diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/login/Makefile.in | 2 | ||||
-rw-r--r-- | src/login/admin.c | 3 | ||||
-rw-r--r-- | src/login/login.c | 2121 | ||||
-rw-r--r-- | src/login/login.h | 37 | ||||
-rw-r--r-- | src/login/login_sql.c | 1483 | ||||
-rw-r--r-- | src/login/login_txt.c | 1903 |
6 files changed, 1954 insertions, 3595 deletions
diff --git a/src/login/Makefile.in b/src/login/Makefile.in index 8f9afff7e..aeb41b667 100644 --- a/src/login/Makefile.in +++ b/src/login/Makefile.in @@ -10,7 +10,7 @@ COMMON_H = ../common/core.h ../common/socket.h ../common/timer.h ../common/mmo.h ../common/grfio.h ../common/mapindex.h \ ../common/ers.h ../common/md5calc.h -LOGIN_OBJ = obj_txt/login.o obj_txt/login_txt.o obj_txt/admin.o +LOGIN_OBJ = obj_txt/login.o obj_txt/admin.o LOGIN_H = login.h @SET_MAKE@ diff --git a/src/login/admin.c b/src/login/admin.c index bd7a520d9..9bce1a02f 100644 --- a/src/login/admin.c +++ b/src/login/admin.c @@ -1,6 +1,3 @@ -// Copyright (c) Athena Dev Teams - Licensed under GNU GPL -// For more information, see LICENCE in the main folder - #include "../common/cbasetypes.h" #include "../common/mmo.h" #include "../common/core.h" diff --git a/src/login/login.c b/src/login/login.c index 4a7a1707b..9bb77e093 100644 --- a/src/login/login.c +++ b/src/login/login.c @@ -1,48 +1,24 @@ // Copyright (c) Athena Dev Teams - Licensed under GNU GPL // For more information, see LICENCE in the main folder +#include "../common/cbasetypes.h" +#include "../common/mmo.h" #include "../common/core.h" +#include "../common/socket.h" #include "../common/db.h" +#include "../common/timer.h" #include "../common/malloc.h" -#include "../common/md5calc.h" -#include "../common/showmsg.h" -#include "../common/socket.h" #include "../common/strlib.h" -#include "../common/timer.h" +#include "../common/showmsg.h" #include "../common/version.h" +#include "../common/md5calc.h" +#include "../common/lock.h" #include "login.h" #include <stdio.h> #include <stdlib.h> #include <string.h> - - -// temporary external imports -extern struct gm_account* gm_account_db; -int read_gm_account(void); -int mmo_auth_init(void); -int parse_login(int fd); -void login_log(uint32 ip, const char* username, int rcode, const char* message); - -#ifdef TXT_ONLY - extern struct mmo_account* auth_dat; - void mmo_auth_sync(void); - int check_GM_file(int tid, unsigned int tick, int id, int data); - int check_auth_sync(int tid, unsigned int tick, int id, int data); - void display_conf_warnings(void); - extern bool admin_state; - extern char admin_pass[24]; - extern uint32 admin_allowed_ip; - extern char account_txt[1024]; - extern char GM_account_filename[1024]; - extern int gm_account_filename_check_timer; - extern char login_log_filename[1024]; -#else - void mmo_db_close(void); - void sql_config_read(const char* cfgName); - int ip_ban_flush(int tid, unsigned int tick, int id, int data); -#endif - +#include <sys/stat.h> // for stat/lstat/fstat struct Login_Config login_config; @@ -53,11 +29,6 @@ struct mmo_char_server server[MAX_SERVERS]; // char server data #define sex_num2str(num) ( (num == 0 ) ? 'F' : (num == 1 ) ? 'M' : 'S' ) #define sex_str2num(str) ( (str == 'F' ) ? 0 : (str == 'M' ) ? 1 : 2 ) - -//Account registration flood protection [Kevin] -int allowed_regs = 1; -int time_allowed = 10; //in seconds - // Advanced subnet check [LuzZza] struct s_subnet { uint32 mask; @@ -67,22 +38,75 @@ struct s_subnet { int subnet_count = 0; +// GM account management +struct gm_account* gm_account_db = NULL; +unsigned int GM_num = 0; // number of gm accounts +char GM_account_filename[1024] = "conf/GM_account.txt"; +long creation_time_GM_account_file; // tracks the last-changed timestamp of the gm accounts file +int gm_account_filename_check_timer = 15; // Timer to check if GM_account file has been changed and reload GM account automaticaly (in seconds; default: 15) + +//Account registration flood protection [Kevin] +int allowed_regs = 1; +int time_allowed = 10; //in seconds +unsigned int new_reg_tick = 0; + + +// data handling (TXT) +char account_filename[1024] = "save/account.txt"; + +// account database +struct mmo_account* auth_dat = NULL; +unsigned int auth_num = 0, auth_max = 0; + +int account_id_count = START_ACCOUNT_NUM; + +// define the number of times that some players must authentify them before to save account file. +// it's just about normal authentication. If an account is created or modified, save is immediatly done. +// An authentication just change last connected IP and date. It already save in log file. +// set minimum auth change before save: +#define AUTH_BEFORE_SAVE_FILE 10 +// set divider of auth_num to found number of change before save +#define AUTH_SAVE_FILE_DIVIDER 50 +int auth_before_save_file = 0; // Counter. First save when 1st char-server do connection. + + +// ladmin configuration +bool admin_state = false; +char admin_pass[24] = ""; +uint32 admin_allowed_ip = 0; + +int parse_admin(int fd); + //----------------------------------------------------- // Auth database //----------------------------------------------------- #define AUTH_TIMEOUT 30000 -/*static*/ DBMap* auth_db; // int account_id -> struct auth_node* +struct auth_node { + int account_id; + uint32 login_id1; + uint32 login_id2; + uint32 ip; + char sex; +}; + +static DBMap* auth_db; // int account_id -> struct auth_node* //----------------------------------------------------- // Online User Database [Wizputer] //----------------------------------------------------- -/*static*/ DBMap* online_db; // int account_id -> struct online_login_data* -/*static*/ int waiting_disconnect_timer(int tid, unsigned int tick, int id, int data); +struct online_login_data { + int account_id; + int waiting_disconnect; + int char_server; +}; -/*static*/ void* create_online_user(DBKey key, va_list args) +static DBMap* online_db; // int account_id -> struct online_login_data* +static int waiting_disconnect_timer(int tid, unsigned int tick, int id, int data); + +static void* create_online_user(DBKey key, va_list args) { struct online_login_data* p; CREATE(p, struct online_login_data, 1); @@ -121,7 +145,7 @@ void remove_online_user(int account_id) idb_remove(online_db, account_id); } -/*static*/ int waiting_disconnect_timer(int tid, unsigned int tick, int id, int data) +static int waiting_disconnect_timer(int tid, unsigned int tick, int id, int data) { struct online_login_data* p = (struct online_login_data*)idb_get(online_db, id); if( p != NULL && p->waiting_disconnect == tid && p->account_id == id ) @@ -133,39 +157,6 @@ void remove_online_user(int account_id) return 0; } -/*static*/ int online_db_setoffline(DBKey key, void* data, va_list ap) -{ - struct online_login_data* p = (struct online_login_data*)data; - int server = va_arg(ap, int); - if( server == -1 ) - { - p->char_server = -1; - if( p->waiting_disconnect != -1 ) - { - delete_timer(p->waiting_disconnect, waiting_disconnect_timer); - p->waiting_disconnect = -1; - } - } - else if( p->char_server == server ) - p->char_server = -2; //Char server disconnected. - return 0; -} - -static int online_data_cleanup_sub(DBKey key, void *data, va_list ap) -{ - struct online_login_data *character= (struct online_login_data*)data; - if (character->char_server == -2) //Unknown server.. set them offline - remove_online_user(character->account_id); - return 0; -} - -static int online_data_cleanup(int tid, unsigned int tick, int id, int data) -{ - online_db->foreach(online_db, online_data_cleanup_sub); - return 0; -} - - //-------------------------------------------------------------------- // Packet send to all char-servers, except one (wos: without our self) //-------------------------------------------------------------------- @@ -188,6 +179,560 @@ int charif_sendallwos(int sfd, uint8* buf, size_t len) return c; } +//---------------------------------------------------------------------- +// Determine if an account (id) is a GM account +// and returns its level (or 0 if it isn't a GM account or if not found) +//---------------------------------------------------------------------- +int isGM(int account_id) +{ + unsigned int i; + ARR_FIND( 0, GM_num, i, gm_account_db[i].account_id == account_id ); + return ( i < GM_num ) ? gm_account_db[i].level : 0; +} + +//---------------------------------------------------------------------- +// Adds a new GM using acc id and level +//---------------------------------------------------------------------- +void addGM(int account_id, int level) +{ + static unsigned int GM_max = 0; + unsigned int i; + + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); + if( i == auth_num ) + return; // no such account + + ARR_FIND( 0, GM_num, i, gm_account_db[i].account_id == account_id ); + if( i < GM_num ) + { + if (gm_account_db[i].level == level) + ShowWarning("addGM: GM account %d defined twice (same level: %d).\n", account_id, level); + else { + ShowWarning("addGM: GM account %d defined twice (levels: %d and %d).\n", account_id, gm_account_db[i].level, level); + gm_account_db[i].level = level; + } + return; // entry already present + } + + // new account + if (GM_num >= GM_max) { + GM_max += 256; + RECREATE(gm_account_db, struct gm_account, GM_max); + } + gm_account_db[GM_num].account_id = account_id; + gm_account_db[GM_num].level = level; + GM_num++; + if (GM_num >= 4000) + ShowWarning("4000 GM accounts found. Next GM accounts are not read.\n"); +} + +//------------------------------------------------------- +// Reading function of GM accounts file (and their level) +//------------------------------------------------------- +int read_gm_account(void) +{ + char line[512]; + FILE *fp; + int account_id, level; + int line_counter; + struct stat file_stat; + int start_range = 0, end_range = 0, is_range = 0, current_id = 0; + + if(gm_account_db) aFree(gm_account_db); + CREATE(gm_account_db, struct gm_account, 1); + GM_num = 0; + + // get last modify time/date + if (stat(GM_account_filename, &file_stat)) + creation_time_GM_account_file = 0; // error + else + creation_time_GM_account_file = (long)file_stat.st_mtime; + + if ((fp = fopen(GM_account_filename, "r")) == NULL) { + ShowError("read_gm_account: GM accounts file [%s] not found.\n", GM_account_filename); + return 1; + } + + line_counter = 0; + // limited to 4000, because we send information to char-servers (more than 4000 GM accounts???) + // int (id) + int (level) = 8 bytes * 4000 = 32k (limit of packets in windows) + while(fgets(line, sizeof(line), fp) && GM_num < 4000) + { + line_counter++; + if ((line[0] == '/' && line[1] == '/') || line[0] == '\0' || line[0] == '\n' || line[0] == '\r') + continue; + is_range = (sscanf(line, "%d%*[-~]%d %d",&start_range,&end_range,&level)==3); // ID Range [MC Cameri] + if (!is_range && sscanf(line, "%d %d", &account_id, &level) != 2 && sscanf(line, "%d: %d", &account_id, &level) != 2) + ShowError("read_gm_account: file [%s], invalid 'acount_id|range level' format (line #%d).\n", GM_account_filename, line_counter); + else if (level <= 0) + ShowError("read_gm_account: file [%s] %dth account (line #%d) (invalid level [0 or negative]: %d).\n", GM_account_filename, GM_num+1, line_counter, level); + else { + if (level > 99) { + ShowNotice("read_gm_account: file [%s] %dth account (invalid level, but corrected: %d->99).\n", GM_account_filename, GM_num+1, level); + level = 99; + } + if (is_range) { + if (start_range==end_range) + ShowError("read_gm_account: file [%s] invalid range, beginning of range is equal to end of range (line #%d).\n", GM_account_filename, line_counter); + else if (start_range>end_range) + ShowError("read_gm_account: file [%s] invalid range, beginning of range must be lower than end of range (line #%d).\n", GM_account_filename, line_counter); + else + for (current_id = start_range;current_id<=end_range;current_id++) + addGM(current_id,level); + } else { + addGM(account_id,level); + } + } + } + fclose(fp); + + ShowStatus("read_gm_account: file '%s' read (%d GM accounts found).\n", GM_account_filename, GM_num); + + return 0; +} + + +//----------------------------------------------- +// Search an account id +// (return account index or -1 (if not found)) +// If exact account name is not found, +// the function checks without case sensitive +// and returns index if only 1 account is found +// and similar to the searched name. +//----------------------------------------------- +int search_account_index(char* account_name) +{ + unsigned int i, quantity; + int index; + + quantity = 0; + index = -1; + + for(i = 0; i < auth_num; i++) { + // Without case sensitive check (increase the number of similar account names found) + if (stricmp(auth_dat[i].userid, account_name) == 0) { + // Strict comparison (if found, we finish the function immediatly with correct value) + if (strcmp(auth_dat[i].userid, account_name) == 0) + return i; + quantity++; + index = i; + } + } + // Here, the exact account name is not found + // We return the found index of a similar account ONLY if there is 1 similar account + if (quantity == 1) + return index; + + // Exact account name is not found and 0 or more than 1 similar accounts have been found ==> we say not found + return -1; +} + +//-------------------------------------------------------- +// Create a string to save the account in the account file +//-------------------------------------------------------- +int mmo_auth_tostr(char* str, struct mmo_account* p) +{ + int i; + char *str_p = str; + + str_p += sprintf(str_p, "%d\t%s\t%s\t%s\t%c\t%d\t%u\t%s\t%s\t%ld\t%s\t%s\t%ld\t", + p->account_id, p->userid, p->pass, p->lastlogin, p->sex, + p->logincount, p->state, p->email, p->error_message, + (long)p->expiration_time, p->last_ip, p->memo, (long)p->unban_time); + + for(i = 0; i < p->account_reg2_num; i++) + if (p->account_reg2[i].str[0]) + str_p += sprintf(str_p, "%s,%s ", p->account_reg2[i].str, p->account_reg2[i].value); + + return 0; +} + +//--------------------------------- +// Reading of the accounts database +//--------------------------------- +int mmo_auth_init(void) +{ + FILE *fp; + int account_id; + uint32 state; + int logincount, n; + uint32 i, j; + char line[2048], *p, userid[2048], pass[2048], lastlogin[2048], sex, email[2048], error_message[2048], last_ip[2048], memo[2048]; + long unban_time; + long expiration_time; + char str[2048]; + char v[2048]; + int GM_count = 0; + int server_count = 0; + + auth_max = 256; + CREATE(auth_dat, struct mmo_account, auth_max); + + if ((fp = fopen(account_filename, "r")) == NULL) { + // no account file -> no account -> no login, including char-server (ERROR) + ShowError(CL_RED"mmmo_auth_init: Accounts file [%s] not found."CL_RESET"\n", account_filename); + return 0; + } + + while(fgets(line, sizeof(line), fp) != NULL) + { + if (line[0] == '/' && line[1] == '/') + continue; + + p = line; + + memset(userid, 0, sizeof(userid)); + memset(pass, 0, sizeof(pass)); + memset(lastlogin, 0, sizeof(lastlogin)); + memset(email, 0, sizeof(email)); + memset(error_message, 0, sizeof(error_message)); + memset(last_ip, 0, sizeof(last_ip)); + memset(memo, 0, sizeof(memo)); + + // database version reading (v2) + if (((i = sscanf(line, "%d\t%[^\t]\t%[^\t]\t%[^\t]\t%c\t%d\t%u\t" + "%[^\t]\t%[^\t]\t%ld\t%[^\t]\t%[^\t]\t%ld%n", + &account_id, userid, pass, lastlogin, &sex, &logincount, &state, + email, error_message, &expiration_time, last_ip, memo, &unban_time, &n)) == 13 && line[n] == '\t') || + ((i = sscanf(line, "%d\t%[^\t]\t%[^\t]\t%[^\t]\t%c\t%d\t%u\t" + "%[^\t]\t%[^\t]\t%ld\t%[^\t]\t%[^\t]%n", + &account_id, userid, pass, lastlogin, &sex, &logincount, &state, + email, error_message, &expiration_time, last_ip, memo, &n)) == 12 && line[n] == '\t')) { + n = n + 1; + + // Some checks + if (account_id > END_ACCOUNT_NUM) { + ShowError(CL_RED"mmmo_auth_init: an account has an id higher than %d\n", END_ACCOUNT_NUM); + ShowError(" account id #%d -> account not read (data is lost!)."CL_RESET"\n", account_id); + continue; + } + userid[23] = '\0'; + remove_control_chars(userid); + for(j = 0; j < auth_num; j++) { + if (auth_dat[j].account_id == account_id) { + ShowError(CL_RED"mmmo_auth_init: an account has an identical id to another.\n"); + ShowError(" account id #%d -> new account not read (data is lost!)."CL_RED"\n", account_id); + break; + } else if (strcmp(auth_dat[j].userid, userid) == 0) { + ShowError(CL_RED"mmmo_auth_init: account name already exists.\n"); + ShowError(" account name '%s' -> new account not read (data is lost!)."CL_RESET"\n", userid); // 2 lines, account name can be long. + break; + } + } + if (j != auth_num) + continue; + + if (auth_num >= auth_max) { + auth_max += 256; + auth_dat = (struct mmo_account*)aRealloc(auth_dat, sizeof(struct mmo_account) * auth_max); + } + + memset(&auth_dat[auth_num], '\0', sizeof(struct mmo_account)); + + auth_dat[auth_num].account_id = account_id; + + strncpy(auth_dat[auth_num].userid, userid, 24); + + pass[32] = '\0'; + remove_control_chars(pass); + strncpy(auth_dat[auth_num].pass, pass, 32); + + lastlogin[23] = '\0'; + remove_control_chars(lastlogin); + strncpy(auth_dat[auth_num].lastlogin, lastlogin, 24); + + auth_dat[auth_num].sex = sex; + + if (logincount >= 0) + auth_dat[auth_num].logincount = logincount; + else + auth_dat[auth_num].logincount = 0; + + if (state > 255) + auth_dat[auth_num].state = 100; + else + auth_dat[auth_num].state = state; + + if (e_mail_check(email) == 0) { + ShowNotice("Account %s (%d): invalid e-mail (replaced par a@a.com).\n", auth_dat[auth_num].userid, auth_dat[auth_num].account_id); + strncpy(auth_dat[auth_num].email, "a@a.com", 40); + } else { + remove_control_chars(email); + strncpy(auth_dat[auth_num].email, email, 40); + } + + error_message[19] = '\0'; + remove_control_chars(error_message); + if (error_message[0] == '\0' || state != 7) { // 7, because state is packet 0x006a value + 1 + strncpy(auth_dat[auth_num].error_message, "-", 20); + } else { + strncpy(auth_dat[auth_num].error_message, error_message, 20); + } + + if (i == 13) + auth_dat[auth_num].unban_time = (time_t)unban_time; + else + auth_dat[auth_num].unban_time = 0; + + auth_dat[auth_num].expiration_time = (time_t)expiration_time; + + last_ip[15] = '\0'; + remove_control_chars(last_ip); + strncpy(auth_dat[auth_num].last_ip, last_ip, 16); + + memo[254] = '\0'; + remove_control_chars(memo); + strncpy(auth_dat[auth_num].memo, memo, 255); + + for(j = 0; j < ACCOUNT_REG2_NUM; j++) { + p += n; + if (sscanf(p, "%[^\t,],%[^\t ] %n", str, v, &n) != 2) { + // We must check if a str is void. If it's, we can continue to read other REG2. + // Account line will have something like: str2,9 ,9 str3,1 (here, ,9 is not good) + if (p[0] == ',' && sscanf(p, ",%[^\t ] %n", v, &n) == 1) { + j--; + continue; + } else + break; + } + str[31] = '\0'; + remove_control_chars(str); + strncpy(auth_dat[auth_num].account_reg2[j].str, str, 32); + strncpy(auth_dat[auth_num].account_reg2[j].value,v,256); + } + auth_dat[auth_num].account_reg2_num = j; + + if (isGM(account_id) > 0) + GM_count++; + if (auth_dat[auth_num].sex == 'S') + server_count++; + + auth_num++; + if (account_id >= account_id_count) + account_id_count = account_id + 1; + + // Old athena database version reading (v1) + } else if ((i = sscanf(line, "%d\t%[^\t]\t%[^\t]\t%[^\t]\t%c\t%d\t%u\t%n", + &account_id, userid, pass, lastlogin, &sex, &logincount, &state, &n)) >= 5) { + if (account_id > END_ACCOUNT_NUM) { + ShowError(CL_RED"mmmo_auth_init: an account has an id higher than %d\n", END_ACCOUNT_NUM); + ShowError(" account id #%d -> account not read (data is lost!)."CL_RESET"\n", account_id); + continue; + } + userid[23] = '\0'; + remove_control_chars(userid); + for(j = 0; j < auth_num; j++) { + if (auth_dat[j].account_id == account_id) { + ShowError(CL_RED"mmo_auth_init: an account has an identical id to another.\n"); + ShowError(" account id #%d -> new account not read (data is lost!)."CL_RESET"\n", account_id); + break; + } else if (strcmp(auth_dat[j].userid, userid) == 0) { + ShowError(CL_RED"mmo_auth_init: account name already exists.\n"); + ShowError(" account name '%s' -> new account not read (data is lost!)."CL_RESET"\n", userid); + break; + } + } + if (j != auth_num) + continue; + + if (auth_num >= auth_max) { + auth_max += 256; + RECREATE(auth_dat, struct mmo_account, auth_max); + } + + memset(&auth_dat[auth_num], '\0', sizeof(struct mmo_account)); + + auth_dat[auth_num].account_id = account_id; + + strncpy(auth_dat[auth_num].userid, userid, 24); + + pass[23] = '\0'; + remove_control_chars(pass); + strncpy(auth_dat[auth_num].pass, pass, 24); + + lastlogin[23] = '\0'; + remove_control_chars(lastlogin); + strncpy(auth_dat[auth_num].lastlogin, lastlogin, 24); + + auth_dat[auth_num].sex = sex; + + if (i >= 6) { + if (logincount >= 0) + auth_dat[auth_num].logincount = logincount; + else + auth_dat[auth_num].logincount = 0; + } else + auth_dat[auth_num].logincount = 0; + + if (i >= 7) { + if (state > 255) + auth_dat[auth_num].state = 100; + else + auth_dat[auth_num].state = state; + } else + auth_dat[auth_num].state = 0; + + // Initialization of new data + strncpy(auth_dat[auth_num].email, "a@a.com", 40); + strncpy(auth_dat[auth_num].error_message, "-", 20); + auth_dat[auth_num].unban_time = 0; + auth_dat[auth_num].expiration_time = 0; + strncpy(auth_dat[auth_num].last_ip, "-", 16); + strncpy(auth_dat[auth_num].memo, "-", 255); + + for(j = 0; j < ACCOUNT_REG2_NUM; j++) { + p += n; + if (sscanf(p, "%[^\t,],%[^\t ] %n", str, v, &n) != 2) { + // We must check if a str is void. If it's, we can continue to read other REG2. + // Account line will have something like: str2,9 ,9 str3,1 (here, ,9 is not good) + if (p[0] == ',' && sscanf(p, ",%[^\t ] %n", v, &n) == 1) { + j--; + continue; + } else + break; + } + str[31] = '\0'; + remove_control_chars(str); + strncpy(auth_dat[auth_num].account_reg2[j].str, str, 32); + strncpy(auth_dat[auth_num].account_reg2[j].value,v,256); + } + auth_dat[auth_num].account_reg2_num = j; + + if (isGM(account_id) > 0) + GM_count++; + if (auth_dat[auth_num].sex == 'S') + server_count++; + + auth_num++; + if (account_id >= account_id_count) + account_id_count = account_id + 1; + + } else { + int i = 0; + if (sscanf(line, "%d\t%%newid%%\n%n", &account_id, &i) == 1 && + i > 0 && account_id > account_id_count) + account_id_count = account_id; + } + } + fclose(fp); + + if( auth_num == 0 ) + ShowNotice("mmo_auth_init: No account found in %s.\n", account_filename); + else + if( auth_num == 1 ) + ShowStatus("mmo_auth_init: 1 account read in %s,\n", account_filename); + else + ShowStatus("mmo_auth_init: %d accounts read in %s,\n", auth_num, account_filename); + + if( GM_count == 0 ) + ShowStatus(" of which is no GM account, and \n"); + else + if( GM_count == 1 ) + ShowStatus(" of which is 1 GM account, and \n"); + else + ShowStatus(" of which is %d GM accounts, and \n", GM_count); + + if( server_count == 0 ) + ShowStatus(" no server account ('S').\n"); + else + if( server_count == 1 ) + ShowStatus(" 1 server account ('S').\n"); + else + ShowStatus(" %d server accounts ('S').\n", server_count); + + return 0; +} + +//------------------------------------------ +// Writing of the accounts database file +// (accounts are sorted by id before save) +//------------------------------------------ +void mmo_auth_sync(void) +{ + FILE *fp; + unsigned int i, j, k; + int lock; + int account_id; + CREATE_BUFFER(id, int, auth_num); + char line[65536]; + + // Sorting before save + for(i = 0; i < auth_num; i++) { + id[i] = i; + account_id = auth_dat[i].account_id; + for(j = 0; j < i; j++) { + if (account_id < auth_dat[id[j]].account_id) { + for(k = i; k > j; k--) + id[k] = id[k-1]; + id[j] = i; // id[i] + break; + } + } + } + + // Data save + if ((fp = lock_fopen(account_filename, &lock)) == NULL) { + //if (id) aFree(id); + DELETE_BUFFER(id); + return; + } + + fprintf(fp, "// Accounts file: here are saved all information about the accounts.