From d0e2bdc12e685eb0166d4aa55eee6fe2f79c1b73 Mon Sep 17 00:00:00 2001 From: ultramage Date: Thu, 20 Sep 2007 17:06:32 +0000 Subject: Synced TXT/SQL login server new account creation code. Removed some totally useless code. Removed '4'-letter min. password length restriction. Removed some code that (poorly) tries to cope with a broken database. Removed pointless '-3' and '-2' account states ('dynamic ban' mechanism), since `ipbanlist` does that already. git-svn-id: https://rathena.svn.sourceforge.net/svnroot/rathena/trunk@11250 54d463be-8e91-2dee-dedb-b68131a5f0ec --- src/login/login.c | 127 +++++++++++++++++++++--------------------------------- 1 file changed, 48 insertions(+), 79 deletions(-) (limited to 'src/login/login.c') diff --git a/src/login/login.c b/src/login/login.c index f53bd3d26..a1d8cd758 100644 --- a/src/login/login.c +++ b/src/login/login.c @@ -1183,7 +1183,7 @@ int mmo_auth(struct mmo_account* account, int fd) // Account creation with _M/_F if( login_config.new_account_flag ) { - if( len > 2 && strnlen(account->passwd, NAME_LENGTH) >= 4 && // valid user and password lengths + if( len > 2 && strnlen(account->passwd, NAME_LENGTH) > 0 && // valid user and password lengths account->passwdenc == 0 && // unencoded password account->userid[len-2] == '_' && memchr("FfMm", (unsigned char)account->userid[len-1], 4) && // _M/_F suffix account_id_count <= END_ACCOUNT_NUM ) @@ -1200,24 +1200,46 @@ int mmo_auth(struct mmo_account* account, int fd) } // Strict account search - ARR_FIND(0, auth_num, i, strcmp(account->userid, auth_dat[i].userid) == 0); + ARR_FIND( 0, auth_num, i, strcmp(account->userid, auth_dat[i].userid) == 0 ); + + if( newaccount ) + { + if( i != auth_num ) + { + login_log("Attempt of creation of an already existant account (account: %s_%c, pass: %s, received pass: %s, ip: %s)\n", account->userid, account->userid[len-1], auth_dat[i].pass, account->passwd, ip); + return 1; // 1 = Incorrect Password + } + else + { + int new_id = mmo_auth_new(account, account->userid[len-1], "a@a.com"); + unsigned int tick = gettick(); + login_log("Account creation (account %s (id: %d), pass: %s, sex: %c, connection with _F/_M, ip: %s)\n", account->userid, new_id, account->passwd, account->userid[len-1], ip); + auth_before_save_file = 0; // Creation of an account -> save accounts file immediatly + + if( DIFF_TICK(tick, new_reg_tick) > 0 ) + { //Update the registration check. + num_regs = 0; + new_reg_tick=tick +time_allowed*1000; + } + num_regs++; + } + } // if there is no creation request and strict account search fails, we do a no sensitive case research for index - if (!newaccount && i == auth_num) { + if( !newaccount && i == auth_num ) + { i = search_account_index(account->userid); - if (i == -1) + if( i == -1 ) i = auth_num; else memcpy(account->userid, auth_dat[i].userid, NAME_LENGTH); // for the possible tests/checks afterwards (copy correcte sensitive case). } - if( i != auth_num ) + if( i == auth_num ) { - if (newaccount) - { - login_log("Attempt of creation of an already existant account (account: %s_%c, pass: %s, received pass: %s, ip: %s)\n", account->userid, account->userid[len-1], auth_dat[i].pass, account->passwd, ip); - return 1; // 1 = Incorrect Password - } + login_log("Unknown account (account: %s, received pass: %s, ip: %s)\n", account->userid, account->passwd, ip); + return 0; // 0 = Unregistered ID + } if( login_config.use_md5_passwds ) MD5_String(account->passwd, user_password); @@ -1236,49 +1258,18 @@ int mmo_auth(struct mmo_account* account, int fd) return 2; // 2 = This ID is expired } - if( auth_dat[i].ban_until_time != 0 ) - { // account is banned + if( auth_dat[i].ban_until_time != 0 && auth_dat[i].ban_until_time > time(NULL) ) + { strftime(tmpstr, 20, login_config.date_format, localtime(&auth_dat[i].ban_until_time)); tmpstr[19] = '\0'; - if( auth_dat[i].ban_until_time > time(NULL) ) { // always banned - login_log("Connection refused (account: %s, pass: %s, banned until %s, ip: %s)\n", account->userid, account->passwd, tmpstr, ip); - return 6; // 6 = Your are Prohibited to log in until %s - } else { // ban is over - login_log("End of ban (account: %s, pass: %s, previously banned until %s -> not more banned, ip: %s)\n", account->userid, account->passwd, tmpstr, ip); - auth_dat[i].ban_until_time = 0; // reset the ban time - } + login_log("Connection refused (account: %s, pass: %s, banned until %s, ip: %s)\n", account->userid, account->passwd, tmpstr, ip); + return 6; // 6 = Your are Prohibited to log in until %s } if( auth_dat[i].state ) { login_log("Connection refused (account: %s, pass: %s, state: %d, ip: %s)\n", account->userid, account->passwd, auth_dat[i].state, ip); - switch(auth_dat[i].state) { // packet 0x006a value + 1 - case 1: // 0 = Unregistered ID - case 2: // 1 = Incorrect Password - case 3: // 2 = This ID is expired - case 4: // 3 = Rejected from Server - case 5: // 4 = You have been blocked by the GM Team - case 6: // 5 = Your