_len < 84) ||
+				(command == 0x01dd && packet_len < 47))
+				return 0;
+
+			// S 0064 <version>.l <account name>.24B <password>.24B <version2>.B
+			// S 0277 ??
+			// S 01dd <version>.l <account name>.24B <md5 binary>.16B <version2>.B
 
-			account.version = RFIFOL(fd, 2);
+			account.version = RFIFOL(fd,2);
 			if (!account.version) account.version = 1; //Force some version...
-			memcpy(account.userid,RFIFOP(fd, 6),NAME_LENGTH);
-			account.userid[23] = '\0';
-			memcpy(account.passwd,RFIFOP(fd, 30),NAME_LENGTH);
-			account.passwd[23] = '\0';
-
-#ifdef PASSWORDENC
-			account.passwdenc = (RFIFOW(fd,0)!=0x01dd)?0:PASSWORDENC;
-#else
-			account.passwdenc = 0;
-#endif
-			result = mmo_auth(&account, fd);
+			memcpy(account.userid,RFIFOP(fd,6),NAME_LENGTH); account.userid[23] = '\0';
+			memcpy(account.passwd,RFIFOP(fd,30),NAME_LENGTH); account.passwd[23] = '\0';
+			account.passwdenc = (command != 0x01dd) ? 0 : PASSWORDENC;
+			jstrescapecpy(t_uid, account.userid);
 
-			jstrescapecpy(t_uid,account.userid);
-			if(result == -1) { // auth success
+			result = mmo_auth(&account, fd);
+			if (result == -1) { // auth success
 				if (login_config.min_level_to_connect > account.level) {
 					WFIFOHEAD(fd,3);
 					WFIFOW(fd,0) = 0x81;
@@ -1546,7 +1518,7 @@ int parse_login(int fd)
 				//cannot connect login failed
 				memset(WFIFOP(fd,0), '\0', 23);
 				WFIFOW(fd,0) = 0x6a;
-				WFIFOB(fd,2) = result;
+				WFIFOB(fd,2) = (uint8)result;
 				if (result == 6) { // 6 = Your are Prohibited to log in until %s
 					char tmpstr[20];
 					time_t ban_until_time = (sql_row) ? atol(sql_row[0]) : 0;
@@ -1561,21 +1533,32 @@ int parse_login(int fd)
 			break;
 		}
 
-		case 0x01db:	// request password key
+		case 0x01db:	// Sending request of the coding key
+		{
+			struct login_session_data* ld;
 			if (session[fd]->session_data) {
 				ShowWarning("login: abnormal request of MD5 key (already opened session).\n");
 				session[fd]->eof = 1;
 				return 0;
 			}
-		{
+
+			ld = (struct login_session_data*)aCalloc(1, sizeof(struct login_session_data));
+			session[fd]->session_data = ld;
+
+			// Creation of the coding key
+			memset(ld->md5key, '\0', sizeof(ld->md5key));
+			ld->md5keylen = (uint16)(12 + rand() % 4);
+			for(i = 0; i < ld->md5keylen; i++)
+				ld->md5key[i] = (char)(1 + rand() % 255);
+
 			RFIFOSKIP(fd,2);
-			WFIFOHEAD(fd,4 + md5keylen);
+			WFIFOHEAD(fd,4 + ld->md5keylen);
 			WFIFOW(fd,0) = 0x01dc;
-			WFIFOW(fd,2) = 4 + md5keylen;
-			memcpy(WFIFOP(fd,4), md5key, md5keylen);
+			WFIFOW(fd,2) = 4 + ld->md5keylen;
+			memcpy(WFIFOP(fd,4), ld->md5key, ld->md5keylen);
 			WFIFOSET(fd,WFIFOW(fd,2));
 		}
-			break;
+		break;
 
 		case 0x2710:	// Connection request of a char-server
 			if (RFIFOREST(fd) < 86)
@@ -1991,41 +1974,36 @@ void set_server_type(void)
 
 int do_init(int argc, char** argv)
 {
-	//initialize login server
+	// initialize login server
 	int i;
 
 	login_set_defaults();
-	//read login configue
+
+	// read login-server configuration
 	login_config_read((argc > 1) ? argv[1] : LOGIN_CONF_NAME);
 	sql_config_read(SQL_CONF_NAME);
 	login_lan_config_read((argc > 2) ? argv[2] : LAN_CONF_NAME);
-	//Generate Passworded Key.
-	memset(md5key, 0, sizeof(md5key));
-	md5keylen=rand()%4+12;
-	for(i=0;i<md5keylen;i++)
-		md5key[i]=rand()%255+1;
+
+	srand((unsigned int)time(NULL));
 
 	for(i=0;i<AUTH_FIFO_SIZE;i++)
 		auth_fifo[i].delflag=1;
 
 	for(i=0;i<MAX_SERVERS;i++)
 		server_fd[i]=-1;
-	//server port open & binding
 
 	// Online user database init
 	online_db = db_alloc(__FILE__,__LINE__,DB_INT,DB_OPT_RELEASE_DATA,sizeof(int));
 	add_timer_func_list(waiting_disconnect_timer, "waiting_disconnect_timer");
 
-	login_fd = make_listen_bind(login_config.login_ip, login_config.login_port);
-
-	//Auth start
+	// Auth init
 	mmo_auth_sqldb_init();
 
-	//Read account information.
+	// Read account information.
 	if(login_config.login_gm_read)
 		read_gm_account();
 
-	//set default parser as parse_login function
+	// set default parser as parse_login function
 	set_defaultparse(parse_login);
 
 	// ban deleter timer
@@ -2048,6 +2026,9 @@ int do_init(int argc, char** argv)
 
 	new_reg_tick = gettick();
 
+	// server port open & binding
+	login_fd = make_listen_bind(login_config.login_ip, login_config.login_port);
+
 	ShowStatus("The login-server is "CL_GREEN"ready"CL_RESET" (Server is listening on the port %u).\n\n", login_config.login_port);
 
 	return 0;
diff --git a/src/login_sql/login.h b/src/login_sql/login.h
index 7afe4b358..abd28daef 100644
--- a/src/login_sql/login.h
+++ b/src/login_sql/login.h
@@ -10,17 +10,15 @@
 #define SQL_CONF_NAME "conf/inter_athena.conf"
 #define LAN_CONF_NAME "conf/subnet_athena.conf"
 
+// supported encryption types: 1- passwordencrypt, 2- passwordencrypt2, 3- both
+#define PASSWORDENC 3
+
 #ifndef SQL_DEBUG
 	#define mysql_query(_x, _y) mysql_query(_x, _y)
 #else 
-	#define mysql_query(_x, _y)  debug_mysql_query(__FILE__, __LINE__, _x, _y)
+	#define mysql_query(_x, _y) debug_mysql_query(__FILE__, __LINE__, _x, _y)
 #endif
 
-#define PASSWORDENC		3	// A definition is given when making an encryption password correspond.
-							// It is 1 at the time of passwordencrypt.
-							// It is made into 2 at the time of passwordencrypt2.
-							// When it is made 3, it corresponds to both.
-
 struct mmo_account {
 	int version;
 	char userid[NAME_LENGTH];