summaryrefslogtreecommitdiff
path: root/src/login_sql
diff options
context:
space:
mode:
Diffstat (limited to 'src/login_sql')
-rw-r--r--src/login_sql/login.c271
-rw-r--r--src/login_sql/login.h10
2 files changed, 130 insertions, 151 deletions
diff --git a/src/login_sql/login.c b/src/login_sql/login.c
index 74e32f740..e56d67056 100644
--- a/src/login_sql/login.c
+++ b/src/login_sql/login.c
@@ -1,19 +1,6 @@
// Copyright (c) Athena Dev Teams - Licensed under GNU GPL
// For more information, see LICENCE in the main folder
-#include <sys/types.h>
-
-#ifdef __WIN32
- #define WIN32_LEAN_AND_MEAN
- #include <windows.h>
- #include <winsock2.h>
-#else
- #include <sys/socket.h>
- #include <netinet/in.h>
- #include <arpa/inet.h>
- #include <netdb.h>
-#endif
-
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h> // for stat/lstat/fstat
@@ -21,9 +8,6 @@
#include <fcntl.h>
#include <string.h>
-//add include for DBMS(mysql)
-#include <mysql.h>
-
#include "../common/cbasetypes.h"
#include "../common/core.h"
#include "../common/socket.h"
@@ -37,6 +21,8 @@
#include "../common/md5calc.h"
#include "login.h"
+//add include for DBMS(mysql)
+#include <mysql.h>
struct Login_Config {
@@ -115,6 +101,11 @@ char login_db_level[256] = "level";
//-----------------------------------------------------
+struct login_session_data {
+ uint16 md5keylen;
+ char md5key[20];
+};
+
#define AUTH_FIFO_SIZE 256
struct {
int account_id, login_id1, login_id2;
@@ -133,8 +124,6 @@ struct online_login_data {
//-----------------------------------------------------
-static char md5key[20], md5keylen = 16;
-
struct dbt *online_db;
static void* create_online_user(DBKey key, va_list args)
@@ -416,10 +405,10 @@ int mmo_auth_new(struct mmo_account* account, char sex)
mysql_real_escape_string(&mysql_handle, account->userid, account->userid, strlen(account->userid));
mysql_real_escape_string(&mysql_handle, account->passwd, account->passwd, strlen(account->passwd));
- if (sex == 'f') sex = 'F';
- else if (sex == 'm') sex = 'M';
+ sex = TOUPPER(sex);
+
if (login_config.use_md5_passwds)
- MD5_String(account->passwd,user_password);
+ MD5_String(account->passwd, user_password);
else
jstrescapecpy(user_password, account->passwd);
@@ -484,8 +473,39 @@ int charif_sendallwos(int sfd, unsigned char *buf, unsigned int len)
return c;
}
+
//-----------------------------------------------------
-// Auth
+// encrypted/unencrypted password check
+//-----------------------------------------------------
+bool check_encrypted(const char* str1, const char* str2, const char* passwd)
+{
+ char md5str[64], md5bin[32];
+ snprintf(md5str, sizeof(md5str), "%s%s", str1, str2); md5str[sizeof(md5str)-1] = '\0';
+ MD5_String2binary(md5str, md5bin);
+
+ return (0==memcmp(passwd, md5bin, 16));
+}
+
+bool check_password(struct login_session_data* ld, int passwdenc, const char* passwd, const char* refpass)
+{
+ if(passwdenc == 0)
+ {
+ return (0==strcmp(passwd, refpass));
+ }
+ else if (ld)
+ {
+ // password mode set to 1 -> (md5key, refpass) enable with <passwordencrypt></passwordencrypt>
+ // password mode set to 2 -> (refpass, md5key) enable with <passwordencrypt2></passwordencrypt2>
+
+ return ((passwdenc&0x01) && check_encrypted(ld->md5key, refpass, passwd)) ||
+ ((passwdenc&0x02) && check_encrypted(refpass, ld->md5key, passwd));
+ }
+ return false;
+}
+
+