\n"); + fprintf(fp, "// Structure: ID, account name, password, last login time, sex, # of logins, state, email, error message for state 7, validity time, last (accepted) login ip, memo field, ban timestamp, repeated(register text, register value)\n"); + fprintf(fp, "// Some explanations:\n"); + fprintf(fp, "// account name : between 4 to 23 char for a normal account (standard client can't send less than 4 char).\n"); + fprintf(fp, "// account password: between 4 to 23 char\n"); + fprintf(fp, "// sex : M or F for normal accounts, S for server accounts\n"); + fprintf(fp, "// state : 0: account is ok, 1 to 256: error code of packet 0x006a + 1\n"); + fprintf(fp, "// email : between 3 to 39 char (a@a.com is like no email)\n"); + fprintf(fp, "// error message : text for the state 7: 'Your are Prohibited to login until <text>'. Max 19 char\n"); + fprintf(fp, "// valitidy time : 0: unlimited account, <other value>: date calculated by addition of 1/1/1970 + value (number of seconds since the 1/1/1970)\n"); + fprintf(fp, "// memo field : max 254 char\n"); + fprintf(fp, "// ban time : 0: no ban, <other value>: banned until the date: date calculated by addition of 1/1/1970 + value (number of seconds since the 1/1/1970)\n"); + for(i = 0; i < auth_num; i++) { + k = id[i]; // use of sorted index + if (auth_dat[k].account_id == -1) + continue; + + mmo_auth_tostr(line, &auth_dat[k]); + fprintf(fp, "%s\n", line); + } + fprintf(fp, "%d\t%%newid%%\n", account_id_count); + + lock_fclose(fp, account_filename, &lock); + + // set new counter to minimum number of auth before save + auth_before_save_file = auth_num / AUTH_SAVE_FILE_DIVIDER; // Re-initialise counter. We have save. + if (auth_before_save_file < AUTH_BEFORE_SAVE_FILE) + auth_before_save_file = AUTH_BEFORE_SAVE_FILE; + + //if (id) aFree(id); + DELETE_BUFFER(id); + + return; +} + +//----------------------------------------------------- +// Check if we must save accounts file or not +// every minute, we check if we must save because we +// have do some authentications without arrive to +// the minimum of authentications for the save. +// Note: all other modification of accounts (deletion, +// change of some informations excepted lastip/ +// lastlogintime, creation) are always save +// immediatly and set the minimum of +// authentications to its initialization value. +//----------------------------------------------------- +int check_auth_sync(int tid, unsigned int tick, int id, int data) +{ + // we only save if necessary: + // we have do some authentications without do saving + if (auth_before_save_file < AUTH_BEFORE_SAVE_FILE || + auth_before_save_file < (int)(auth_num / AUTH_SAVE_FILE_DIVIDER)) + mmo_auth_sync(); + + return 0; +} //----------------------------------------------------- // periodic ip address synchronization @@ -201,6 +746,67 @@ static int sync_ip_addresses(int tid, unsigned int tick, int id, int data) return 0; } +//----------------------------------------------------- +// Send GM accounts to one or all char-servers +//----------------------------------------------------- +void send_GM_accounts(int fd) +{ + unsigned int i; + uint8 buf[32767]; + uint16 len; + + len = 4; + WBUFW(buf,0) = 0x2732; + for(i = 0; i < GM_num; i++) + // send only existing accounts. We can not create a GM account when server is online. + if (gm_account_db[i].level > 0) { + WBUFL(buf,len) = gm_account_db[i].account_id; + WBUFB(buf,len+4) = (uint8)gm_account_db[i].level; + len += 5; + if (len >= 32000) { + ShowWarning("send_GM_accounts: Too many accounts! Only %d out of %d were sent.\n", i, GM_num); + break; + } + } + + WBUFW(buf,2) = len; + if (fd == -1) // send to all charservers + charif_sendallwos(-1, buf, len); + else { // send only to target + WFIFOHEAD(fd,len); + memcpy(WFIFOP(fd,0), buf, len); + WFIFOSET(fd,len); + } + + return; +} + +//----------------------------------------------------- +// Check if GM file account have been changed +//----------------------------------------------------- +int check_GM_file(int tid, unsigned int tick, int id, int data) +{ + struct stat file_stat; + long new_time; + + // if we would not check + if (gm_account_filename_check_timer < 1) + return 0; + + // get last modify time/date + if (stat(GM_account_filename, &file_stat)) + new_time = 0; // error + else + new_time = (long)file_stat.st_mtime; + + if (new_time != creation_time_GM_account_file) { + read_gm_account(); + send_GM_accounts(-1); + } + + return 0; +} + //----------------------------------------------------- // encrypted/unencrypted password check @@ -234,6 +840,760 @@ bool check_password(struct login_session_data* sd, int passwdenc, const char* pa } +//------------------------------------- +// Make new account +//------------------------------------- +int mmo_auth_new(struct mmo_account* account) +{ + static int num_regs = 0; // registration counter + unsigned int tick = gettick(); + + time_t expiration_time = 0; + unsigned int i = auth_num; + + // check if the account doesn't exist already + ARR_FIND( 0, auth_num, i, strcmp(account->userid, auth_dat[i].userid) == 0 ); + if( i < auth_num ) + { + ShowNotice("Attempt of creation of an already existant account (account: %s_%c, pass: %s, received pass: %s)\n", account->userid, account->sex, auth_dat[i].pass, account->pass); + return 1; // 1 = Incorrect Password + } + + //Account Registration Flood Protection by [Kevin] + if( DIFF_TICK(tick, new_reg_tick) < 0 && num_regs >= allowed_regs ) + { + ShowNotice("Account registration denied (registration limit exceeded)\n"); + return 3; + } + + if (auth_num >= auth_max) { + auth_max += 256; + auth_dat = (struct mmo_account*)aRealloc(auth_dat, sizeof(struct mmo_account) * auth_max); + } + + memset(&auth_dat[i], '\0', sizeof(struct mmo_account)); + + // find a suitable non-gm account id + while (isGM(account_id_count) > 0) + account_id_count++; + + auth_dat[i].account_id = account_id_count++; + safestrncpy(auth_dat[i].userid, account->userid, NAME_LENGTH); + if( login_config.use_md5_passwds ) + MD5_String(account->pass, auth_dat[i].pass); + else + safestrncpy(auth_dat[i].pass, account->pass, NAME_LENGTH); + safestrncpy(auth_dat[i].lastlogin, "-", sizeof(auth_dat[i].lastlogin)); + auth_dat[i].sex = account->sex; + auth_dat[i].logincount = 0; + auth_dat[i].state = 0; + safestrncpy(auth_dat[i].email, e_mail_check(account->email) ? account->email : "a@a.com", sizeof(auth_dat[i].email)); + safestrncpy(auth_dat[i].error_message, "-", sizeof(auth_dat[i].error_message)); + auth_dat[i].unban_time = 0; + if( login_config.start_limited_time != -1 ) + expiration_time = time(NULL) + login_config.start_limited_time; + auth_dat[i].expiration_time = expiration_time; + strncpy(auth_dat[i].last_ip, "-", 16); + strncpy(auth_dat[i].memo, "-", 255); + auth_dat[i].account_reg2_num = 0; + + ShowNotice("Account creation (account %s, id: %d, pass: %s, sex: %c)\n", account->userid, auth_num, account->pass, account->sex); + auth_num++; + + if( DIFF_TICK(tick, new_reg_tick) > 0 ) + {// Update the registration check. + num_regs = 0; + new_reg_tick = tick + time_allowed*1000; + } + ++num_regs; + + return 0; +} + +//----------------------------------------------------- +// Check/authentication of a connection +//----------------------------------------------------- +int mmo_auth(struct login_session_data* sd) +{ + unsigned int i; + time_t raw_time; + char tmpstr[256]; + int len; + char user_password[32+1]; // reserve for md5-ed pw + + char ip[16]; + ip2str(session[sd->fd]->client_addr, ip); + + // DNS Blacklist check + if( login_config.use_dnsbl ) + { + char r_ip[16]; + char ip_dnsbl[256]; + char* dnsbl_serv; + bool matched = false; + uint8* sin_addr = (uint8*)&session[sd->fd]->client_addr; + + sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]); + + for( dnsbl_serv = strtok(login_config.dnsbl_servs,","); !matched && dnsbl_serv != NULL; dnsbl_serv = strtok(NULL,",") ) + { + sprintf(ip_dnsbl, "%s.%s", r_ip, dnsbl_serv); + if( host2ip(ip_dnsbl) ) + matched = true; + } + + if( matched ) + { + ShowInfo("DNSBL: (%s) Blacklisted. User Kicked.\n", r_ip); + return 3; + } + } + + //Client Version check + if( login_config.check_client_version && sd->version != login_config.client_version_to_connect ) + return 5; + + len = strnlen(sd->userid, NAME_LENGTH); + + // Account creation with _M/_F + if( login_config.new_account_flag ) + { + if( len > 2 && strnlen(sd->passwd, NAME_LENGTH) > 0 && // valid user and password lengths + sd->passwdenc == 0 && // unencoded password + sd->userid[len-2] == '_' && memchr("FfMm", sd->userid[len-1], 4) && // _M/_F suffix + account_id_count <= END_ACCOUNT_NUM ) + { + struct mmo_account acc; + int result; + + len -= 2; + sd->userid[len] = '\0'; + + memset(&acc, '\0', sizeof(acc)); + safestrncpy(acc.userid, sd->userid, NAME_LENGTH); + safestrncpy(acc.pass, sd->passwd, NAME_LENGTH); + safestrncpy(acc.email, "a@a.com", sizeof(acc.email)); + acc.sex = TOUPPER(sd->userid[len+1]); + + result = mmo_auth_new(&acc); + if( result ) + return result;// Failed to make account. [Skotlex]. + + auth_before_save_file = 0; // Creation of an account -> save accounts file immediatly + } + } + + // Strict account search + ARR_FIND( 0, auth_num, i, strcmp(sd->userid, auth_dat[i].userid) == 0 ); + + // if strict account search fails, we do a no sensitive case research for index + if( i < auth_num ) + { + i = search_account_index(sd->userid); + if( i == -1 ) + i = auth_num; + else + memcpy(sd->userid, auth_dat[i].userid, NAME_LENGTH); // for the possible tests/checks afterwards (copy correcte sensitive case). + } + + if( i == auth_num ) + { + ShowNotice("Unknown account (account: %s, received pass: %s, ip: %s)\n", sd->userid, sd->passwd, ip); + return 0; // 0 = Unregistered ID + } + + if( login_config.use_md5_passwds ) + MD5_String(sd->passwd, user_password); + else + safestrncpy(user_password, sd->passwd, NAME_LENGTH); + + if( !check_password(sd, sd->passwdenc, user_password, auth_dat[i].pass) ) + { + ShowNotice("Invalid password (account: %s, pass: %s, received pass: %s, ip: %s)\n", sd->userid, auth_dat[i].pass, (sd->passwdenc) ? "[MD5]" : sd->passwd, ip); + return 1; // 1 = Incorrect Password + } + + if( auth_dat[i].expiration_time != 0 && auth_dat[i].expiration_time < time(NULL) ) + { + ShowNotice("Connection refused (account: %s, pass: %s, expired ID, ip: %s)\n", sd->userid, sd->passwd, ip); + return 2; // 2 = This ID is expired + } + + if( auth_dat[i].unban_time != 0 && auth_dat[i].unban_time > time(NULL) ) + { + strftime(tmpstr, 20, login_config.date_format, localtime(&auth_dat[i].unban_time)); + tmpstr[19] = '\0'; + ShowNotice("Connection refused (account: %s, pass: %s, banned until %s, ip: %s)\n", sd->userid, sd->passwd, tmpstr, ip); + return 6; // 6 = Your are Prohibited to log in until %s + } + + if( auth_dat[i].state ) + { + ShowNotice("Connection refused (account: %s, pass: %s, state: %d, ip: %s)\n", sd->userid, sd->passwd, auth_dat[i].state, ip); + return auth_dat[i].state - 1; + } + + ShowNotice("Authentication accepted (account: %s, id: %d, ip: %s)\n", sd->userid, auth_dat[i].account_id, ip); + + // auth start : time seed + time(&raw_time); + strftime(tmpstr, 24, "%Y-%m-%d %H:%M:%S",localtime(&raw_time)); + + sd->account_id = auth_dat[i].account_id; + sd->login_id1 = rand(); + sd->login_id2 = rand(); + safestrncpy(sd->lastlogin, auth_dat[i].lastlogin, 24); + sd->sex = auth_dat[i].sex; + + if( sd->sex != 'S' && sd->account_id < START_ACCOUNT_NUM ) + ShowWarning("Account %s has account id %d! Account IDs must be over %d to work properly!\n", sd->userid, sd->account_id, START_ACCOUNT_NUM); + + safestrncpy(auth_dat[i].lastlogin, tmpstr, sizeof(auth_dat[i].lastlogin)); + safestrncpy(auth_dat[i].last_ip, ip, sizeof(auth_dat[i].last_ip)); + auth_dat[i].unban_time = 0; + auth_dat[i].logincount++; + + // Save until for change ip/time of auth is not very useful => limited save for that + // Save there informations isnot necessary, because they are saved in log file. + if (--auth_before_save_file <= 0) // Reduce counter. 0 or less, we save + mmo_auth_sync(); + + return -1; // account OK +} + +static int online_db_setoffline(DBKey key, void* data, va_list ap) +{ + struct online_login_data* p = (struct online_login_data*)data; + int server = va_arg(ap, int); + if( server == -1 ) + { + p->char_server = -1; + if( p->waiting_disconnect != -1 ) + { + delete_timer(p->waiting_disconnect, waiting_disconnect_timer); + p->waiting_disconnect = -1; + } + } + else if( p->char_server == server ) + p->char_server = -2; //Char server disconnected. + return 0; +} + +//-------------------------------- +// Packet parsing for char-servers +//-------------------------------- +int parse_fromchar(int fd) +{ + unsigned int i; + int j, id; + uint32 ipl; + char ip[16]; + + ARR_FIND( 0, MAX_SERVERS, id, server[id].fd == fd ); + if( id == MAX_SERVERS ) + {// not a char server + set_eof(fd); + do_close(fd); + return 0; + } + + if( session[fd]->flag.eof ) + { + ShowStatus("Char-server '%s' has disconnected.\n", server[id].name); + online_db->foreach(online_db, online_db_setoffline, id); //Set all chars from this char server to offline. + memset(&server[id], 0, sizeof(struct mmo_char_server)); + server[id].fd = -1; + do_close(fd); + return 0; + } + + ipl = server[id].ip; + ip2str(ipl, ip); + + while( RFIFOREST(fd) >= 2 ) + { + uint16 command = RFIFOW(fd,0); + + switch( command ) + { + + case 0x2709: // request from map-server via char-server to reload GM accounts + RFIFOSKIP(fd,2); + ShowStatus("Char-server '%s': Request to re-load GM configuration file (ip: %s).\n", server[id].name, ip); + read_gm_account(); + // send GM accounts to all char-servers + send_GM_accounts(-1); + break; + + case 0x2712: // request from char-server to authenticate an account + if( RFIFOREST(fd) < 19 ) + return 0; + { + struct auth_node* node; + + int account_id = RFIFOL(fd,2); + int login_id1 = RFIFOL(fd,6); + int login_id2 = RFIFOL(fd,10); + char sex = sex_num2str(RFIFOB(fd,14)); + uint32 ip_ = ntohl(RFIFOL(fd,15)); + RFIFOSKIP(fd,19); + + node = (struct auth_node*)idb_get(auth_db, account_id); + if( node != NULL && + node->account_id == account_id && + node->login_id1 == login_id1 && + node->login_id2 == login_id2 && + node->sex == sex && + node->ip == ip_ ) + {// found + uint32 expiration_time; + char email[40]; + unsigned int k; + + //ShowStatus("Char-server '%s': authentication of the account %d accepted (ip: %s).\n", server[id].name, account_id, ip); + + // each auth entry can only be used once + idb_remove(auth_db, account_id); + + // retrieve email and account expiration time + ARR_FIND( 0, auth_num, k, auth_dat[k].account_id == account_id ); + if( k < auth_num ) + { + strcpy(email, auth_dat[k].email); + expiration_time = (uint32)auth_dat[k].expiration_time; + } + else + { + memset(email, 0, sizeof(email)); + expiration_time = 0; + } + + // send ack + WFIFOHEAD(fd,59); + WFIFOW(fd,0) = 0x2713; + WFIFOL(fd,2) = account_id; + WFIFOL(fd,6) = login_id1; + WFIFOL(fd,10) = login_id2; + WFIFOB(fd,14) = 0; + memcpy(WFIFOP(fd,15), email, 40); + WFIFOL(fd,55) = expiration_time; + WFIFOSET(fd,59); + } + else + {// authentication not found + ShowStatus("Char-server '%s': authentication of the account %d REFUSED (ip: %s).\n", server[id].name, account_id, ip); + WFIFOHEAD(fd,59); + WFIFOW(fd,0) = 0x2713; + WFIFOL(fd,2) = account_id; + WFIFOL(fd,6) = login_id1; + WFIFOL(fd,10) = login_id2; + WFIFOB(fd,14) = 1; + // It is unnecessary to send email + // It is unnecessary to send validity date of the account + WFIFOSET(fd,59); + } + } + break; + + case 0x2714: + if( RFIFOREST(fd) < 6 ) + return 0; + { + int users = RFIFOL(fd,2); + RFIFOSKIP(fd,6); + + // how many users on world? (update) + if( server[id].users != users ) + { + ShowStatus("set users %s : %d\n", server[id].name, users); + + server[id].users = users; + } + } + break; + + case 0x2715: // request from char server to change e-email from default "a@a.com" + if (RFIFOREST(fd) < 46) + return 0; + { + char email[40]; + int acc = RFIFOL(fd,2); + safestrncpy(email, (char*)RFIFOP(fd,6), 40); remove_control_chars(email); + RFIFOSKIP(fd,46); + + if( e_mail_check(email) == 0 ) + ShowNotice("Char-server '%s': Attempt to create an e-mail on an account with a default e-mail REFUSED - e-mail is invalid (account: %d, ip: %s)\n", server[id].name, acc, ip); + else + { + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == acc && (strcmp(auth_dat[i].email, "a@a.com") == 0 || auth_dat[i].email[0] == '\0') ); + if( i == auth_num ) + ShowNotice("Char-server '%s': Attempt to create an e-mail on an account with a default e-mail REFUSED - account doesn't exist or e-mail of account isn't default e-mail (account: %d, ip: %s).\n", server[id].name, acc, ip); + else + { + memcpy(auth_dat[i].email, email, 40); + ShowNotice("Char-server '%s': Create an e-mail on an account with a default e-mail (account: %d, new e-mail: %s, ip: %s).\n", server[id].name, acc, email, ip); + // Save + mmo_auth_sync(); + } + } + } + break; + + case 0x2716: // received an e-mail/limited time request, because a player comes back from a map-server to the char-server + if( RFIFOREST(fd) < 6 ) + return 0; + { + uint32 expiration_time = 0; + char email[40] = ""; + + int account_id = RFIFOL(fd,2); + RFIFOSKIP(fd,6); + + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); + if( i == auth_num ) + ShowNotice("Char-server '%s': e-mail of the account %d NOT found (ip: %s).\n", server[id].name, RFIFOL(fd,2), ip); + else + { + safestrncpy(email, auth_dat[i].email, sizeof(email)); + expiration_time = (uint32)auth_dat[i].expiration_time; + } + + WFIFOHEAD(fd,50); + WFIFOW(fd,0) = 0x2717; + WFIFOL(fd,2) = account_id; + safestrncpy((char*)WFIFOP(fd,6), email, 40); + WFIFOL(fd,46) = expiration_time; + WFIFOSET(fd,50); + } + break; + + case 0x2719: // ping request from charserver + if( RFIFOREST(fd) < 2 ) + return 0; + RFIFOSKIP(fd,2); + + WFIFOHEAD(fd,2); + WFIFOW(fd,0) = 0x2718; + WFIFOSET(fd,2); + break; + + // Map server send information to change an email of an account via char-server + case 0x2722: // 0x2722 <account_id>.L <actual_e-mail>.40B <new_e-mail>.40B + if (RFIFOREST(fd) < 86) + return 0; + { + char actual_email[40]; + char new_email[40]; + int account_id = RFIFOL(fd,2); + safestrncpy(actual_email, (char*)RFIFOP(fd,6), 40); remove_control_chars(actual_email); + safestrncpy(new_email, (char*)RFIFOP(fd,46), 40); remove_control_chars(new_email); + RFIFOSKIP(fd, 86); + + if( e_mail_check(actual_email) == 0 ) + ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but actual email is invalid (account: %d, ip: %s)\n", server[id].name, account_id, ip); + else if( e_mail_check(new_email) == 0 ) + ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command) with a invalid new e-mail (account: %d, ip: %s)\n", server[id].name, account_id, ip); + else if( strcmpi(new_email, "a@a.com") == 0 ) + ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command) with a default e-mail (account: %d, ip: %s)\n", server[id].name, account_id, ip); + else { + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); + if( i == auth_num ) + ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but account doesn't exist (account: %d, ip: %s).\n", server[id].name, account_id, ip); + else + if( strcmpi(auth_dat[i].email, actual_email) != 0 ) + ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but actual e-mail is incorrect (account: %d (%s), actual e-mail: %s, proposed e-mail: %s, ip: %s).\n", server[id].name, account_id, auth_dat[i].userid, auth_dat[i].email, actual_email, ip); + else { + safestrncpy(auth_dat[i].email, new_email, 40); + ShowNotice("Char-server '%s': Modify an e-mail on an account (@email GM command) (account: %d (%s), new e-mail: %s, ip: %s).\n", server[id].name, account_id, auth_dat[i].userid, new_email, ip); + // Save + mmo_auth_sync(); + } + } + } + break; + + case 0x2724: // Receiving an account state update request from a map-server (relayed via char-server) + if (RFIFOREST(fd) < 10) + return 0; + { + int account_id = RFIFOL(fd,2); + uint32 state = RFIFOL(fd,6); + RFIFOSKIP(fd,10); + + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); + if( i == auth_num ) + ShowNotice("Char-server '%s': Error of Status change (account: %d not found, suggested status %d, ip: %s).\n", server[id].name, account_id, state, ip); + else + if( auth_dat[i].state == state ) + ShowNotice("Char-server '%s': Error of Status change - actual status is already the good status (account: %d, status %d, ip: %s).\n", server[id].name, account_id, state, ip); + else { + ShowNotice("Char-server '%s': Status change (account: %d, new status %d, ip: %s).\n", server[id].name, account_id, state, ip); + if (state != 0) { + uint8 buf[11]; + WBUFW(buf,0) = 0x2731; + WBUFL(buf,2) = account_id; + WBUFB(buf,6) = 0; // 0: change of state, 1: ban + WBUFL(buf,7) = state; // status or final date of a banishment + charif_sendallwos(-1, buf, 11); + } + auth_dat[i].state = state; + // Save + mmo_auth_sync(); + } + } + break; + + case 0x2725: // Receiving of map-server via char-server a ban request + if (RFIFOREST(fd) < 18) + return 0; + { + int account_id = RFIFOL(fd,2); + int year = (short)RFIFOW(fd,6); + int month = (short)RFIFOW(fd,8); + int mday = (short)RFIFOW(fd,10); + int hour = (short)RFIFOW(fd,12); + int min = (short)RFIFOW(fd,14); + int sec = (short)RFIFOW(fd,16); + RFIFOSKIP(fd,18); + + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); + if( i == auth_num ) + ShowNotice("Char-server '%s': Error of ban request (account: %d not found, ip: %s).\n", server[id].name, account_id, ip); + else + { + time_t timestamp; + struct tm *tmtime; + if (auth_dat[i].unban_time == 0 || auth_dat[i].unban_time < time(NULL)) + timestamp = time(NULL); + else + timestamp = auth_dat[i].unban_time; + tmtime = localtime(×tamp); + tmtime->tm_year = tmtime->tm_year + year; + tmtime->tm_mon = tmtime->tm_mon + month; + tmtime->tm_mday = tmtime->tm_mday + mday; + tmtime->tm_hour = tmtime->tm_hour + hour; + tmtime->tm_min = tmtime->tm_min + min; + tmtime->tm_sec = tmtime->tm_sec + sec; + timestamp = mktime(tmtime); + if (timestamp == -1) + ShowNotice("Char-server '%s': Error of ban request (account: %d, invalid date, ip: %s).\n", server[id].name, account_id, ip); + else + if( timestamp <= time(NULL) || timestamp == 0 ) + ShowNotice("Char-server '%s': Error of ban request (account: %d, new date unbans the account, ip: %s).\n", server[id].name, account_id, ip); + else + { + unsigned char buf[16]; + char tmpstr[2048]; + strftime(tmpstr, 24, login_config.date_format, localtime(×tamp)); + ShowNotice("Char-server '%s': Ban request (account: %d, new final date of banishment: %d (%s), ip: %s).\n", server[id].name, account_id, timestamp, tmpstr, ip); + WBUFW(buf,0) = 0x2731; + WBUFL(buf,2) = auth_dat[i].account_id; + WBUFB(buf,6) = 1; // 0: change of status, 1: ban + WBUFL(buf,7) = (unsigned int)timestamp; // status or final date of a banishment + charif_sendallwos(-1, buf, 11); + auth_dat[i].unban_time = timestamp; + // Save + mmo_auth_sync(); + } + } + } + break; + + case 0x2727: // Change of sex (sex is reversed) + if( RFIFOREST(fd) < 6 ) + return 0; + { + int account_id = RFIFOL(fd,2); + RFIFOSKIP(fd,6); + + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); + if( i == auth_num ) + ShowNotice("Char-server '%s': Error of sex change (account: %d not found, ip: %s).\n", server[id].name, account_id, ip); + else + if( auth_dat[i].sex == 'S' ) + ShowNotice("Char-server '%s': Error of sex change - account to change is a Server account (account: %d, ip: %s).\n", server[id].name, account_id, ip); + else + { + unsigned char buf[7]; + char sex = ( auth_dat[i].sex == 'M' ) ? 'F' : 'M'; //Change gender + + auth_dat[i].sex = sex; + + ShowNotice("Char-server '%s': Sex change (account: %d, new sex %c, ip: %s).