diff options
| author | Shauren <shauren.trinity@gmail.com> | 2025-07-16 12:57:03 +0200 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2025-07-16 12:57:03 +0200 |
| commit | 7b438d389b56acd22653473ac650e8e5d6eb520f (patch) | |
| tree | acdea3dac24774944275d82c996da9cd58b75b81 | |
| parent | 4fb3bbe71830b2ec53d6fd4e4e4efaada46a362a (diff) | |
Core/Authserver: Add auth session timeout - socket is closed after 10s of inactivity if not authenticated or after 1 minute if authenticated
| -rw-r--r-- | src/server/authserver/Server/AuthSession.cpp | 35 | ||||
| -rw-r--r-- | src/server/authserver/Server/AuthSession.h | 3 | ||||
| -rw-r--r-- | src/server/shared/Networking/Socket.h | 5 |
3 files changed, 43 insertions, 0 deletions
diff --git a/src/server/authserver/Server/AuthSession.cpp b/src/server/authserver/Server/AuthSession.cpp index 6360ee7d871..d2c110af798 100644 --- a/src/server/authserver/Server/AuthSession.cpp +++ b/src/server/authserver/Server/AuthSession.cpp @@ -26,6 +26,7 @@ #include "CryptoRandom.h" #include "DatabaseEnv.h" #include "IPLocation.h" +#include "IoContext.h" #include "Log.h" #include "RealmList.h" #include "SecretMgr.h" @@ -199,6 +200,7 @@ void AccountInfo::LoadResult(Field* fields) } AuthSession::AuthSession(tcp::socket&& socket) : Socket(std::move(socket)), + _timeout(*underlying_stream().get_executor().target<boost::asio::io_context::executor_type>()), _status(STATUS_CHALLENGE), _locale(LOCALE_enUS), _os(0), _build(0), _expversion(0), _timezoneOffset(0min) { } @@ -250,6 +252,7 @@ void AuthSession::CheckIpCallback(PreparedQueryResult result) } AsyncRead(); + SetTimeout(); } void AuthSession::ReadHandler() @@ -290,6 +293,7 @@ void AuthSession::ReadHandler() } packet.ReadCompleted(size); + SetTimeout(); } AsyncRead(); @@ -898,3 +902,34 @@ bool AuthSession::VerifyVersion(std::span<uint8 const> a, Trinity::Crypto::SHA1: return versionProof == version.GetDigest(); } + +void AuthSession::SetTimeout() +{ + _timeout.cancel(); + + switch (_status) + { + case STATUS_AUTHED: + case STATUS_WAITING_FOR_REALM_LIST: + _timeout.expires_after(1min); + break; + case STATUS_XFER: + return; + default: + _timeout.expires_after(10s); + break; + } + + _timeout.async_wait([selfRef = weak_from_this()](boost::system::error_code const& error) + { + std::shared_ptr<AuthSession> self = selfRef.lock(); + if (!self) + return; + + if (error == boost::asio::error::operation_aborted) + return; + + TC_LOG_DEBUG("server.authserver", "{}:{} session timed out.", self->GetRemoteIpAddress().to_string(), self->GetRemotePort()); + self->CloseSocket(); + }); +} diff --git a/src/server/authserver/Server/AuthSession.h b/src/server/authserver/Server/AuthSession.h index 4b848e30428..400d08c5a16 100644 --- a/src/server/authserver/Server/AuthSession.h +++ b/src/server/authserver/Server/AuthSession.h @@ -22,6 +22,7 @@ #include "Common.h" #include "CryptoHash.h" #include "DatabaseEnvFwd.h" +#include "DeadlineTimer.h" #include "Duration.h" #include "Optional.h" #include "Socket.h" @@ -92,11 +93,13 @@ private: void RealmListCallback(PreparedQueryResult result); bool VerifyVersion(std::span<uint8 const> a, Trinity::Crypto::SHA1::Digest const& versionProof, bool isReconnect); + void SetTimeout(); Optional<Trinity::Crypto::SRP6> _srp6; SessionKey _sessionKey = {}; std::array<uint8, 16> _reconnectProof = {}; + Trinity::Asio::DeadlineTimer _timeout; AuthStatus _status; AccountInfo _accountInfo; Optional<std::vector<uint8>> _totpSecret; diff --git a/src/server/shared/Networking/Socket.h b/src/server/shared/Networking/Socket.h index 289e02513ca..62edfa4d8cd 100644 --- a/src/server/shared/Networking/Socket.h +++ b/src/server/shared/Networking/Socket.h @@ -138,6 +138,11 @@ public: MessageBuffer& GetReadBuffer() { return _readBuffer; } + tcp::socket& underlying_stream() + { + return _socket; + } + protected: virtual void OnClose() { } |