aboutsummaryrefslogtreecommitdiff
path: root/src/server/authserver/Server/AuthSession.cpp
diff options
context:
space:
mode:
authorShauren <shauren.trinity@gmail.com>2014-07-19 03:38:57 +0200
committerShauren <shauren.trinity@gmail.com>2014-07-19 03:51:11 +0200
commit909acdbac3223d8c788b1b5dc42b6dfab8b604ab (patch)
tree2a0ade312aad77ca032015c6957a4a9005aa0b94 /src/server/authserver/Server/AuthSession.cpp
parent5daf3d360686ea8ff2d97a48fca24f0bf42ef098 (diff)
parent1866d8cc06e2b8c2722ccf69ee3f52ceda93bc27 (diff)
Merge remote-tracking branch 'origin/master' into 4.3.4
Conflicts: src/server/authserver/Main.cpp src/server/authserver/Realms/RealmList.cpp src/server/authserver/Realms/RealmList.h src/server/authserver/Server/AuthSession.cpp src/server/authserver/Server/AuthSocket.h src/server/authserver/Server/RealmAcceptor.h src/server/game/Accounts/AccountMgr.h src/server/game/Achievements/AchievementMgr.cpp src/server/game/Achievements/AchievementMgr.h src/server/game/Battlegrounds/ArenaTeamMgr.cpp src/server/game/Conditions/ConditionMgr.cpp src/server/game/DungeonFinding/LFGMgr.h src/server/game/Entities/Object/Object.h src/server/game/Entities/Player/Player.cpp src/server/game/Entities/Player/Player.h src/server/game/Entities/Unit/Unit.cpp src/server/game/Handlers/BattleGroundHandler.cpp src/server/game/Movement/Spline/MoveSplineFlag.h src/server/game/Quests/QuestDef.cpp src/server/game/Quests/QuestDef.h src/server/game/Server/WorldSession.cpp src/server/game/Server/WorldSession.h src/server/game/Server/WorldSocket.cpp src/server/game/Server/WorldSocket.h src/server/game/Spells/Spell.cpp src/server/scripts/Commands/cs_debug.cpp src/server/scripts/OutdoorPvP/OutdoorPvPEP.cpp src/server/scripts/Spells/spell_mage.cpp src/server/scripts/Spells/spell_rogue.cpp src/server/scripts/Spells/spell_shaman.cpp src/server/scripts/Spells/spell_warrior.cpp src/server/shared/Cryptography/BigNumber.h src/server/worldserver/RemoteAccess/RASocket.cpp src/server/worldserver/worldserver.conf.dist
Diffstat (limited to 'src/server/authserver/Server/AuthSession.cpp')
-rw-r--r--src/server/authserver/Server/AuthSession.cpp934
1 files changed, 934 insertions, 0 deletions
diff --git a/src/server/authserver/Server/AuthSession.cpp b/src/server/authserver/Server/AuthSession.cpp
new file mode 100644
index 00000000000..b426b82e44d
--- /dev/null
+++ b/src/server/authserver/Server/AuthSession.cpp
@@ -0,0 +1,934 @@
+/*
+* Copyright (C) 2008-2014 TrinityCore <http://www.trinitycore.org/>
+* Copyright (C) 2005-2009 MaNGOS <http://getmangos.com/>
+*
+* This program is free software; you can redistribute it and/or modify it
+* under the terms of the GNU General Public License as published by the
+* Free Software Foundation; either version 2 of the License, or (at your
+* option) any later version.