\n", server[id].name, account_id, sex, ip); + WBUFW(buf,0) = 0x2723; + WBUFL(buf,2) = account_id; + WBUFB(buf,6) = sex_str2num(sex); + charif_sendallwos(-1, buf, 7); + // Save + mmo_auth_sync(); + } + } + break; + + case 0x2728: // We receive account_reg2 from a char-server, and we send them to other map-servers. + if( RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd,2) ) + return 0; + { + int acc = RFIFOL(fd,4); + + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == acc ); + if( i == auth_num ) + ShowStatus("Char-server '%s': receiving (from the char-server) of account_reg2 (account: %d not found, ip: %s).\n", server[id].name, acc, ip); + else + { + int len; + int p; + ShowNotice("char-server '%s': receiving (from the char-server) of account_reg2 (account: %d, ip: %s).\n", server[id].name, acc, ip); + for(j=0,p=13;j<ACCOUNT_REG2_NUM && p<RFIFOW(fd,2);j++){ + sscanf((char*)RFIFOP(fd,p), "%31c%n",auth_dat[i].account_reg2[j].str,&len); + auth_dat[i].account_reg2[j].str[len]='\0'; + p +=len+1; //+1 to skip the '\0' between strings. + sscanf((char*)RFIFOP(fd,p), "%255c%n",auth_dat[i].account_reg2[j].value,&len); + auth_dat[i].account_reg2[j].value[len]='\0'; + p +=len+1; + remove_control_chars(auth_dat[i].account_reg2[j].str); + remove_control_chars(auth_dat[i].account_reg2[j].value); + } + auth_dat[i].account_reg2_num = j; + + // Sending information towards the other char-servers. + RFIFOW(fd,0) = 0x2729;// reusing read buffer + charif_sendallwos(fd, RFIFOP(fd,0), RFIFOW(fd,2)); + RFIFOSKIP(fd,RFIFOW(fd,2)); + + // Save + mmo_auth_sync(); + } + + } + break; + + case 0x272a: // Receiving of map-server via char-server an unban request + if( RFIFOREST(fd) < 6 ) + return 0; + { + int account_id = RFIFOL(fd,2); + RFIFOSKIP(fd,6); + + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); + if( i == auth_num ) + ShowNotice("Char-server '%s': Error of UnBan request (account: %d not found, ip: %s).\n", server[id].name, account_id, ip); + else + if( auth_dat[i].unban_time == 0 ) + ShowNotice("Char-server '%s': Error of UnBan request (account: %d, no change for unban date, ip: %s).\n", server[id].name, account_id, ip); + else + { + auth_dat[i].unban_time = 0; + ShowNotice("Char-server '%s': UnBan request (account: %d, ip: %s).\n", server[id].name, account_id, ip); + } + } + break; + + case 0x272b: // Set account_id to online [Wizputer] + if( RFIFOREST(fd) < 6 ) + return 0; + add_online_user(id, RFIFOL(fd,2)); + RFIFOSKIP(fd,6); + break; + + case 0x272c: // Set account_id to offline [Wizputer] + if( RFIFOREST(fd) < 6 ) + return 0; + remove_online_user(RFIFOL(fd,2)); + RFIFOSKIP(fd,6); + break; + + case 0x272d: // Receive list of all online accounts. [Skotlex] + if (RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd,2)) + return 0; + if( login_config.online_check ) + { + struct online_login_data *p; + int aid; + uint32 i, users; + online_db->foreach(online_db, online_db_setoffline, id); //Set all chars from this char-server offline first + users = RFIFOW(fd,4); + for (i = 0; i < users; i++) { + aid = RFIFOL(fd,6+i*4); + p = (struct online_login_data*)idb_ensure(online_db, aid, create_online_user); + p->char_server = id; + if (p->waiting_disconnect != -1) + { + delete_timer(p->waiting_disconnect, waiting_disconnect_timer); + p->waiting_disconnect = -1; + } + } + } + RFIFOSKIP(fd,RFIFOW(fd,2)); + break; + + case 0x272e: //Request account_reg2 for a character. + if (RFIFOREST(fd) < 10) + return 0; + { + size_t off; + + int account_id = RFIFOL(fd,2); + int char_id = RFIFOL(fd,6); + RFIFOSKIP(fd,10); + + WFIFOHEAD(fd,10000); + WFIFOW(fd,0) = 0x2729; + WFIFOL(fd,4) = account_id; + WFIFOL(fd,8) = char_id; + WFIFOB(fd,12) = 1; //Type 1 for Account2 registry + + ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); + if( i == auth_num ) + { + //Account not found? Send at least empty data, map servers need a reply! + WFIFOW(fd,2) = 13; + WFIFOSET(fd,WFIFOW(fd,2)); + break; + } + + for( off = 13, j = 0; j < auth_dat[i].account_reg2_num && off < 9000; j++ ) + { + if( auth_dat[i].account_reg2[j].str[0] != '\0' ) + { + off += sprintf((char*)WFIFOP(fd,off), "%s", auth_dat[i].account_reg2[j].str)+1; //We add 1 to consider the '\0' in place. + off += sprintf((char*)WFIFOP(fd,off), "%s", auth_dat[i].account_reg2[j].value)+1; + } + } + + if( off >= 9000 ) + ShowWarning("Too many account2 registries for AID %d. Some registries were not sent.\n", account_id); + + WFIFOW(fd,2) = (uint16)off; + WFIFOSET(fd,WFIFOW(fd,2)); + } + break; + + case 0x2736: // WAN IP update from char-server + if( RFIFOREST(fd) < 6 ) + return 0; + server[id].ip = ntohl(RFIFOL(fd,2)); + ShowInfo("Updated IP of Server #%d to %d.%d.%d.%d.\n",id, CONVIP(server[id].ip)); + RFIFOSKIP(fd,6); + break; + + case 0x2737: //Request to set all offline. + ShowInfo("Setting accounts from char-server %d offline.\n", id); + online_db->foreach(online_db, online_db_setoffline, id); + RFIFOSKIP(fd,2); + break; + + default: + ShowError("parse_fromchar: Unknown packet 0x%x from a char-server! Disconnecting!\n", command); + set_eof(fd); + return 0; + } // switch + } // while + + RFIFOSKIP(fd,RFIFOREST(fd)); + return 0; +} + //-------------------------------------------- // Test to know if an IP come from LAN or WAN. //-------------------------------------------- @@ -244,57 +1604,392 @@ int lan_subnetcheck(uint32 ip) return ( i < subnet_count ) ? subnet[i].char_ip : 0; } -//---------------------------------- -// Reading Lan Support configuration -//---------------------------------- -int login_lan_config_read(const char *lancfgName) +void login_auth_ok(struct login_session_data* sd) { - FILE *fp; - int line_num = 0; - char line[1024], w1[64], w2[64], w3[64], w4[64]; + int fd = sd->fd; + uint32 ip = session[fd]->client_addr; - if((fp = fopen(lancfgName, "r")) == NULL) { - ShowWarning("LAN Support configuration file is not found: %s\n", lancfgName); - return 1; + uint8 server_num, n; + uint32 subnet_char_ip; + struct auth_node* node; + int i; + + sd->level = isGM(sd->account_id); + + if( sd->level < login_config.min_level_to_connect ) + { + ShowStatus("Connection refused: the minimum GM level for connection is %d (account: %s, GM level: %d).\n", login_config.min_level_to_connect, sd->userid, sd->level); + WFIFOHEAD(fd,3); + WFIFOW(fd,0) = 0x81; + WFIFOB(fd,2) = 1; // 01 = Server closed + WFIFOSET(fd,3); + return; } - ShowInfo("Reading the configuration file %s...\n", lancfgName); + server_num = 0; + for( i = 0; i < MAX_SERVERS; ++i ) + if( session_isValid(server[i].fd) ) + server_num++; + + if( server_num == 0 ) + {// if no char-server, don't send void list of servers, just disconnect the player with proper message + ShowStatus("Connection refused: there is no char-server online (account: %s).\n", sd->userid); + WFIFOHEAD(fd,3); + WFIFOW(fd,0) = 0x81; + WFIFOB(fd,2) = 1; // 01 = Server closed + WFIFOSET(fd,3); + return; + } - while(fgets(line, sizeof(line), fp)) + if( login_config.online_check ) { - line_num++; - if ((line[0] == '/' && line[1] == '/') || line[0] == '\n' || line[1] == '\n') + struct online_login_data* data = (struct online_login_data*)idb_get(online_db, sd->account_id); + if( data ) + {// account is already marked as online! + if( data->char_server > -1 ) + {// Request char servers to kick this account out. [Skotlex] + uint8 buf[6]; + ShowNotice("User '%s' is already online - Rejected.\n", sd->userid); + WBUFW(buf,0) = 0x2734; + WBUFL(buf,2) = sd->account_id; + charif_sendallwos(-1, buf, 6); + if( data->waiting_disconnect == -1 ) + data->waiting_disconnect = add_timer(gettick()+AUTH_TIMEOUT, waiting_disconnect_timer, sd->account_id, 0); + + WFIFOHEAD(fd,3); + WFIFOW(fd,0) = 0x81; + WFIFOB(fd,2) = 8; // 08 = Server still recognizes your last login + WFIFOSET(fd,3); + return; + } + else + if( data->char_server == -1 ) + {// client has authed but did not access char-server yet + // wipe previous session + idb_remove(auth_db, sd->account_id); + remove_online_user(sd->account_id); + data = NULL; + } + } + } + + if( sd->level > 0 ) + ShowStatus("Connection of the GM (level:%d) account '%s' accepted.\n", sd->level, sd->userid); + else + ShowStatus("Connection of the account '%s' accepted.\n", sd->userid); + + WFIFOHEAD(fd,47+32*server_num); + WFIFOW(fd,0) = 0x69; + WFIFOW(fd,2) = 47+32*server_num; + WFIFOL(fd,4) = sd->login_id1; + WFIFOL(fd,8) = sd->account_id; + WFIFOL(fd,12) = sd->login_id2; + WFIFOL(fd,16) = 0; // in old version, that was for ip (not more used) + //memcpy(WFIFOP(fd,20), sd->lastlogin, 24); // in old version, that was for name (not more used) + WFIFOW(fd,44) = 0; // unknown + WFIFOB(fd,46) = sex_str2num(sd->sex); + for( i = 0, n = 0; i < MAX_SERVERS; ++i ) + { + if( !session_isValid(server[i].fd) ) continue; - if(sscanf(line,"%[^:]: %[^:]:%[^:]:%[^\r\n]", w1, w2, w3, w4) != 4) + subnet_char_ip = lan_subnetcheck(ip); // Advanced subnet check [LuzZza] + WFIFOL(fd,47+n*32) = htonl((subnet_char_ip) ? subnet_char_ip : server[i].ip); + WFIFOW(fd,47+n*32+4) = ntows(htons(server[i].port)); // [!] LE byte order here [!] + memcpy(WFIFOP(fd,47+n*32+6), server[i].name, 20); + WFIFOW(fd,47+n*32+26) = server[i].users; + WFIFOW(fd,47+n*32+28) = server[i].maintenance; + WFIFOW(fd,47+n*32+30) = server[i].new_; + n++; + } + WFIFOSET(fd,47+32*server_num); + + // create temporary auth entry + CREATE(node, struct auth_node, 1); + node->account_id = sd->account_id; + node->login_id1 = sd->login_id1; + node->login_id2 = sd->login_id2; + node->sex = sd->sex; + node->ip = ip; + idb_put(auth_db, sd->account_id, node); + + if( login_config.online_check ) + { + struct online_login_data* data; + + // mark client as 'online' + data = add_online_user(-1, sd->account_id); + + // schedule deletion of this node + data->waiting_disconnect = add_timer(gettick()+AUTH_TIMEOUT, waiting_disconnect_timer, sd->account_id, 0); + } +} + +void login_auth_failed(struct login_session_data* sd, int result) +{ + int fd = sd->fd; + + WFIFOHEAD(fd,23); + WFIFOW(fd,0) = 0x6a; + WFIFOB(fd,2) = (uint8)result; + if( result != 6 ) + memset(WFIFOP(fd,3), '\0', 20); + else + {// 6 = Your are Prohibited to log in until %s + char tmpstr[20]; + int i = search_account_index(sd->userid); + time_t unban_time = ( i >= 0 ) ? auth_dat[i].unban_time : 0; + strftime(tmpstr, 20, login_config.date_format, localtime(&unban_time)); + safestrncpy((char*)WFIFOP(fd,3), tmpstr, 20); // ban timestamp goes here + } + WFIFOSET(fd,23); +} + +//---------------------------------------------------------------------------------------- +// Default packet parsing (normal players or administation/char-server connection requests) +//---------------------------------------------------------------------------------------- +int parse_login(int fd) +{ + struct login_session_data* sd = session[fd]->session_data; + int result; + uint32 ipl; + char ip[16]; + + if( session[fd]->flag.eof ) + { + do_close(fd); + return 0; + } + + if( sd == NULL ) { + sd = CREATE(session[fd]->session_data, struct login_session_data, 1); + sd->fd = fd; + } + + ipl = session[fd]->client_addr; + ip2str(ipl, ip); + + while( RFIFOREST(fd) >= 2 ) + { + uint16 command = RFIFOW(fd,0); + + switch( command ) { - ShowWarning("Error syntax of configuration file %s in line %d.\n", lancfgName, line_num); - continue; + + case 0x0200: // New alive packet: structure: 0x200 <account.userid>.24B. used to verify if client is always alive. + if (RFIFOREST(fd) < 26) + return 0; + RFIFOSKIP(fd,26); + break; + + case 0x0204: // New alive packet: structure: 0x204 <encrypted.account.userid>.16B. (new ragexe from 22 june 2004) + if (RFIFOREST(fd) < 18) + return 0; + RFIFOSKIP(fd,18); + break; + + case 0x0064: // request client login + case 0x01dd: // request client login (encryption mode) + case 0x0277: // New login packet (kRO 2006-04-24aSakexe langtype 0) + case 0x02b0: // New login packet (kRO 2007-05-14aSakexe langtype 0) + { + size_t packet_len = RFIFOREST(fd); // assume no other packet was sent + + if( (command == 0x0064 && packet_len < 55) + || (command == 0x01dd && packet_len < 47) + || (command == 0x0277 && packet_len < 84) + || (command == 0x02b0 && packet_len < 85) ) + return 0; + + // S 0064 <version>.l <account name>.24B <password>.24B <version2>.B + // S 01dd <version>.l <account name>.24B <md5 binary>.16B <version2>.B + // S 0277 <version>.l <account name>.24B <password>.24B <junk?>.29B <version2>.B + // S 02b0 <version>.l <account name>.24B <password>.24B <junk?>.30B <version2>.B + + sd->version = RFIFOL(fd,2); + safestrncpy(sd->userid, (char*)RFIFOP(fd,6), NAME_LENGTH); remove_control_chars(sd->userid); + if (command != 0x01dd) { + ShowStatus("Request for connection of %s (ip: %s).\n", sd->userid, ip); + safestrncpy(sd->passwd, (char*)RFIFOP(fd,30), NAME_LENGTH); remove_control_chars(sd->passwd); + sd->passwdenc = 0; + } else { + ShowStatus("Request for connection (encryption mode) of %s (ip: %s).\n", sd->userid, ip); + memcpy(sd->passwd, RFIFOP(fd,30), 16); sd->passwd[16] = '\0'; // raw binary data here! + sd->passwdenc = PASSWORDENC; + } + RFIFOSKIP(fd,packet_len); + + result = mmo_auth(sd); + + if( result == -1 ) + login_auth_ok(sd); + else + login_auth_failed(sd, result); } + break; - if( strcmpi(w1, "subnet") == 0 ) + case 0x01db: // Sending request of the coding key + case 0x791a: // Sending request of the coding key (administration packet) + RFIFOSKIP(fd,2); { - subnet[subnet_count].mask = str2ip(w2); - subnet[subnet_count].char_ip = str2ip(w3); - subnet[subnet_count].map_ip = str2ip(w4); + unsigned int i; + + memset(sd->md5key, '\0', sizeof(sd->md5key)); + sd->md5keylen = (uint16)(12 + rand() % 4); + for( i = 0; i < sd->md5keylen; ++i ) + sd->md5key[i] = (char)(1 + rand() % 255); + + WFIFOHEAD(fd,4 + sd->md5keylen); + WFIFOW(fd,0) = 0x01dc; + WFIFOW(fd,2) = 4 + sd->md5keylen; + memcpy(WFIFOP(fd,4), sd->md5key, sd->md5keylen); + WFIFOSET(fd,WFIFOW(fd,2)); + } + break; - if( (subnet[subnet_count].char_ip & subnet[subnet_count].mask) != (subnet[subnet_count].map_ip & subnet[subnet_count].mask) ) + case 0x2710: // Connection request of a char-server + if (RFIFOREST(fd) < 86) + return 0; + { + char server_name[20]; + uint32 server_ip; + uint16 server_port; + uint16 maintenance; + uint16 new_; + + safestrncpy(sd->userid, (char*)RFIFOP(fd,2), NAME_LENGTH); //remove_control_chars(account.userid); + safestrncpy(sd->passwd, (char*)RFIFOP(fd,26), NAME_LENGTH); //remove_control_chars(account.passwd); + sd->passwdenc = 0; + sd->version = login_config.client_version_to_connect; // hack to skip version check + + server_ip = ntohl(RFIFOL(fd,54)); + server_port = ntohs(RFIFOW(fd,58)); + + safestrncpy(server_name, (char*)RFIFOP(fd,60), 20); remove_control_chars(server_name); + maintenance = RFIFOW(fd,82); + new_ = RFIFOW(fd,84); + RFIFOSKIP(fd,86); + + ShowInfo("Connection request of the char-server '%s' @ %d.%d.%d.%d:%d (account: '%s', pass: '%s', ip: '%s')\n", server_name, CONVIP(server_ip), server_port, sd->userid, sd->passwd, ip); + + result = mmo_auth(sd); + if( result == -1 && sd->sex == 'S' && sd->account_id < MAX_SERVERS && server[sd->account_id].fd == -1 ) { - ShowError("%s: Configuration Error: The char server (%s) and map server (%s) belong to different subnetworks!\n", lancfgName, w3, w4); - continue; + ShowStatus("Connection of the char-server '%s' accepted.\n", server_name); + safestrncpy(server[sd->account_id].name, server_name, sizeof(server[sd->account_id].name)); + server[sd->account_id].fd = fd; + server[sd->account_id].ip = server_ip; + server[sd->account_id].port = server_port; + server[sd->account_id].users = 0; + server[sd->account_id].maintenance = maintenance; + server[sd->account_id].new_ = new_; + + session[fd]->func_parse = parse_fromchar; + session[fd]->flag.server = 1; + realloc_fifo(fd, FIFOSIZE_SERVERLINK, FIFOSIZE_SERVERLINK); + + // send connection success + WFIFOHEAD(fd,3); + WFIFOW(fd,0) = 0x2711; + WFIFOB(fd,2) = 0; + WFIFOSET(fd,3); + + // send GM account to char-server + send_GM_accounts(fd); + } + else + { + ShowNotice("Connection of the char-server '%s' REFUSED.\n", server_name); + WFIFOHEAD(fd,3); + WFIFOW(fd,0) = 0x2711; + WFIFOB(fd,2) = 3; + WFIFOSET(fd,3); } + } + return 0; // processing will continue elsewhere + + case 0x7530: // Server version information request + ShowStatus("Sending server version information to ip: %s\n", ip); + RFIFOSKIP(fd,2); + WFIFOHEAD(fd,10); + WFIFOW(fd,0) = 0x7531; + WFIFOB(fd,2) = ATHENA_MAJOR_VERSION; + WFIFOB(fd,3) = ATHENA_MINOR_VERSION; + WFIFOB(fd,4) = ATHENA_REVISION; + WFIFOB(fd,5) = ATHENA_RELEASE_FLAG; + WFIFOB(fd,6) = ATHENA_OFFICIAL_FLAG; + WFIFOB(fd,7) = ATHENA_SERVER_LOGIN; + WFIFOW(fd,8) = ATHENA_MOD_VERSION; + WFIFOSET(fd,10); + break; + + case 0x7918: // Request for administation login + if ((int)RFIFOREST(fd) < 4 || (int)RFIFOREST(fd) < ((RFIFOW(fd,2) == 0) ? 28 : 20)) + return 0; + WFIFOW(fd,0) = 0x7919; + WFIFOB(fd,2) = 1; + if( session[fd]->client_addr != admin_allowed_ip ) { + ShowNotice("'ladmin'-login: Connection in administration mode refused: IP isn't authorised (ladmin_allow, ip: %s).\n", ip); + } else { + struct login_session_data *ld = (struct login_session_data*)session[fd]->session_data; + if (RFIFOW(fd,2) == 0) { // non encrypted password + char password[25]; + memcpy(password, RFIFOP(fd,4), 24); + password[24] = '\0'; + remove_control_chars(password); + if( !admin_state ) + ShowNotice("'ladmin'-login: Connection in administration mode REFUSED - remote administration is disabled (non encrypted password: %s, ip: %s)\n", password, ip); + else + if( strcmp(password, admin_pass) != 0) + ShowNotice("'ladmin'-login: Connection in administration mode REFUSED - invalid password (non encrypted password: %s, ip: %s)\n", password, ip); + else { + // If remote administration is enabled and password sent by client matches password read from login server configuration file + ShowNotice("'ladmin'-login: Connection in administration mode accepted (non encrypted password: %s, ip: %s)\n", password, ip); + WFIFOB(fd,2) = 0; + session[fd]->func_parse = parse_admin; + } + } else { // encrypted password + if (!ld) + ShowError("'ladmin'-login: error! MD5 key not created/requested for an administration login.\n"); + else { + char md5str[64] = "", md5bin[32]; + if (RFIFOW(fd,2) == 1) { + sprintf(md5str, "%s%s", ld->md5key, admin_pass); // 20 24 + } else if (RFIFOW(fd,2) == 2) { + sprintf(md5str, "%s%s", admin_pass, ld->md5key); // 24 20 + } + MD5_String2binary(md5str, md5bin); + if( !admin_state ) + ShowNotice("'ladmin'-login: Connection in administration mode REFUSED - remote administration is disabled (encrypted password, ip: %s)\n", ip); + else + if( memcmp(md5bin, RFIFOP(fd,4), 16) != 0 ) + ShowNotice("'ladmin'-login: Connection in administration mode REFUSED - invalid password (encrypted password, ip: %s)\n", ip); + else { + // If remote administration is enabled and password hash sent by client matches hash of password read from login server configuration file + ShowNotice("'ladmin'-login: Connection in administration mode accepted (encrypted password, ip: %s)\n", ip); + ShowNotice("Connection of a remote administration accepted (encrypted password).\n"); + WFIFOB(fd,2) = 0; + session[fd]->func_parse = parse_admin; + } + } + } + } + WFIFOSET(fd,3); - subnet_count++; + RFIFOSKIP(fd, (RFIFOW(fd,2) == 0) ? 28 : 20); + break; + + default: + ShowNotice("Abnormal end of connection (ip: %s): Unknown packet 0x%x\n", ip, command); + set_eof(fd); + return 0; } } - ShowStatus("Read information about %d subnetworks.\n", subnet_count); - - fclose(fp); + RFIFOSKIP(fd,RFIFOREST(fd)); return 0; } - //----------------------- // Console Command Parser [Wizputer] //----------------------- @@ -329,31 +2024,68 @@ int parse_console(char* buf) return 0; } +static int online_data_cleanup_sub(DBKey key, void *data, va_list ap) +{ + struct online_login_data *character= (struct online_login_data*)data; + if (character->char_server == -2) //Unknown server.. set them offline + remove_online_user(character->account_id); + return 0; +} + +static int online_data_cleanup(int tid, unsigned int tick, int id, int data) +{ + online_db->foreach(online_db, online_data_cleanup_sub); + return 0; +} -void login_set_defaults() +//---------------------------------- +// Reading Lan Support configuration +//---------------------------------- +int login_lan_config_read(const char *lancfgName) { - login_config.login_ip = INADDR_ANY; - login_config.login_port = 6900; - login_config.ip_sync_interval = 0; - login_config.log_login = true; - safestrncpy(login_config.date_format, "%Y-%m-%d %H:%M:%S", sizeof(login_config.date_format)); - login_config.console = false; - login_config.new_account_flag = true; - login_config.case_sensitive = true; - login_config.use_md5_passwds = false; - login_config.login_gm_read = true; - login_config.min_level_to_connect = 0; - login_config.online_check = true; - login_config.check_client_version = false; - login_config.client_version_to_connect = 20; + FILE *fp; + int line_num = 0; + char line[1024], w1[64], w2[64], w3[64], w4[64]; - login_config.ipban = true; - login_config.dynamic_pass_failure_ban = true; - login_config.dynamic_pass_failure_ban_interval = 5; - login_config.dynamic_pass_failure_ban_limit = 7; - login_config.dynamic_pass_failure_ban_duration = 5; - login_config.use_dnsbl = false; - safestrncpy(login_config.dnsbl_servs, "", sizeof(login_config.dnsbl_servs)); + if((fp = fopen(lancfgName, "r")) == NULL) { + ShowWarning("LAN Support configuration file is not found: %s\n", lancfgName); + return 1; + } + + ShowInfo("Reading the configuration file %s...\n", lancfgName); + + while(fgets(line, sizeof(line), fp)) + { + line_num++; + if ((line[0] == '/' && line[1] == '/') || line[0] == '\n' || line[1] == '\n') + continue; + + if(sscanf(line,"%[^:]: %[^:]:%[^:]:%[^\r\n]", w1, w2, w3, w4) != 4) + { + ShowWarning("Error syntax of configuration file %s in line %d.\n", lancfgName, line_num); + continue; + } + + if( strcmpi(w1, "subnet") == 0 ) + { + subnet[subnet_count].mask = str2ip(w2); + subnet[subnet_count].char_ip = str2ip(w3); + subnet[subnet_count].map_ip = str2ip(w4); + + if( (subnet[subnet_count].char_ip & subnet[subnet_count].mask) != (subnet[subnet_count].map_ip & subnet[subnet_count].mask) ) + { + ShowError("%s: Configuration Error: The char server (%s) and map server (%s) belong to different subnetworks!\n", lancfgName, w3, w4); + continue; + } + + subnet_count++; + } + } + + ShowStatus("Read information about %d subnetworks.\n", subnet_count); + + fclose(fp); + return 0; } //----------------------------------- @@ -397,33 +2129,25 @@ int login_config_read(const char* cfgName) else if(!strcmpi(w1, "log_login")) login_config.log_login = (bool)config_switch(w2); -#ifdef TXT_ONLY - else if(!strcmpi(w1, "login_log_filename") == 0) - safestrncpy(login_log_filename, w2, sizeof(login_log_filename)); - else if(!strcmpi(w1, "admin_state") == 0) + else if (strcmpi(w1, "admin_state") == 0) { admin_state = (bool)config_switch(w2); - else if(!strcmpi(w1, "admin_pass") == 0) - safestrncpy(admin_pass, w2, sizeof(admin_pass)); - else if(!strcmpi(w1, "admin_allowed_ip") == 0) + } else if (strcmpi(w1, "admin_pass") == 0) { + memset(admin_pass, 0, sizeof(admin_pass)); + strncpy(admin_pass, w2, sizeof(admin_pass)); + admin_pass[sizeof(admin_pass)-1] = '\0'; + } else if (strcmpi(w1, "admin_allowed_ip") == 0) admin_allowed_ip = host2ip(w2); - else if(!strcmpi(w1, "account_txt") == 0) - safestrncpy(account_txt, w2, sizeof(account_txt)); - else if(!strcmpi(w1, "gm_account_filename") == 0) - safestrncpy(GM_account_filename, w2, sizeof(GM_account_filename)); - else if(!strcmpi(w1, "gm_account_filename_check_timer") == 0) + else if (strcmpi(w1, "account_filename") == 0) { + memset(account_filename, 0, sizeof(account_filename)); + strncpy(account_filename, w2, sizeof(account_filename)); + account_filename[sizeof(account_filename)-1] = '\0'; + } else if (strcmpi(w1, "gm_account_filename") == 0) { + memset(GM_account_filename, 0, sizeof(GM_account_filename)); + strncpy(GM_account_filename, w2, sizeof(GM_account_filename)); + GM_account_filename[sizeof(GM_account_filename)-1] = '\0'; + } + else if (strcmpi(w1, "gm_account_filename_check_timer") == 0) gm_account_filename_check_timer = atoi(w2); -#else - else if(!strcmpi(w1, "ipban")) - login_config.ipban = (bool)config_switch(w2); - else if(!strcmpi(w1, "dynamic_pass_failure_ban")) - login_config.dynamic_pass_failure_ban = (bool)config_switch(w2); - else if(!strcmpi(w1, "dynamic_pass_failure_ban_interval")) - login_config.dynamic_pass_failure_ban_interval = atoi(w2); - else if(!strcmpi(w1, "dynamic_pass_failure_ban_limit")) - login_config.dynamic_pass_failure_ban_limit = atoi(w2); - else if(!strcmpi(w1, "dynamic_pass_failure_ban_duration")) - login_config.dynamic_pass_failure_ban_duration = atoi(w2); -#endif else if(!strcmpi(w1, "new_account")) login_config.new_account_flag = (bool)config_switch(w2); @@ -441,8 +2165,8 @@ int login_config_read(const char* cfgName) safestrncpy(login_config.date_format, w2, sizeof(login_config.date_format)); else if(!strcmpi(w1, "console")) login_config.console = (bool)config_switch(w2); - else if(!strcmpi(w1, "case_sensitive")) - login_config.case_sensitive = config_switch(w2); +// else if(!strcmpi(w1, "case_sensitive")) +// login_config.case_sensitive = config_switch(w2); else if(!strcmpi(w1, "allowed_regs")) //account flood protection system allowed_regs = atoi(w2); else if(!strcmpi(w1, "time_allowed")) @@ -463,6 +2187,70 @@ int login_config_read(const char* cfgName) return 0; } +//------------------------------------- +// Displaying of configuration warnings +//------------------------------------- +void display_conf_warnings(void) +{ + if( admin_state ) { + if (admin_pass[0] == '\0') { + ShowWarning("Administrator password is void (admin_pass).