From f56264d23d9cc86a87331401496e206639cdd6e3 Mon Sep 17 00:00:00 2001
From: Haru <haru@dotalux.com>
Date: Thu, 11 Feb 2016 00:41:54 +0100
Subject: Ported login-server.conf to libconfig

Ported to modern Hercules and cleaned up from Panikon's commits: ceb8a486ac47c2ed9aae4baa1ec39a11f31e9368, c1049123a4ea6ae6f0992ffe766db8aed7435ab5, 6feb097046355610d2288670a569ccc175358580, 9f6e27a96d655f2b4555310786d9d10898754404, 21fa5d24255ba026f96b1dbedf74ac5ef831d3ae, e22a56ad4def8ca22e94d44377a5364b9db1a425, f753a754923140bfec02057c16e6e8429b863d0e, 25dde7e46524ace330b83cb4bf0255cc4d796792

Signed-off-by: Haru <haru@dotalux.com>
---
 conf/common/inter-server.conf      |   3 +
 conf/global/sql_connection.conf    |   3 +
 conf/import-tmpl/login-server.conf |  32 +++++++
 conf/import-tmpl/login_conf.txt    |   0
 conf/login-server.conf             | 156 -------------------------------
 conf/login/login-server.conf       | 187 +++++++++++++++++++++++++++++++++++++
 6 files changed, 225 insertions(+), 156 deletions(-)
 create mode 100644 conf/import-tmpl/login-server.conf
 delete mode 100644 conf/import-tmpl/login_conf.txt
 delete mode 100644 conf/login-server.conf
 create mode 100644 conf/login/login-server.conf

(limited to 'conf')

diff --git a/conf/common/inter-server.conf b/conf/common/inter-server.conf
index fd55b27e5..888d4ad80 100644
--- a/conf/common/inter-server.conf
+++ b/conf/common/inter-server.conf
@@ -65,6 +65,9 @@ inter_configuration: {
 	// this is meant for people who KNOW their stuff, and for some reason want to change their
 	// database layout. [CLOWNISIUS]
 	database_names: {
+		account_db: "login"
+		login_db: "loginlog"
+		ipban_table: "ipbanlist"
 		char_db: "char"
 		interlog_db: "interlog"
 		ragsrvinfo_db: "ragsrvinfo"
diff --git a/conf/global/sql_connection.conf b/conf/global/sql_connection.conf
index 58c9e6d08..60fea5656 100644
--- a/conf/global/sql_connection.conf
+++ b/conf/global/sql_connection.conf
@@ -36,6 +36,9 @@ sql_connection: {
 	// (Note that this feature requires MySQL 4.1+)
 	//default_codepage: ""
 
+	// [LOGIN] Is `userid` in account_db case sensitive?
+	//case_sensitive: false
+
 	// For IPs, ideally under linux, you want to use localhost instead of 127.0.0.1.
 	// Under windows, you want to use 127.0.0.1.  If you see a message like
 	// "Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)"
diff --git a/conf/import-tmpl/login-server.conf b/conf/import-tmpl/login-server.conf
new file mode 100644
index 000000000..feadef976
--- /dev/null
+++ b/conf/import-tmpl/login-server.conf
@@ -0,0 +1,32 @@
+//================= Hercules Configuration ================================
+//=       _   _                     _
+//=      | | | |                   | |
+//=      | |_| | ___ _ __ ___ _   _| | ___  ___
+//=      |  _  |/ _ \ '__/ __| | | | |/ _ \/ __|
+//=      | | | |  __/ | | (__| |_| | |  __/\__ \
+//=      \_| |_/\___|_|  \___|\__,_|_|\___||___/
+//================= License ===============================================
+//= This file is part of Hercules.
+//= http://herc.ws - http://github.com/HerculesWS/Hercules
+//=
+//= Copyright (C) 2014-2016  Hercules Dev Team
+//=
+//= Hercules is free software: you can redistribute it and/or modify
+//= it under the terms of the GNU General Public License as published by
+//= the Free Software Foundation, either version 3 of the License, or
+//= (at your option) any later version.
+//=
+//= This program is distributed in the hope that it will be useful,
+//= but WITHOUT ANY WARRANTY; without even the implied warranty of
+//= MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//= GNU General Public License for more details.
+//=
+//= You should have received a copy of the GNU General Public License
+//= along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//=========================================================================
+//= Login Server local configuration file.
