Core/Authserver: Deprecation of sha_pass_hash (PR #25138)

see also #25157 (cherry picked from commit 44a3aad0af)
2026-01-15 23:20:36 +01:00 · 2020-08-06 00:20:23 +02:00
parent 4a6db9fb59
commit 7603dacc64
4 changed files with 37 additions and 3 deletions
--- a/src/server/bnetserver/Server/SessionManager.cpp
+++ b/src/server/bnetserver/Server/SessionManager.cpp
@@ -16,6 +16,7 @@
 */

 #include "SessionManager.h"
+#include "Config.h"
 #include "DatabaseEnv.h"
 #include "SRP6.h"
 #include "Util.h"
@@ -43,6 +44,7 @@ void Battlenet::SessionManager::FixLegacyAuthHashes()
        return;
    }

+    bool const shouldUpdate = sConfigMgr->GetBoolDefault("AllowDeprecatedExternalPasswords", false, true);
    bool hadWarning = false;
    uint32 c = 0;
    LoginDatabaseTransaction tx = LoginDatabase.BeginTransaction();
@@ -53,10 +55,37 @@ void Battlenet::SessionManager::FixLegacyAuthHashes()
            HexStrToByteArray<Trinity::Crypto::SHA1::DIGEST_LENGTH>((*result)[1].GetString())
        );

-        if ((*result)[2].GetInt64() && !hadWarning)
+        if ((*result)[2].GetInt64())
        {
-            hadWarning = true;
-            TC_LOG_WARN("server.bnetserver", "(!) You appear to be using an outdated external account management tool.\n(!!) This is INSECURE, has been deprecated, and will cease to function entirely in the near future.\n(!) Update your external tool.\n(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.");
+            if (!hadWarning)
+            {
+                hadWarning = true;
+                if (shouldUpdate)
+                {
+                    TC_LOG_WARN("server.bnetserver",
+                        "       ========\n"
+                        "(!) You appear to be using an outdated external account management tool.\n"
+                        "(!!) This is INSECURE, has been deprecated, and will cease to function entirely on September 6, 2020.\n"
+                        "(!) Update your external tool.\n"
+                        "(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.\n"
+                        "       ========");
+                }
+                else
+                {
+                    TC_LOG_ERROR("server.bnetserver",
+                        "       ========\n"
+                        "(!) You appear to be using an outdated external account management tool.\n"
+                        "(!!) This is INSECURE, and the account(s) in question will not be able to log in.\n"
+                        "(!) Update your external tool.\n"
+                        "(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.\n"
+                        "(!) You can override this behavior by adding \"AllowDeprecatedExternalPasswords = 1\" to your authserver.conf file.\n"
+                        "(!!) Note that this override will cease to function entirely on September 6, 2020.\n"
+                        "       ========");
+                }
+            }
+
+            if (!shouldUpdate)
+                continue;
        }

        LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON);
--- a/src/server/game/Accounts/AccountMgr.cpp
+++ b/src/server/game/Accounts/AccountMgr.cpp
@@ -198,6 +198,7 @@ AccountOpResult AccountMgr::ChangeUsername(uint32 accountId, std::string newUser
    stmt->setUInt32(2, accountId);
    LoginDatabase.Execute(stmt);

+    if (sWorld->getBoolConfig(CONFIG_SET_SHAPASSHASH))
    {
        LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON_LEGACY);
        stmt->setString(0, CalculateShaPassHash_DEPRECATED_DONOTUSE(newUsername, newPassword));
@@ -234,6 +235,7 @@ AccountOpResult AccountMgr::ChangePassword(uint32 accountId, std::string newPass
    stmt->setUInt32(2, accountId);
    LoginDatabase.Execute(stmt);

+    if (sWorld->getBoolConfig(CONFIG_SET_SHAPASSHASH))
    {
        LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON_LEGACY);
        stmt->setString(0, CalculateShaPassHash_DEPRECATED_DONOTUSE(username, newPassword));
--- a/src/server/game/World/World.cpp
+++ b/src/server/game/World/World.cpp
@@ -1622,6 +1622,8 @@ void World::LoadConfigSettings(bool reload)

    m_int_configs[CONFIG_PACKET_SPOOF_BANDURATION] = sConfigMgr->GetIntDefault("PacketSpoof.BanDuration", 86400);

+    m_bool_configs[CONFIG_SET_SHAPASSHASH] = sConfigMgr->GetBoolDefault("SetDeprecatedExternalPasswords", false, true);
+
    m_bool_configs[CONFIG_IP_BASED_ACTION_LOGGING] = sConfigMgr->GetBoolDefault("Allow.IP.Based.Action.Logging", false);

    // AHBot
--- a/src/server/game/World/World.h
+++ b/src/server/game/World/World.h
@@ -170,6 +170,7 @@ enum WorldBoolConfigs
    CONFIG_EVENT_ANNOUNCE,
    CONFIG_STATS_LIMITS_ENABLE,
    CONFIG_INSTANCES_RESET_ANNOUNCE,
+    CONFIG_SET_SHAPASSHASH,
    CONFIG_IP_BASED_ACTION_LOGGING,
    CONFIG_CALCULATE_CREATURE_ZONE_AREA_DATA,
    CONFIG_CALCULATE_GAMEOBJECT_ZONE_AREA_DATA,