summaryrefslogtreecommitdiff
path: root/src/login/ipban_sql.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/login/ipban_sql.c')
-rw-r--r--src/login/ipban_sql.c209
1 files changed, 209 insertions, 0 deletions
diff --git a/src/login/ipban_sql.c b/src/login/ipban_sql.c
new file mode 100644
index 000000000..911ae23db
--- /dev/null
+++ b/src/login/ipban_sql.c
@@ -0,0 +1,209 @@
+// Copyright (c) Athena Dev Teams - Licensed under GNU GPL
+// For more information, see LICENCE in the main folder
+
+#include "../common/cbasetypes.h"
+#include "../common/db.h"
+#include "../common/malloc.h"
+#include "../common/sql.h"
+#include "../common/socket.h"
+#include "../common/strlib.h"
+#include "../common/timer.h"
+#include "login.h"
+#include "ipban.h"
+#include <stdlib.h>
+#include <string.h>
+
+// database options
+static char ipban_db_hostname[32] = "127.0.0.1";
+static uint16 ipban_db_port = 3306;
+static char ipban_db_username[32] = "ragnarok";
+static char ipban_db_password[32] = "ragnarok";
+static char ipban_db_database[32] = "ragnarok";
+static char ipban_table[32] = "ipbanlist";
+
+static char log_db_hostname[32] = "127.0.0.1";
+static uint16 log_db_port = 3306;
+static char log_db_username[32] = "ragnarok";
+static char log_db_password[32] = "ragnarok";
+static char log_db_database[32] = "ragnarok";
+static char loginlog_table[32] = "loginlog";
+
+static char default_codepage[32] = "";
+
+// globals
+static Sql* sql_handle;
+static Sql* logsql_handle;
+static int cleanup_timer_id = INVALID_TIMER;
+
+int ipban_cleanup(int tid, unsigned int tick, int id, intptr data);
+
+
+// initialize
+void ipban_init(void)
+{
+ // establish connections
+ sql_handle = Sql_Malloc();
+ if( SQL_ERROR == Sql_Connect(sql_handle, ipban_db_username, ipban_db_password, ipban_db_hostname, ipban_db_port, ipban_db_database) )
+ {
+ Sql_ShowDebug(sql_handle);
+ Sql_Free(sql_handle);
+ exit(EXIT_FAILURE);
+ }
+ if( default_codepage[0] != '\0' && SQL_ERROR == Sql_SetEncoding(sql_handle, default_codepage) )
+ Sql_ShowDebug(sql_handle);
+
+ logsql_handle = Sql_Malloc();
+ if( SQL_ERROR == Sql_Connect(logsql_handle, log_db_username, log_db_password, log_db_hostname, log_db_port, log_db_database) )
+ {
+ Sql_ShowDebug(logsql_handle);
+ Sql_Free(logsql_handle);
+ exit(EXIT_FAILURE);
+ }
+ if( default_codepage[0] != '\0' && SQL_ERROR == Sql_SetEncoding(logsql_handle, default_codepage) )
+ Sql_ShowDebug(logsql_handle);
+
+ // set up periodic cleanup of connection history and active bans
+ add_timer_func_list(ipban_cleanup, "ipban_cleanup");
+ cleanup_timer_id = add_timer_interval(gettick()+10, ipban_cleanup, 0, 0, 60*1000);
+}
+
+// finalize
+void ipban_final(void)
+{
+ // release data
+ delete_timer(cleanup_timer_id, ipban_cleanup);
+
+ // close connections
+ Sql_Free(sql_handle);
+ sql_handle = NULL;
+ Sql_Free(logsql_handle);
+ logsql_handle = NULL;
+}
+
+// load configuration options
+bool ipban_config_read(const char* key, const char* value)
+{
+ // login server settings
+ if( strcmpi(key, "ipban.enable") == 0 )
+ login_config.ipban = (bool)config_switch(value);
+ else
+ if( strcmpi(key, "ipban.dynamic_pass_failure_ban") == 0 )
+ login_config.dynamic_pass_failure_ban = (bool)config_switch(value);
+ else
+ if( strcmpi(key, "ipban.dynamic_pass_failure_ban_interval") == 0 )
+ login_config.dynamic_pass_failure_ban_interval = atoi(value);
+ else
+ if( strcmpi(key, "ipban.dynamic_pass_failure_ban_limit") == 0 )
+ login_config.dynamic_pass_failure_ban_limit = atoi(value);
+ else
+ if( strcmpi(key, "ipban.dynamic_pass_failure_ban_duration") == 0 )
+ login_config.dynamic_pass_failure_ban_duration = atoi(value);
+ else
+