+*
+* This program is distributed in the hope that it will be useful, but WITHOUT
+* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+* more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <memory>
+#include <boost/lexical_cast.hpp>
+#include <boost/asio/write.hpp>
+#include <AuthSession.h>
+#include <Log.h>
+#include "ByteBuffer.h"
+#include "AuthCodes.h"
+#include "Database/DatabaseEnv.h"
+#include "SHA1.h"
+#include "openssl/crypto.h"
+#include "Configuration/Config.h"
+#include "RealmList.h"
+
+using boost::asio::ip::tcp;
+
+enum eAuthCmd
+{
+ AUTH_LOGON_CHALLENGE = 0x00,
+ AUTH_LOGON_PROOF = 0x01,
+ AUTH_RECONNECT_CHALLENGE = 0x02,
+ AUTH_RECONNECT_PROOF = 0x03,
+ REALM_LIST = 0x10,
+ XFER_INITIATE = 0x30,
+ XFER_DATA = 0x31,
+ XFER_ACCEPT = 0x32,
+ XFER_RESUME = 0x33,
+ XFER_CANCEL = 0x34
+};
+
+enum eStatus
+{
+ STATUS_CONNECTED = 0,
+ STATUS_AUTHED
+};
+
+#pragma pack(push, 1)
+
+typedef struct AUTH_LOGON_CHALLENGE_C
+{
+ uint8 cmd;
+ uint8 error;
+ uint16 size;
+ uint8 gamename[4];
+ uint8 version1;
+ uint8 version2;
+ uint8 version3;
+ uint16 build;
+ uint8 platform[4];
+ uint8 os[4];
+ uint8 country[4];
+ uint32 timezone_bias;
+ uint32 ip;
+ uint8 I_len;
+ uint8 I[1];
+} sAuthLogonChallenge_C;
+
+typedef struct AUTH_LOGON_PROOF_C
+{
+ uint8 cmd;
+ uint8 A[32];
+ uint8 M1[20];
+ uint8 crc_hash[20];
+ uint8 number_of_keys;
+ uint8 securityFlags;
+} sAuthLogonProof_C;
+
+typedef struct AUTH_LOGON_PROOF_S
+{
+ uint8 cmd;
+ uint8 error;
+ uint8 M2[20];
+ uint32 unk1;
+ uint32 unk2;
+ uint16 unk3;
+} sAuthLogonProof_S;
+
+typedef struct AUTH_LOGON_PROOF_S_OLD
+{
+ uint8 cmd;
+ uint8 error;
+ uint8 M2[20];
+ uint32 unk2;
+} sAuthLogonProof_S_Old;
+
+typedef struct AUTH_RECONNECT_PROOF_C
+{
+ uint8 cmd;
+ uint8 R1[16];
+ uint8 R2[20];
+ uint8 R3[20];
+ uint8 number_of_keys;
+} sAuthReconnectProof_C;
+
+#pragma pack(pop)
+
+
+typedef struct AuthHandler
+{
+ eAuthCmd cmd;
+ uint32 status;
+ size_t packetSize;
+ bool (AuthSession::*handler)();
+} AuthHandler;
+
+#define BYTE_SIZE 32
+#define REALMLIST_SKIP_PACKETS 5
+
+const AuthHandler table[] =
+{
+ { AUTH_LOGON_CHALLENGE, STATUS_CONNECTED, sizeof(AUTH_LOGON_CHALLENGE_C), &AuthSession::_HandleLogonChallenge },
+ { AUTH_LOGON_PROOF, STATUS_CONNECTED, sizeof(AUTH_LOGON_PROOF_C), &AuthSession::_HandleLogonProof },
+ { AUTH_RECONNECT_CHALLENGE, STATUS_CONNECTED, sizeof(AUTH_LOGON_CHALLENGE_C), &AuthSession::_HandleReconnectChallenge },
+ { AUTH_RECONNECT_PROOF, STATUS_CONNECTED, sizeof(AUTH_RECONNECT_PROOF_C), &AuthSession::_HandleReconnectProof },
+ { REALM_LIST, STATUS_AUTHED, REALMLIST_SKIP_PACKETS, &AuthSession::_HandleRealmList }
+};
+
+void AuthSession::AsyncReadHeader()
+{
+ auto self(shared_from_this());
+
+ _socket.async_read_some(boost::asio::buffer(_readBuffer, 1), [this, self](boost::system::error_code error, size_t transferedBytes)
+ {
+ if (!error && transferedBytes == 1)
+ {
+ for (const AuthHandler& entry : table)
+ {
+ if ((uint8)entry.cmd == _readBuffer[0] && (entry.status == STATUS_CONNECTED || (_isAuthenticated && entry.status == STATUS_AUTHED)))
+ {
+ // Handle dynamic size packet
+ if (_readBuffer[0] == AUTH_LOGON_CHALLENGE)
+ {
+ _socket.read_some(boost::asio::buffer(&_readBuffer[1], sizeof(uint8) + sizeof(uint16))); //error + size
+
+ AsyncReadData(entry.handler, *reinterpret_cast<uint16*>(&_readBuffer[2]), sizeof(uint8) + sizeof(uint8) + sizeof(uint16)); // cmd + error + size
+ }
+ else
+ {
+ AsyncReadData(entry.handler, entry.packetSize, sizeof(uint8));
+ }
+ break;
+ }
+ }
+ }
+ else
+ {
+ _socket.close();
+ }
+ });
+}
+
+void AuthSession::AsyncReadData(bool (AuthSession::*handler)(), size_t dataSize, size_t bufferOffSet)
+{
+ auto self(shared_from_this());
+
+ _socket.async_read_some(boost::asio::buffer(&_readBuffer[bufferOffSet], dataSize), [handler, this, self](boost::system::error_code error, size_t transferedBytes)
+ {
+ if (!error && transferedBytes > 0)
+ {
+ if (!(*this.*handler)())
+ {
+ _socket.close();
+ return;
+ }
+
+ AsyncReadHeader();
+ }
+ else
+ {
+ _socket.close();
+ }
+ });
+}
+
