Merge branch 'master' of github.com:TrinityCore/TrinityCore into mmaps_rw

author: Sebastian Valle <s.v.h21@hotmail.com> 2013-10-05 18:12:02 -0500
committer: Sebastian Valle <s.v.h21@hotmail.com> 2013-10-05 18:12:02 -0500
commit: d47e43dc1083f3deda0f56c38f12cc1be2b3da1a (patch)
tree: 50216d707327a26ad385419cd65285e7868c40eb /src/server/authserver/Server/AuthSocket.cpp
parent: e07d76836d3e2d9ee67f63489b5ced155c821c4a (diff)
parent: b658c177031ede8ecf5d1cff5212b4af43f8a796 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/src/server/authserver/Server/AuthSocket.cpp b/src/server/authserver/Server/AuthSocket.cpp
index 1ab9ae6eb62..4a9d3ce7faf 100644
--- a/src/server/authserver/Server/AuthSocket.cpp
+++ b/src/server/authserver/Server/AuthSocket.cpp
@@ -222,12 +222,25 @@ void AuthSocket::OnClose(void)
 // Read the packet from the client
 void AuthSocket::OnRead()
 {
+    #define MAX_AUTH_LOGON_CHALLENGES_IN_A_ROW 3
+    uint32 challengesInARow = 0;
     uint8 _cmd;
     while (1)
     {
         if (!socket().recv_soft((char *)&_cmd, 1))
             return;
 
+        if (_cmd == AUTH_LOGON_CHALLENGE)
+        {
+            ++challengesInARow;
+            if (challengesInARow == MAX_AUTH_LOGON_CHALLENGES_IN_A_ROW)
+            {
+                TC_LOG_WARN(LOG_FILTER_AUTHSERVER, "Got %u AUTH_LOGON_CHALLENGE in a row from '%s', possible ongoing DoS", challengesInARow, socket().getRemoteAddress().c_str());
+                socket().shutdown();
+                return;
+            }
+        }
+
         size_t i;
 
         // Circle through known commands and call the correct command handler
author	Sebastian Valle <s.v.h21@hotmail.com>	2013-10-05 18:12:02 -0500
committer	Sebastian Valle <s.v.h21@hotmail.com>	2013-10-05 18:12:02 -0500
commit	d47e43dc1083f3deda0f56c38f12cc1be2b3da1a (patch)
tree	50216d707327a26ad385419cd65285e7868c40eb /src/server/authserver/Server/AuthSocket.cpp
parent	e07d76836d3e2d9ee67f63489b5ced155c821c4a (diff)
parent	b658c177031ede8ecf5d1cff5212b4af43f8a796 (diff)