Game's EXE file is not the latest version - case 7: // 6 = Your are Prohibited to log in until %s - case 8: // 7 = Server is jammed due to over populated - case 9: // 8 = No more accounts may be connected from this company - case 10: // 9 = MSI_REFUSE_BAN_BY_DBA - case 11: // 10 = MSI_REFUSE_EMAIL_NOT_CONFIRMED - case 12: // 11 = MSI_REFUSE_BAN_BY_GM - case 13: // 12 = MSI_REFUSE_TEMP_BAN_FOR_DBWORK - case 14: // 13 = MSI_REFUSE_SELF_LOCK - case 15: // 14 = MSI_REFUSE_NOT_PERMITTED_GROUP - case 16: // 15 = MSI_REFUSE_NOT_PERMITTED_GROUP - case 100: // 99 = This ID has been totally erased - case 101: // 100 = Login information remains at %s. - case 102: // 101 = Account has been locked for a hacking investigation. Please contact the GM Team for more information - case 103: // 102 = This account has been temporarily prohibited from login due to a bug-related investigation - case 104: // 103 = This character is being deleted. Login is temporarily unavailable for the time being - case 105: // 104 = Your spouse character is being deleted. Login is temporarily unavailable for the time being - return auth_dat[i].state - 1; - default: - return 99; // 99 = ID has been totally erased - } + return auth_dat[i].state - 1; } if( login_config.online_check ) @@ -1297,35 +1288,11 @@ int mmo_auth(struct mmo_account* account, int fd) return 3; // Rejected } } - } - else - { - if( !newaccount ) - { - login_log("Unknown account (account: %s, received pass: %s, ip: %s)\n", account->userid, account->passwd, ip); - return 0; // 0 = Unregistered ID - } - else - { - int new_id = mmo_auth_new(account, account->userid[len-1], "a@a.com"); - unsigned int tick = gettick(); - login_log("Account creation and authentification accepted (account %s (id: %d), pass: %s, sex: %c, connection with _F/_M, ip: %s)\n", account->userid, new_id, account->passwd, account->userid[len-1], ip); - auth_before_save_file = 0; // Creation of an account -> save accounts file immediatly - - if( DIFF_TICK(tick, new_reg_tick) > 0 ) - { //Update the registration check. - num_regs = 0; - new_reg_tick=tick +time_allowed*1000; - } - num_regs++; - } - } + login_log("Authentification accepted (account: %s (id: %d), ip: %s)\n", account->userid, auth_dat[i].account_id, ip); // auth start : time seed - // Platform/Compiler dependant clock() for time check is removed. [Lance] - // clock() is originally used to track processing ticks on program execution. time(&raw_time); strftime(tmpstr, 24, "%Y-%m-%d %H:%M:%S",localtime(&raw_time)); @@ -1340,6 +1307,7 @@ int mmo_auth(struct mmo_account* account, int fd) safestrncpy(auth_dat[i].lastlogin, tmpstr, sizeof(auth_dat[i].lastlogin)); safestrncpy(auth_dat[i].last_ip, ip, sizeof(auth_dat[i].last_ip)); + auth_dat[i].ban_until_time = 0; auth_dat[i].logincount++; // Save until for change ip/time of auth is not very useful => limited save for that @@ -1380,7 +1348,7 @@ int parse_fromchar(int fd) char ip[16]; ip2str(ipl, ip); - ARR_FIND(0, MAX_SERVERS, id, server_fd[id] == fd); + ARR_FIND( 0, MAX_SERVERS, id, server_fd[id] == fd ); if (id == MAX_SERVERS) {// not a char server set_eof(fd); @@ -1444,7 +1412,7 @@ int parse_fromchar(int fd) login_log("Char-server '%s': authentification of the account %d accepted (ip: %s).\n", server[id].name, account_id, ip); - ARR_FIND(0, auth_num, k, auth_dat[k].account_id == account_id); + ARR_FIND( 0, auth_num, k, auth_dat[k].account_id == account_id ); if( k != auth_num ) { strcpy(email, auth_dat[k].email); connect_until_time = auth_dat[k].connect_until_time; @@ -3129,8 +3097,7 @@ int parse_login(int fd) auth_fifo_pos++; } else { // if no char-server, don't send void list of servers, just disconnect the player with proper message ShowStatus("Connection refused: there is no char-server online (account: %s, ip: %s).\n", account.userid, ip); - login_log("Connection refused: there is no char-server online (account: %s, ip: %s).\n", - account.userid, ip); + login_log("Connection refused: there is no char-server online (account: %s, ip: %s).\n", account.userid, ip); WFIFOW(fd,0) = 0x81; WFIFOB(fd,2) = 1; // 01 = Server closed WFIFOSET(fd,3); @@ -3140,17 +3107,19 @@ int parse_login(int fd) else { // auth failed WFIFOHEAD(fd,23); - memset(WFIFOP(fd,0), '\0', 23); WFIFOW(fd,0) = 0x6a; WFIFOB(fd,2) = (uint8)result; - if (result == 6) { // 6 = Your are Prohibited to log in until %s + if( result == 6 ) + {// 6 = Your are Prohibited to log in until %s char tmpstr[20]; time_t ban_until_time; i = search_account_index(account.userid); ban_until_time = (i) ? auth_dat[i].ban_until_time : 0; - strftime(tmpstr, 20, login_config.date_format, localtime(&ban_until_time)); tmpstr[19] = '\0'; - strncpy((char*)WFIFOP(fd,3), tmpstr, 20); // ban timestamp goes here + strftime(tmpstr, 20, login_config.date_format, localtime(&ban_until_time)); + safestrncpy((char*)WFIFOP(fd,3), tmpstr, 20); // ban timestamp goes here } + else + memset(WFIFOP(fd,3), '\0', 20); WFIFOSET(fd,23); } -- cgit v1.2.3-70-g09d2