+void AuthSession::AsyncWrite(std::size_t length)
+{
+ boost::asio::async_write(_socket, boost::asio::buffer(_writeBuffer, length), [this](boost::system::error_code error, std::size_t /*length*/)
+ {
+ if (error)
+ {
+ _socket.close();
+ }
+ });
+}
+
+bool AuthSession::_HandleLogonChallenge()
+{
+ sAuthLogonChallenge_C *challenge = (sAuthLogonChallenge_C*)&_readBuffer;
+
+ //TC_LOG_DEBUG("server.authserver", "[AuthChallenge] got full packet, %#04x bytes", challenge->size);
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] name(%d): '%s'", challenge->I_len, challenge->I);
+
+ ByteBuffer pkt;
+
+ _login.assign((const char*)challenge->I, challenge->I_len);
+ _build = challenge->build;
+ _expversion = uint8(AuthHelper::IsPostBCAcceptedClientBuild(_build) ? POST_BC_EXP_FLAG : (AuthHelper::IsPreBCAcceptedClientBuild(_build) ? PRE_BC_EXP_FLAG : NO_VALID_EXP_FLAG));
+ _os = (const char*)challenge->os;
+
+ if (_os.size() > 4)
+ return false;
+
+ // Restore string order as its byte order is reversed
+ std::reverse(_os.begin(), _os.end());
+
+ pkt << uint8(AUTH_LOGON_CHALLENGE);
+ pkt << uint8(0x00);
+
+ // Verify that this IP is not in the ip_banned table
+ LoginDatabase.Execute(LoginDatabase.GetPreparedStatement(LOGIN_DEL_EXPIRED_IP_BANS));
+
+ std::string const& ipAddress = _socket.remote_endpoint().address().to_string();
+ unsigned short port = _socket.remote_endpoint().port();
+
+ PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_IP_BANNED);
+ stmt->setString(0, ipAddress);
+ PreparedQueryResult result = LoginDatabase.Query(stmt);
+ if (result)
+ {
+ pkt << uint8(WOW_FAIL_BANNED);
+ TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] Banned ip tries to login!", ipAddress.c_str(), port);
+ }
+ else
+ {
+ // Get the account details from the account table
+ // No SQL injection (prepared statement)
+ stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_LOGONCHALLENGE);
+ stmt->setString(0, _login);
+
+ PreparedQueryResult res2 = LoginDatabase.Query(stmt);
+ if (res2)
+ {
+ Field* fields = res2->Fetch();
+
+ // If the IP is 'locked', check that the player comes indeed from the correct IP address
+ bool locked = false;
+ if (fields[2].GetUInt8() == 1) // if ip is locked
+ {
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account '%s' is locked to IP - '%s'", _login.c_str(), fields[4].GetCString());
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Player address is '%s'", ipAddress.c_str());
+
+ if (strcmp(fields[4].GetCString(), ipAddress.c_str()) != 0)
+ {
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account IP differs");
+ pkt << uint8(WOW_FAIL_LOCKED_ENFORCED);
+ locked = true;
+ }
+ else
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account IP matches");
+ }
+ else
+ {
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account '%s' is not locked to ip", _login.c_str());
+ std::string accountCountry = fields[3].GetString();
+ if (accountCountry.empty() || accountCountry == "00")
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account '%s' is not locked to country", _login.c_str());
+ else if (!accountCountry.empty())
+ {
+ uint32 ip = inet_addr(ipAddress.c_str());
+ EndianConvertReverse(ip);
+
+ stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_LOGON_COUNTRY);
+ stmt->setUInt32(0, ip);
+ if (PreparedQueryResult sessionCountryQuery = LoginDatabase.Query(stmt))
+ {
+ std::string loginCountry = (*sessionCountryQuery)[0].GetString();
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account '%s' is locked to country: '%s' Player country is '%s'", _login.c_str(),
+ accountCountry.c_str(), loginCountry.c_str());
+
+ if (loginCountry != accountCountry)
+ {
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account country differs.");
+ pkt << uint8(WOW_FAIL_UNLOCKABLE_LOCK);
+ locked = true;
+ }
+ else
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account country matches");
+ }
+ else
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] IP2NATION Table empty");
+ }
+ }
+
+ if (!locked)
+ {
+ //set expired bans to inactive