+//-----------------------------------------------------
+// Check/authentication of a connection
//-----------------------------------------------------
int mmo_auth(struct mmo_account* account, int fd)
{
@@ -495,8 +515,6 @@ int mmo_auth(struct mmo_account* account, int fd)
long connect_until;
int encpasswdok = 0, state;
- char md5str[64], md5bin[32];
-
char ip[16];
uint32 ipl = session[fd]->client_addr;
uint8* sin_addr = (uint8*)&ipl;
@@ -594,49 +612,15 @@ int mmo_auth(struct mmo_account* account, int fd)
}
if (login_config.use_md5_passwds)
- MD5_String(account->passwd,user_password);
+ MD5_String(account->passwd, user_password);
else
- jstrescapecpy(user_password, account->passwd);
+ memcpy(user_password, account->passwd, NAME_LENGTH);
-#ifdef PASSWORDENC
- if (account->passwdenc > 0) {
- int j = account->passwdenc;
-
- if (j > 2)
- j = 1;
- do {
- if (j == 1) {
- sprintf(md5str, "%s%s", md5key, password);
- } else if (j == 2) {
- sprintf(md5str, "%s%s", password, md5key);
- } else
- md5str[0] = 0;
- MD5_String2binary(md5str, md5bin);
- encpasswdok = (memcmp(user_password, md5bin, 16) == 0);
- } while (j < 2 && !encpasswdok && (j++) != account->passwdenc);
- }
-#endif
- if ((strcmp(user_password, password) && !encpasswdok)) {
- if (account->passwdenc == 0) {
- ShowInfo("auth failed pass error %s %s" RETCODE, account->userid, user_password);
-#ifdef PASSWORDENC
- } else {
- char logbuf[1024], *p = logbuf;
- int j;
- p += sprintf(p, "auth failed pass error %s recv-md5[", account->userid);
- for(j = 0; j < 16; j++)
- p += sprintf(p, "%02x", ((unsigned char *)user_password)[j]);
- p += sprintf(p, "] calc-md5[");
- for(j = 0; j < 16; j++)
- p += sprintf(p, "%02x", ((unsigned char *)md5bin)[j]);
- p += sprintf(p, "] md5key[");
- for(j = 0; j < md5keylen; j++)
- p += sprintf(p, "%02x", ((unsigned char *)md5key)[j]);
- p += sprintf(p, "]" RETCODE);
- ShowInfo("%s\n", p);
-#endif
- }
- return 1;
+ if (!check_password(session[fd]->session_data, account->passwdenc, user_password, password))
+ {
+ ShowInfo("Invalid password (account: %s, pass: %s, received pass: %s, ip: %s)" RETCODE,
+ account->userid, password, (account->passwdenc) ? "[MD5]" : account->passwd, ip);
+ return 1; // 1 = Incorrect Password
}
if (ban_until_time != 0) { // if account is banned
@@ -747,30 +731,32 @@ int parse_fromchar(int fd)
for(id = 0; id < MAX_SERVERS; id++)
if (server_fd[id] == fd)
break;
-
- if (id == MAX_SERVERS)
+ if (id == MAX_SERVERS) { // not a char server
session[fd]->eof = 1;
+ do_close(fd);
+ return 0;
+ }
+
if(session[fd]->eof) {
- if (id < MAX_SERVERS) {
- ShowStatus("Char-server '%s' has disconnected.\n", server[id].name);
- server_fd[id] = -1;
- memset(&server[id], 0, sizeof(struct mmo_char_server));
- online_db->foreach(online_db,online_db_setoffline,id); //Set all chars from this char server to offline.
- // server delete
- sprintf(tmpsql, "DELETE FROM `sstatus` WHERE `index`='%d'", id);
- // query
- if (mysql_query(&mysql_handle, tmpsql)) {
- ShowSQL("DB error - %s\n",mysql_error(&mysql_handle));
- ShowDebug("at %s:%d - %s\n", __FILE__,__LINE__,tmpsql);
- }
+ ShowStatus("Char-server '%s' has disconnected.\n", server[id].name);
+ server_fd[id] = -1;
+ memset(&server[id], 0, sizeof(struct mmo_char_server));
+ online_db->foreach(online_db,online_db_setoffline,id); //Set all chars from this char server to offline.