\n"); + } else if (strcmp(admin_pass, "admin") == 0) { + ShowWarning("You are using the default administrator password (admin_pass).\n"); + ShowWarning(" We highly recommend that you change it.\n"); + } + } + + if (gm_account_filename_check_timer < 0) { + ShowWarning("Invalid value for gm_account_filename_check_timer parameter. Setting to 15 sec (default).\n"); + gm_account_filename_check_timer = 15; + } else if (gm_account_filename_check_timer == 1) { + ShowWarning("Invalid value for gm_account_filename_check_timer parameter. Setting to 2 sec (minimum value).\n"); + gm_account_filename_check_timer = 2; + } + + if (login_config.min_level_to_connect < 0) { // 0: all players, 1-99 at least gm level x + ShowWarning("Invalid value for min_level_to_connect (%d) parameter -> setting 0 (any player).\n", login_config.min_level_to_connect); + login_config.min_level_to_connect = 0; + } else if (login_config.min_level_to_connect > 99) { // 0: all players, 1-99 at least gm level x + ShowWarning("Invalid value for min_level_to_connect (%d) parameter -> setting to 99 (only GM level 99)\n", login_config.min_level_to_connect); + login_config.min_level_to_connect = 99; + } + + if (login_config.start_limited_time < -1) { // -1: create unlimited account, 0 or more: additionnal sec from now to create limited time + ShowWarning("Invalid value for start_limited_time parameter\n"); + ShowWarning(" -> setting to -1 (new accounts are created with unlimited time).\n"); + login_config.start_limited_time = -1; + } + + return; +} + +void login_set_defaults() +{ + login_config.login_ip = INADDR_ANY; + login_config.login_port = 6900; + login_config.ip_sync_interval = 0; + login_config.log_login = true; + safestrncpy(login_config.date_format, "%Y-%m-%d %H:%M:%S", sizeof(login_config.date_format)); + login_config.console = false; + login_config.new_account_flag = true; +// login_config.case_sensitive = true; + login_config.use_md5_passwds = false; +// login_config.login_gm_read = true; + login_config.min_level_to_connect = 0; + login_config.online_check = true; + login_config.check_client_version = false; + login_config.client_version_to_connect = 20; + +// login_config.ipban = true; +// login_config.dynamic_pass_failure_ban = true; +// login_config.dynamic_pass_failure_ban_interval = 5; +// login_config.dynamic_pass_failure_ban_limit = 7; +// login_config.dynamic_pass_failure_ban_duration = 5; + login_config.use_dnsbl = false; + safestrncpy(login_config.dnsbl_servs, "", sizeof(login_config.dnsbl_servs)); +} //-------------------------------------- // Function called at exit of the server @@ -470,21 +2258,13 @@ int login_config_read(const char* cfgName) void do_final(void) { int i, fd; - - login_log(0, "login server", 100, "login server shutdown"); ShowStatus("Terminating...\n"); -#ifdef TXT_ONLY mmo_auth_sync(); -#else - mmo_db_close(); -#endif online_db->destroy(online_db, NULL); auth_db->destroy(auth_db, NULL); -#ifdef TXT_ONLY if(auth_dat) aFree(auth_dat); -#endif if(gm_account_db) aFree(gm_account_db); for (i = 0; i < MAX_SERVERS; i++) { @@ -523,11 +2303,7 @@ int do_init(int argc, char** argv) // read login-server configuration login_config_read((argc > 1) ? argv[1] : LOGIN_CONF_NAME); -#ifdef TXT_ONLY display_conf_warnings(); // not in login_config_read, because we can use 'import' option, and display same message twice or more -#else - sql_config_read(INTER_CONF_NAME); -#endif login_lan_config_read((argc > 2) ? argv[2] : LAN_CONF_NAME); srand((unsigned int)time(NULL)); @@ -546,31 +2322,19 @@ int do_init(int argc, char** argv) auth_db = idb_alloc(DB_OPT_RELEASE_DATA); // Read account information. -#ifdef TXT_ONLY read_gm_account(); -#else - if(login_config.login_gm_read) - read_gm_account(); -#endif // set default parser as parse_login function set_defaultparse(parse_login); -#ifdef TXT_ONLY - // every 60 sec we check if we must save accounts file (only if necessary to save) add_timer_func_list(check_auth_sync, "check_auth_sync"); - add_timer_interval(gettick() + 60000, check_auth_sync, 0, 0, 60000); + add_timer_interval(gettick() + 60000, check_auth_sync, 0, 0, 60000); // every 60 sec we check if we must save accounts file (only if necessary to save) // every x sec we check if gm file has been changed if( gm_account_filename_check_timer ) { add_timer_func_list(check_GM_file, "check_GM_file"); add_timer_interval(gettick() + gm_account_filename_check_timer * 1000, check_GM_file, 0, 0, gm_account_filename_check_timer * 1000); } -#else - // ban deleter timer - add_timer_func_list(ip_ban_flush, "ip_ban_flush"); - add_timer_interval(gettick()+10, ip_ban_flush, 0, 0, 60*1000); -#endif // every 10 minutes cleanup online account db. add_timer_func_list(online_data_cleanup, "online_data_cleanup"); @@ -587,11 +2351,12 @@ int do_init(int argc, char** argv) //##TODO invoke a CONSOLE_START plugin event } + new_reg_tick = gettick(); + // server port open & binding login_fd = make_listen_bind(login_config.login_ip, login_config.login_port); ShowStatus("The login-server is "CL_GREEN"ready"CL_RESET" (Server is listening on the port %u).\n\n", login_config.login_port); - login_log(0, "login server", 100, "login server started"); return 0; } diff --git a/src/login/login.h b/src/login/login.h index a4256df53..1147d6bb6 100644 --- a/src/login/login.h +++ b/src/login/login.h @@ -7,7 +7,6 @@ #include "../common/mmo.h" // NAME_LENGTH #define LOGIN_CONF_NAME "conf/login_athena.conf" -#define INTER_CONF_NAME "conf/inter_athena.conf" #define LAN_CONF_NAME "conf/subnet_athena.conf" // supported encryption types: 1- passwordencrypt, 2- passwordencrypt2, 3- both @@ -39,9 +38,9 @@ struct mmo_char_server { int fd; uint32 ip; uint16 port; - uint16 users; // user count on this server - uint16 maintenance; // in maintenance mode? - uint16 new_; // should display as 'new'? + uint16 users; // user count on this server + uint16 maintenance; // in maintenance mode? + uint16 new_; // allows creating new chars? }; struct Login_Config { @@ -54,19 +53,19 @@ struct Login_Config { bool console; // console input system enabled? bool new_account_flag; // autoregistration via _M/_F ? int start_limited_time; // new account expiration time (-1: unlimited) - bool case_sensitive; // are logins case sensitive ? +// bool case_sensitive; // are logins case sensitive ? bool use_md5_passwds; // work with password hashes instead of plaintext passwords? - bool login_gm_read; // should the login server handle info about gm accounts? +// bool login_gm_read; // should the login server handle info about gm accounts? int min_level_to_connect; // minimum level of player/GM (0: player, 1-99: GM) to connect bool online_check; // reject incoming players that are already registered as online ? bool check_client_version; // check the clientversion set in the clientinfo ? int client_version_to_connect; // the client version needed to connect (if checking is enabled) - bool ipban; // perform IP blocking (via contents of `ipbanlist`) ? - bool dynamic_pass_failure_ban; // automatic IP blocking due to failed login attemps ? - unsigned int dynamic_pass_failure_ban_interval; // how far to scan the loginlog for password failures - unsigned int dynamic_pass_failure_ban_limit; // number of failures needed to trigger the ipban - unsigned int dynamic_pass_failure_ban_duration; // duration of the ipban +// bool ipban; // perform IP blocking (via contents of `ipbanlist`) ? +// bool dynamic_pass_failure_ban; // automatic IP blocking due to failed login attemps ? +// unsigned int dynamic_pass_failure_ban_interval; // how far to scan the loginlog for password failures +// unsigned int dynamic_pass_failure_ban_limit; // number of failures needed to trigger the ipban +// unsigned int dynamic_pass_failure_ban_duration; // duration of the ipban bool use_dnsbl; // dns blacklist blocking ? char dnsbl_servs[1024]; // comma-separated list of dnsbl servers @@ -91,21 +90,5 @@ struct mmo_account { struct global_reg account_reg2[ACCOUNT_REG2_NUM]; // account script variables (stored on login server) }; -struct auth_node { - - int account_id; - uint32 login_id1; - uint32 login_id2; - uint32 ip; - char sex; -}; - -struct online_login_data { - - int account_id; - int waiting_disconnect; - int char_server; -}; - #endif /* _LOGIN_H_ */ diff --git a/src/login/login_sql.c b/src/login/login_sql.c deleted file mode 100644 index 981986ff1..000000000 --- a/src/login/login_sql.c +++ /dev/null @@ -1,1483 +0,0 @@ -// Copyright (c) Athena Dev Teams - Licensed under GNU GPL -// For more information, see LICENCE in the main folder - -#include "../common/cbasetypes.h" -#include "../common/mmo.h" -#include "../common/core.h" -#include "../common/socket.h" -#include "../common/db.h" -#include "../common/timer.h" -#include "../common/malloc.h" -#include "../common/strlib.h" -#include "../common/showmsg.h" -#include "../common/version.h" -#include "../common/md5calc.h" -#include "../common/sql.h" -#include "login.h" - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/stat.h> // for stat/lstat/fstat - - -// GM account management -struct gm_account* gm_account_db = NULL; -unsigned int GM_num = 0; // number of gm accounts - - -// data handling (SQL) -Sql* sql_handle; - -// database parameters -uint16 login_server_port = 3306; -char login_server_ip[32] = "127.0.0.1"; -char login_server_id[32] = "ragnarok"; -char login_server_pw[32] = "ragnarok"; -char login_server_db[32] = "ragnarok"; -char default_codepage[32] = ""; - -char login_db[256] = "login"; -char loginlog_db[256] = "loginlog"; -char reg_db[256] = "global_reg_value"; - -// added to help out custom login tables, without having to recompile -// source so options are kept in the login_athena.conf or the inter_athena.conf -char login_db_account_id[256] = "account_id"; -char login_db_userid[256] = "userid"; -char login_db_user_pass[256] = "user_pass"; -char login_db_level[256] = "level"; - - -// temporary external imports -#define MAX_SERVERS 30 -#define AUTH_TIMEOUT 30000 -#define sex_num2str(num) ( (num == 0 ) ? 'F' : (num == 1 ) ? 'M' : 'S' ) -#define sex_str2num(str) ( (str == 'F' ) ? 0 : (str == 'M' ) ? 1 : 2 ) - -struct online_login_data; -extern DBMap* auth_db; -extern DBMap* online_db; -struct Login_Config login_config; -extern struct Login_Config login_config; -extern struct mmo_char_server server[MAX_SERVERS]; -extern int login_fd; -extern int allowed_regs; -extern int time_allowed; - -int charif_sendallwos(int sfd, uint8* buf, size_t len); -bool check_password(struct login_session_data* sd, int passwdenc, const char* passwd, const char* refpass); -int online_db_setoffline(DBKey key, void* data, va_list ap); -struct online_login_data* add_online_user(int char_server, int account_id); -void remove_online_user(int account_id); -void* create_online_user(DBKey key, va_list args); -int waiting_disconnect_timer(int tid, unsigned int tick, int id, int data); -int lan_subnetcheck(uint32 ip); - - -//----------------------------------------------------- -// Read GM accounts -//----------------------------------------------------- -void read_gm_account(void) -{ - if( !login_config.login_gm_read ) - return;// char server's job - - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `%s`,`%s` FROM `%s` WHERE `%s` > '0'", login_db_account_id, login_db_level, login_db, login_db_level) ) - { - Sql_ShowDebug(sql_handle); - return;// Failed to read GM list! - } - - RECREATE(gm_account_db, struct gm_account, (size_t)Sql_NumRows(sql_handle)); - - for( GM_num = 0; SQL_SUCCESS == Sql_NextRow(sql_handle); ++GM_num ) - { - char* account; - char* level; - - Sql_GetData(sql_handle, 0, &account, NULL); - Sql_GetData(sql_handle, 1, &level, NULL); - - gm_account_db[GM_num].account_id = atoi(account); - gm_account_db[GM_num].level = atoi(level); - } - - Sql_FreeResult(sql_handle); -} - -//----------------------------------------------------- -// Send GM accounts to one or all char-servers -//----------------------------------------------------- -void send_GM_accounts(int fd) -{ - unsigned int i; - uint8 buf[32767]; - uint16 len; - - if( !login_config.login_gm_read ) - return; - - len = 4; - WBUFW(buf,0) = 0x2732; - for( i = 0; i < GM_num; ++i ) - { - // send only existing accounts. We can not create a GM account when server is online. - if( gm_account_db[i].level > 0 ) - { - WBUFL(buf,len) = gm_account_db[i].account_id; - WBUFB(buf,len+4) = (uint8)gm_account_db[i].level; - len += 5; - if( len >= 32000 ) - { - ShowWarning("send_GM_accounts: Too many accounts! Only %d out of %d were sent.\n", i, GM_num); - break; - } - } - } - - WBUFW(buf,2) = len; - if( fd == -1 )// send to all charservers - charif_sendallwos(-1, buf, len); - else - {// send only to target - WFIFOHEAD(fd,len); - memcpy(WFIFOP(fd,0), buf, len); - WFIFOSET(fd,len); - } - - return; -} - -/*============================================= - * Records an event in the login log - *---------------------------------------------*/ -void login_log(uint32 ip, const char* username, int rcode, const char* message) -{ - char esc_username[NAME_LENGTH*2+1]; - char esc_message[255*2+1]; - int retcode; - - if( !login_config.log_login ) - return; - - Sql_EscapeStringLen(sql_handle, esc_username, username, strnlen(username, NAME_LENGTH)); - Sql_EscapeStringLen(sql_handle, esc_message, message, strnlen(message, 255)); - - retcode = Sql_Query(sql_handle, - "INSERT INTO `%s`(`time`,`ip`,`user`,`rcode`,`log`) VALUES (NOW(), '%u', '%s', '%d', '%s')", - loginlog_db, ip, esc_username, rcode, message); - - if( retcode != SQL_SUCCESS ) - Sql_ShowDebug(sql_handle); -} - -/*============================================= - * Does a mysql_ping to all connection handles - *---------------------------------------------*/ -int login_sql_ping(int tid, unsigned int tick, int id, int data) -{ - ShowInfo("Pinging SQL server to keep connection alive...\n"); - Sql_Ping(sql_handle); - return 0; -} - -int sql_ping_init(void) -{ - uint32 connection_timeout, connection_ping_interval; - - // set a default value first - connection_timeout = 28800; // 8 hours - - // ask the mysql server for the timeout value - if( SQL_SUCCESS == Sql_GetTimeout(sql_handle, &connection_timeout) && connection_timeout < 60 ) - connection_timeout = 60; - - // establish keepalive - connection_ping_interval = connection_timeout - 30; // 30-second reserve - add_timer_func_list(login_sql_ping, "login_sql_ping"); - add_timer_interval(gettick() + connection_ping_interval*1000, login_sql_ping, 0, 0, connection_ping_interval*1000); - - return 0; -} - -//----------------------------------------------------- -// Initialize database connection -//----------------------------------------------------- -int mmo_auth_init(void) -{ - ShowStatus("Login server init....\n"); - - sql_handle = Sql_Malloc(); - - // DB connection start - ShowStatus("Connect Login Database Server....\n"); - if( SQL_ERROR == Sql_Connect(sql_handle, login_server_id, login_server_pw, login_server_ip, login_server_port, login_server_db) ) - { - Sql_ShowDebug(sql_handle); - Sql_Free(sql_handle); - exit(EXIT_FAILURE); - } - else - { - ShowStatus("Connect success!\n"); - } - - if( default_codepage[0] != '\0' && SQL_ERROR == Sql_SetEncoding(sql_handle, default_codepage) ) - Sql_ShowDebug(sql_handle); - - sql_ping_init(); - - return 0; -} - - -//----------------------------------------------------- -// close DB -//----------------------------------------------------- -void mmo_db_close(void) -{ - int i; - - Sql_Free(sql_handle); - sql_handle = NULL; - ShowStatus("close DB connect....\n"); -} - - -//----------------------------------------------------- -// Make new account -//----------------------------------------------------- -int mmo_auth_new(struct mmo_account* account) -{ - static int num_regs = 0; // registration counter - static unsigned int new_reg_tick = 0; - unsigned int tick = gettick(); - - char md5buf[32+1]; - time_t expiration_time = 0; - SqlStmt* stmt; - int result = 0; - - //Account Registration Flood Protection by [Kevin] - if( new_reg_tick == 0 ) - new_reg_tick = gettick(); - if( DIFF_TICK(tick, new_reg_tick) < 0 && num_regs >= allowed_regs ) - { - ShowNotice("Account registration denied (registration limit exceeded)\n"); - return 3; - } - - // check if the account doesn't exist already - stmt = SqlStmt_Malloc(sql_handle); - if( SQL_SUCCESS != SqlStmt_Prepare(stmt, "SELECT `%s` FROM `%s` WHERE `userid` = ?", login_db_userid, login_db) - || SQL_SUCCESS != SqlStmt_BindParam(stmt, 0, SQLDT_STRING, account->userid, strnlen(account->userid, NAME_LENGTH)) - || SQL_SUCCESS != SqlStmt_Execute(stmt) ) - { - SqlStmt_ShowDebug(stmt); - result = 1;// error - } - else if( SqlStmt_NumRows(stmt) > 0 ) - result = 1;// username already taken - SqlStmt_Free(stmt); - if( result ) - return result;// error or incorrect user - - if( login_config.start_limited_time != -1 ) - expiration_time = time(NULL) + login_config.start_limited_time; - - // insert new entry into db - //TODO: error checking - stmt = SqlStmt_Malloc(sql_handle); - SqlStmt_Prepare(stmt, "INSERT INTO `%s` (`%s`, `%s`, `sex`, `email`, `expiration_time`) VALUES (?, ?, '%c', 'a@a.com', '%d')", login_db, login_db_userid, login_db_user_pass, account->sex, expiration_time); - SqlStmt_BindParam(stmt, 0, SQLDT_STRING, account->userid, strnlen(account->userid, NAME_LENGTH)); - if( login_config.use_md5_passwds ) - { - MD5_String(account->pass, md5buf); - SqlStmt_BindParam(stmt, 1, SQLDT_STRING, md5buf, 32); - } - else - SqlStmt_BindParam(stmt, 1, SQLDT_STRING, account->pass, strnlen(account->pass, NAME_LENGTH)); - SqlStmt_Execute(stmt); - - ShowNotice("Account creation (account %s, id: %d, pass: %s, sex: %c)\n", account->userid, (int)SqlStmt_LastInsertId(stmt), account->pass, account->sex); - SqlStmt_Free(stmt); - - if( DIFF_TICK(tick, new_reg_tick) > 0 ) - {// Update the registration check. - num_regs = 0; - new_reg_tick = tick + time_allowed*1000; - } - ++num_regs; - - return 0; -} - - -//----------------------------------------------------- -// Check/authentication of a connection -//----------------------------------------------------- -int mmo_auth(struct login_session_data* sd) -{ - time_t unban_time; - char esc_userid[NAME_LENGTH*2+1];// escaped username - char user_password[256], password[256]; - long expiration_time; - int state; - size_t len; - char* data; - - char ip[16]; - ip2str(session[sd->fd]->client_addr, ip); - - // DNS Blacklist check - if( login_config.use_dnsbl ) - { - char r_ip[16]; - char ip_dnsbl[256]; - char* dnsbl_serv; - bool matched = false; - uint8* sin_addr = (uint8*)&session[sd->fd]->client_addr; - - sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]); - - for( dnsbl_serv = strtok(login_config.dnsbl_servs,","); !matched && dnsbl_serv != NULL; dnsbl_serv = strtok(NULL,",") ) - { - sprintf(ip_dnsbl, "%s.%s", r_ip, dnsbl_serv); - if( host2ip(ip_dnsbl) ) - matched = true; - } - - if( matched ) - { - ShowInfo("DNSBL: (%s) Blacklisted. User Kicked.\n", r_ip); - return 3; - } - } - - //Client Version check - if( login_config.check_client_version && sd->version != login_config.client_version_to_connect ) - return 5; - - len = strnlen(sd->userid, NAME_LENGTH); - - // Account creation with _M/_F - if( login_config.new_account_flag ) - { - if( len > 2 && strnlen(sd->passwd, NAME_LENGTH) > 0 && // valid user and password lengths - sd->passwdenc == 0 && // unencoded password - sd->userid[len-2] == '_' && memchr("FfMm", sd->userid[len-1], 4) ) // _M/_F suffix - { - struct mmo_account acc; - int result; - - len -= 2; - sd->userid[len] = '\0'; - - memset(&acc, '\0', sizeof(acc)); - safestrncpy(acc.userid, sd->userid, NAME_LENGTH); - safestrncpy(acc.pass, sd->passwd, NAME_LENGTH); - safestrncpy(acc.email, "a@a.com", sizeof(acc.email)); - acc.sex = TOUPPER(sd->userid[len+1]); - - result = mmo_auth_new(&acc); - if( result ) - return result;// Failed to make account. [Skotlex]. - } - } - - // escape username - Sql_EscapeStringLen(sql_handle, esc_userid, sd->userid, len); - - // retrieve login entry for the specified username - if( SQL_ERROR == Sql_Query(sql_handle, - "SELECT `%s`,`%s`,`lastlogin`,`sex`,`expiration_time`,`unban_time`,`state`,`%s` FROM `%s` WHERE `%s`= %s '%s'", - login_db_account_id, login_db_user_pass, login_db_level, - login_db, login_db_userid, (login_config.case_sensitive ? "BINARY" : ""), esc_userid) ) - Sql_ShowDebug(sql_handle); - - if( Sql_NumRows(sql_handle) == 0 ) // no such entry - { - ShowNotice("auth failed: no such account '%s'\n", esc_userid); - Sql_FreeResult(sql_handle); - return 0; - } - - Sql_NextRow(sql_handle); //TODO: error checking? - - Sql_GetData(sql_handle, 0, &data, NULL); sd->account_id = atoi(data); - Sql_GetData(sql_handle, 1, &data, &len); safestrncpy(password, data, sizeof(password)); - Sql_GetData(sql_handle, 2, &data, NULL); safestrncpy(sd->lastlogin, data, sizeof(sd->lastlogin)); - Sql_GetData(sql_handle, 3, &data, NULL); sd->sex = *data; - Sql_GetData(sql_handle, 4, &data, NULL); expiration_time = atol(data); - Sql_GetData(sql_handle, 5, &data, NULL); unban_time = atol(data); - Sql_GetData(sql_handle, 6, &data, NULL); state = atoi(data); - Sql_GetData(sql_handle, 7, &data, NULL); sd->level = atoi(data); - if( len > sizeof(password) - 1 ) - ShowDebug("mmo_auth: password buffer is too small (len=%u,buflen=%u)\n", len, sizeof(password)); - if( sd->level > 99 ) - sd->level = 99; - - Sql_FreeResult(sql_handle); - - if( login_config.use_md5_passwds ) - MD5_String(sd->passwd, user_password); - else - safestrncpy(user_password, sd->passwd, NAME_LENGTH); - - if( !check_password(sd, sd->passwdenc, user_password, password) ) - { - ShowInfo("Invalid password (account: '%s', pass: '%s', received pass: '%s', ip: %s)\n", - esc_userid, password, (sd->passwdenc) ? "[MD5]" : user_password, ip); - return 1; // 1 = Incorrect Password - } - - if( expiration_time != 0 && expiration_time < time(NULL) ) - return 2; // 2 = This ID is expired - - if( unban_time != 0 && unban_time > time(NULL) ) - return 6; // 6 = Your are Prohibited to log in until %s - - if( state ) - { - ShowInfo("Connection refused (account: %s, pass: %s, state: %d, ip: %s)\n", sd->userid, sd->passwd, state, ip); - return state - 1; - } - - sd->login_id1 = rand(); - sd->login_id2 = rand(); - - if( sd->sex != 'S' && sd->account_id < START_ACCOUNT_NUM ) - ShowWarning("Account %s has account id %d! Account IDs must be over %d to work properly!