+ LoginDatabase.DirectExecute(LoginDatabase.GetPreparedStatement(LOGIN_UPD_EXPIRED_ACCOUNT_BANS));
+
+ // If the account is banned, reject the logon attempt
+ stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BANNED);
+ stmt->setUInt32(0, fields[1].GetUInt32());
+ PreparedQueryResult banresult = LoginDatabase.Query(stmt);
+ if (banresult)
+ {
+ if ((*banresult)[0].GetUInt32() == (*banresult)[1].GetUInt32())
+ {
+ pkt << uint8(WOW_FAIL_BANNED);
+ TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] Banned account %s tried to login!", ipAddress.c_str(),
+ port, _login.c_str());
+ }
+ else
+ {
+ pkt << uint8(WOW_FAIL_SUSPENDED);
+ TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] Temporarily banned account %s tried to login!",
+ ipAddress.c_str(), port, _login.c_str());
+ }
+ }
+ else
+ {
+ // Get the password from the account table, upper it, and make the SRP6 calculation
+ std::string rI = fields[0].GetString();
+
+ // Don't calculate (v, s) if there are already some in the database
+ std::string databaseV = fields[6].GetString();
+ std::string databaseS = fields[7].GetString();
+
+ TC_LOG_DEBUG("network", "database authentication values: v='%s' s='%s'", databaseV.c_str(), databaseS.c_str());
+
+ // multiply with 2 since bytes are stored as hexstring
+ if (databaseV.size() != BYTE_SIZE * 2 || databaseS.size() != BYTE_SIZE * 2)
+ SetVSFields(rI);
+ else
+ {
+ s.SetHexStr(databaseS.c_str());
+ v.SetHexStr(databaseV.c_str());
+ }
+
+ b.SetRand(19 * 8);
+ BigNumber gmod = g.ModExp(b, N);
+ B = ((v * 3) + gmod) % N;
+
+ ASSERT(gmod.GetNumBytes() <= 32);
+
+ BigNumber unk3;
+ unk3.SetRand(16 * 8);
+
+ // Fill the response packet with the result
+ if (fields[9].GetUInt32() && AuthHelper::IsBuildSupportingBattlenet(_build))
+ pkt << uint8(WOW_FAIL_USE_BATTLENET);
+ else if (AuthHelper::IsAcceptedClientBuild(_build))
+ pkt << uint8(WOW_SUCCESS);
+ else
+ pkt << uint8(WOW_FAIL_VERSION_INVALID);
+
+ // B may be calculated < 32B so we force minimal length to 32B
+ pkt.append(B.AsByteArray(32).get(), 32); // 32 bytes
+ pkt << uint8(1);
+ pkt.append(g.AsByteArray().get(), 1);
+ pkt << uint8(32);
+ pkt.append(N.AsByteArray(32).get(), 32);
+ pkt.append(s.AsByteArray().get(), s.GetNumBytes()); // 32 bytes
+ pkt.append(unk3.AsByteArray(16).get(), 16);
+ uint8 securityFlags = 0;
+
+ // Check if token is used
+ _tokenKey = fields[8].GetString();
+ if (!_tokenKey.empty())
+ securityFlags = 4;
+
+ pkt << uint8(securityFlags); // security flags (0x0...0x04)
+
+ if (securityFlags & 0x01) // PIN input
+ {
+ pkt << uint32(0);
+ pkt << uint64(0) << uint64(0); // 16 bytes hash?
+ }
+
+ if (securityFlags & 0x02) // Matrix input
+ {
+ pkt << uint8(0);
+ pkt << uint8(0);
+ pkt << uint8(0);
+ pkt << uint8(0);
+ pkt << uint64(0);
+ }
+
+ if (securityFlags & 0x04) // Security token input
+ pkt << uint8(1);
+
+ uint8 secLevel = fields[5].GetUInt8();
+ _accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
+
+ _localizationName.resize(4);
+ for (int i = 0; i < 4; ++i)
+ _localizationName[i] = challenge->country[4 - i - 1];
+
+ TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] account %s is using '%c%c%c%c' locale (%u)",
+ ipAddress.c_str(), port, _login.c_str(),
+ challenge->country[3], challenge->country[2], challenge->country[1], challenge->country[0],
+ GetLocaleByName(_localizationName)
+ );
+ }
+ }
+ }
+ else //no account
+ pkt << uint8(WOW_FAIL_UNKNOWN_ACCOUNT);
+ }
+
+ std::memcpy(_writeBuffer, (char const*)pkt.contents(), pkt.size());
+
+ AsyncWrite(pkt.size());
+
+ return true;
+}
+
+// Logon Proof command handler
+bool AuthSession::_HandleLogonProof()
+{
+
+ TC_LOG_DEBUG("server.authserver", "Entering _HandleLogonProof");
+ // Read the packet
+ sAuthLogonProof_C *logonProof = (sAuthLogonProof_C*)&_readBuffer;
+
+ // If the client has no valid version
+ if (_expversion == NO_VALID_EXP_FLAG)
+ {
+ // Check if we have the appropriate patch on the disk
+ TC_LOG_DEBUG("network", "Client with invalid version, patching is not implemented");
+ return false;
+ }
+
+ // Continue the SRP6 calculation based on data received from the client