+ sprintf(tmpsql, "DELETE FROM `sstatus` WHERE `index`='%d'", id);
+ if (mysql_query(&mysql_handle, tmpsql)) {
+ ShowSQL("DB error - %s\n",mysql_error(&mysql_handle));
+ ShowDebug("at %s:%d - %s\n", __FILE__,__LINE__,tmpsql);
}
do_close(fd);
return 0;
}
- while (RFIFOREST(fd) >= 2) {
+ while (RFIFOREST(fd) >= 2)
+ {
+ uint16 command = RFIFOW(fd,0);
- switch (RFIFOW(fd,0)) {
+ switch (command)
+ {
case 0x2709: // request from map-server via char-server to reload GM accounts
if (login_config.log_login)
@@ -795,11 +781,11 @@ int parse_fromchar(int fd)
WFIFOHEAD(fd,51);
account_id = RFIFOL(fd,2); // speed up
for(i = 0; i < AUTH_FIFO_SIZE; i++) {
- if(auth_fifo[i].account_id == account_id &&
- auth_fifo[i].login_id1 == RFIFOL(fd,6) &&
- auth_fifo[i].login_id2 == RFIFOL(fd,10) && // relate to the versions higher than 18
- auth_fifo[i].sex == RFIFOB(fd,14) &&
- auth_fifo[i].ip == ntohl(RFIFOL(fd,15)) &&
+ if( auth_fifo[i].account_id == account_id &&
+ auth_fifo[i].login_id1 == RFIFOL(fd,6) &&
+ auth_fifo[i].login_id2 == RFIFOL(fd,10) && // relate to the versions higher than 18
+ auth_fifo[i].sex == RFIFOB(fd,14) &&
+ auth_fifo[i].ip == ntohl(RFIFOL(fd,15)) &&
!auth_fifo[i].delflag)
{
auth_fifo[i].delflag = 1;
@@ -1319,7 +1305,6 @@ int parse_login(int fd)
{
char t_uid[100];
struct mmo_account account;
-
int result, i;
uint32 ipl = session[fd]->client_addr;
char ip[16];
@@ -1330,31 +1315,31 @@ int parse_login(int fd)
memset(&account, 0, sizeof(account));
if (session[fd]->eof) {
- for(i = 0; i < MAX_SERVERS; i++)
- if (server_fd[i] == fd)
- server_fd[i] = -1;
do_close(fd);
return 0;
}
- while(RFIFOREST(fd) >= 2) {
+ while (RFIFOREST(fd) >= 2)
+ {
+ uint16 command = RFIFOW(fd,0);
- switch(RFIFOW(fd,0)) {
- case 0x200: // New alive packet: structure: 0x200 <account.userid>.24B. used to verify if client is always alive.
+ switch(command)
+ {
+ case 0x0200: // New alive packet: structure: 0x200 <account.userid>.24B. used to verify if client is always alive.
if (RFIFOREST(fd) < 26)
return 0;
RFIFOSKIP(fd,26);
break;
- case 0x204: // New alive packet: structure: 0x204 <encrypted.account.userid>.16B. (new ragexe from 22 june 2004)
+ case 0x0204: // New alive packet: structure: 0x204 <encrypted.account.userid>.16B. (new ragexe from 22 june 2004)
if (RFIFOREST(fd) < 18)
return 0;
RFIFOSKIP(fd,18);
break;
- case 0x277: // New login packet
- case 0x64: // request client login
- case 0x01dd: // request client login with encrypt
+ case 0x0064: // request client login
+ case 0x0277: // New login packet (layout is same as 0x64 but different length)
+ case 0x01dd: // request client login (encryption mode)
{
int packet_len = RFIFOREST(fd);
@@ -1370,37 +1355,24 @@ int parse_login(int fd)
break;
}
- switch(RFIFOW(fd,0)){
- case 0x64:
- if(packet_len < 55)
- return 0;
- break;
- case 0x01dd:
- if(packet_len < 47)
- return 0;
- break;
- case 0x277:
- if(packet_len < 84)
- return 0;
- break;
- }
+ if ((command == 0x0064 && packet_len < 55) ||
+ (command == 0x0277 && packet_len < 84) ||
+ (command == 0x01dd && packet_len < 47))
+ return 0;
+
+ // S 0064 <version>.l <account name>.24B <password>.24B <version2>.B
+ // S 0277 ??
+ // S 01dd <version>.l <account name>.24B <md5 binary>.16B <version2>.B
- account.version = RFIFOL(fd, 2);
+ account.version = RFIFOL(fd,2);
if (!account.version) account.version = 1; //Force some version...
- memcpy(account.userid,RFIFOP(fd, 6),NAME_LENGTH);
- account.userid[23] = '\0';
- memcpy(account.passwd,RFIFOP(fd, 30),NAME_LENGTH);
- account.passwd[23] = '\0';
-
-#ifdef PASSWORDENC
- account.passwdenc = (RFIFOW(fd,0)!=0x01dd)?0:PASSWORDENC;
-#else
- account.passwdenc = 0;
-#endif
- result = mmo_auth(&account, fd);
+ memcpy(account.userid,RFIFOP(fd,6),NAME_LENGTH); account.userid[23] = '\0';
+ memcpy(account.passwd,RFIFOP(fd,30),NAME_LENGTH); account.passwd[23] = '\0';
+ account.passwdenc = (command != 0x01dd) ? 0 : PASSWORDENC;
+ jstrescapecpy(t_uid, account.userid);
- jstrescapecpy(t_uid,account.userid);
- if(result == -1) { // auth success
+ result = mmo_auth(&account, fd);