+//=========================================================================
+
+login_configuration: {
+	// See conf/login/login-server.conf for details
+}
diff --git a/conf/import-tmpl/login_conf.txt b/conf/import-tmpl/login_conf.txt
deleted file mode 100644
index e69de29bb..000000000
diff --git a/conf/login-server.conf b/conf/login-server.conf
deleted file mode 100644
index 620fae327..000000000
--- a/conf/login-server.conf
+++ /dev/null
@@ -1,156 +0,0 @@
-// Hercules Login Server configuration file.
-// Translated by Peter Kieser <pfak@telus.net>
-
-// Note: "Comments" are all text on the right side of a double slash "//"
-// Whatever text is commented will not be parsed by the servers, and serves
-// only as information/reference.
-
-// The login server listens on the interface with this IP address.
-// NOTE: This allows you to run multiple servers on multiple interfaces
-// while using the same ports for each server.
-//bind_ip: 127.0.0.1
-
-// Login Server Port
-login_port: 6900
-
-//Time-stamp format which will be printed before all messages.
-//Can at most be 20 characters long.
-//Common formats:
-// %I:%M:%S %p (hour:minute:second 12 hour, AM/PM format)
-// %H:%M:%S (hour:minute:second, 24 hour format)
-// %d/%b/%Y (day/Month/year)
-//For full format information, consult the strftime() manual.
-//timestamp_format: [%d/%b %H:%M]
-
-//If redirected output contains escape sequences (color codes)
-stdout_with_ansisequence: no
-
-//Makes server output more silent by omitting certain types of messages:
-//1: Hide Information messages
-//2: Hide Status messages
-//4: Hide Notice Messages
-//8: Hide Warning Messages
-//16: Hide Error and SQL Error messages.
-//32: Hide Debug Messages
-//Example: "console_silent: 7" Hides information, status and notice messages (1+2+4)
-console_silent: 0
-
-// Can you use _M/_F to make new accounts on the server?
-new_account: yes
-
-//If new_account is enabled, minimum length to userid and passwords should be 4?
-//Must be 'Yes' unless your client uses both 'Disable 4 LetterUserID/Password' Diffs
-new_acc_length_limit: yes
-
-// Account registration flood protection system
-// allowed_regs is the number of registrations allowed in time_allowed (in seconds)
-allowed_regs: 1
-time_allowed: 10
-
-// To log the login server?
-// NOTE: The login-sql server needs the login logs to enable dynamic pass failure bans.
-log_login: yes
-
-// Indicate how to display date in logs, to players, etc.
-date_format: %Y-%m-%d %H:%M:%S
-
-// Required account group id to connect to server.
-// -1: disabled
-// 0 or more: group id
-group_id_to_connect: -1
-
-// Minimum account group id required to connect to server.
-// Will not function if group_id_to_connect config is enabled.
-// -1: disabled
-// 0 or more: group id
-min_group_id_to_connect: -1
-
-// Starting additional sec from now for the limited time at creation of account
-// -1: new account are created with UNlimited time (default value)
-// 0 or more: new accounts was created by addition of the value (in sec) to the actual time (to set first limited time)
-start_limited_time: -1
-
-// Check The clientversion set in the clientinfo ?
-check_client_version: no
-
-// What version we would allow to connect? (if the options above is enabled..)
-client_version_to_connect: 20
-
-// Store passwords as MD5 hashes instead of plaintext ?
-// NOTE: Will not work with clients that use <passwordencrypt>
-use_MD5_passwords: no
-
-// Ipban features (SQL only)
-ipban.enable: yes
-//ipban.sql.db_hostname: 127.0.0.1
-//ipban.sql.db_port: 3306
-//ipban.sql.db_username: ragnarok
-//ipban.sql.db_password: ragnarok
-//ipban.sql.db_database: ragnarok
-//ipban.sql.codepage:
-//ipban.sql.ipban_table: ipbanlist
-// Dynamic password failure ipban system
-ipban.dynamic_pass_failure_ban: yes
-ipban.dynamic_pass_failure_ban_interval: 5
-ipban.dynamic_pass_failure_ban_limit: 7
-ipban.dynamic_pass_failure_ban_duration: 5
-
-// Interval (in seconds) to clean up expired IP bans. 0 = disabled. default = 60.
-// NOTE: Even if this is disabled, expired IP bans will be cleaned up on login server start/stop.
-// Players will still be able to login if an ipban entry exists but the expiration time has already passed.
-ipban_cleanup_interval: 60
-
-// Interval (in minutes) to execute a DNS/IP update. Disabled by default.
-// Enable it if your server uses a dynamic IP which changes with time.