+ BigNumber A;
+
+ A.SetBinary(logonProof->A, 32);
+
+ // SRP safeguard: abort if A == 0
+ if (A.isZero())
+ {
+ return false;
+ }
+
+ SHA1Hash sha;
+ sha.UpdateBigNumbers(&A, &B, NULL);
+ sha.Finalize();
+ BigNumber u;
+ u.SetBinary(sha.GetDigest(), 20);
+ BigNumber S = (A * (v.ModExp(u, N))).ModExp(b, N);
+
+ uint8 t[32];
+ uint8 t1[16];
+ uint8 vK[40];
+ memcpy(t, S.AsByteArray(32).get(), 32);
+
+ for (int i = 0; i < 16; ++i)
+ t1[i] = t[i * 2];
+
+ sha.Initialize();
+ sha.UpdateData(t1, 16);
+ sha.Finalize();
+
+ for (int i = 0; i < 20; ++i)
+ vK[i * 2] = sha.GetDigest()[i];
+
+ for (int i = 0; i < 16; ++i)
+ t1[i] = t[i * 2 + 1];
+
+ sha.Initialize();
+ sha.UpdateData(t1, 16);
+ sha.Finalize();
+
+ for (int i = 0; i < 20; ++i)
+ vK[i * 2 + 1] = sha.GetDigest()[i];
+
+ K.SetBinary(vK, 40);
+
+ uint8 hash[20];
+
+ sha.Initialize();
+ sha.UpdateBigNumbers(&N, NULL);
+ sha.Finalize();
+ memcpy(hash, sha.GetDigest(), 20);
+ sha.Initialize();
+ sha.UpdateBigNumbers(&g, NULL);
+ sha.Finalize();
+
+ for (int i = 0; i < 20; ++i)
+ hash[i] ^= sha.GetDigest()[i];
+
+ BigNumber t3;
+ t3.SetBinary(hash, 20);
+
+ sha.Initialize();
+ sha.UpdateData(_login);
+ sha.Finalize();
+ uint8 t4[SHA_DIGEST_LENGTH];
+ memcpy(t4, sha.GetDigest(), SHA_DIGEST_LENGTH);
+
+ sha.Initialize();
+ sha.UpdateBigNumbers(&t3, NULL);
+ sha.UpdateData(t4, SHA_DIGEST_LENGTH);
+ sha.UpdateBigNumbers(&s, &A, &B, &K, NULL);
+ sha.Finalize();
+ BigNumber M;
+ M.SetBinary(sha.GetDigest(), 20);
+
+ // Check if SRP6 results match (password is correct), else send an error
+ if (!memcmp(M.AsByteArray().get(), logonProof->M1, 20))
+ {
+ TC_LOG_DEBUG("server.authserver", "'%s:%d' User '%s' successfully authenticated", GetRemoteIpAddress().c_str(), GetRemotePort(), _login.c_str());
+
+ // Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account
+ PreparedStatement *stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF);
+ stmt->setString(0, K.AsHexStr());
+ stmt->setString(1, GetRemoteIpAddress().c_str());
+ stmt->setUInt32(2, GetLocaleByName(_localizationName));
+ stmt->setString(3, _os);
+ stmt->setString(4, _login);
+ LoginDatabase.DirectExecute(stmt);
+
+ // Finish SRP6 and send the final result to the client
+ sha.Initialize();
+ sha.UpdateBigNumbers(&A, &M, &K, NULL);
+ sha.Finalize();
+
+ // Check auth token
+ if ((logonProof->securityFlags & 0x04) || !_tokenKey.empty())
+ {
+ // TODO To be fixed
+
+ /*
+ uint8 size;
+ socket().recv((char*)&size, 1);
+ char* token = new char[size + 1];
+ token[size] = '\0';
+ socket().recv(token, size);
+ unsigned int validToken = TOTP::GenerateToken(_tokenKey.c_str());
+ unsigned int incomingToken = atoi(token);
+ delete[] token;
+ if (validToken != incomingToken)
+ {
+ char data[] = { AUTH_LOGON_PROOF, WOW_FAIL_UNKNOWN_ACCOUNT, 3, 0 };
+ socket().send(data, sizeof(data));
+ return false;
+ }*/
+ }
+
+ if (_expversion & POST_BC_EXP_FLAG) // 2.x and 3.x clients
+ {
+ sAuthLogonProof_S proof;
+ memcpy(proof.M2, sha.GetDigest(), 20);
+ proof.cmd = AUTH_LOGON_PROOF;
+ proof.error = 0;
+ proof.unk1 = GAMEACCOUNT_FLAG_PROPASS_LOCK;
+ proof.unk2 = 0x00; // SurveyId
+ proof.unk3 = 0x00;
+
+ std::memcpy(_writeBuffer, (char *)&proof, sizeof(proof));
+ AsyncWrite(sizeof(proof));
+ }
+ else
+ {
+ sAuthLogonProof_S_Old proof;
+ memcpy(proof.M2, sha.GetDigest(), 20);
+ proof.cmd = AUTH_LOGON_PROOF;
+ proof.error = 0;
+ proof.unk2 = 0x00;
+
+ std::memcpy(_writeBuffer, (char *)&proof, sizeof(proof));
+ AsyncWrite(sizeof(proof));
+ }
+
+ _isAuthenticated = true;
+ }
+ else
+ {
+ char data[4] = { AUTH_LOGON_PROOF, WOW_FAIL_UNKNOWN_ACCOUNT, 3, 0 };
+
+ std::memcpy(_writeBuffer, data, sizeof(data));
+ AsyncWrite(sizeof(data));
+
+ TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] account %s tried to login with invalid password!",
+ GetRemoteIpAddress().c_str(), GetRemotePort(), _login.c_str());
+
+ uint32 MaxWrongPassCount = sConfigMgr->GetIntDefault("WrongPass.MaxCount", 0);
+
+ // We can not include the failed account login hook. However, this is a workaround to still log this.
