1 files changed, 20 insertions, 2 deletions

diff --git a/src/char/char.c b/src/char/char.c
index 8d7ff1ab4..82206cbd9 100644
--- a/src/char/char.c
+++ b/src/char/char.c
@@ -2270,7 +2270,7 @@ int parse_fromlogin(int fd) {
 
 			// acknowledgement of account authentication request
 			case 0x2713:
-				if (RFIFOREST(fd) < 29)
+				if (RFIFOREST(fd) < 33)
 					return 0;
 			{
 				int account_id = RFIFOL(fd,2);
@@ -2282,7 +2282,8 @@ int parse_fromlogin(int fd) {
 				uint32 version = RFIFOL(fd,20);
 				uint8 clienttype = RFIFOB(fd,24);
 				int group_id = RFIFOL(fd,25);
-				RFIFOSKIP(fd,29);
+				unsigned int expiration_time = RFIFOL(fd, 29);
+				RFIFOSKIP(fd,33);
 
 				if( session_isActive(request_id) && (sd=(struct char_session_data*)session[request_id]->session_data) &&
 					!sd->auth && sd->account_id == account_id && sd->login_id1 == login_id1 && sd->login_id2 == login_id2 && sd->sex == sex )
@@ -2300,6 +2301,14 @@ int parse_fromlogin(int fd) {
 								WFIFOSET(client_fd,3);
 								break;
 							}
+							/* the client will already deny this request, this check is to avoid someone bypassing. */
+							if( char_server_type == CST_PAYING && (time_t)expiration_time < time(NULL) ) {
+								WFIFOHEAD(client_fd,3);
+								WFIFOW(client_fd,0) = 0x6c;
+								WFIFOB(client_fd,2) = 0;// rejected from server
+								WFIFOSET(client_fd,3);
+								break;
+							}
 							char_auth_ok(client_fd, sd);
 							break;
 						case 1:// auth failed
@@ -3070,6 +3079,7 @@ int parse_frommap(int fd)
 					node->login_id2 = login_id2;
 					//node->sex = 0;
 					node->ip = ntohl(ip);
+					/* sounds troublesome. */
 					//node->expiration_time = 0; // unlimited/unknown time by default (not display in map-server)
 					//node->gmlevel = 0;
 					idb_put(auth_db, account_id, node);
@@ -4004,6 +4014,14 @@ int parse_char(int fd)
 						WFIFOSET(fd,3);
 						break;
 					}
+					/* the client will already deny this request, this check is to avoid someone bypassing. */
+					if( char_server_type == CST_PAYING && (time_t)node->expiration_time < time(NULL) ) {
+						WFIFOHEAD(fd,3);
+						WFIFOW(fd,0) = 0x6c;
+						WFIFOB(fd,2) = 0;// rejected from server
+						WFIFOSET(fd,3);
+						break;
+					}
 					idb_remove(auth_db, account_id);
 					char_auth_ok(fd, sd);
 				}