\n", sd->userid, sd->account_id, START_ACCOUNT_NUM); - - if( SQL_ERROR == Sql_Query(sql_handle, "UPDATE `%s` SET `lastlogin` = NOW(), `logincount`=`logincount`+1, `last_ip`='%s', `unban_time`='0', `state`='0' WHERE `%s` = '%d'", - login_db, ip, login_db_account_id, sd->account_id) ) - Sql_ShowDebug(sql_handle); - - return -1; // account OK -} - -//-------------------------------- -// Packet parsing for char-servers -//-------------------------------- -int parse_fromchar(int fd) -{ - unsigned int i; - int id; - uint32 ipl; - char ip[16]; - - ARR_FIND( 0, MAX_SERVERS, id, server[id].fd == fd ); - if( id == MAX_SERVERS ) - {// not a char server - set_eof(fd); - do_close(fd); - return 0; - } - - if( session[fd]->flag.eof ) - { - ShowStatus("Char-server '%s' has disconnected.\n", server[id].name); - online_db->foreach(online_db, online_db_setoffline, id); //Set all chars from this char server to offline. - memset(&server[id], 0, sizeof(struct mmo_char_server)); - server[id].fd = -1; - do_close(fd); - return 0; - } - - ipl = server[id].ip; - ip2str(ipl, ip); - - while( RFIFOREST(fd) >= 2 ) - { - uint16 command = RFIFOW(fd,0); - - switch( command ) - { - - case 0x2709: // request from map-server via char-server to reload GM accounts - RFIFOSKIP(fd,2); - ShowStatus("Char-server '%s': Request to re-load GM database (ip: %s).\n", server[id].name, ip); - login_log(ipl, server[id].name, 0, "GM reload request"); - read_gm_account(); - // send GM accounts to all char-servers - send_GM_accounts(-1); - break; - - case 0x2712: // request from char-server to authenticate an account - if( RFIFOREST(fd) < 19 ) - return 0; - { - struct auth_node* node; - - int account_id = RFIFOL(fd,2); - int login_id1 = RFIFOL(fd,6); - int login_id2 = RFIFOL(fd,10); - char sex = sex_num2str(RFIFOB(fd,14)); - uint32 ip_ = ntohl(RFIFOL(fd,15)); - RFIFOSKIP(fd,19); - - node = (struct auth_node*)idb_get(auth_db, account_id); - if( node != NULL && - node->account_id == account_id && - node->login_id1 == login_id1 && - node->login_id2 == login_id2 && - node->sex == sex && - node->ip == ip_ ) - {// found - uint32 expiration_time; - char email[40]; - - // each auth entry can only be used once - idb_remove(auth_db, account_id); - - // retrieve email and account expiration time - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `email`,`expiration_time` FROM `%s` WHERE `%s`='%d'", login_db, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - if( SQL_SUCCESS == Sql_NextRow(sql_handle) ) - { - char* data = NULL; - size_t len = 0; - - Sql_GetData(sql_handle, 0, &data, &len); safestrncpy(email, data, sizeof(email)); - Sql_GetData(sql_handle, 1, &data, NULL); expiration_time = (uint32)strtoul(data, NULL, 10); - if( len > sizeof(email) ) - ShowDebug("parse_fromchar:0x2712: email is too long (len=%u,maxlen=%u)\n", len, sizeof(email)); - - Sql_FreeResult(sql_handle); - } - else - { - memset(email, 0, sizeof(email)); - expiration_time = 0; - } - - // send ack - WFIFOHEAD(fd,59); - WFIFOW(fd,0) = 0x2713; - WFIFOL(fd,2) = account_id; - WFIFOL(fd,6) = login_id1; - WFIFOL(fd,10) = login_id2; - WFIFOB(fd,14) = 0; - memcpy(WFIFOP(fd,15), email, 40); - WFIFOL(fd,55) = expiration_time; - WFIFOSET(fd,59); - } - else - {// authentication not found - ShowStatus("Char-server '%s': authentication of the account %d REFUSED (ip: %s).\n", server[id].name, account_id, ip); - WFIFOHEAD(fd,59); - WFIFOW(fd,0) = 0x2713; - WFIFOL(fd,2) = account_id; - WFIFOL(fd,6) = login_id1; - WFIFOL(fd,10) = login_id2; - WFIFOB(fd,14) = 1; - // It is unnecessary to send email - // It is unnecessary to send validity date of the account - WFIFOSET(fd,59); - } - } - break; - - case 0x2714: - if( RFIFOREST(fd) < 6 ) - return 0; - { - int users = RFIFOL(fd,2); - RFIFOSKIP(fd,6); - - // how many users on world? (update) - if( server[id].users != users ) - { - ShowStatus("set users %s : %d\n", server[id].name, users); - - server[id].users = users; - } - } - break; - - case 0x2716: // received an e-mail/limited time request, because a player comes back from a map-server to the char-server - if( RFIFOREST(fd) < 6 ) - return 0; - { - uint32 expiration_time = 0; - char email[40] = ""; - - int account_id = RFIFOL(fd,2); - RFIFOSKIP(fd,6); - - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `email`,`expiration_time` FROM `%s` WHERE `%s`='%d'", login_db, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - else if( SQL_SUCCESS == Sql_NextRow(sql_handle) ) - { - char* data; - size_t len; - - Sql_GetData(sql_handle, 0, &data, &len); - safestrncpy(email, data, sizeof(email)); - - Sql_GetData(sql_handle, 1, &data, NULL); - expiration_time = (uint32)strtoul(data, NULL, 10); - - Sql_FreeResult(sql_handle); - } - - WFIFOHEAD(fd,50); - WFIFOW(fd,0) = 0x2717; - WFIFOL(fd,2) = account_id; - safestrncpy((char*)WFIFOP(fd,6), email, 40); - WFIFOL(fd,46) = expiration_time; - WFIFOSET(fd,50); - } - break; - - case 0x2719: // ping request from charserver - if( RFIFOREST(fd) < 2 ) - return 0; - RFIFOSKIP(fd,2); - - WFIFOHEAD(fd,2); - WFIFOW(fd,0) = 0x2718; - WFIFOSET(fd,2); - break; - - // Map server send information to change an email of an account via char-server - case 0x2722: // 0x2722 <account_id>.L <actual_e-mail>.40B <new_e-mail>.40B - if (RFIFOREST(fd) < 86) - return 0; - { - char actual_email[40]; - char new_email[40]; - int account_id = RFIFOL(fd,2); - safestrncpy(actual_email, (char*)RFIFOP(fd,6), 40); - safestrncpy(new_email, (char*)RFIFOP(fd,46), 40); - RFIFOSKIP(fd, 86); - - if( e_mail_check(actual_email) == 0 ) - ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but actual email is invalid (account: %d, ip: %s)\n", server[id].name, account_id, ip); - else if( e_mail_check(new_email) == 0 ) - ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command) with a invalid new e-mail (account: %d, ip: %s)\n", server[id].name, account_id, ip); - else if( strcmpi(new_email, "a@a.com") == 0 ) - ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command) with a default e-mail (account: %d, ip: %s)\n", server[id].name, account_id, ip); - else if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `%s`,`email` FROM `%s` WHERE `%s` = '%d'", login_db_userid, login_db, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - else if( SQL_SUCCESS == Sql_NextRow(sql_handle) ) - { - char* data; - size_t len; - - Sql_GetData(sql_handle, 1, &data, &len); - if( strncasecmp(data, actual_email, sizeof(actual_email)) == 0 ) - { - char esc_user_id[NAME_LENGTH*2+1]; - char esc_new_email[sizeof(new_email)*2+1]; - - Sql_GetData(sql_handle, 0, &data, &len); - Sql_EscapeStringLen(sql_handle, esc_user_id, data, len); - Sql_EscapeStringLen(sql_handle, esc_new_email, new_email, strnlen(new_email, sizeof(new_email))); - - if( SQL_ERROR == Sql_Query(sql_handle, "UPDATE `%s` SET `email` = '%s' WHERE `%s` = '%d'", login_db, esc_new_email, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - ShowInfo("Char-server '%s': Modify an e-mail on an account (@email GM command) (account: %d ('%s'), new e-mail: '%s', ip: %s).\n", server[id].name, account_id, esc_user_id, esc_new_email, ip); - } - Sql_FreeResult(sql_handle); - } - } - break; - - case 0x2724: // Receiving an account state update request from a map-server (relayed via char-server) - if (RFIFOREST(fd) < 10) - return 0; - { - int account_id = RFIFOL(fd,2); - int state = RFIFOL(fd,6); - RFIFOSKIP(fd,10); - - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `state` FROM `%s` WHERE `%s` = '%d'", login_db, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - else if( SQL_SUCCESS == Sql_NextRow(sql_handle) ) - { - char* data; - - Sql_GetData(sql_handle, 0, &data, NULL); - if( atoi(data) != state && state != 0 ) - { - uint8 buf[11]; - WBUFW(buf,0) = 0x2731; - WBUFL(buf,2) = account_id; - WBUFB(buf,6) = 0; // 0: change of state, 1: ban - WBUFL(buf,7) = state; // status or final date of a banishment - charif_sendallwos(-1, buf, 11); - } - Sql_FreeResult(sql_handle); - } - - if( SQL_ERROR == Sql_Query(sql_handle, "UPDATE `%s` SET `state` = '%d' WHERE `%s` = '%d'", login_db, state, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - } - break; - - case 0x2725: // Receiving of map-server via char-server a ban request - if (RFIFOREST(fd) < 18) - return 0; - { - struct tm *tmtime; - time_t tmptime = 0; - time_t timestamp = time(NULL); - - int account_id = RFIFOL(fd,2); - int year = (short)RFIFOW(fd,6); - int month = (short)RFIFOW(fd,8); - int mday = (short)RFIFOW(fd,10); - int hour = (short)RFIFOW(fd,12); - int min = (short)RFIFOW(fd,14); - int sec = (short)RFIFOW(fd,16); - RFIFOSKIP(fd,18); - - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `unban_time` FROM `%s` WHERE `%s` = '%d'", login_db, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - else if( SQL_SUCCESS == Sql_NextRow(sql_handle) ) - { - char* data; - - Sql_GetData(sql_handle, 0, &data, NULL); - tmptime = (time_t)strtoul(data, NULL, 10); - if( tmptime > time(NULL) ) - timestamp = tmptime; - } - tmtime = localtime(×tamp); - tmtime->tm_year = tmtime->tm_year + year; - tmtime->tm_mon = tmtime->tm_mon + month; - tmtime->tm_mday = tmtime->tm_mday + mday; - tmtime->tm_hour = tmtime->tm_hour + hour; - tmtime->tm_min = tmtime->tm_min + min; - tmtime->tm_sec = tmtime->tm_sec + sec; - timestamp = mktime(tmtime); - if( timestamp != (time_t)-1 ) - { - if( timestamp <= time(NULL) ) - timestamp = 0; - if( tmptime != timestamp ) - { - if( timestamp != 0 ) - { - uint8 buf[11]; - WBUFW(buf,0) = 0x2731; - WBUFL(buf,2) = account_id; - WBUFB(buf,6) = 1; // 0: change of statut, 1: ban - WBUFL(buf,7) = (uint32)timestamp; // status or final date of a banishment - charif_sendallwos(-1, buf, 11); - } - ShowNotice("Account: %d Banned until: %lu\n", account_id, (unsigned long)timestamp); - if( SQL_ERROR == Sql_Query(sql_handle, "UPDATE `%s` SET `unban_time` = '%lu' WHERE `%s` = '%d'", login_db, (unsigned long)timestamp, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - } - } - } - break; - - case 0x2727: // Change of sex (sex is reversed) - if( RFIFOREST(fd) < 6 ) - return 0; - { - int account_id = RFIFOL(fd,2); - RFIFOSKIP(fd,6); - - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `sex` FROM `%s` WHERE `%s` = '%d'", login_db, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - else if( SQL_SUCCESS == Sql_NextRow(sql_handle) ) - { - unsigned char buf[7]; - int sex; - char* data; - - Sql_GetData(sql_handle, 0, &data, NULL); - sex = ( *data == 'M' ) ? 'F' : 'M'; //Change gender - - if( SQL_ERROR == Sql_Query(sql_handle, "UPDATE `%s` SET `sex` = '%c' WHERE `%s` = '%d'", login_db, sex, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - - WBUFW(buf,0) = 0x2723; - WBUFL(buf,2) = account_id; - WBUFB(buf,6) = sex_str2num(sex); - charif_sendallwos(-1, buf, 7); - } - } - break; - - case 0x2728: // save account_reg2 - if( RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd,2) ) - return 0; - if( RFIFOL(fd,4) > 0 ) - { - SqlStmt* stmt; - int account_id; - size_t off; - - account_id = RFIFOL(fd,4); - - //Delete all global account variables.... - if( SQL_ERROR == Sql_Query(sql_handle, "DELETE FROM `%s` WHERE `type`='1' AND `account_id`='%d';", reg_db, account_id) ) - Sql_ShowDebug(sql_handle); - - //Proceed to insert them.... - stmt = SqlStmt_Malloc(sql_handle); - if( SQL_ERROR == SqlStmt_Prepare(stmt, "INSERT INTO `%s` (`type`, `account_id`, `str`, `value`) VALUES ( 1 , '%d' , ? , ?);", reg_db, account_id) ) - SqlStmt_ShowDebug(stmt); - for( i = 0, off = 13; i < ACCOUNT_REG2_NUM && off < RFIFOW(fd,2); ++i ) - { - char* p; - size_t len; - - // str - p = (char*)RFIFOP(fd,off); - len = strlen(p); - SqlStmt_BindParam(stmt, 0, SQLDT_STRING, p, len); - off += len + 1; - - // value - p = (char*)RFIFOP(fd,off); - len = strlen(p); - SqlStmt_BindParam(stmt, 1, SQLDT_STRING, p, len); - off += len + 1; - - if( SQL_ERROR == SqlStmt_Execute(stmt) ) - SqlStmt_ShowDebug(stmt); - } - SqlStmt_Free(stmt); - - // Sending information towards the other char-servers. - RFIFOW(fd,0) = 0x2729;// reusing read buffer - charif_sendallwos(fd, RFIFOP(fd,0), RFIFOW(fd,2)); - RFIFOSKIP(fd,RFIFOW(fd,2)); - } - break; - - case 0x272a: // Receiving of map-server via char-server an unban request - if( RFIFOREST(fd) < 6 ) - return 0; - { - int account_id = RFIFOL(fd,2); - RFIFOSKIP(fd,6); - - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `unban_time` FROM `%s` WHERE `%s` = '%d'", login_db, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - else if( Sql_NumRows(sql_handle) > 0 ) - {// Found a match - if( SQL_ERROR == Sql_Query(sql_handle, "UPDATE `%s` SET `unban_time` = '0' WHERE `%s` = '%d'", login_db, login_db_account_id, account_id) ) - Sql_ShowDebug(sql_handle); - } - } - break; - - case 0x272b: // Set account_id to online [Wizputer] - if( RFIFOREST(fd) < 6 ) - return 0; - add_online_user(id, RFIFOL(fd,2)); - RFIFOSKIP(fd,6); - break; - - case 0x272c: // Set account_id to offline [Wizputer] - if( RFIFOREST(fd) < 6 ) - return 0; - remove_online_user(RFIFOL(fd,2)); - RFIFOSKIP(fd,6); - break; - - case 0x272d: // Receive list of all online accounts. [Skotlex] - if (RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd,2)) - return 0; - if( login_config.online_check ) - { - struct online_login_data *p; - int aid; - uint32 i, users; - online_db->foreach(online_db, online_db_setoffline, id); //Set all chars from this char-server offline first - users = RFIFOW(fd,4); - for (i = 0; i < users; i++) { - aid = RFIFOL(fd,6+i*4); - p = (struct online_login_data*)idb_ensure(online_db, aid, create_online_user); - p->char_server = id; - if (p->waiting_disconnect != -1) - { - delete_timer(p->waiting_disconnect, waiting_disconnect_timer); - p->waiting_disconnect = -1; - } - } - } - RFIFOSKIP(fd,RFIFOW(fd,2)); - break; - - case 0x272e: //Request account_reg2 for a character. - if (RFIFOREST(fd) < 10) - return 0; - { - size_t off; - - int account_id = RFIFOL(fd,2); - int char_id = RFIFOL(fd,6); - RFIFOSKIP(fd,10); - - WFIFOHEAD(fd,10000); - WFIFOW(fd,0) = 0x2729; - WFIFOL(fd,4) = account_id; - WFIFOL(fd,8) = char_id; - WFIFOB(fd,12) = 1; //Type 1 for Account2 registry - - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `str`,`value` FROM `%s` WHERE `type`='1' AND `account_id`='%d'", reg_db, account_id) ) - Sql_ShowDebug(sql_handle); - - off = 13; - while( SQL_SUCCESS == Sql_NextRow(sql_handle) && off < 9000 ) - { - char* data; - - // str - Sql_GetData(sql_handle, 0, &data, NULL); - if( *data != '\0' ) - { - off += sprintf((char*)WFIFOP(fd,off), "%s", data)+1; //We add 1 to consider the '\0' in place. - - // value - Sql_GetData(sql_handle, 1, &data, NULL); - off += sprintf((char*)WFIFOP(fd,off), "%s", data)+1; - } - } - Sql_FreeResult(sql_handle); - - if( off >= 9000 ) - ShowWarning("Too many account2 registries for AID %d. Some registries were not sent.\n", account_id); - - WFIFOW(fd,2) = (uint16)off; - WFIFOSET(fd,WFIFOW(fd,2)); - } - break; - - case 0x2736: // WAN IP update from char-server - if( RFIFOREST(fd) < 6 ) - return 0; - server[id].ip = ntohl(RFIFOL(fd,2)); - ShowInfo("Updated IP of Server #%d to %d.%d.%d.%d.\n",id, CONVIP(server[id].ip)); - RFIFOSKIP(fd,6); - break; - - case 0x2737: //Request to set all offline. - ShowInfo("Setting accounts from char-server %d offline.\n", id); - online_db->foreach(online_db, online_db_setoffline, id); - RFIFOSKIP(fd,2); - break; - - default: - ShowError("parse_fromchar: Unknown packet 0x%x from a char-server! Disconnecting!\n", command); - set_eof(fd); - return 0; - } // switch - } // while - - RFIFOSKIP(fd,RFIFOREST(fd)); - return 0; -} - -int login_ip_ban_check(uint32 ip) -{ - uint8* p = (uint8*)&ip; - char* data = NULL; - int matches; - - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT count(*) FROM `ipbanlist` WHERE `list` = '%u.*.*.*' OR `list` = '%u.%u.*.*' OR `list` = '%u.%u.%u.*' OR `list` = '%u.%u.%u.%u'", - p[3], p[3], p[2], p[3], p[2], p[1], p[3], p[2], p[1], p[0]) ) - { - Sql_ShowDebug(sql_handle); - // close connection because we can't verify their connectivity. - return 1; - } - - if( SQL_ERROR == Sql_NextRow(sql_handle) ) - return 1;// Shouldn't happen, but just in case... - - Sql_GetData(sql_handle, 0, &data, NULL); - matches = atoi(data); - Sql_FreeResult(sql_handle); - - if( matches == 0 ) - return 0;// No ban - - // ip ban ok. - ShowInfo("Packet from banned ip : %u.%u.%u.%u\n", CONVIP(ip)); - login_log(ip, "unknown", -3, "ip banned"); - - return 1; -} - -void login_auth_ok(struct login_session_data* sd) -{ - int fd = sd->fd; - uint32 ip = session[fd]->client_addr; - - uint8 server_num, n; - uint32 subnet_char_ip; - struct auth_node* node; - int i; - - if( sd->level < login_config.min_level_to_connect ) - { - ShowStatus("Connection refused: the minimum GM level for connection is %d (account: %s, GM level: %d).\n", login_config.min_level_to_connect, sd->userid, sd->level); - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x81; - WFIFOB(fd,2) = 1; // 01 = Server closed - WFIFOSET(fd,3); - return; - } - - server_num = 0; - for( i = 0; i < MAX_SERVERS; ++i ) - if( session_isValid(server[i].fd) ) - server_num++; - - if( server_num == 0 ) - {// if no char-server, don't send void list of servers, just disconnect the player with proper message - ShowStatus("Connection refused: there is no char-server online (account: %s).\n", sd->userid); - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x81; - WFIFOB(fd,2) = 1; // 01 = Server closed - WFIFOSET(fd,3); - return; - } - - if( login_config.online_check ) - { - struct online_login_data* data = (struct online_login_data*)idb_get(online_db, sd->account_id); - if( data ) - {// account is already marked as online! - if( data->char_server > -1 ) - {// Request char servers to kick this account out. [Skotlex] - uint8 buf[6]; - ShowNotice("User '%s' is already online - Rejected.\n", sd->userid); - WBUFW(buf,0) = 0x2734; - WBUFL(buf,2) = sd->account_id; - charif_sendallwos(-1, buf, 6); - if( data->waiting_disconnect == -1 ) - data->waiting_disconnect = add_timer(gettick()+AUTH_TIMEOUT, waiting_disconnect_timer, sd->account_id, 0); - - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x81; - WFIFOB(fd,2) = 8; // 08 = Server still recognizes your last login - WFIFOSET(fd,3); - return; - } - else - if( data->char_server == -1 ) - {// client has authed but did not access char-server yet - // wipe previous session - idb_remove(auth_db, sd->account_id); - remove_online_user(sd->account_id); - data = NULL; - } - } - } - - login_log(ip, sd->userid, 100, "login ok"); - - if( sd->level > 0 ) - ShowStatus("Connection of the GM (level:%d) account '%s' accepted.\n", sd->level, sd->userid); - else - ShowStatus("Connection of the account '%s' accepted.\n", sd->userid); - - WFIFOHEAD(fd,47+32*server_num); - WFIFOW(fd,0) = 0x69; - WFIFOW(fd,2) = 47+32*server_num; - WFIFOL(fd,4) = sd->login_id1; - WFIFOL(fd,8) = sd->account_id; - WFIFOL(fd,12) = sd->login_id2; - WFIFOL(fd,16) = 0; // in old version, that was for ip (not more used) - //memcpy(WFIFOP(fd,20), sd->lastlogin, 24); // in old version, that was for name (not more used) - WFIFOW(fd,44) = 0; // unknown - WFIFOB(fd,46) = sex_str2num(sd->sex); - for( i = 0, n = 0; i < MAX_SERVERS; ++i ) - { - if( !session_isValid(server[i].fd) ) - continue; - - subnet_char_ip = lan_subnetcheck(ip); // Advanced subnet check [LuzZza] - WFIFOL(fd,47+n*32) = htonl((subnet_char_ip) ? subnet_char_ip : server[i].ip); - WFIFOW(fd,47+n*32+4) = ntows(htons(server[i].port)); // [!] LE byte order here [!] - memcpy(WFIFOP(fd,47+n*32+6), server[i].name, 20); - WFIFOW(fd,47+n*32+26) = server[i].users; - WFIFOW(fd,47+n*32+28) = server[i].maintenance; - WFIFOW(fd,47+n*32+30) = server[i].new_; - n++; - } - WFIFOSET(fd,47+32*server_num); - - // create temporary auth entry - CREATE(node, struct auth_node, 1); - node->account_id = sd->account_id; - node->login_id1 = sd->login_id1; - node->login_id2 = sd->login_id2; - node->sex = sd->sex; - node->ip = ip; - idb_put(auth_db, sd->account_id, node); - - if( login_config.online_check ) - { - struct online_login_data* data; - - // mark client as 'online' - data = add_online_user(-1, sd->account_id); - - // schedule deletion of this node - data->waiting_disconnect = add_timer(gettick()+AUTH_TIMEOUT, waiting_disconnect_timer, sd->account_id, 0); - } -} - -void login_auth_failed(struct login_session_data* sd, int result) -{ - int fd = sd->fd; - uint32 ip = session[fd]->client_addr; - char esc_userid[NAME_LENGTH*2+1]; - - Sql_EscapeStringLen(sql_handle, esc_userid, sd->userid, strlen(sd->userid)); - - if (login_config.log_login) - { - const char* error; - switch( result ) { - case 0: error = "Unregistered ID."; break; // 0 = Unregistered ID - case 1: error = "Incorrect Password."; break; // 1 = Incorrect Password - case 2: error = "Account Expired."; break; // 2 = This ID is expired - case 3: error = "Rejected from server."; break; // 3 = Rejected from Server - case 4: error = "Blocked by GM."; break; // 4 = You have been blocked by the GM Team - case 5: error = "Not latest game EXE."; break; // 5 = Your Game's EXE file is not the latest version - case 6: error = "Banned."; break; // 6 = Your are Prohibited to log in until %s - case 7: error = "Server Over-population."; break; // 7 = Server is jammed due to over populated - case 8: error = "Account limit from company"; break; // 8 = No more accounts may be connected from this company - case 9: error = "Ban by DBA"; break; // 9 = MSI_REFUSE_BAN_BY_DBA - case 10: error = "Email not confirmed"; break; // 10 = MSI_REFUSE_EMAIL_NOT_CONFIRMED - case 11: error = "Ban by GM"; break; // 11 = MSI_REFUSE_BAN_BY_GM - case 12: error = "Working in DB"; break; // 12 = MSI_REFUSE_TEMP_BAN_FOR_DBWORK - case 13: error = "Self Lock"; break; // 13 = MSI_REFUSE_SELF_LOCK - case 14: error = "Not Permitted Group"; break; // 14 = MSI_REFUSE_NOT_PERMITTED_GROUP - case 15: error = "Not Permitted Group"; break; // 15 = MSI_REFUSE_NOT_PERMITTED_GROUP - case 99: error = "Account gone."; break; // 99 = This ID has been totally erased - case 100: error = "Login info remains."; break; // 100 = Login information remains at %s - case 101: error = "Hacking investigation."; break; // 101 = Account has been locked for a hacking investigation. Please contact the GM Team for more information - case 102: error = "Bug investigation."; break; // 102 = This account has been temporarily prohibited from login due to a bug-related investigation - case 103: error = "Deleting char."; break; // 103 = This character is being deleted. Login is temporarily unavailable for the time being - case 104: error = "Deleting spouse char."; break; // 104 = This character is being deleted. Login is temporarily unavailable for the time being - default : error = "Unknown Error."; break; - } - - login_log(ip, sd->userid, result, error); - } - - if( result == 1 && login_config.dynamic_pass_failure_ban && login_config.log_login ) // failed password - { - unsigned long failures = 0; - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT count(*) FROM `%s` WHERE `ip` = '%u' AND `rcode` = '1' AND `time` > NOW() - INTERVAL %d MINUTE", - loginlog_db, ip, login_config.dynamic_pass_failure_ban_interval) )// how many times failed account? in one ip. - Sql_ShowDebug(sql_handle); - - //check query result - if( SQL_SUCCESS == Sql_NextRow(sql_handle) ) - { - char* data; - Sql_GetData(sql_handle, 0, &data, NULL); - failures = strtoul(data, NULL, 10); - Sql_FreeResult(sql_handle); - } - if( failures >= login_config.dynamic_pass_failure_ban_limit ) - { - uint8* p = (uint8*)&ip; - if( SQL_ERROR == Sql_Query(sql_handle, "INSERT INTO `ipbanlist`(`list`,`btime`,`rtime`,`reason`) VALUES ('%u.%u.%u.