+ if (sConfigMgr->GetBoolDefault("Wrong.Password.Login.Logging", false))
+ {
+ PreparedStatement* logstmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_FALP_IP_LOGGING);
+ logstmt->setString(0, _login);
+ logstmt->setString(1, GetRemoteIpAddress());
+ logstmt->setString(2, "Logged on failed AccountLogin due wrong password");
+
+ LoginDatabase.Execute(logstmt);
+ }
+
+ if (MaxWrongPassCount > 0)
+ {
+ //Increment number of failed logins by one and if it reaches the limit temporarily ban that account or IP
+ PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_FAILEDLOGINS);
+ stmt->setString(0, _login);
+ LoginDatabase.Execute(stmt);
+
+ stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_FAILEDLOGINS);
+ stmt->setString(0, _login);
+
+ if (PreparedQueryResult loginfail = LoginDatabase.Query(stmt))
+ {
+ uint32 failed_logins = (*loginfail)[1].GetUInt32();
+
+ if (failed_logins >= MaxWrongPassCount)
+ {
+ uint32 WrongPassBanTime = sConfigMgr->GetIntDefault("WrongPass.BanTime", 600);
+ bool WrongPassBanType = sConfigMgr->GetBoolDefault("WrongPass.BanType", false);
+
+ if (WrongPassBanType)
+ {
+ uint32 acc_id = (*loginfail)[0].GetUInt32();
+ stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT_AUTO_BANNED);
+ stmt->setUInt32(0, acc_id);
+ stmt->setUInt32(1, WrongPassBanTime);
+ LoginDatabase.Execute(stmt);
+
+ TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] account %s got banned for '%u' seconds because it failed to authenticate '%u' times",
+ GetRemoteIpAddress().c_str(), GetRemotePort(), _login.c_str(), WrongPassBanTime, failed_logins);
+ }
+ else
+ {
+ stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_IP_AUTO_BANNED);
+ stmt->setString(0, GetRemoteIpAddress());
+ stmt->setUInt32(1, WrongPassBanTime);
+ LoginDatabase.Execute(stmt);
+
+ TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] IP got banned for '%u' seconds because account %s failed to authenticate '%u' times",
+ GetRemoteIpAddress().c_str(), GetRemotePort(), WrongPassBanTime, _login.c_str(), failed_logins);
+ }
+ }
+ }
+ }
+ }
+
+ return true;
+}
+
+bool AuthSession::_HandleReconnectChallenge()
+{
+ TC_LOG_DEBUG("server.authserver", "Entering _HandleReconnectChallenge");
+ sAuthLogonChallenge_C *challenge = (sAuthLogonChallenge_C*)&_readBuffer;
+
+ //TC_LOG_DEBUG("server.authserver", "[AuthChallenge] got full packet, %#04x bytes", challenge->size);
+ TC_LOG_DEBUG("server.authserver", "[AuthChallenge] name(%d): '%s'", challenge->I_len, challenge->I);
+
+ _login.assign((const char*)challenge->I, challenge->I_len);
+
+ PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_SESSIONKEY);
+ stmt->setString(0, _login);
+ PreparedQueryResult result = LoginDatabase.Query(stmt);
+
+ // Stop if the account is not found
+ if (!result)
+ {
+ TC_LOG_ERROR("server.authserver", "'%s:%d' [ERROR] user %s tried to login and we cannot find his session key in the database.",
+ GetRemoteIpAddress().c_str(), GetRemotePort(), _login.c_str());
+ return false;
+ }
+
+ // Reinitialize build, expansion and the account securitylevel
+ _build = challenge->build;
+ _expversion = uint8(AuthHelper::IsPostBCAcceptedClientBuild(_build) ? POST_BC_EXP_FLAG : (AuthHelper::IsPreBCAcceptedClientBuild(_build) ? PRE_BC_EXP_FLAG : NO_VALID_EXP_FLAG));
+ _os = (const char*)challenge->os;
+
+ if (_os.size() > 4)
+ return false;
+
+ // Restore string order as its byte order is reversed
+ std::reverse(_os.begin(), _os.end());
+
+ Field* fields = result->Fetch();
+ uint8 secLevel = fields[2].GetUInt8();
+ _accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
+
+ K.SetHexStr((*result)[0].GetCString());
+
+ // Sending response
+ ByteBuffer pkt;