-//ip_sync_interval: 10
-
-// DNS Blacklist Blocking
-// If enabled, each incoming connection will be tested against the blacklists
-// on the specified dnsbl_servers (comma-separated list)
-use_dnsbl: no
-dnsbl_servers: bl.blocklist.de, socks.dnsbl.sorbs.net
-// Here are some free DNS Blacklist Services: http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists
-//==============================================================================
-//   dnsbl_servers                 Description
-// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-// bl.blocklist.de                 IP-Addresses who attack other servers/honeypots over SSH, FTP, IMAP, etc.
-// ircbl.ahbl.org                  AHBL (open proxies, compromised machines, comment spammers)
-// safe.dnsbl.sorbs.net            All zones in dnsbl.sorbs.net except "recent" and "escalations"
-// sbl-xbl.spamhaus.org            Spamhaus blacklist (spammers, open proxies)
-// socks.dnsbl.sorbs.net           Open SOCKS proxy servers
-// tor.ahbl.org                    Current tor relay and exit nodes
-
-
-// Account data storage configuration
-// SQL
-//account.sql.db_hostname: 127.0.0.1
-//account.sql.db_port: 3306
-//account.sql.db_username: ragnarok
-//account.sql.db_password: ragnarok
-//account.sql.db_database: ragnarok
-//account.sql.codepage:
-//account.sql.case_sensitive: no
-//account.sql.account_db: login
-//account.sql.accreg_db: global_reg_value
-
-// Client MD5 hash check
-// If turned on, the login server will check if the client's hash matches
-// the value below, and will not connect tampered clients.
-// Note: see doc/md5_hashcheck.txt for more details.
-client_hash_check: off
-
-// Client MD5 hashes
-// The client with the specified hash can be used to log in by players with
-// a group_id equal to or greater than the given value.
-// If you specify 'disabled' as hash, players with a group_id greater than or
-// equal to the given value will be able to log in regardless of hash (and even
-// if their client does not send a hash at all.)
-// Format: group_id, hash
-// Note: see doc/md5_hashcheck.txt for more details.
-//client_hash: 0, 113e195e6c051bb1cfb12a644bb084c5
-//client_hash: 10, cb1ea78023d337c38e8ba5124e2338ae
-//client_hash: 99, disabled
-
-
-import: conf/inter-server.conf
-import: conf/import/login_conf.txt
diff --git a/conf/login/login-server.conf b/conf/login/login-server.conf
new file mode 100644
index 000000000..71928e3d0
--- /dev/null
+++ b/conf/login/login-server.conf
@@ -0,0 +1,187 @@
+//================= Hercules Configuration ================================
+//=       _   _                     _
+//=      | | | |                   | |
+//=      | |_| | ___ _ __ ___ _   _| | ___  ___
+//=      |  _  |/ _ \ '__/ __| | | | |/ _ \/ __|
+//=      | | | |  __/ | | (__| |_| | |  __/\__ \
+//=      \_| |_/\___|_|  \___|\__,_|_|\___||___/
+//================= License ===============================================
+//= This file is part of Hercules.
+//= http://herc.ws - http://github.com/HerculesWS/Hercules
+//=
+//= Copyright (C) 2014-2016  Hercules Dev Team
+//=
+//= Hercules is free software: you can redistribute it and/or modify
+//= it under the terms of the GNU General Public License as published by
+//= the Free Software Foundation, either version 3 of the License, or
+//= (at your option) any later version.
+//=
+//= This program is distributed in the hope that it will be useful,
+//= but WITHOUT ANY WARRANTY; without even the implied warranty of
+//= MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//= GNU General Public License for more details.
+//=
+//= You should have received a copy of the GNU General Public License
+//= along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//=========================================================================
+//= Login Server configuration file.
+//=========================================================================
+
+login_configuration: {
+	// Login-server's console configuration
+	@include "conf/global/console.conf"
+
+	inter: {
+		// The login server listens on the interface with this IP address.
+		// NOTE: This allows you to run multiple servers on multiple interfaces
+		// while using the same ports for each server.
+		//bind_ip: "127.0.0.1"
+
+		// Login Server Port
+		login_port: 6900
+
+		// Interval (in minutes) to execute a DNS/IP update. Disabled by default.
+		// Enable it if your server uses a dynamic IP which changes with time.
+		//ip_sync_interval: 10
+	}
+
+	log: {
+		// To log the login server?
+		// NOTE: The login-sql server needs the login logs to enable dynamic pass failure bans.
+		log_login: true
+
+		// Indicate how to display date in logs, to players, etc.
+		date_format: "%Y-%m-%d %H:%M:%S"
+	}
+
+	// Account engine configuration
+	account: {
+		// Can you use _M/_F to make new accounts on the server?
+		new_account: true
+
+		//If new_account is enabled, minimum length to userid and passwords should be 4?