*', NOW() , NOW() + INTERVAL %d MINUTE ,'Password error ban: %s')", p[3], p[2], p[1], login_config.dynamic_pass_failure_ban_duration, esc_userid) ) - Sql_ShowDebug(sql_handle); - } - } - - WFIFOHEAD(fd,23); - WFIFOW(fd,0) = 0x6a; - WFIFOB(fd,2) = (uint8)result; - if( result != 6 ) - memset(WFIFOP(fd,3), '\0', 20); - else - {// 6 = Your are Prohibited to log in until %s - if( SQL_ERROR == Sql_Query(sql_handle, "SELECT `unban_time` FROM `%s` WHERE `%s` = %s '%s'", login_db, login_db_userid, (login_config.case_sensitive ? "BINARY" : ""), esc_userid) ) - Sql_ShowDebug(sql_handle); - else if( SQL_SUCCESS == Sql_NextRow(sql_handle) ) - { - char* data; - time_t unban_time; - - Sql_GetData(sql_handle, 0, &data, NULL); - unban_time = (time_t)strtoul(data, NULL, 10); - Sql_FreeResult(sql_handle); - - strftime((char*)WFIFOP(fd,3), 20, login_config.date_format, localtime(&unban_time)); - } - } - WFIFOSET(fd,23); -} - -//---------------------------------------------------------------------------------------- -// Default packet parsing (normal players or administation/char-server connection requests) -//---------------------------------------------------------------------------------------- -int parse_login(int fd) -{ - struct login_session_data* sd = session[fd]->session_data; - int result; - uint32 ipl; - char ip[16]; - - if( session[fd]->flag.eof ) - { - do_close(fd); - return 0; - } - - if( sd == NULL ) { - sd = CREATE(session[fd]->session_data, struct login_session_data, 1); - sd->fd = fd; - } - - ipl = session[fd]->client_addr; - ip2str(ipl, ip); - - while( RFIFOREST(fd) >= 2 ) - { - uint16 command = RFIFOW(fd,0); - - switch( command ) - { - - case 0x0200: // New alive packet: structure: 0x200 <account.userid>.24B. used to verify if client is always alive. - if (RFIFOREST(fd) < 26) - return 0; - RFIFOSKIP(fd,26); - break; - - case 0x0204: // New alive packet: structure: 0x204 <encrypted.account.userid>.16B. (new ragexe from 22 june 2004) - if (RFIFOREST(fd) < 18) - return 0; - RFIFOSKIP(fd,18); - break; - - case 0x0064: // request client login - case 0x01dd: // request client login (encryption mode) - case 0x0277: // New login packet (kRO 2006-04-24aSakexe langtype 0) - case 0x02b0: // New login packet (kRO 2007-05-14aSakexe langtype 0) - { - size_t packet_len = RFIFOREST(fd); // assume no other packet was sent - - // Perform ip-ban check - if( login_config.ipban && login_ip_ban_check(ipl) ) - { - ShowStatus("Connection refused: IP isn't authorised (deny/allow, ip: %s).\n", ip); - WFIFOHEAD(fd,23); - WFIFOW(fd,0) = 0x6a; - WFIFOB(fd,2) = 3; // 3 = Rejected from Server - WFIFOSET(fd,23); - RFIFOSKIP(fd,packet_len); - set_eof(fd); - break; - } - - if( (command == 0x0064 && packet_len < 55) - || (command == 0x01dd && packet_len < 47) - || (command == 0x0277 && packet_len < 84) - || (command == 0x02b0 && packet_len < 85) ) - return 0; - - // S 0064 <version>.l <account name>.24B <password>.24B <version2>.B - // S 01dd <version>.l <account name>.24B <md5 binary>.16B <version2>.B - // S 0277 <version>.l <account name>.24B <password>.24B <junk?>.29B <version2>.B - // S 02b0 <version>.l <account name>.24B <password>.24B <junk?>.30B <version2>.B - - sd->version = RFIFOL(fd,2); - safestrncpy(sd->userid, (char*)RFIFOP(fd,6), NAME_LENGTH);//## does it have to be nul-terminated? - if (command != 0x01dd) { - ShowStatus("Request for connection of %s (ip: %s).\n", sd->userid, ip); - safestrncpy(sd->passwd, (char*)RFIFOP(fd,30), NAME_LENGTH);//## does it have to be nul-terminated? - sd->passwdenc = 0; - } else { - ShowStatus("Request for connection (encryption mode) of %s (ip: %s).\n", sd->userid, ip); - memcpy(sd->passwd, RFIFOP(fd,30), 16); sd->passwd[16] = '\0'; // raw binary data here! - sd->passwdenc = PASSWORDENC; - } - RFIFOSKIP(fd,packet_len); - - result = mmo_auth(sd); - - if( result == -1 ) - login_auth_ok(sd); - else - login_auth_failed(sd, result); - } - break; - - case 0x01db: // Sending request of the coding key - RFIFOSKIP(fd,2); - { - unsigned int i; - - memset(sd->md5key, '\0', sizeof(sd->md5key)); - sd->md5keylen = (uint16)(12 + rand() % 4); - for( i = 0; i < sd->md5keylen; ++i ) - sd->md5key[i] = (char)(1 + rand() % 255); - - WFIFOHEAD(fd,4 + sd->md5keylen); - WFIFOW(fd,0) = 0x01dc; - WFIFOW(fd,2) = 4 + sd->md5keylen; - memcpy(WFIFOP(fd,4), sd->md5key, sd->md5keylen); - WFIFOSET(fd,WFIFOW(fd,2)); - } - break; - - case 0x2710: // Connection request of a char-server - if (RFIFOREST(fd) < 86) - return 0; - { - char server_name[20]; - char message[256]; - uint32 server_ip; - uint16 server_port; - uint16 maintenance; - uint16 new_; - - safestrncpy(sd->userid, (char*)RFIFOP(fd,2), NAME_LENGTH); - safestrncpy(sd->passwd, (char*)RFIFOP(fd,26), NAME_LENGTH); - sd->passwdenc = 0; - sd->version = login_config.client_version_to_connect; // hack to skip version check - server_ip = ntohl(RFIFOL(fd,54)); - server_port = ntohs(RFIFOW(fd,58)); - safestrncpy(server_name, (char*)RFIFOP(fd,60), 20); - maintenance = RFIFOW(fd,82); - new_ = RFIFOW(fd,84); - RFIFOSKIP(fd,86); - - ShowInfo("Connection request of the char-server '%s' @ %u.%u.%u.%u:%u (account: '%s', pass: '%s', ip: '%s')\n", server_name, CONVIP(server_ip), server_port, sd->userid, sd->passwd, ip); - sprintf(message, "charserver - %s@%u.%u.%u.%u:%u", server_name, CONVIP(server_ip), server_port); - login_log(ipl, sd->userid, 100, message); - - result = mmo_auth(sd); - if( result == -1 && sd->sex == 'S' && sd->account_id < MAX_SERVERS && server[sd->account_id].fd == -1 ) - { - ShowStatus("Connection of the char-server '%s' accepted.\n", server_name); - safestrncpy(server[sd->account_id].name, server_name, sizeof(server[sd->account_id].name)); - server[sd->account_id].fd = fd; - server[sd->account_id].ip = server_ip; - server[sd->account_id].port = server_port; - server[sd->account_id].users = 0; - server[sd->account_id].maintenance = maintenance; - server[sd->account_id].new_ = new_; - - session[fd]->func_parse = parse_fromchar; - session[fd]->flag.server = 1; - realloc_fifo(fd, FIFOSIZE_SERVERLINK, FIFOSIZE_SERVERLINK); - - // send connection success - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x2711; - WFIFOB(fd,2) = 0; - WFIFOSET(fd,3); - - // send GM account to char-server - send_GM_accounts(fd); - } - else - { - ShowNotice("Connection of the char-server '%s' REFUSED.\n", server_name); - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x2711; - WFIFOB(fd,2) = 3; - WFIFOSET(fd,3); - } - } - return 0; // processing will continue elsewhere - - case 0x7530: // Server version information request - ShowStatus("Sending server version information to ip: %s\n", ip); - RFIFOSKIP(fd,2); - WFIFOHEAD(fd,10); - WFIFOW(fd,0) = 0x7531; - WFIFOB(fd,2) = ATHENA_MAJOR_VERSION; - WFIFOB(fd,3) = ATHENA_MINOR_VERSION; - WFIFOB(fd,4) = ATHENA_REVISION; - WFIFOB(fd,5) = ATHENA_RELEASE_FLAG; - WFIFOB(fd,6) = ATHENA_OFFICIAL_FLAG; - WFIFOB(fd,7) = ATHENA_SERVER_LOGIN; - WFIFOW(fd,8) = ATHENA_MOD_VERSION; - WFIFOSET(fd,10); - break; - - default: - ShowNotice("Abnormal end of connection (ip: %s): Unknown packet 0x%x\n", ip, command); - set_eof(fd); - return 0; - } - } - - RFIFOSKIP(fd,RFIFOREST(fd)); - return 0; -} - - -//----------------------------------------------------- -// clear expired ip bans -//----------------------------------------------------- -int ip_ban_flush(int tid, unsigned int tick, int id, int data) -{ - if( SQL_ERROR == Sql_Query(sql_handle, "DELETE FROM `ipbanlist` WHERE `rtime` <= NOW()") ) - Sql_ShowDebug(sql_handle); - - return 0; -} - -void sql_config_read(const char* cfgName) -{ - char line[1024], w1[1024], w2[1024]; - FILE* fp = fopen(cfgName, "r"); - if(fp == NULL) { - ShowError("file not found: %s\n", cfgName); - return; - } - ShowInfo("reading configuration file %s...\n", cfgName); - while(fgets(line, sizeof(line), fp)) - { - if (line[0] == '/' && line[1] == '/') - continue; - if (sscanf(line, "%[^:]: %[^\r\n]", w1, w2) < 2) - continue; - - if (!strcmpi(w1, "gm_read_method")) - login_config.login_gm_read = (atoi(w2) == 0); - else if (!strcmpi(w1, "login_db")) - strcpy(login_db, w2); - else if (!strcmpi(w1, "login_server_ip")) - strcpy(login_server_ip, w2); - else if (!strcmpi(w1, "login_server_port")) - login_server_port = (uint16)atoi(w2); - else if (!strcmpi(w1, "login_server_id")) - strcpy(login_server_id, w2); - else if (!strcmpi(w1, "login_server_pw")) - strcpy(login_server_pw, w2); - else if (!strcmpi(w1, "login_server_db")) - strcpy(login_server_db, w2); - else if (!strcmpi(w1, "default_codepage")) - strcpy(default_codepage, w2); - else if (!strcmpi(w1, "login_db_account_id")) - strcpy(login_db_account_id, w2); - else if (!strcmpi(w1, "login_db_userid")) - strcpy(login_db_userid, w2); - else if (!strcmpi(w1, "login_db_user_pass")) - strcpy(login_db_user_pass, w2); - else if (!strcmpi(w1, "login_db_level")) - strcpy(login_db_level, w2); - else if (!strcmpi(w1, "loginlog_db")) - strcpy(loginlog_db, w2); - else if (!strcmpi(w1, "reg_db")) - strcpy(reg_db, w2); - else if (!strcmpi(w1, "import")) - sql_config_read(w2); - } - fclose(fp); - ShowInfo("Done reading %s.\n", cfgName); -} diff --git a/src/login/login_txt.c b/src/login/login_txt.c deleted file mode 100644 index 73b1944a6..000000000 --- a/src/login/login_txt.c +++ /dev/null @@ -1,1903 +0,0 @@ -// Copyright (c) Athena Dev Teams - Licensed under GNU GPL -// For more information, see LICENCE in the main folder - -#include "../common/cbasetypes.h" -#include "../common/mmo.h" -#include "../common/core.h" -#include "../common/socket.h" -#include "../common/db.h" -#include "../common/timer.h" -#include "../common/malloc.h" -#include "../common/strlib.h" -#include "../common/showmsg.h" -#include "../common/version.h" -#include "../common/md5calc.h" -#include "../common/lock.h" -#include "login.h" - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/stat.h> // for stat/lstat/fstat - - -// GM account management -struct gm_account* gm_account_db = NULL; -unsigned int GM_num = 0; // number of gm accounts -char GM_account_filename[1024] = "conf/GM_account.txt"; -long creation_time_GM_account_file; // tracks the last-changed timestamp of the gm accounts file -int gm_account_filename_check_timer = 15; // Timer to check if GM_account file has been changed and reload GM account automaticaly (in seconds; default: 15) - -char login_log_filename[1024] = "log/login.log"; - -// data handling (TXT) -char account_txt[1024] = "save/account.txt"; - -// account database -struct mmo_account* auth_dat = NULL; -unsigned int auth_num = 0, auth_max = 0; - -int account_id_count = START_ACCOUNT_NUM; - -// define the number of times that some players must authentify them before to save account file. -// it's just about normal authentication. If an account is created or modified, save is immediatly done. -// An authentication just change last connected IP and date. It already save in log file. -// set minimum auth change before save: -#define AUTH_BEFORE_SAVE_FILE 10 -// set divider of auth_num to found number of change before save -#define AUTH_SAVE_FILE_DIVIDER 50 -int auth_before_save_file = 0; // Counter. First save when 1st char-server do connection. - - -// ladmin configuration -bool admin_state = false; -char admin_pass[24] = ""; -uint32 admin_allowed_ip = 0; - -int parse_admin(int fd); - - -// temporary external imports -#define MAX_SERVERS 30 -#define AUTH_TIMEOUT 30000 -#define sex_num2str(num) ( (num == 0 ) ? 'F' : (num == 1 ) ? 'M' : 'S' ) -#define sex_str2num(str) ( (str == 'F' ) ? 0 : (str == 'M' ) ? 1 : 2 ) - -struct online_login_data; -extern DBMap* auth_db; -extern DBMap* online_db; -extern struct Login_Config login_config; -extern struct mmo_char_server server[MAX_SERVERS]; -extern int login_fd; -extern int allowed_regs; -extern int time_allowed; - -extern int charif_sendallwos(int sfd, uint8* buf, size_t len); -extern bool check_password(struct login_session_data* sd, int passwdenc, const char* passwd, const char* refpass); -extern int online_db_setoffline(DBKey key, void* data, va_list ap); -extern struct online_login_data* add_online_user(int char_server, int account_id); -extern void remove_online_user(int account_id); -extern void* create_online_user(DBKey key, va_list args); -extern int waiting_disconnect_timer(int tid, unsigned int tick, int id, int data); -extern int lan_subnetcheck(uint32 ip); - - -//---------------------------------------------------------------------- -// Determine if an account (id) is a GM account -// and returns its level (or 0 if it isn't a GM account or if not found) -//---------------------------------------------------------------------- -int isGM(int account_id) -{ - unsigned int i; - ARR_FIND( 0, GM_num, i, gm_account_db[i].account_id == account_id ); - return ( i < GM_num ) ? gm_account_db[i].level : 0; -} - -//---------------------------------------------------------------------- -// Adds a new GM using acc id and level -//---------------------------------------------------------------------- -void addGM(int account_id, int level) -{ - static unsigned int GM_max = 0; - unsigned int i; - - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); - if( i == auth_num ) - return; // no such account - - ARR_FIND( 0, GM_num, i, gm_account_db[i].account_id == account_id ); - if( i < GM_num ) - { - if (gm_account_db[i].level == level) - ShowWarning("addGM: GM account %d defined twice (same level: %d).\n", account_id, level); - else { - ShowWarning("addGM: GM account %d defined twice (levels: %d and %d).\n", account_id, gm_account_db[i].level, level); - gm_account_db[i].level = level; - } - return; // entry already present - } - - // new account - if (GM_num >= GM_max) { - GM_max += 256; - RECREATE(gm_account_db, struct gm_account, GM_max); - } - gm_account_db[GM_num].account_id = account_id; - gm_account_db[GM_num].level = level; - GM_num++; - if (GM_num >= 4000) - ShowWarning("4000 GM accounts found. Next GM accounts are not read.\n"); -} - -//------------------------------------------------------- -// Reading function of GM accounts file (and their level) -//------------------------------------------------------- -int read_gm_account(void) -{ - char line[512]; - FILE *fp; - int account_id, level; - int line_counter; - struct stat file_stat; - int start_range = 0, end_range = 0, is_range = 0, current_id = 0; - - if(gm_account_db) aFree(gm_account_db); - CREATE(gm_account_db, struct gm_account, 1); - GM_num = 0; - - // get last modify time/date - if (stat(GM_account_filename, &file_stat)) - creation_time_GM_account_file = 0; // error - else - creation_time_GM_account_file = (long)file_stat.st_mtime; - - if ((fp = fopen(GM_account_filename, "r")) == NULL) { - ShowError("read_gm_account: GM accounts file [%s] not found.\n", GM_account_filename); - return 1; - } - - line_counter = 0; - // limited to 4000, because we send information to char-servers (more than 4000 GM accounts???) - // int (id) + int (level) = 8 bytes * 4000 = 32k (limit of packets in windows) - while(fgets(line, sizeof(line), fp) && GM_num < 4000) - { - line_counter++; - if ((line[0] == '/' && line[1] == '/') || line[0] == '\0' || line[0] == '\n' || line[0] == '\r') - continue; - is_range = (sscanf(line, "%d%*[-~]%d %d",&start_range,&end_range,&level)==3); // ID Range [MC Cameri] - if (!is_range && sscanf(line, "%d %d", &account_id, &level) != 2 && sscanf(line, "%d: %d", &account_id, &level) != 2) - ShowError("read_gm_account: file [%s], invalid 'acount_id|range level' format (line #%d).\n", GM_account_filename, line_counter); - else if (level <= 0) - ShowError("read_gm_account: file [%s] %dth account (line #%d) (invalid level [0 or negative]: %d).\n", GM_account_filename, GM_num+1, line_counter, level); - else { - if (level > 99) { - ShowNotice("read_gm_account: file [%s] %dth account (invalid level, but corrected: %d->99).\n", GM_account_filename, GM_num+1, level); - level = 99; - } - if (is_range) { - if (start_range==end_range) - ShowError("read_gm_account: file [%s] invalid range, beginning of range is equal to end of range (line #%d).\n", GM_account_filename, line_counter); - else if (start_range>end_range) - ShowError("read_gm_account: file [%s] invalid range, beginning of range must be lower than end of range (line #%d).\n", GM_account_filename, line_counter); - else - for (current_id = start_range;current_id<=end_range;current_id++) - addGM(current_id,level); - } else { - addGM(account_id,level); - } - } - } - fclose(fp); - - ShowStatus("read_gm_account: file '%s' read (%d GM accounts found).\n", GM_account_filename, GM_num); - - return 0; -} - - -//----------------------------------------------- -// Search an account id -// (return account index or -1 (if not found)) -// If exact account name is not found, -// the function checks without case sensitive -// and returns index if only 1 account is found -// and similar to the searched name. -//----------------------------------------------- -int search_account_index(char* account_name) -{ - unsigned int i, quantity; - int index; - - quantity = 0; - index = -1; - - for(i = 0; i < auth_num; i++) { - // Without case sensitive check (increase the number of similar account names found) - if (stricmp(auth_dat[i].userid, account_name) == 0) { - // Strict comparison (if found, we finish the function immediatly with correct value) - if (strcmp(auth_dat[i].userid, account_name) == 0) - return i; - quantity++; - index = i; - } - } - // Here, the exact account name is not found - // We return the found index of a similar account ONLY if there is 1 similar account - if (quantity == 1) - return index; - - // Exact account name is not found and 0 or more than 1 similar accounts have been found ==> we say not found - return -1; -} - -//-------------------------------------------------------- -// Create a string to save the account in the account file -//-------------------------------------------------------- -int mmo_auth_tostr(char* str, struct mmo_account* p) -{ - int i; - char *str_p = str; - - str_p += sprintf(str_p, "%d\t%s\t%s\t%s\t%c\t%d\t%u\t%s\t%s\t%ld\t%s\t%s\t%ld\t", - p->account_id, p->userid, p->pass, p->lastlogin, p->sex, - p->logincount, p->state, p->email, p->error_message, - (long)p->expiration_time, p->last_ip, p->memo, (long)p->unban_time); - - for(i = 0; i < p->account_reg2_num; i++) - if (p->account_reg2[i].str[0]) - str_p += sprintf(str_p, "%s,%s ", p->account_reg2[i].str, p->account_reg2[i].value); - - return 0; -} - -//--------------------------------- -// Reading of the accounts database -//--------------------------------- -int mmo_auth_init(void) -{ - FILE *fp; - int account_id; - uint32 state; - int logincount, n; - uint32 i, j; - char line[2048], *p, userid[2048], pass[2048], lastlogin[2048], sex, email[2048], error_message[2048], last_ip[2048], memo[2048]; - long unban_time; - long expiration_time; - char str[2048]; - char v[2048]; - int GM_count = 0; - int server_count = 0; - - auth_max = 256; - CREATE(auth_dat, struct mmo_account, auth_max); - - if ((fp = fopen(account_txt, "r")) == NULL) { - // no account file -> no account -> no login, including char-server (ERROR) - ShowError(CL_RED"mmmo_auth_init: Accounts file [%s] not found."CL_RESET"\n", account_txt); - return 0; - } - - while(fgets(line, sizeof(line), fp) != NULL) - { - if (line[0] == '/' && line[1] == '/') - continue; - - p = line; - - memset(userid, 0, sizeof(userid)); - memset(pass, 0, sizeof(pass)); - memset(lastlogin, 0, sizeof(lastlogin)); - memset(email, 0, sizeof(email)); - memset(error_message, 0, sizeof(error_message)); - memset(last_ip, 0, sizeof(last_ip)); - memset(memo, 0, sizeof(memo)); - - // database version reading (v2) - if (((i = sscanf(line, "%d\t%[^\t]\t%[^\t]\t%[^\t]\t%c\t%d\t%u\t" - "%[^\t]\t%[^\t]\t%ld\t%[^\t]\t%[^\t]\t%ld%n", - &account_id, userid, pass, lastlogin, &sex, &logincount, &state, - email, error_message, &expiration_time, last_ip, memo, &unban_time, &n)) == 13 && line[n] == '\t') || - ((i = sscanf(line, "%d\t%[^\t]\t%[^\t]\t%[^\t]\t%c\t%d\t%u\t" - "%[^\t]\t%[^\t]\t%ld\t%[^\t]\t%[^\t]%n", - &account_id, userid, pass, lastlogin, &sex, &logincount, &state, - email, error_message, &expiration_time, last_ip, memo, &n)) == 12 && line[n] == '\t')) { - n = n + 1; - - // Some checks - if (account_id > END_ACCOUNT_NUM) { - ShowError(CL_RED"mmmo_auth_init: an account has an id higher than %d\n", END_ACCOUNT_NUM); - ShowError(" account id #%d -> account not read (data is lost!)."CL_RESET"\n", account_id); - continue; - } - userid[23] = '\0'; - remove_control_chars(userid); - for(j = 0; j < auth_num; j++) { - if (auth_dat[j].account_id == account_id) { - ShowError(CL_RED"mmmo_auth_init: an account has an identical id to another.\n"); - ShowError(" account id #%d -> new account not read (data is lost!)."CL_RED"\n", account_id); - break; - } else if (strcmp(auth_dat[j].userid, userid) == 0) { - ShowError(CL_RED"mmmo_auth_init: account name already exists.\n"); - ShowError(" account name '%s' -> new account not read (data is lost!)."CL_RESET"\n", userid); // 2 lines, account name can be long. - break; - } - } - if (j != auth_num) - continue; - - if (auth_num >= auth_max) { - auth_max += 256; - auth_dat = (struct mmo_account*)aRealloc(auth_dat, sizeof(struct mmo_account) * auth_max); - } - - memset(&auth_dat[auth_num], '\0', sizeof(struct mmo_account)); - - auth_dat[auth_num].account_id = account_id; - - strncpy(auth_dat[auth_num].userid, userid, 24); - - pass[32] = '\0'; - remove_control_chars(pass); - strncpy(auth_dat[auth_num].pass, pass, 32); - - lastlogin[23] = '\0'; - remove_control_chars(lastlogin); - strncpy(auth_dat[auth_num].lastlogin, lastlogin, 24); - - auth_dat[auth_num].sex = sex; - - if (logincount >= 0) - auth_dat[auth_num].logincount = logincount; - else - auth_dat[auth_num].logincount = 0; - - if (state > 255) - auth_dat[auth_num].state = 100; - else - auth_dat[auth_num].state = state; - - if (e_mail_check(email) == 0) { - ShowNotice("Account %s (%d): invalid e-mail (replaced par a@a.com).\n", auth_dat[auth_num].userid, auth_dat[auth_num].account_id); - strncpy(auth_dat[auth_num].email, "a@a.com", 40); - } else { - remove_control_chars(email); - strncpy(auth_dat[auth_num].email, email, 40); - } - - error_message[19] = '\0'; - remove_control_chars(error_message); - if (error_message[0] == '\0' || state != 7) { // 7, because state is packet 0x006a value + 1 - strncpy(auth_dat[auth_num].error_message, "-", 20); - } else { - strncpy(auth_dat[auth_num].error_message, error_message, 20); - } - - if (i == 13) - auth_dat[auth_num].unban_time = (time_t)unban_time; - else - auth_dat[auth_num].unban_time = 0; - - auth_dat[auth_num].expiration_time = (time_t)expiration_time; - - last_ip[15] = '\0'; - remove_control_chars(last_ip); - strncpy(auth_dat[auth_num].last_ip, last_ip, 16); - - memo[254] = '\0'; - remove_control_chars(memo); - strncpy(auth_dat[auth_num].memo, memo, 255); - - for(j = 0; j < ACCOUNT_REG2_NUM; j++) { - p += n; - if (sscanf(p, "%[^\t,],%[^\t ] %n", str, v, &n) != 2) { - // We must check if a str is void. If it's, we can continue to read other REG2. - // Account line will have something like: str2,9 ,9 str3,1 (here, ,9 is not good) - if (p[0] == ',' && sscanf(p, ",%[^\t ] %n", v, &n) == 1) { - j--; - continue; - } else - break; - } - str[31] = '\0'; - remove_control_chars(str); - strncpy(auth_dat[auth_num].account_reg2[j].str, str, 32); - strncpy(auth_dat[auth_num].account_reg2[j].value,v,256); - } - auth_dat[auth_num].account_reg2_num = j; - - if (isGM(account_id) > 0) - GM_count++; - if (auth_dat[auth_num].sex == 'S') - server_count++; - - auth_num++; - if (account_id >= account_id_count) - account_id_count = account_id + 1; - - // Old athena database version reading (v1) - } else if ((i = sscanf(line, "%d\t%[^\t]\t%[^\t]\t%[^\t]\t%c\t%d\t%u\t%n", - &account_id, userid, pass, lastlogin, &sex, &logincount, &state, &n)) >= 5) { - if (account_id > END_ACCOUNT_NUM) { - ShowError(CL_RED"mmmo_auth_init: an account has an id higher than %d\n", END_ACCOUNT_NUM); - ShowError(" account id #%d -> account not read (data is lost!)."CL_RESET"\n", account_id); - continue; - } - userid[23] = '\0'; - remove_control_chars(userid); - for(j = 0; j < auth_num; j++) { - if (auth_dat[j].account_id == account_id) { - ShowError(CL_RED"mmo_auth_init: an account has an identical id to another.\n"); - ShowError(" account id #%d -> new account not read (data is lost!)