+ if (result == -1) { // auth success
if (login_config.min_level_to_connect > account.level) {
WFIFOHEAD(fd,3);
WFIFOW(fd,0) = 0x81;
@@ -1546,7 +1518,7 @@ int parse_login(int fd)
//cannot connect login failed
memset(WFIFOP(fd,0), '\0', 23);
WFIFOW(fd,0) = 0x6a;
- WFIFOB(fd,2) = result;
+ WFIFOB(fd,2) = (uint8)result;
if (result == 6) { // 6 = Your are Prohibited to log in until %s
char tmpstr[20];
time_t ban_until_time = (sql_row) ? atol(sql_row[0]) : 0;
@@ -1561,21 +1533,32 @@ int parse_login(int fd)
break;
}
- case 0x01db: // request password key
+ case 0x01db: // Sending request of the coding key
+ {
+ struct login_session_data* ld;
if (session[fd]->session_data) {
ShowWarning("login: abnormal request of MD5 key (already opened session).\n");
session[fd]->eof = 1;
return 0;
}
- {
+
+ ld = (struct login_session_data*)aCalloc(1, sizeof(struct login_session_data));
+ session[fd]->session_data = ld;
+
+ // Creation of the coding key
+ memset(ld->md5key, '\0', sizeof(ld->md5key));
+ ld->md5keylen = (uint16)(12 + rand() % 4);
+ for(i = 0; i < ld->md5keylen; i++)
+ ld->md5key[i] = (char)(1 + rand() % 255);
+
RFIFOSKIP(fd,2);
- WFIFOHEAD(fd,4 + md5keylen);
+ WFIFOHEAD(fd,4 + ld->md5keylen);
WFIFOW(fd,0) = 0x01dc;
- WFIFOW(fd,2) = 4 + md5keylen;
- memcpy(WFIFOP(fd,4), md5key, md5keylen);
+ WFIFOW(fd,2) = 4 + ld->md5keylen;
+ memcpy(WFIFOP(fd,4), ld->md5key, ld->md5keylen);
WFIFOSET(fd,WFIFOW(fd,2));
}
- break;
+ break;
case 0x2710: // Connection request of a char-server
if (RFIFOREST(fd) < 86)
@@ -1991,41 +1974,36 @@ void set_server_type(void)
int do_init(int argc, char** argv)
{
- //initialize login server
+ // initialize login server
int i;
login_set_defaults();
- //read login configue
+
+ // read login-server configuration
login_config_read((argc > 1) ? argv[1] : LOGIN_CONF_NAME);
sql_config_read(SQL_CONF_NAME);
login_lan_config_read((argc > 2) ? argv[2] : LAN_CONF_NAME);
- //Generate Passworded Key.
- memset(md5key, 0, sizeof(md5key));
- md5keylen=rand()%4+12;
- for(i=0;i<md5keylen;i++)
- md5key[i]=rand()%255+1;
+
+ srand((unsigned int)time(NULL));
for(i=0;i<AUTH_FIFO_SIZE;i++)
auth_fifo[i].delflag=1;
for(i=0;i<MAX_SERVERS;i++)
server_fd[i]=-1;
- //server port open & binding
// Online user database init
online_db = db_alloc(__FILE__,__LINE__,DB_INT,DB_OPT_RELEASE_DATA,sizeof(int));
add_timer_func_list(waiting_disconnect_timer, "waiting_disconnect_timer");
- login_fd = make_listen_bind(login_config.login_ip, login_config.login_port);
-
- //Auth start
+ // Auth init
mmo_auth_sqldb_init();
- //Read account information.
+ // Read account information.
if(login_config.login_gm_read)
read_gm_account();
- //set default parser as parse_login function
+ // set default parser as parse_login function
set_defaultparse(parse_login);
// ban deleter timer
@@ -2048,6 +2026,9 @@ int do_init(int argc, char** argv)
new_reg_tick = gettick();
+ // server port open & binding
+ login_fd = make_listen_bind(login_config.login_ip, login_config.login_port);
+
ShowStatus("The login-server is "CL_GREEN"ready"CL_RESET" (Server is listening on the port %u).\n\n", login_config.login_port);
return 0;
diff --git a/src/login_sql/login.h b/src/login_sql/login.h
index 7afe4b358..abd28daef 100644
--- a/src/login_sql/login.h
+++ b/src/login_sql/login.h
@@ -10,17 +10,15 @@
#define SQL_CONF_NAME "conf/inter_athena.conf"
#define LAN_CONF_NAME "conf/subnet_athena.conf"
+// supported encryption types: 1- passwordencrypt, 2- passwordencrypt2, 3- both
+#define PASSWORDENC 3
+
#ifndef SQL_DEBUG
#define mysql_query(_x, _y) mysql_query(_x, _y)
#else
- #define mysql_query(_x, _y) debug_mysql_query(__FILE__, __LINE__, _x, _y)
+ #define mysql_query(_x, _y) debug_mysql_query(__FILE__, __LINE__, _x, _y)
#endif
-#define PASSWORDENC 3 // A definition is given when making an encryption password correspond.
- // It is 1 at the time of passwordencrypt.
- // It is made into 2 at the time of passwordencrypt2.
- // When it is made 3, it corresponds to both.
-
struct mmo_account {
int version;
char userid[NAME_LENGTH];