+ // ipban table settings
+ if( strcmpi(key, "ipban.sql.db_hostname") == 0 )
+ safestrncpy(ipban_db_hostname, value, sizeof(ipban_db_hostname));
+ else
+ if( strcmpi(key, "ipban.sql.db_port") == 0 )
+ ipban_db_port = (uint16)strtoul(value, NULL, 10);
+ else
+ if( strcmpi(key, "ipban.sql.db_username") == 0 )
+ safestrncpy(ipban_db_username, value, sizeof(ipban_db_username));
+ else
+ if( strcmpi(key, "ipban.sql.db_password") == 0 )
+ safestrncpy(ipban_db_password, value, sizeof(ipban_db_password));
+ else
+ if( strcmpi(key, "ipban.sql.db_database") == 0 )
+ safestrncpy(ipban_db_database, value, sizeof(ipban_db_database));
+ else
+ if( strcmpi(key, "ipban.sql.ipban_table") == 0 )
+ safestrncpy(ipban_table, value, sizeof(ipban_table));
+ else
+
+ // interserver settings
+ if( strcmpi(key, "log_db_ip") == 0 )
+ safestrncpy(log_db_hostname, value, sizeof(log_db_hostname));
+ else
+ if( strcmpi(key, "log_db_port") == 0 )
+ log_db_port = (uint16)strtoul(value, NULL, 10);
+ else
+ if( strcmpi(key, "log_db_id") == 0 )
+ safestrncpy(log_db_username, value, sizeof(log_db_username));
+ else
+ if( strcmpi(key, "log_db_pw") == 0 )
+ safestrncpy(log_db_password, value, sizeof(log_db_password));
+ else
+ if( strcmpi(key, "log_db") == 0 )
+ safestrncpy(log_db_database, value, sizeof(log_db_database));
+ else
+ if( strcmpi(key, "loginlog_db") == 0 )
+ safestrncpy(loginlog_table, value, sizeof(loginlog_table));
+ else
+ if( strcmpi(key, "default_codepage") == 0 )
+ safestrncpy(default_codepage, value, sizeof(default_codepage));
+ else
+ return false;
+
+ return true;
+}
+
+// check ip against active bans list
+bool ipban_check(uint32 ip)
+{
+ uint8* p = (uint8*)&ip;
+ char* data = NULL;
+ int matches;
+
+ if( SQL_ERROR == Sql_Query(sql_handle, "SELECT count(*) FROM `%s` WHERE `list` = '%u.*.*.*' OR `list` = '%u.%u.*.*' OR `list` = '%u.%u.%u.*' OR `list` = '%u.%u.%u.%u'",
+ ipban_table, p[3], p[3], p[2], p[3], p[2], p[1], p[3], p[2], p[1], p[0]) )
+ {
+ Sql_ShowDebug(sql_handle);
+ // close connection because we can't verify their connectivity.
+ return true;
+ }
+
+ if( SQL_ERROR == Sql_NextRow(sql_handle) )
+ return true;// Shouldn't happen, but just in case...
+
+ Sql_GetData(sql_handle, 0, &data, NULL);
+ matches = atoi(data);
+ Sql_FreeResult(sql_handle);
+
+ return( matches > 0 );
+}
+
+// log failed attempt
+void ipban_log(uint32 ip)
+{
+ unsigned long failures = 0;
+ if( SQL_ERROR == Sql_Query(logsql_handle, "SELECT count(*) FROM `%s` WHERE `ip` = '%s' AND `rcode` = '1' AND `time` > NOW() - INTERVAL %d MINUTE",
+ loginlog_table, ip2str(ip,NULL), login_config.dynamic_pass_failure_ban_interval) )// how many times failed account? in one ip.
+ Sql_ShowDebug(sql_handle);
+
+ //check query result
+ if( SQL_SUCCESS == Sql_NextRow(logsql_handle) )
+ {
+ char* data;
+ Sql_GetData(logsql_handle, 0, &data, NULL);
+ failures = strtoul(data, NULL, 10);
+ Sql_FreeResult(logsql_handle);
+ }
+
+ // if over the limit, add a temporary ban entry
+ if( failures >= login_config.dynamic_pass_failure_ban_limit )
+ {
+ uint8* p = (uint8*)&ip;
+ if( SQL_ERROR == Sql_Query(sql_handle, "INSERT INTO `%s`(`list`,`btime`,`rtime`,`reason`) VALUES ('%u.%u.%u.*', NOW() , NOW() + INTERVAL %d MINUTE ,'Password error ban')",
+ ipban_table, p[3], p[2], p[1], login_config.dynamic_pass_failure_ban_duration) )
+ Sql_ShowDebug(sql_handle);
+ }
+}
+
+// remove expired bans
+int ipban_cleanup(int tid, unsigned int tick, int id, intptr data)
+{
+ if( SQL_ERROR == Sql_Query(sql_handle, "DELETE FROM `ipbanlist` WHERE `rtime` <= NOW()") )
+ Sql_ShowDebug(sql_handle);
+
+ return 0;
+}
generated by cgit v1.2.3-60-g2f50 (git 2.42.0) at 2024-06-29 02:12:43 +0000