."CL_RESET"\n", account_id); - break; - } else if (strcmp(auth_dat[j].userid, userid) == 0) { - ShowError(CL_RED"mmo_auth_init: account name already exists.\n"); - ShowError(" account name '%s' -> new account not read (data is lost!)."CL_RESET"\n", userid); - break; - } - } - if (j != auth_num) - continue; - - if (auth_num >= auth_max) { - auth_max += 256; - RECREATE(auth_dat, struct mmo_account, auth_max); - } - - memset(&auth_dat[auth_num], '\0', sizeof(struct mmo_account)); - - auth_dat[auth_num].account_id = account_id; - - strncpy(auth_dat[auth_num].userid, userid, 24); - - pass[23] = '\0'; - remove_control_chars(pass); - strncpy(auth_dat[auth_num].pass, pass, 24); - - lastlogin[23] = '\0'; - remove_control_chars(lastlogin); - strncpy(auth_dat[auth_num].lastlogin, lastlogin, 24); - - auth_dat[auth_num].sex = sex; - - if (i >= 6) { - if (logincount >= 0) - auth_dat[auth_num].logincount = logincount; - else - auth_dat[auth_num].logincount = 0; - } else - auth_dat[auth_num].logincount = 0; - - if (i >= 7) { - if (state > 255) - auth_dat[auth_num].state = 100; - else - auth_dat[auth_num].state = state; - } else - auth_dat[auth_num].state = 0; - - // Initialization of new data - strncpy(auth_dat[auth_num].email, "a@a.com", 40); - strncpy(auth_dat[auth_num].error_message, "-", 20); - auth_dat[auth_num].unban_time = 0; - auth_dat[auth_num].expiration_time = 0; - strncpy(auth_dat[auth_num].last_ip, "-", 16); - strncpy(auth_dat[auth_num].memo, "-", 255); - - for(j = 0; j < ACCOUNT_REG2_NUM; j++) { - p += n; - if (sscanf(p, "%[^\t,],%[^\t ] %n", str, v, &n) != 2) { - // We must check if a str is void. If it's, we can continue to read other REG2. - // Account line will have something like: str2,9 ,9 str3,1 (here, ,9 is not good) - if (p[0] == ',' && sscanf(p, ",%[^\t ] %n", v, &n) == 1) { - j--; - continue; - } else - break; - } - str[31] = '\0'; - remove_control_chars(str); - strncpy(auth_dat[auth_num].account_reg2[j].str, str, 32); - strncpy(auth_dat[auth_num].account_reg2[j].value,v,256); - } - auth_dat[auth_num].account_reg2_num = j; - - if (isGM(account_id) > 0) - GM_count++; - if (auth_dat[auth_num].sex == 'S') - server_count++; - - auth_num++; - if (account_id >= account_id_count) - account_id_count = account_id + 1; - - } else { - int i = 0; - if (sscanf(line, "%d\t%%newid%%\n%n", &account_id, &i) == 1 && - i > 0 && account_id > account_id_count) - account_id_count = account_id; - } - } - fclose(fp); - - if( auth_num == 0 ) - ShowNotice("mmo_auth_init: No account found in %s.\n", account_txt); - else - if( auth_num == 1 ) - ShowStatus("mmo_auth_init: 1 account read in %s,\n", account_txt); - else - ShowStatus("mmo_auth_init: %d accounts read in %s,\n", auth_num, account_txt); - - if( GM_count == 0 ) - ShowStatus(" of which is no GM account, and \n"); - else - if( GM_count == 1 ) - ShowStatus(" of which is 1 GM account, and \n"); - else - ShowStatus(" of which is %d GM accounts, and \n", GM_count); - - if( server_count == 0 ) - ShowStatus(" no server account ('S').\n"); - else - if( server_count == 1 ) - ShowStatus(" 1 server account ('S').\n"); - else - ShowStatus(" %d server accounts ('S').\n", server_count); - - return 0; -} - -//------------------------------------------ -// Writing of the accounts database file -// (accounts are sorted by id before save) -//------------------------------------------ -void mmo_auth_sync(void) -{ - FILE *fp; - unsigned int i, j, k; - int lock; - int account_id; - CREATE_BUFFER(id, int, auth_num); - char line[65536]; - - // Sorting before save - for(i = 0; i < auth_num; i++) { - id[i] = i; - account_id = auth_dat[i].account_id; - for(j = 0; j < i; j++) { - if (account_id < auth_dat[id[j]].account_id) { - for(k = i; k > j; k--) - id[k] = id[k-1]; - id[j] = i; // id[i] - break; - } - } - } - - // Data save - if ((fp = lock_fopen(account_txt, &lock)) == NULL) { - //if (id) aFree(id); - DELETE_BUFFER(id); - return; - } - - fprintf(fp, "// Accounts file: here are saved all information about the accounts.\n"); - fprintf(fp, "// Structure: ID, account name, password, last login time, sex, # of logins, state, email, error message for state 7, validity time, last (accepted) login ip, memo field, ban timestamp, repeated(register text, register value)\n"); - fprintf(fp, "// Some explanations:\n"); - fprintf(fp, "// account name : between 4 to 23 char for a normal account (standard client can't send less than 4 char).\n"); - fprintf(fp, "// account password: between 4 to 23 char\n"); - fprintf(fp, "// sex : M or F for normal accounts, S for server accounts\n"); - fprintf(fp, "// state : 0: account is ok, 1 to 256: error code of packet 0x006a + 1\n"); - fprintf(fp, "// email : between 3 to 39 char (a@a.com is like no email)\n"); - fprintf(fp, "// error message : text for the state 7: 'Your are Prohibited to login until <text>'. Max 19 char\n"); - fprintf(fp, "// valitidy time : 0: unlimited account, <other value>: date calculated by addition of 1/1/1970 + value (number of seconds since the 1/1/1970)\n"); - fprintf(fp, "// memo field : max 254 char\n"); - fprintf(fp, "// ban time : 0: no ban, <other value>: banned until the date: date calculated by addition of 1/1/1970 + value (number of seconds since the 1/1/1970)\n"); - for(i = 0; i < auth_num; i++) { - k = id[i]; // use of sorted index - if (auth_dat[k].account_id == -1) - continue; - - mmo_auth_tostr(line, &auth_dat[k]); - fprintf(fp, "%s\n", line); - } - fprintf(fp, "%d\t%%newid%%\n", account_id_count); - - lock_fclose(fp, account_txt, &lock); - - // set new counter to minimum number of auth before save - auth_before_save_file = auth_num / AUTH_SAVE_FILE_DIVIDER; // Re-initialise counter. We have save. - if (auth_before_save_file < AUTH_BEFORE_SAVE_FILE) - auth_before_save_file = AUTH_BEFORE_SAVE_FILE; - - //if (id) aFree(id); - DELETE_BUFFER(id); - - return; -} - -//----------------------------------------------------- -// Check if we must save accounts file or not -// every minute, we check if we must save because we -// have do some authentications without arrive to -// the minimum of authentications for the save. -// Note: all other modification of accounts (deletion, -// change of some informations excepted lastip/ -// lastlogintime, creation) are always save -// immediatly and set the minimum of -// authentications to its initialization value. -//----------------------------------------------------- -int check_auth_sync(int tid, unsigned int tick, int id, int data) -{ - // we only save if necessary: - // we have do some authentications without do saving - if (auth_before_save_file < AUTH_BEFORE_SAVE_FILE || - auth_before_save_file < (int)(auth_num / AUTH_SAVE_FILE_DIVIDER)) - mmo_auth_sync(); - - return 0; -} - -//----------------------------------------------------- -// Send GM accounts to one or all char-servers -//----------------------------------------------------- -void send_GM_accounts(int fd) -{ - unsigned int i; - uint8 buf[32767]; - uint16 len; - - len = 4; - WBUFW(buf,0) = 0x2732; - for(i = 0; i < GM_num; i++) - // send only existing accounts. We can not create a GM account when server is online. - if (gm_account_db[i].level > 0) { - WBUFL(buf,len) = gm_account_db[i].account_id; - WBUFB(buf,len+4) = (uint8)gm_account_db[i].level; - len += 5; - if (len >= 32000) { - ShowWarning("send_GM_accounts: Too many accounts! Only %d out of %d were sent.\n", i, GM_num); - break; - } - } - - WBUFW(buf,2) = len; - if (fd == -1) // send to all charservers - charif_sendallwos(-1, buf, len); - else { // send only to target - WFIFOHEAD(fd,len); - memcpy(WFIFOP(fd,0), buf, len); - WFIFOSET(fd,len); - } - - return; -} - -//----------------------------------------------------- -// Check if GM file account have been changed -//----------------------------------------------------- -int check_GM_file(int tid, unsigned int tick, int id, int data) -{ - struct stat file_stat; - long new_time; - - // if we would not check - if (gm_account_filename_check_timer < 1) - return 0; - - // get last modify time/date - if (stat(GM_account_filename, &file_stat)) - new_time = 0; // error - else - new_time = (long)file_stat.st_mtime; - - if (new_time != creation_time_GM_account_file) { - read_gm_account(); - send_GM_accounts(-1); - } - - return 0; -} - -/*============================================= - * Records an event in the login log - *---------------------------------------------*/ -void login_log(uint32 ip, const char* username, int rcode, const char* message) -{ - FILE* log_fp; - - if( !login_config.log_login ) - return; - - log_fp = fopen(login_log_filename, "a"); - if( log_fp != NULL ) - { - char esc_username[NAME_LENGTH*4+1]; - char esc_message[255*4+1]; - time_t raw_time; - char str_time[24]; - - sv_escape_c(esc_username, username, NAME_LENGTH, NULL); - sv_escape_c(esc_message, message, 255, NULL); - - time(&raw_time); - strftime(str_time, 24, login_config.date_format, localtime(&raw_time)); - str_time[23] = '\0'; - - fprintf(log_fp, "%s\t%u\t%s\t%d\t%s\n", str_time, ip, esc_username, rcode, esc_message); - - fclose(log_fp); - } -} - -//------------------------------------- -// Make new account -//------------------------------------- -int mmo_auth_new(struct mmo_account* account) -{ - static int num_regs = 0; // registration counter - static unsigned int new_reg_tick = 0; - unsigned int tick = gettick(); - - time_t expiration_time = 0; - unsigned int i = auth_num; - - // check if the account doesn't exist already - ARR_FIND( 0, auth_num, i, strcmp(account->userid, auth_dat[i].userid) == 0 ); - if( i < auth_num ) - { - ShowNotice("Attempt of creation of an already existant account (account: %s_%c, pass: %s, received pass: %s)\n", account->userid, account->sex, auth_dat[i].pass, account->pass); - return 1; // 1 = Incorrect Password - } - - //Account Registration Flood Protection by [Kevin] - if( new_reg_tick == 0 ) - new_reg_tick = gettick(); - if( DIFF_TICK(tick, new_reg_tick) < 0 && num_regs >= allowed_regs ) - { - ShowNotice("Account registration denied (registration limit exceeded)\n"); - return 3; - } - - if (auth_num >= auth_max) { - auth_max += 256; - auth_dat = (struct mmo_account*)aRealloc(auth_dat, sizeof(struct mmo_account) * auth_max); - } - - memset(&auth_dat[i], '\0', sizeof(struct mmo_account)); - - // find a suitable non-gm account id - while (isGM(account_id_count) > 0) - account_id_count++; - - auth_dat[i].account_id = account_id_count++; - safestrncpy(auth_dat[i].userid, account->userid, NAME_LENGTH); - if( login_config.use_md5_passwds ) - MD5_String(account->pass, auth_dat[i].pass); - else - safestrncpy(auth_dat[i].pass, account->pass, NAME_LENGTH); - safestrncpy(auth_dat[i].lastlogin, "-", sizeof(auth_dat[i].lastlogin)); - auth_dat[i].sex = account->sex; - auth_dat[i].logincount = 0; - auth_dat[i].state = 0; - safestrncpy(auth_dat[i].email, e_mail_check(account->email) ? account->email : "a@a.com", sizeof(auth_dat[i].email)); - safestrncpy(auth_dat[i].error_message, "-", sizeof(auth_dat[i].error_message)); - auth_dat[i].unban_time = 0; - if( login_config.start_limited_time != -1 ) - expiration_time = time(NULL) + login_config.start_limited_time; - auth_dat[i].expiration_time = expiration_time; - strncpy(auth_dat[i].last_ip, "-", 16); - strncpy(auth_dat[i].memo, "-", 255); - auth_dat[i].account_reg2_num = 0; - - ShowNotice("Account creation (account %s, id: %d, pass: %s, sex: %c)\n", account->userid, auth_num, account->pass, account->sex); - auth_num++; - - if( DIFF_TICK(tick, new_reg_tick) > 0 ) - {// Update the registration check. - num_regs = 0; - new_reg_tick = tick + time_allowed*1000; - } - ++num_regs; - - return 0; -} - -//----------------------------------------------------- -// Check/authentication of a connection -//----------------------------------------------------- -int mmo_auth(struct login_session_data* sd) -{ - unsigned int i; - time_t raw_time; - char tmpstr[256]; - int len; - char user_password[32+1]; // reserve for md5-ed pw - - char ip[16]; - ip2str(session[sd->fd]->client_addr, ip); - - // DNS Blacklist check - if( login_config.use_dnsbl ) - { - char r_ip[16]; - char ip_dnsbl[256]; - char* dnsbl_serv; - bool matched = false; - uint8* sin_addr = (uint8*)&session[sd->fd]->client_addr; - - sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]); - - for( dnsbl_serv = strtok(login_config.dnsbl_servs,","); !matched && dnsbl_serv != NULL; dnsbl_serv = strtok(NULL,",") ) - { - sprintf(ip_dnsbl, "%s.%s", r_ip, dnsbl_serv); - if( host2ip(ip_dnsbl) ) - matched = true; - } - - if( matched ) - { - ShowInfo("DNSBL: (%s) Blacklisted. User Kicked.\n", r_ip); - return 3; - } - } - - //Client Version check - if( login_config.check_client_version && sd->version != login_config.client_version_to_connect ) - return 5; - - len = strnlen(sd->userid, NAME_LENGTH); - - // Account creation with _M/_F - if( login_config.new_account_flag ) - { - if( len > 2 && strnlen(sd->passwd, NAME_LENGTH) > 0 && // valid user and password lengths - sd->passwdenc == 0 && // unencoded password - sd->userid[len-2] == '_' && memchr("FfMm", sd->userid[len-1], 4) && // _M/_F suffix - account_id_count <= END_ACCOUNT_NUM ) - { - struct mmo_account acc; - int result; - - len -= 2; - sd->userid[len] = '\0'; - - memset(&acc, '\0', sizeof(acc)); - safestrncpy(acc.userid, sd->userid, NAME_LENGTH); - safestrncpy(acc.pass, sd->passwd, NAME_LENGTH); - safestrncpy(acc.email, "a@a.com", sizeof(acc.email)); - acc.sex = TOUPPER(sd->userid[len+1]); - - result = mmo_auth_new(&acc); - if( result ) - return result;// Failed to make account. [Skotlex]. - - auth_before_save_file = 0; // Creation of an account -> save accounts file immediatly - } - } - - // Strict account search - ARR_FIND( 0, auth_num, i, strcmp(sd->userid, auth_dat[i].userid) == 0 ); - - // if strict account search fails, we do a no sensitive case research for index - if( i < auth_num ) - { - i = search_account_index(sd->userid); - if( i == -1 ) - i = auth_num; - else - memcpy(sd->userid, auth_dat[i].userid, NAME_LENGTH); // for the possible tests/checks afterwards (copy correcte sensitive case). - } - - if( i == auth_num ) - { - ShowNotice("Unknown account (account: %s, received pass: %s, ip: %s)\n", sd->userid, sd->passwd, ip); - return 0; // 0 = Unregistered ID - } - - if( login_config.use_md5_passwds ) - MD5_String(sd->passwd, user_password); - else - safestrncpy(user_password, sd->passwd, NAME_LENGTH); - - if( !check_password(sd, sd->passwdenc, user_password, auth_dat[i].pass) ) - { - ShowNotice("Invalid password (account: %s, pass: %s, received pass: %s, ip: %s)\n", sd->userid, auth_dat[i].pass, (sd->passwdenc) ? "[MD5]" : sd->passwd, ip); - return 1; // 1 = Incorrect Password - } - - if( auth_dat[i].expiration_time != 0 && auth_dat[i].expiration_time < time(NULL) ) - { - ShowNotice("Connection refused (account: %s, pass: %s, expired ID, ip: %s)\n", sd->userid, sd->passwd, ip); - return 2; // 2 = This ID is expired - } - - if( auth_dat[i].unban_time != 0 && auth_dat[i].unban_time > time(NULL) ) - { - strftime(tmpstr, 20, login_config.date_format, localtime(&auth_dat[i].unban_time)); - tmpstr[19] = '\0'; - ShowNotice("Connection refused (account: %s, pass: %s, banned until %s, ip: %s)\n", sd->userid, sd->passwd, tmpstr, ip); - return 6; // 6 = Your are Prohibited to log in until %s - } - - if( auth_dat[i].state ) - { - ShowNotice("Connection refused (account: %s, pass: %s, state: %d, ip: %s)\n", sd->userid, sd->passwd, auth_dat[i].state, ip); - return auth_dat[i].state - 1; - } - - ShowNotice("Authentication accepted (account: %s, id: %d, ip: %s)\n", sd->userid, auth_dat[i].account_id, ip); - - // auth start : time seed - time(&raw_time); - strftime(tmpstr, 24, "%Y-%m-%d %H:%M:%S",localtime(&raw_time)); - - sd->account_id = auth_dat[i].account_id; - sd->login_id1 = rand(); - sd->login_id2 = rand(); - safestrncpy(sd->lastlogin, auth_dat[i].lastlogin, 24); - sd->sex = auth_dat[i].sex; - - if( sd->sex != 'S' && sd->account_id < START_ACCOUNT_NUM ) - ShowWarning("Account %s has account id %d! Account IDs must be over %d to work properly!\n", sd->userid, sd->account_id, START_ACCOUNT_NUM); - - safestrncpy(auth_dat[i].lastlogin, tmpstr, sizeof(auth_dat[i].lastlogin)); - safestrncpy(auth_dat[i].last_ip, ip, sizeof(auth_dat[i].last_ip)); - auth_dat[i].unban_time = 0; - auth_dat[i].logincount++; - - // Save until for change ip/time of auth is not very useful => limited save for that - // Save there informations isnot necessary, because they are saved in log file. - if (--auth_before_save_file <= 0) // Reduce counter. 0 or less, we save - mmo_auth_sync(); - - return -1; // account OK -} - -//-------------------------------- -// Packet parsing for char-servers -//-------------------------------- -int parse_fromchar(int fd) -{ - unsigned int i; - int j, id; - uint32 ipl; - char ip[16]; - - ARR_FIND( 0, MAX_SERVERS, id, server[id].fd == fd ); - if( id == MAX_SERVERS ) - {// not a char server - set_eof(fd); - do_close(fd); - return 0; - } - - if( session[fd]->flag.eof ) - { - ShowStatus("Char-server '%s' has disconnected.\n", server[id].name); - online_db->foreach(online_db, online_db_setoffline, id); //Set all chars from this char server to offline. - memset(&server[id], 0, sizeof(struct mmo_char_server)); - server[id].fd = -1; - do_close(fd); - return 0; - } - - ipl = server[id].ip; - ip2str(ipl, ip); - - while( RFIFOREST(fd) >= 2 ) - { - uint16 command = RFIFOW(fd,0); - - switch( command ) - { - - case 0x2709: // request from map-server via char-server to reload GM accounts - RFIFOSKIP(fd,2); - ShowStatus("Char-server '%s': Request to re-load GM database (ip: %s).\n", server[id].name, ip); - login_log(ipl, server[id].name, 0, "GM reload request"); - read_gm_account(); - // send GM accounts to all char-servers - send_GM_accounts(-1); - break; - - case 0x2712: // request from char-server to authenticate an account - if( RFIFOREST(fd) < 19 ) - return 0; - { - struct auth_node* node; - - int account_id = RFIFOL(fd,2); - int login_id1 = RFIFOL(fd,6); - int login_id2 = RFIFOL(fd,10); - char sex = sex_num2str(RFIFOB(fd,14)); - uint32 ip_ = ntohl(RFIFOL(fd,15)); - RFIFOSKIP(fd,19); - - node = (struct auth_node*)idb_get(auth_db, account_id); - if( node != NULL && - node->account_id == account_id && - node->login_id1 == login_id1 && - node->login_id2 == login_id2 && - node->sex == sex && - node->ip == ip_ ) - {// found - uint32 expiration_time; - char email[40]; - unsigned int k; - - //ShowStatus("Char-server '%s': authentication of the account %d accepted (ip: %s).\n", server[id].name, account_id, ip); - - // each auth entry can only be used once - idb_remove(auth_db, account_id); - - // retrieve email and account expiration time - ARR_FIND( 0, auth_num, k, auth_dat[k].account_id == account_id ); - if( k < auth_num ) - { - strcpy(email, auth_dat[k].email); - expiration_time = (uint32)auth_dat[k].expiration_time; - } - else - { - memset(email, 0, sizeof(email)); - expiration_time = 0; - } - - // send ack - WFIFOHEAD(fd,59); - WFIFOW(fd,0) = 0x2713; - WFIFOL(fd,2) = account_id; - WFIFOL(fd,6) = login_id1; - WFIFOL(fd,10) = login_id2; - WFIFOB(fd,14) = 0; - memcpy(WFIFOP(fd,15), email, 40); - WFIFOL(fd,55) = expiration_time; - WFIFOSET(fd,59); - } - else - {// authentication not found - ShowStatus("Char-server '%s': authentication of the account %d REFUSED (ip: %s).\n", server[id].name, account_id, ip); - WFIFOHEAD(fd,59); - WFIFOW(fd,0) = 0x2713; - WFIFOL(fd,2) = account_id; - WFIFOL(fd,6) = login_id1; - WFIFOL(fd,10) = login_id2; - WFIFOB(fd,14) = 1; - // It is unnecessary to send email - // It is unnecessary to send validity date of the account - WFIFOSET(fd,59); - } - } - break; - - case 0x2714: - if( RFIFOREST(fd) < 6 ) - return 0; - { - int users = RFIFOL(fd,2); - RFIFOSKIP(fd,6); - - // how many users on world? (update) - if( server[id].users != users ) - { - ShowStatus("set users %s : %d\n", server[id].name, users); - - server[id].users = users; - } - } - break; - - case 0x2715: // request from char server to change e-email from default "a@a.com" - if (RFIFOREST(fd) < 46) - return 0; - { - char email[40]; - int acc = RFIFOL(fd,2); - safestrncpy(email, (char*)RFIFOP(fd,6), 40); remove_control_chars(email); - RFIFOSKIP(fd,46); - - if( e_mail_check(email) == 0 ) - ShowNotice("Char-server '%s': Attempt to create an e-mail on an account with a default e-mail REFUSED - e-mail is invalid (account: %d, ip: %s)\n", server[id].name, acc, ip); - else - { - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == acc && (strcmp(auth_dat[i].email, "a@a.com") == 0 || auth_dat[i].email[0] == '\0') ); - if( i == auth_num ) - ShowNotice("Char-server '%s': Attempt to create an e-mail on an account with a default e-mail REFUSED - account doesn't exist or e-mail of account isn't default e-mail (account: %d, ip: %s).\n", server[id].name, acc, ip); - else - { - memcpy(auth_dat[i].email, email, 40); - ShowNotice("Char-server '%s': Create an e-mail on an account with a default e-mail (account: %d, new e-mail: %s, ip: %s).\n", server[id].name, acc, email, ip); - // Save - mmo_auth_sync(); - } - } - } - break; - - case 0x2716: // received an e-mail/limited time request, because a player comes back from a map-server to the char-server - if( RFIFOREST(fd) < 6 ) - return 0; - { - uint32 expiration_time = 0; - char email[40] = ""; - - int account_id = RFIFOL(fd,2); - RFIFOSKIP(fd,6); - - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); - if( i == auth_num ) - ShowNotice("Char-server '%s': e-mail of the account %d NOT found (ip: %s).\n", server[id].name, RFIFOL(fd,2), ip); - else - { - safestrncpy(email, auth_dat[i].email, sizeof(email)); - expiration_time = (uint32)auth_dat[i].expiration_time; - } - - WFIFOHEAD(fd,50); - WFIFOW(fd,0) = 0x2717; - WFIFOL(fd,2) = account_id; - safestrncpy((char*)WFIFOP(fd,6), email, 40); - WFIFOL(fd,46) = expiration_time; - WFIFOSET(fd,50); - } - break; - - case 0x2719: // ping request from charserver - if( RFIFOREST(fd) < 2 ) - return 0; - RFIFOSKIP(fd,2); - - WFIFOHEAD(fd,2); - WFIFOW(fd,0) = 0x2718; - WFIFOSET(fd,2); - break; - - // Map server send information to change an email of an account via char-server - case 0x2722: // 0x2722 <account_id>.L <actual_e-mail>.40B <new_e-mail>.40B - if (RFIFOREST(fd) < 86) - return 0; - { - char actual_email[40]; - char new_email[40]; - int account_id = RFIFOL(fd,2); - safestrncpy(actual_email, (char*)RFIFOP(fd,6), 40); remove_control_chars(actual_email); - safestrncpy(new_email, (char*)RFIFOP(fd,46), 40); remove_control_chars(new_email); - RFIFOSKIP(fd, 86); - - if( e_mail_check(actual_email) == 0 ) - ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but actual email is invalid (account: %d, ip: %s)\n", server[id].name, account_id, ip); - else if( e_mail_check(new_email) == 0 ) - ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command) with a invalid new e-mail (account: %d, ip: %s)\n", server[id].name, account_id, ip); - else if( strcmpi(new_email, "a@a.com") == 0 ) - ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command) with a default e-mail (account: %d, ip: %s)\n", server[id].name, account_id, ip); - else { - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); - if( i == auth_num ) - ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but account doesn't exist (account: %d, ip: %s).\n", server[id].name, account_id, ip); - else - if( strcmpi(auth_dat[i].email, actual_email) != 0 ) - ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but actual e-mail is incorrect (account: %d (%s), actual e-mail: %s, proposed e-mail: %s, ip: %s).\n", server[id].name, account_id, auth_dat[i].userid, auth_dat[i].email, actual_email, ip); - else { - safestrncpy(auth_dat[i].email, new_email, 40); - ShowNotice("Char-server '%s': Modify an e-mail on an account (@email GM command) (account: %d (%s), new e-mail: %s, ip: %s).