Fix some static analysis issues about:
- uninitialized values, most of which are false positives, always initialized before being accessed
- unchecked return values
- dead code never executed
- bad formatting leading to wrong behavior
Please ensure EventMap is never used with event id set to 0 or those events will never execute.
Fix a database race condition in authserver that would delay the account ban expiry by 1 login because the query that would have removed the ban was executed asynchronously.
Properly save transport related data to database when saving a Player .
On Player login update the current position as relative to transport, in case the transport moved.
Fix a database race condition between authserver saving session key to database asynchronously and worldserver reading it; session key is now saved synchronously.
Add additional assert to assure that helgrind reports related to SQLQueryHolderTask::Execute() and WorldSession::ProcessQueryCallbacks() are false positives.
The only chance for WorldSession::ProcessQueryCallbacks() to access the SQL queries before they are completed is if m_result.ready() is true before the end of SQLQueryHolderTask::Execute() .
Helgrind false positive log:
Possible data race during read of size 8 at 0x2BD641E0 by thread #7
Locks held: none
at : SQLQueryHolder::GetPreparedResult(unsigned long) (QueryHolder.cpp:107)
by : Player::LoadFromDB(unsigned int, SQLQueryHolder*) (Player.cpp:16917)
by : WorldSession::HandlePlayerLogin(LoginQueryHolder*) (CharacterHandler.cpp:807)
by : WorldSession::ProcessQueryCallbacks() (WorldSession.cpp:1112)
by : WorldSession::Update(unsigned int, PacketFilter&) (WorldSession.cpp:401)
by : World::UpdateSessions(unsigned int) (World.cpp:2646)
by : World::Update(unsigned int) (World.cpp:2003)
by : WorldRunnable::run() (WorldRunnable.cpp:60)
by : ACE_Based::Thread::ThreadTask(void*) (Threading.cpp:186)
by : ACE_OS_Thread_Adapter::invoke() (in /usr/lib/libACE-6.0.3.so)
by : mythread_wrapper (hg_intercepts.c:233)
by : start_thread (pthread_create.c:311)
This conflicts with a previous write of size 8 by thread #4
Locks held: none
at : SQLQueryHolder::SetPreparedResult(unsigned long, PreparedResultSet*) (QueryHolder.cpp:140)
by : SQLQueryHolderTask::Execute() (QueryHolder.cpp:196)
by : SQLOperation::call() (SQLOperation.h:65)
by : DatabaseWorker::svc() (DatabaseWorker.cpp:45)
by : ACE_Task_Base::svc_run(void*) (in /usr/lib/libACE-6.0.3.so)
by : ACE_Thread_Adapter::invoke_i() (in /usr/lib/libACE-6.0.3.so)
by : ACE_Thread_Adapter::invoke() (in /usr/lib/libACE-6.0.3.so)
by : mythread_wrapper (hg_intercepts.c:233)
Address 0x2BD641E0 is 16 bytes inside a block of size 792 alloc'd
at : operator new(unsigned long) (vg_replace_malloc.c:319)
by : __gnu_cxx::new_allocator<std::pair<SQLElementData, SQLResultSetUnion> >::allocate(unsigned long, void const*) (new_allocator.h:104)
by : std::_Vector_base<std::pair<SQLElementData, SQLResultSetUnion>, std::allocator<std::pair<SQLElementData, SQLResultSetUnion> > >::_M_allocate(unsigned long) (in /home/jackpoz/trinity/bin/worldserver)
by : std::vector<std::pair<SQLElementData, SQLResultSetUnion>, std::allocator<std::pair<SQLElementData, SQLResultSetUnion> > >::_M_fill_insert(__gnu_cxx::__normal_iterator<std::pair<SQLElementData, SQLResultSetUnion>*, std::vector<std::pair<SQLElementData, SQLResultSetUnion>, std::allocator<std::pair<SQLElementData, SQLResultSetUnion> > > >, unsigned long, std::pair<SQLElementData, SQLResultSetUnion> const&) (vector.tcc:483)
by : std::vector<std::pair<SQLElementData, SQLResultSetUnion>, std::allocator<std::pair<SQLElementData, SQLResultSetUnion> > >::insert(__gnu_cxx::__normal_iterator<std::pair<SQLElementData, SQLResultSetUnion>*, std::vector<std::pair<SQLElementData, SQLResultSetUnion>, std::allocator<std::pair<SQLElementData, SQLResultSetUnion> > > >, unsigned long, std::pair<SQLElementData, SQLResultSetUnion> const&) (stl_vector.h:1024)
by : std::vector<std::pair<SQLElementData, SQLResultSetUnion>, std::allocator<std::pair<SQLElementData, SQLResultSetUnion> > >::resize(unsigned long, std::pair<SQLElementData, SQLResultSetUnion>) (stl_vector.h:707)
by : SQLQueryHolder::SetSize(unsigned long) (QueryHolder.cpp:167)
by : LoginQueryHolder::Initialize() (CharacterHandler.cpp:66)
by : WorldSession::HandlePlayerLoginOpcode(WorldPacket&) (CharacterHandler.cpp:788)