+		//Must be 'true' unless your client uses both 'Disable 4 LetterUserID/Password' Diffs
+		new_acc_length_limit: true
+
+		// Account registration flood protection system
+		// allowed_regs is the number of registrations allowed in time_allowed (in seconds)
+		allowed_regs: 1
+		time_allowed: 10
+
+		// Starting additional sec from now for the limited time at creation of account
+		// -1: new account are created with UNlimited time (default value)
+		// 0 or more: new accounts was created by addition of the value (in sec) to the actual time (to set first limited time)
+		start_limited_time: -1
+
+		// Store passwords as MD5 hashes instead of plaintext ?
+		// NOTE: Will not work with clients that use <passwordencrypt>
+		use_MD5_passwords: false
+
+		// Account data engine storage configuration
+		@include "conf/global/sql_connection.conf"
+
+		//==================================================================
+		// IP banning system
+		//==================================================================
+		ipban: {
+			enabled: true
+
+			// Interval (in seconds) to clean up expired IP bans. 0 = disabled. default = 60.
+			// NOTE: Even if this is disabled, expired IP bans will be cleaned up on login server start/stop.
+			// Players will still be able to login if an ipban entry exists but the expiration time has already passed.
+			cleanup_interval: 60
+
+			// SQL connection settings
+			@include "conf/global/sql_connection.conf"
+
+			// Dynamic password failure ipban system
+			dynamic_pass_failure: {
+				enabled: true
+
+				// Interval in minutes between failed tries
+				// Only failed tries between this interval will be accounted when banning
+				ban_interval: 5
+
+				// How many failures before adding a temporary ban entry?
+				ban_limit: 7
+
+				// Duration of the ban in minutes
+				ban_duration: 5
+			}
+		} // login_configuration.account.ipban
+	} // login_configuration.account
+
+	permission: {
+		// Required account group id to connect to server.
+		// -1: disabled
+		// 0 or more: group id
+		group_id_to_connect: -1
+
+		// Minimum account group id required to connect to server.
+		// Will not function if group_id_to_connect config is enabled.
+		// -1: disabled
+		// 0 or more: group id
+		min_group_id_to_connect: -1
+
+		// Check The clientversion set in the clientinfo ?
+		check_client_version: false
+
+		// What version we would allow to connect? (if check_client_version is enabled)
+		client_version_to_connect: 20
+
+		//==================================================================
+		// Client hash checking system
+		//==================================================================
+		// Note: see doc/md5_hashcheck.txt for more details.
+		hash: {
+			// Client MD5 hash check
+			// If turned on, the login server will check if the client's hash matches
+			// the value below, and will not connect tampered clients.
+			enabled: false
+
+			// Client MD5 hashes
+			// The client with the specified hash can be used to log in by players with
+			// a group_id equal to or greater than the given value.
+			// If you specify 'disabled' as hash, players with a group_id greater than or
+			// equal to the given value will be able to log in regardless of hash (and even
+			// if their client does not send a hash at all.)
+			MD5_hashes: (
+			//{
+			//	group_id: group id
+			//	hash: client hash
+			//},
+			//{
+			//	group_id: 0
+			//	hash: "113e195e6c051bb1cfb12a644bb084c5"
+			//},
+			//{
+			//	group_id: 10
+			//	hash: "cb1ea78023d337c38e8ba5124e2338ae"
+			//},
+			//{
+			//	group_id: 99
+			//	hash: "disabled"
+			//},
+			)
+		} // login_configuration.permission.hash
+
+		DNS_blacklist: {
+			// DNS Blacklist Blocking
+			// If enabled, each incoming connection will be tested against the blacklists
+			// on the specified dnsbl_servers
+			enabled: false
+
+			dnsbl_servers: (
+				// Here are some free DNS Blacklist Services: http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists
+				"bl.blocklist.de",        // IP-Addresses who attack other servers/honeypots over SSH, FTP, IMAP, etc.
+				//"ircbl.ahbl.org",       // AHBL (open proxies, compromised machines, comment spammers)
+				//"safe.dnsbl.sorbs.net", // All zones in dnsbl.sorbs.net except "recent" and "escalations"
+				//"sbl-xbl.spamhaus.org", // Spamhaus blacklist (spammers, open proxies)
+				"socks.dnsbl.sorbs.net",  // Open SOCKS proxy servers
+				//"tor.ahbl.org",         // Current tor relay and exit nodes
+			)
+		} // login_configuration.DNS_blacklist
+	} // login_configuration.permission
+}
+
+import: "conf/import/login-server.conf"
-- 
cgit v1.2.3-70-g09d2