\n", server[id].name, account_id, auth_dat[i].userid, new_email, ip); - // Save - mmo_auth_sync(); - } - } - } - break; - - case 0x2724: // Receiving an account state update request from a map-server (relayed via char-server) - if (RFIFOREST(fd) < 10) - return 0; - { - int account_id = RFIFOL(fd,2); - uint32 state = RFIFOL(fd,6); - RFIFOSKIP(fd,10); - - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); - if( i == auth_num ) - ShowNotice("Char-server '%s': Error of Status change (account: %d not found, suggested status %d, ip: %s).\n", server[id].name, account_id, state, ip); - else - if( auth_dat[i].state == state ) - ShowNotice("Char-server '%s': Error of Status change - actual status is already the good status (account: %d, status %d, ip: %s).\n", server[id].name, account_id, state, ip); - else { - ShowNotice("Char-server '%s': Status change (account: %d, new status %d, ip: %s).\n", server[id].name, account_id, state, ip); - if (state != 0) { - uint8 buf[11]; - WBUFW(buf,0) = 0x2731; - WBUFL(buf,2) = account_id; - WBUFB(buf,6) = 0; // 0: change of state, 1: ban - WBUFL(buf,7) = state; // status or final date of a banishment - charif_sendallwos(-1, buf, 11); - } - auth_dat[i].state = state; - // Save - mmo_auth_sync(); - } - } - break; - - case 0x2725: // Receiving of map-server via char-server a ban request - if (RFIFOREST(fd) < 18) - return 0; - { - int account_id = RFIFOL(fd,2); - int year = (short)RFIFOW(fd,6); - int month = (short)RFIFOW(fd,8); - int mday = (short)RFIFOW(fd,10); - int hour = (short)RFIFOW(fd,12); - int min = (short)RFIFOW(fd,14); - int sec = (short)RFIFOW(fd,16); - RFIFOSKIP(fd,18); - - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); - if( i == auth_num ) - ShowNotice("Char-server '%s': Error of ban request (account: %d not found, ip: %s).\n", server[id].name, account_id, ip); - else - { - time_t timestamp; - struct tm *tmtime; - if (auth_dat[i].unban_time == 0 || auth_dat[i].unban_time < time(NULL)) - timestamp = time(NULL); - else - timestamp = auth_dat[i].unban_time; - tmtime = localtime(×tamp); - tmtime->tm_year = tmtime->tm_year + year; - tmtime->tm_mon = tmtime->tm_mon + month; - tmtime->tm_mday = tmtime->tm_mday + mday; - tmtime->tm_hour = tmtime->tm_hour + hour; - tmtime->tm_min = tmtime->tm_min + min; - tmtime->tm_sec = tmtime->tm_sec + sec; - timestamp = mktime(tmtime); - if (timestamp == -1) - ShowNotice("Char-server '%s': Error of ban request (account: %d, invalid date, ip: %s).\n", server[id].name, account_id, ip); - else - if( timestamp <= time(NULL) || timestamp == 0 ) - ShowNotice("Char-server '%s': Error of ban request (account: %d, new date unbans the account, ip: %s).\n", server[id].name, account_id, ip); - else - { - unsigned char buf[16]; - char tmpstr[2048]; - strftime(tmpstr, 24, login_config.date_format, localtime(×tamp)); - ShowNotice("Char-server '%s': Ban request (account: %d, new final date of banishment: %d (%s), ip: %s).\n", server[id].name, account_id, timestamp, tmpstr, ip); - WBUFW(buf,0) = 0x2731; - WBUFL(buf,2) = auth_dat[i].account_id; - WBUFB(buf,6) = 1; // 0: change of status, 1: ban - WBUFL(buf,7) = (unsigned int)timestamp; // status or final date of a banishment - charif_sendallwos(-1, buf, 11); - auth_dat[i].unban_time = timestamp; - // Save - mmo_auth_sync(); - } - } - } - break; - - case 0x2727: // Change of sex (sex is reversed) - if( RFIFOREST(fd) < 6 ) - return 0; - { - int account_id = RFIFOL(fd,2); - RFIFOSKIP(fd,6); - - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); - if( i == auth_num ) - ShowNotice("Char-server '%s': Error of sex change (account: %d not found, ip: %s).\n", server[id].name, account_id, ip); - else - if( auth_dat[i].sex == 'S' ) - ShowNotice("Char-server '%s': Error of sex change - account to change is a Server account (account: %d, ip: %s).\n", server[id].name, account_id, ip); - else - { - unsigned char buf[7]; - char sex = ( auth_dat[i].sex == 'M' ) ? 'F' : 'M'; //Change gender - - auth_dat[i].sex = sex; - - ShowNotice("Char-server '%s': Sex change (account: %d, new sex %c, ip: %s).\n", server[id].name, account_id, sex, ip); - WBUFW(buf,0) = 0x2723; - WBUFL(buf,2) = account_id; - WBUFB(buf,6) = sex_str2num(sex); - charif_sendallwos(-1, buf, 7); - // Save - mmo_auth_sync(); - } - } - break; - - case 0x2728: // We receive account_reg2 from a char-server, and we send them to other map-servers. - if( RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd,2) ) - return 0; - { - int acc = RFIFOL(fd,4); - - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == acc ); - if( i == auth_num ) - ShowStatus("Char-server '%s': receiving (from the char-server) of account_reg2 (account: %d not found, ip: %s).\n", server[id].name, acc, ip); - else - { - int len; - int p; - ShowNotice("char-server '%s': receiving (from the char-server) of account_reg2 (account: %d, ip: %s).\n", server[id].name, acc, ip); - for(j=0,p=13;j<ACCOUNT_REG2_NUM && p<RFIFOW(fd,2);j++){ - sscanf((char*)RFIFOP(fd,p), "%31c%n",auth_dat[i].account_reg2[j].str,&len); - auth_dat[i].account_reg2[j].str[len]='\0'; - p +=len+1; //+1 to skip the '\0' between strings. - sscanf((char*)RFIFOP(fd,p), "%255c%n",auth_dat[i].account_reg2[j].value,&len); - auth_dat[i].account_reg2[j].value[len]='\0'; - p +=len+1; - remove_control_chars(auth_dat[i].account_reg2[j].str); - remove_control_chars(auth_dat[i].account_reg2[j].value); - } - auth_dat[i].account_reg2_num = j; - - // Sending information towards the other char-servers. - RFIFOW(fd,0) = 0x2729;// reusing read buffer - charif_sendallwos(fd, RFIFOP(fd,0), RFIFOW(fd,2)); - RFIFOSKIP(fd,RFIFOW(fd,2)); - - // Save - mmo_auth_sync(); - } - - } - break; - - case 0x272a: // Receiving of map-server via char-server an unban request - if( RFIFOREST(fd) < 6 ) - return 0; - { - int account_id = RFIFOL(fd,2); - RFIFOSKIP(fd,6); - - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); - if( i == auth_num ) - ShowNotice("Char-server '%s': Error of UnBan request (account: %d not found, ip: %s).\n", server[id].name, account_id, ip); - else - if( auth_dat[i].unban_time == 0 ) - ShowNotice("Char-server '%s': Error of UnBan request (account: %d, no change for unban date, ip: %s).\n", server[id].name, account_id, ip); - else - { - auth_dat[i].unban_time = 0; - ShowNotice("Char-server '%s': UnBan request (account: %d, ip: %s).\n", server[id].name, account_id, ip); - } - } - break; - - case 0x272b: // Set account_id to online [Wizputer] - if( RFIFOREST(fd) < 6 ) - return 0; - add_online_user(id, RFIFOL(fd,2)); - RFIFOSKIP(fd,6); - break; - - case 0x272c: // Set account_id to offline [Wizputer] - if( RFIFOREST(fd) < 6 ) - return 0; - remove_online_user(RFIFOL(fd,2)); - RFIFOSKIP(fd,6); - break; - - case 0x272d: // Receive list of all online accounts. [Skotlex] - if (RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd,2)) - return 0; - if( login_config.online_check ) - { - struct online_login_data *p; - int aid; - uint32 i, users; - online_db->foreach(online_db, online_db_setoffline, id); //Set all chars from this char-server offline first - users = RFIFOW(fd,4); - for (i = 0; i < users; i++) { - aid = RFIFOL(fd,6+i*4); - p = (struct online_login_data*)idb_ensure(online_db, aid, create_online_user); - p->char_server = id; - if (p->waiting_disconnect != -1) - { - delete_timer(p->waiting_disconnect, waiting_disconnect_timer); - p->waiting_disconnect = -1; - } - } - } - RFIFOSKIP(fd,RFIFOW(fd,2)); - break; - - case 0x272e: //Request account_reg2 for a character. - if (RFIFOREST(fd) < 10) - return 0; - { - size_t off; - - int account_id = RFIFOL(fd,2); - int char_id = RFIFOL(fd,6); - RFIFOSKIP(fd,10); - - WFIFOHEAD(fd,10000); - WFIFOW(fd,0) = 0x2729; - WFIFOL(fd,4) = account_id; - WFIFOL(fd,8) = char_id; - WFIFOB(fd,12) = 1; //Type 1 for Account2 registry - - ARR_FIND( 0, auth_num, i, auth_dat[i].account_id == account_id ); - if( i == auth_num ) - { - //Account not found? Send at least empty data, map servers need a reply! - WFIFOW(fd,2) = 13; - WFIFOSET(fd,WFIFOW(fd,2)); - break; - } - - for( off = 13, j = 0; j < auth_dat[i].account_reg2_num && off < 9000; j++ ) - { - if( auth_dat[i].account_reg2[j].str[0] != '\0' ) - { - off += sprintf((char*)WFIFOP(fd,off), "%s", auth_dat[i].account_reg2[j].str)+1; //We add 1 to consider the '\0' in place. - off += sprintf((char*)WFIFOP(fd,off), "%s", auth_dat[i].account_reg2[j].value)+1; - } - } - - if( off >= 9000 ) - ShowWarning("Too many account2 registries for AID %d. Some registries were not sent.\n", account_id); - - WFIFOW(fd,2) = (uint16)off; - WFIFOSET(fd,WFIFOW(fd,2)); - } - break; - - case 0x2736: // WAN IP update from char-server - if( RFIFOREST(fd) < 6 ) - return 0; - server[id].ip = ntohl(RFIFOL(fd,2)); - ShowInfo("Updated IP of Server #%d to %d.%d.%d.%d.\n",id, CONVIP(server[id].ip)); - RFIFOSKIP(fd,6); - break; - - case 0x2737: //Request to set all offline. - ShowInfo("Setting accounts from char-server %d offline.\n", id); - online_db->foreach(online_db, online_db_setoffline, id); - RFIFOSKIP(fd,2); - break; - - default: - ShowError("parse_fromchar: Unknown packet 0x%x from a char-server! Disconnecting!\n", command); - set_eof(fd); - return 0; - } // switch - } // while - - RFIFOSKIP(fd,RFIFOREST(fd)); - return 0; -} - -void login_auth_ok(struct login_session_data* sd) -{ - int fd = sd->fd; - uint32 ip = session[fd]->client_addr; - - uint8 server_num, n; - uint32 subnet_char_ip; - struct auth_node* node; - int i; - - sd->level = isGM(sd->account_id); - - if( sd->level < login_config.min_level_to_connect ) - { - ShowStatus("Connection refused: the minimum GM level for connection is %d (account: %s, GM level: %d).\n", login_config.min_level_to_connect, sd->userid, sd->level); - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x81; - WFIFOB(fd,2) = 1; // 01 = Server closed - WFIFOSET(fd,3); - return; - } - - server_num = 0; - for( i = 0; i < MAX_SERVERS; ++i ) - if( session_isValid(server[i].fd) ) - server_num++; - - if( server_num == 0 ) - {// if no char-server, don't send void list of servers, just disconnect the player with proper message - ShowStatus("Connection refused: there is no char-server online (account: %s).\n", sd->userid); - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x81; - WFIFOB(fd,2) = 1; // 01 = Server closed - WFIFOSET(fd,3); - return; - } - - if( login_config.online_check ) - { - struct online_login_data* data = (struct online_login_data*)idb_get(online_db, sd->account_id); - if( data ) - {// account is already marked as online! - if( data->char_server > -1 ) - {// Request char servers to kick this account out. [Skotlex] - uint8 buf[6]; - ShowNotice("User '%s' is already online - Rejected.\n", sd->userid); - WBUFW(buf,0) = 0x2734; - WBUFL(buf,2) = sd->account_id; - charif_sendallwos(-1, buf, 6); - if( data->waiting_disconnect == -1 ) - data->waiting_disconnect = add_timer(gettick()+AUTH_TIMEOUT, waiting_disconnect_timer, sd->account_id, 0); - - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x81; - WFIFOB(fd,2) = 8; // 08 = Server still recognizes your last login - WFIFOSET(fd,3); - return; - } - else - if( data->char_server == -1 ) - {// client has authed but did not access char-server yet - // wipe previous session - idb_remove(auth_db, sd->account_id); - remove_online_user(sd->account_id); - data = NULL; - } - } - } - - login_log(ip, sd->userid, 100, "login ok"); - - if( sd->level > 0 ) - ShowStatus("Connection of the GM (level:%d) account '%s' accepted.\n", sd->level, sd->userid); - else - ShowStatus("Connection of the account '%s' accepted.\n", sd->userid); - - WFIFOHEAD(fd,47+32*server_num); - WFIFOW(fd,0) = 0x69; - WFIFOW(fd,2) = 47+32*server_num; - WFIFOL(fd,4) = sd->login_id1; - WFIFOL(fd,8) = sd->account_id; - WFIFOL(fd,12) = sd->login_id2; - WFIFOL(fd,16) = 0; // in old version, that was for ip (not more used) - //memcpy(WFIFOP(fd,20), sd->lastlogin, 24); // in old version, that was for name (not more used) - WFIFOW(fd,44) = 0; // unknown - WFIFOB(fd,46) = sex_str2num(sd->sex); - for( i = 0, n = 0; i < MAX_SERVERS; ++i ) - { - if( !session_isValid(server[i].fd) ) - continue; - - subnet_char_ip = lan_subnetcheck(ip); // Advanced subnet check [LuzZza] - WFIFOL(fd,47+n*32) = htonl((subnet_char_ip) ? subnet_char_ip : server[i].ip); - WFIFOW(fd,47+n*32+4) = ntows(htons(server[i].port)); // [!] LE byte order here [!] - memcpy(WFIFOP(fd,47+n*32+6), server[i].name, 20); - WFIFOW(fd,47+n*32+26) = server[i].users; - WFIFOW(fd,47+n*32+28) = server[i].maintenance; - WFIFOW(fd,47+n*32+30) = server[i].new_; - n++; - } - WFIFOSET(fd,47+32*server_num); - - // create temporary auth entry - CREATE(node, struct auth_node, 1); - node->account_id = sd->account_id; - node->login_id1 = sd->login_id1; - node->login_id2 = sd->login_id2; - node->sex = sd->sex; - node->ip = ip; - idb_put(auth_db, sd->account_id, node); - - if( login_config.online_check ) - { - struct online_login_data* data; - - // mark client as 'online' - data = add_online_user(-1, sd->account_id); - - // schedule deletion of this node - data->waiting_disconnect = add_timer(gettick()+AUTH_TIMEOUT, waiting_disconnect_timer, sd->account_id, 0); - } -} - -void login_auth_failed(struct login_session_data* sd, int result) -{ - int fd = sd->fd; - uint32 ip = session[fd]->client_addr; - - login_log(ip, sd->userid, result, "login failed"); - - WFIFOHEAD(fd,23); - WFIFOW(fd,0) = 0x6a; - WFIFOB(fd,2) = (uint8)result; - if( result != 6 ) - memset(WFIFOP(fd,3), '\0', 20); - else - {// 6 = Your are Prohibited to log in until %s - char tmpstr[20]; - int i = search_account_index(sd->userid); - time_t unban_time = ( i >= 0 ) ? auth_dat[i].unban_time : 0; - strftime(tmpstr, 20, login_config.date_format, localtime(&unban_time)); - safestrncpy((char*)WFIFOP(fd,3), tmpstr, 20); // ban timestamp goes here - } - WFIFOSET(fd,23); -} - -//---------------------------------------------------------------------------------------- -// Default packet parsing (normal players or administation/char-server connection requests) -//---------------------------------------------------------------------------------------- -int parse_login(int fd) -{ - struct login_session_data* sd = session[fd]->session_data; - int result; - uint32 ipl; - char ip[16]; - - if( session[fd]->flag.eof ) - { - do_close(fd); - return 0; - } - - if( sd == NULL ) { - sd = CREATE(session[fd]->session_data, struct login_session_data, 1); - sd->fd = fd; - } - - ipl = session[fd]->client_addr; - ip2str(ipl, ip); - - while( RFIFOREST(fd) >= 2 ) - { - uint16 command = RFIFOW(fd,0); - - switch( command ) - { - - case 0x0200: // New alive packet: structure: 0x200 <account.userid>.24B. used to verify if client is always alive. - if (RFIFOREST(fd) < 26) - return 0; - RFIFOSKIP(fd,26); - break; - - case 0x0204: // New alive packet: structure: 0x204 <encrypted.account.userid>.16B. (new ragexe from 22 june 2004) - if (RFIFOREST(fd) < 18) - return 0; - RFIFOSKIP(fd,18); - break; - - case 0x0064: // request client login - case 0x01dd: // request client login (encryption mode) - case 0x0277: // New login packet (kRO 2006-04-24aSakexe langtype 0) - case 0x02b0: // New login packet (kRO 2007-05-14aSakexe langtype 0) - { - size_t packet_len = RFIFOREST(fd); // assume no other packet was sent - - if( (command == 0x0064 && packet_len < 55) - || (command == 0x01dd && packet_len < 47) - || (command == 0x0277 && packet_len < 84) - || (command == 0x02b0 && packet_len < 85) ) - return 0; - - // S 0064 <version>.l <account name>.24B <password>.24B <version2>.B - // S 01dd <version>.l <account name>.24B <md5 binary>.16B <version2>.B - // S 0277 <version>.l <account name>.24B <password>.24B <junk?>.29B <version2>.B - // S 02b0 <version>.l <account name>.24B <password>.24B <junk?>.30B <version2>.B - - sd->version = RFIFOL(fd,2); - safestrncpy(sd->userid, (char*)RFIFOP(fd,6), NAME_LENGTH); remove_control_chars(sd->userid); - if (command != 0x01dd) { - ShowStatus("Request for connection of %s (ip: %s).\n", sd->userid, ip); - safestrncpy(sd->passwd, (char*)RFIFOP(fd,30), NAME_LENGTH); remove_control_chars(sd->passwd); - sd->passwdenc = 0; - } else { - ShowStatus("Request for connection (encryption mode) of %s (ip: %s).\n", sd->userid, ip); - memcpy(sd->passwd, RFIFOP(fd,30), 16); sd->passwd[16] = '\0'; // raw binary data here! - sd->passwdenc = PASSWORDENC; - } - RFIFOSKIP(fd,packet_len); - - result = mmo_auth(sd); - - if( result == -1 ) - login_auth_ok(sd); - else - login_auth_failed(sd, result); - } - break; - - case 0x01db: // Sending request of the coding key - case 0x791a: // Sending request of the coding key (administration packet) - RFIFOSKIP(fd,2); - { - unsigned int i; - - memset(sd->md5key, '\0', sizeof(sd->md5key)); - sd->md5keylen = (uint16)(12 + rand() % 4); - for( i = 0; i < sd->md5keylen; ++i ) - sd->md5key[i] = (char)(1 + rand() % 255); - - WFIFOHEAD(fd,4 + sd->md5keylen); - WFIFOW(fd,0) = 0x01dc; - WFIFOW(fd,2) = 4 + sd->md5keylen; - memcpy(WFIFOP(fd,4), sd->md5key, sd->md5keylen); - WFIFOSET(fd,WFIFOW(fd,2)); - } - break; - - case 0x2710: // Connection request of a char-server - if (RFIFOREST(fd) < 86) - return 0; - { - char server_name[20]; - char message[256]; - uint32 server_ip; - uint16 server_port; - uint16 maintenance; - uint16 new_; - - safestrncpy(sd->userid, (char*)RFIFOP(fd,2), NAME_LENGTH); - safestrncpy(sd->passwd, (char*)RFIFOP(fd,26), NAME_LENGTH); - sd->passwdenc = 0; - sd->version = login_config.client_version_to_connect; // hack to skip version check - server_ip = ntohl(RFIFOL(fd,54)); - server_port = ntohs(RFIFOW(fd,58)); - safestrncpy(server_name, (char*)RFIFOP(fd,60), 20); - maintenance = RFIFOW(fd,82); - new_ = RFIFOW(fd,84); - RFIFOSKIP(fd,86); - - ShowInfo("Connection request of the char-server '%s' @ %d.%d.%d.%d:%d (account: '%s', pass: '%s', ip: '%s')\n", server_name, CONVIP(server_ip), server_port, sd->userid, sd->passwd, ip); - sprintf(message, "charserver - %s@%u.%u.%u.%u:%u", server_name, CONVIP(server_ip), server_port); - login_log(ipl, sd->userid, 100, message); - - result = mmo_auth(sd); - if( result == -1 && sd->sex == 'S' && sd->account_id < MAX_SERVERS && server[sd->account_id].fd == -1 ) - { - ShowStatus("Connection of the char-server '%s' accepted.\n", server_name); - safestrncpy(server[sd->account_id].name, server_name, sizeof(server[sd->account_id].name)); - server[sd->account_id].fd = fd; - server[sd->account_id].ip = server_ip; - server[sd->account_id].port = server_port; - server[sd->account_id].users = 0; - server[sd->account_id].maintenance = maintenance; - server[sd->account_id].new_ = new_; - - session[fd]->func_parse = parse_fromchar; - session[fd]->flag.server = 1; - realloc_fifo(fd, FIFOSIZE_SERVERLINK, FIFOSIZE_SERVERLINK); - - // send connection success - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x2711; - WFIFOB(fd,2) = 0; - WFIFOSET(fd,3); - - // send GM account to char-server - send_GM_accounts(fd); - } - else - { - ShowNotice("Connection of the char-server '%s' REFUSED.\n", server_name); - WFIFOHEAD(fd,3); - WFIFOW(fd,0) = 0x2711; - WFIFOB(fd,2) = 3; - WFIFOSET(fd,3); - } - } - return 0; // processing will continue elsewhere - - case 0x7530: // Server version information request - ShowStatus("Sending server version information to ip: %s\n", ip); - RFIFOSKIP(fd,2); - WFIFOHEAD(fd,10); - WFIFOW(fd,0) = 0x7531; - WFIFOB(fd,2) = ATHENA_MAJOR_VERSION; - WFIFOB(fd,3) = ATHENA_MINOR_VERSION; - WFIFOB(fd,4) = ATHENA_REVISION; - WFIFOB(fd,5) = ATHENA_RELEASE_FLAG; - WFIFOB(fd,6) = ATHENA_OFFICIAL_FLAG; - WFIFOB(fd,7) = ATHENA_SERVER_LOGIN; - WFIFOW(fd,8) = ATHENA_MOD_VERSION; - WFIFOSET(fd,10); - break; - - case 0x7918: // Request for administation login - if ((int)RFIFOREST(fd) < 4 || (int)RFIFOREST(fd) < ((RFIFOW(fd,2) == 0) ? 28 : 20)) - return 0; - WFIFOW(fd,0) = 0x7919; - WFIFOB(fd,2) = 1; - if( session[fd]->client_addr != admin_allowed_ip ) { - ShowNotice("'ladmin'-login: Connection in administration mode refused: IP isn't authorised (ladmin_allow, ip: %s).\n", ip); - } else { - struct login_session_data *ld = (struct login_session_data*)session[fd]->session_data; - if (RFIFOW(fd,2) == 0) { // non encrypted password - char password[25]; - memcpy(password, RFIFOP(fd,4), 24); - password[24] = '\0'; - remove_control_chars(password); - if( !admin_state ) - ShowNotice("'ladmin'-login: Connection in administration mode REFUSED - remote administration is disabled (non encrypted password: %s, ip: %s)\n", password, ip); - else - if( strcmp(password, admin_pass) != 0) - ShowNotice("'ladmin'-login: Connection in administration mode REFUSED - invalid password (non encrypted password: %s, ip: %s)\n", password, ip); - else { - // If remote administration is enabled and password sent by client matches password read from login server configuration file - ShowNotice("'ladmin'-login: Connection in administration mode accepted (non encrypted password: %s, ip: %s)\n", password, ip); - WFIFOB(fd,2) = 0; - session[fd]->func_parse = parse_admin; - } - } else { // encrypted password - if (!ld) - ShowError("'ladmin'-login: error! MD5 key not created/requested for an administration login.\n"); - else { - char md5str[64] = "", md5bin[32]; - if (RFIFOW(fd,2) == 1) { - sprintf(md5str, "%s%s", ld->md5key, admin_pass); // 20 24 - } else if (RFIFOW(fd,2) == 2) { - sprintf(md5str, "%s%s", admin_pass, ld->md5key); // 24 20 - } - MD5_String2binary(md5str, md5bin); - if( !admin_state ) - ShowNotice("'ladmin'-login: Connection in administration mode REFUSED - remote administration is disabled (encrypted password, ip: %s)\n", ip); - else - if( memcmp(md5bin, RFIFOP(fd,4), 16) != 0 ) - ShowNotice("'ladmin'-login: Connection in administration mode REFUSED - invalid password (encrypted password, ip: %s)\n", ip); - else { - // If remote administration is enabled and password hash sent by client matches hash of password read from login server configuration file - ShowNotice("'ladmin'-login: Connection in administration mode accepted (encrypted password, ip: %s)\n", ip); - ShowNotice("Connection of a remote administration accepted (encrypted password).\n"); - WFIFOB(fd,2) = 0; - session[fd]->func_parse = parse_admin; - } - } - } - } - WFIFOSET(fd,3); - - RFIFOSKIP(fd, (RFIFOW(fd,2) == 0) ? 28 : 20); - break; - - default: - ShowNotice("Abnormal end of connection (ip: %s): Unknown packet 0x%x\n", ip, command); - set_eof(fd); - return 0; - } - } - - RFIFOSKIP(fd,RFIFOREST(fd)); - return 0; -} - - - -//------------------------------------- -// Displaying of configuration warnings -//------------------------------------- -void display_conf_warnings(void) -{ - if( admin_state ) { - if (admin_pass[0] == '\0') { - ShowWarning("Administrator password is void (admin_pass).\n"); - } else if (strcmp(admin_pass, "admin") == 0) { - ShowWarning("You are using the default administrator password (admin_pass).\n"); - ShowWarning(" We highly recommend that you change it.\n"); - } - } - - if (gm_account_filename_check_timer < 0) { - ShowWarning("Invalid value for gm_account_filename_check_timer parameter. Setting to 15 sec (default).\n"); - gm_account_filename_check_timer = 15; - } else if (gm_account_filename_check_timer == 1) { - ShowWarning("Invalid value for gm_account_filename_check_timer parameter. Setting to 2 sec (minimum value).\n"); - gm_account_filename_check_timer = 2; - } - - if (login_config.min_level_to_connect < 0) { // 0: all players, 1-99 at least gm level x - ShowWarning("Invalid value for min_level_to_connect (%d) parameter -> setting 0 (any player).\n", login_config.min_level_to_connect); - login_config.min_level_to_connect = 0; - } else if (login_config.min_level_to_connect > 99) { // 0: all players, 1-99 at least gm level x - ShowWarning("Invalid value for min_level_to_connect (%d) parameter -> setting to 99 (only GM level 99)\n", login_config.min_level_to_connect); - login_config.min_level_to_connect = 99; - } - - if (login_config.start_limited_time < -1) { // -1: create unlimited account, 0 or more: additionnal sec from now to create limited time - ShowWarning("Invalid value for start_limited_time parameter\n"); - ShowWarning(" -> setting to -1 (new accounts are created with unlimited time).\n"); - login_config.start_limited_time = -1; - } - - return; -} |