+ pkt << uint8(AUTH_RECONNECT_CHALLENGE);
+ pkt << uint8(0x00);
+ _reconnectProof.SetRand(16 * 8);
+ pkt.append(_reconnectProof.AsByteArray(16).get(), 16); // 16 bytes random
+ pkt << uint64(0x00) << uint64(0x00); // 16 bytes zeros
+
+ std::memcpy(_writeBuffer, (char const*)pkt.contents(), pkt.size());
+ AsyncWrite(pkt.size());
+
+ return true;
+}
+bool AuthSession::_HandleReconnectProof()
+{
+ TC_LOG_DEBUG("server.authserver", "Entering _HandleReconnectProof");
+ sAuthReconnectProof_C *reconnectProof = (sAuthReconnectProof_C*)&_readBuffer;
+
+ if (_login.empty() || !_reconnectProof.GetNumBytes() || !K.GetNumBytes())
+ return false;
+
+ BigNumber t1;
+ t1.SetBinary(reconnectProof->R1, 16);
+
+ SHA1Hash sha;
+ sha.Initialize();
+ sha.UpdateData(_login);
+ sha.UpdateBigNumbers(&t1, &_reconnectProof, &K, NULL);
+ sha.Finalize();
+
+ if (!memcmp(sha.GetDigest(), reconnectProof->R2, SHA_DIGEST_LENGTH))
+ {
+ // Sending response
+ ByteBuffer pkt;
+ pkt << uint8(AUTH_RECONNECT_PROOF);
+ pkt << uint8(0x00);
+ pkt << uint16(0x00); // 2 bytes zeros
+ std::memcpy(_writeBuffer, (char const*)pkt.contents(), pkt.size());
+ AsyncWrite(pkt.size());
+ _isAuthenticated = true;
+ return true;
+ }
+ else
+ {
+ TC_LOG_ERROR("server.authserver", "'%s:%d' [ERROR] user %s tried to login, but session is invalid.", GetRemoteIpAddress().c_str(),
+ GetRemotePort(), _login.c_str());
+ return false;
+ }
+}
+
+tcp::endpoint const GetAddressForClient(Realm const& realm, ip::address const& clientAddr)
+{
+ ip::address realmIp;
+
+ // Attempt to send best address for client
+ if (clientAddr.is_loopback())
+ {
+ // Try guessing if realm is also connected locally
+ if (realm.LocalAddress.is_loopback() || realm.ExternalAddress.is_loopback())
+ realmIp = clientAddr;
+ else
+ {
+ // Assume that user connecting from the machine that authserver is located on
+ // has all realms available in his local network
+ realmIp = realm.LocalAddress;
+ }
+ }
+ else
+ {
+ if (clientAddr.is_v4() &&
+ (clientAddr.to_v4().to_ulong() & realm.LocalSubnetMask.to_v4().to_ulong()) ==
+ (realm.LocalAddress.to_v4().to_ulong() & realm.LocalSubnetMask.to_v4().to_ulong()))
+ {
+ realmIp = realm.LocalAddress;
+ }
+ else
+ realmIp = realm.ExternalAddress;
+ }
+
+ tcp::endpoint endpoint(realmIp, realm.port);
+
+ // Return external IP
+ return endpoint;
+}
+
+bool AuthSession::_HandleRealmList()
+{
+ TC_LOG_DEBUG("server.authserver", "Entering _HandleRealmList");
+
+ // Get the user id (else close the connection)
+ // No SQL injection (prepared statement)
+ PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_ID_BY_NAME);
+ stmt->setString(0, _login);
+ PreparedQueryResult result = LoginDatabase.Query(stmt);
+ if (!result)
+ {
+ TC_LOG_ERROR("server.authserver", "'%s:%d' [ERROR] user %s tried to login but we cannot find him in the database.", GetRemoteIpAddress().c_str(),
+ GetRemotePort(), _login.c_str());
+ return false;
+ }
+
+ Field* fields = result->Fetch();
+ uint32 id = fields[0].GetUInt32();
+
+ // Update realm list if need
+ sRealmList.UpdateIfNeed();
+
+ // Circle through realms in the RealmList and construct the return packet (including # of user characters in each realm)
+ ByteBuffer pkt;
+
+ size_t RealmListSize = 0;
+ for (RealmList::RealmMap::const_iterator i = sRealmList.begin(); i != sRealmList.end(); ++i)
+ {
+ const Realm &realm = i->second;
+ // don't work with realms which not compatible with the client
+ bool okBuild = ((_expversion & POST_BC_EXP_FLAG) && realm.gamebuild == _build) || ((_expversion & PRE_BC_EXP_FLAG) && !AuthHelper::IsPreBCAcceptedClientBuild(realm.gamebuild));
+
+ // No SQL injection. id of realm is controlled by the database.
