- no longer use sha_pass_hash for anything else core-side (.account, SOAP, RA)
- salt/verifier/session_key are now binary
- old s/v/sha_pass_hash fields kept around for backwards compatibility
- sha_pass_hash is still updated (for now), s/v are not
- sha_pass_hash is only read if s/v have been manually changed
- SRP6 b now uses the full 32 bytes of randomness (instead of randomly only using 19)
(cherry picked from commit 3164b58c7d)
- Fix a handful of 1/256 bugs with most significant byte zero in BigNumber
- Get rid of (most of) the C-style arrays in authserver
- CryptoRandom as a unified source for cryptographic randomness
- Bring our other crypto APIs into 2020
- BigNumber usability improvements
- Authserver is now actually readable as a result of all of the above
(cherry picked from commit 210176fd91)
- Properly detect client timeout when logged into a character after a configurable time (default 60s) has passed without the client sending any packets.
- Fixes issues with crashed clients leaving characters in the world for a very long time (default 15 minutes), as well as edge case exploits involving intentionally pausing client execution for some amount of time.
(cherry picked from commit 7dfd472f8d)
* DB/Account: update account_access table:
- rename fields id -> AccountID, gmlevel -> SecurityLevel
- add Comment field
- rename command .acc set gmlevel to .acc set seclevel
* Update auth database
* Fix primary key
* Temporary restore old command account set gmlevel with same handler as account set seclevel
Use Optional for realmID - if not set, use -1 (for all realms)
* Rename 2020_XX_XX_00_auth.sql to 2020_06_20_00_auth.sql
* Update auth_database.sql
* Rename 2020_XX_XX_00_world.sql to 2020_06_20_06_world.sql
Co-authored-by: Giacomo Pozzoni <giacomopoz@gmail.com>
(cherry picked from commit 8e0365d8a6)
* Corrected criteria and modifier tree logic after implementing their operators
* Account wide achievements will now show progress ingame (even if we still treat them as per-character)
* Fixed more cases of achievements being granted automatically without satisfying modifier trees
- Implemented manager for petitions to perform all petition related tasks and synchronize data with database.
- This kills ugly synchronous querys on packet handlers
(cherry picked from commit a4aa95a5a3)