by : WorldSession::Update(unsigned int, PacketFilter&) (WorldSession.cpp:363)
by : World::UpdateSessions(unsigned int) (World.cpp:2646)
by : World::Update(unsigned int) (World.cpp:2003)
- Drop groups (roles than can have inherited roles) and roles (set of
permissions)
- Permissions can now have inherited permissions (those act as roles)
RBAC DB structure is now limited to four tables
- rbac_permissions: Contains permissions and roles
- rbac_linked_permissions: Contains the relation between permissions and
linked permissions (those permissions that have linked permissions are
called roles)
- rbac_default_permissions: Contains the list of permissions to be granted
to each security level [Added to maintain compatibility in an easy way]
- rbac_account_permissions: Contains the list of permissions granted or
denied for a particular account.
NOTE: IF YOU ARE USING CUSTOM PERMISSIONS, ROLES OR GROUPS CHECK THE SQL
BEFORE APPLYING...
Change DatabaseWorkerPool<T>::DirectExecute() to handle PreparedStatement disposal in the same way of DatabaseWorkerPool<T>::Query() , thanks Joschiwald for patch.
Settings within worldserver.conf:
Three settings for secruity level:
0 - None - No change to current system
1 - Email - Always requires the email entered on registration for confirming.
2 - RBAC - Groups applied with the RBAC role always require the email entered on registration for confirming.
RBAC default to every group. Changed some logs to make it more clear what is going on at all.
Emails may now no longer exceed 64 chars. Current email is used as regmail.
On account creation, two emails are saved. Registration email and normal email. Normal email is relevant afterwards. Registration email can be changed by console ONLY.
Includes new commands and changes to existing ones:
.account fulfills several new functions:
* Still prints GM Level.
* If account has permission, it displays the current email. This is not defaulted to any group.
* Security level is displayed. Also displays if user has RBAC perm if RBAC security mode is selected
.account email allows user to change email with sufficient confirmation
.account set sec email allows higher sec with higher sec than account to change the normal email. Registrationemail remains untouched here.
.account set sec regmail allows console to change registration email.
.pinfo now displays the registration and normal mail.
Also fixes .learn all crafts.
Closes#10558
New column in account table is a base32 of token key bytes,
coincidentally it is the same format Google's Authenticator Android app uses.
If you want that to work, set system time on server correctly and use ntpd.
Closes#10527
Signed-off-by: Nay <dnpd.dd@gmail.com>
* Moved some checks around
* Added RBAC Permission for Email, last login and last ip (group 3 and 4) -- If missing RBAC permission, then it displays "Unauthorized (RBAC)"
* Changed totalmail output from uint64 to uint32
* Level either puts Max level, or a list of information necessary
* Only queries guild if the current xp query also detects guild membership
* Incorporated recent changes into code
* Commander requires higher than target to get sensitive data beside RBAC permission.
* Prints out in several strings instead of few
* Leaves unnecessary ones out (e.g. phase for GMs)
* Some code documentation included (including doxygen)
* Cleaner code (partly)
* Prints more content, e.g.:
** Localized Class- and Race names
** Localizable Gender names
** Current experience, required experience
** And more
Shoutouts to @Nay, @Subv, @Shauren and several others from the irc
Core/Command: Rework PInfo and give more output and add Gender to trinity_string
- creature_template.equipment_id deleted
- creature_equip_template.entry == creature_template.entry
- id field added to creature_equip_template -> PK(entry, id)
- id field in creature_equip_template starts at 1
- creature.equipment_id references id of creature_equip_template
- creature.equipment_id = 0 means no equipment at all (default 1)
- creature.equipment_id = -1 means pick a random equipment from creature_equip_template
- add equipment info to .npc info command
While table creature_equip_template got bigger in size, this system is easier to mantain and allows creatures to have a random template from a group of equipments