+ uint32 flag = realm.flag;
+ RealmBuildInfo const* buildInfo = AuthHelper::GetBuildInfo(realm.gamebuild);
+ if (!okBuild)
+ {
+ if (!buildInfo)
+ continue;
+
+ flag |= REALM_FLAG_OFFLINE | REALM_FLAG_SPECIFYBUILD; // tell the client what build the realm is for
+ }
+
+ if (!buildInfo)
+ flag &= ~REALM_FLAG_SPECIFYBUILD;
+
+ std::string name = i->first;
+ if (_expversion & PRE_BC_EXP_FLAG && flag & REALM_FLAG_SPECIFYBUILD)
+ {
+ std::ostringstream ss;
+ ss << name << " (" << buildInfo->MajorVersion << '.' << buildInfo->MinorVersion << '.' << buildInfo->BugfixVersion << ')';
+ name = ss.str();
+ }
+
+ uint8 lock = (realm.allowedSecurityLevel > _accountSecurityLevel) ? 1 : 0;
+
+ uint8 AmountOfCharacters = 0;
+ stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_NUM_CHARS_ON_REALM);
+ stmt->setUInt32(0, realm.m_ID);
+ stmt->setUInt32(1, id);
+ result = LoginDatabase.Query(stmt);
+ if (result)
+ AmountOfCharacters = (*result)[0].GetUInt8();
+
+ pkt << realm.icon; // realm type
+ if (_expversion & POST_BC_EXP_FLAG) // only 2.x and 3.x clients
+ pkt << lock; // if 1, then realm locked
+ pkt << uint8(flag); // RealmFlags
+ pkt << name;
+ pkt << boost::lexical_cast<std::string>(GetAddressForClient(realm, _socket.remote_endpoint().address()));
+ pkt << realm.populationLevel;
+ pkt << AmountOfCharacters;
+ pkt << realm.timezone; // realm category
+ if (_expversion & POST_BC_EXP_FLAG) // 2.x and 3.x clients
+ pkt << uint8(realm.m_ID);
+ else
+ pkt << uint8(0x0); // 1.12.1 and 1.12.2 clients
+
+ if (_expversion & POST_BC_EXP_FLAG && flag & REALM_FLAG_SPECIFYBUILD)
+ {
+ pkt << uint8(buildInfo->MajorVersion);
+ pkt << uint8(buildInfo->MinorVersion);
+ pkt << uint8(buildInfo->BugfixVersion);
+ pkt << uint16(buildInfo->Build);
+ }
+
+ ++RealmListSize;
+ }
+
+ if (_expversion & POST_BC_EXP_FLAG) // 2.x and 3.x clients
+ {
+ pkt << uint8(0x10);
+ pkt << uint8(0x00);
+ }
+ else // 1.12.1 and 1.12.2 clients
+ {
+ pkt << uint8(0x00);
+ pkt << uint8(0x02);
+ }
+
+ // make a ByteBuffer which stores the RealmList's size
+ ByteBuffer RealmListSizeBuffer;
+ RealmListSizeBuffer << uint32(0);
+ if (_expversion & POST_BC_EXP_FLAG) // only 2.x and 3.x clients
+ RealmListSizeBuffer << uint16(RealmListSize);
+ else
+ RealmListSizeBuffer << uint32(RealmListSize);
+
+ ByteBuffer hdr;
+ hdr << uint8(REALM_LIST);
+ hdr << uint16(pkt.size() + RealmListSizeBuffer.size());
+ hdr.append(RealmListSizeBuffer); // append RealmList's size buffer
+ hdr.append(pkt); // append realms in the realmlist
+
+ std::memcpy(_writeBuffer, (char const*)hdr.contents(), hdr.size());
+ AsyncWrite(hdr.size());
+
+ return true;
+}
+
+// Make the SRP6 calculation from hash in dB
+void AuthSession::SetVSFields(const std::string& rI)
+{
+ s.SetRand(BYTE_SIZE * 8);
+
+ BigNumber I;
+ I.SetHexStr(rI.c_str());
+
+ // In case of leading zeros in the rI hash, restore them
+ uint8 mDigest[SHA_DIGEST_LENGTH];
+ memset(mDigest, 0, SHA_DIGEST_LENGTH);
+ if (I.GetNumBytes() <= SHA_DIGEST_LENGTH)
+ memcpy(mDigest, I.AsByteArray().get(), I.GetNumBytes());
+
+ std::reverse(mDigest, mDigest + SHA_DIGEST_LENGTH);
+
+ SHA1Hash sha;
+ sha.UpdateData(s.AsByteArray().get(), s.GetNumBytes());
+ sha.UpdateData(mDigest, SHA_DIGEST_LENGTH);
+ sha.Finalize();
+ BigNumber x;
+ x.SetBinary(sha.GetDigest(), sha.GetLength());
+ v = g.ModExp(x, N);
+
+ // No SQL injection (username escaped)
+ char *v_hex, *s_hex;
+ v_hex = v.AsHexStr();
+ s_hex = s.AsHexStr();
+
+ PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS);
+ stmt->setString(0, v_hex);
+ stmt->setString(1, s_hex);
+ stmt->setString(2, _login);
+ LoginDatabase.Execute(stmt);
+
+ OPENSSL_free(v_hex);
+ OPENSSL_free(s_hex);
+}