diff options
| author | Kevin Plestan <Kevin Plestan> | 2016-09-24 15:02:34 +0200 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2016-09-24 15:02:34 +0200 |
| commit | 30d006f98b1ac49c953b22e6da00331faffa48fc (patch) | |
| tree | 6c3759088f0ed185591787fd7da2df665df10083 /src/server/bnetserver/REST/LoginRESTService.cpp | |
| parent | 8de20eabba2b2928c1290359b805bf4d2f03c89c (diff) | |
Core/Bnetserver: Re-enable ban on wrong password
Closes #17937
Closes #17969
Diffstat (limited to 'src/server/bnetserver/REST/LoginRESTService.cpp')
| -rw-r--r-- | src/server/bnetserver/REST/LoginRESTService.cpp | 106 |
1 files changed, 78 insertions, 28 deletions
diff --git a/src/server/bnetserver/REST/LoginRESTService.cpp b/src/server/bnetserver/REST/LoginRESTService.cpp index ab02e0b4254..af54f7e913d 100644 --- a/src/server/bnetserver/REST/LoginRESTService.cpp +++ b/src/server/bnetserver/REST/LoginRESTService.cpp @@ -247,46 +247,96 @@ int32 LoginRESTService::HandlePost(soap* soapClient) PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_ACCOUNT_INFO); stmt->setString(0, login); - stmt->setString(1, CalculateShaPassHash(login, std::move(password))); + if (PreparedQueryResult result = LoginDatabase.Query(stmt)) { + std::string pass_hash = result->Fetch()[13].GetString(); + std::unique_ptr<Battlenet::Session::AccountInfo> accountInfo = Trinity::make_unique<Battlenet::Session::AccountInfo>(); accountInfo->LoadResult(result); - stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_CHARACTER_COUNTS_BY_BNET_ID); - stmt->setUInt32(0, accountInfo->Id); - if (PreparedQueryResult characterCountsResult = LoginDatabase.Query(stmt)) + if (CalculateShaPassHash(login, std::move(password)) == pass_hash) { - do + stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_CHARACTER_COUNTS_BY_BNET_ID); + stmt->setUInt32(0, accountInfo->Id); + if (PreparedQueryResult characterCountsResult = LoginDatabase.Query(stmt)) + { + do + { + Field* fields = characterCountsResult->Fetch(); + accountInfo->GameAccounts[fields[0].GetUInt32()] + .CharacterCounts[Battlenet::RealmHandle{ fields[3].GetUInt8(), fields[4].GetUInt8(), fields[2].GetUInt32() }.GetAddress()] = fields[1].GetUInt8(); + + } while (characterCountsResult->NextRow()); + } + + stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_LAST_PLAYER_CHARACTERS); + stmt->setUInt32(0, accountInfo->Id); + if (PreparedQueryResult lastPlayerCharactersResult = LoginDatabase.Query(stmt)) { - Field* fields = characterCountsResult->Fetch(); - accountInfo->GameAccounts[fields[0].GetUInt32()] - .CharacterCounts[Battlenet::RealmHandle{ fields[3].GetUInt8(), fields[4].GetUInt8(), fields[2].GetUInt32() }.GetAddress()] = fields[1].GetUInt8(); + Field* fields = lastPlayerCharactersResult->Fetch(); + Battlenet::RealmHandle realmId{ fields[1].GetUInt8(), fields[2].GetUInt8(), fields[3].GetUInt32() }; + Battlenet::Session::LastPlayedCharacterInfo& lastPlayedCharacter = accountInfo->GameAccounts[fields[0].GetUInt32()] + .LastPlayedCharacters[realmId.GetSubRegionAddress()]; - } while (characterCountsResult->NextRow()); - } + lastPlayedCharacter.RealmId = realmId; + lastPlayedCharacter.CharacterName = fields[4].GetString(); + lastPlayedCharacter.CharacterGUID = fields[5].GetUInt64(); + lastPlayedCharacter.LastPlayedTime = fields[6].GetUInt32(); + } - stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_LAST_PLAYER_CHARACTERS); - stmt->setUInt32(0, accountInfo->Id); - if (PreparedQueryResult lastPlayerCharactersResult = LoginDatabase.Query(stmt)) - { - Field* fields = lastPlayerCharactersResult->Fetch(); - Battlenet::RealmHandle realmId{ fields[1].GetUInt8(), fields[2].GetUInt8(), fields[3].GetUInt32() }; - Battlenet::Session::LastPlayedCharacterInfo& lastPlayedCharacter = accountInfo->GameAccounts[fields[0].GetUInt32()] - .LastPlayedCharacters[realmId.GetSubRegionAddress()]; - - lastPlayedCharacter.RealmId = realmId; - lastPlayedCharacter.CharacterName = fields[4].GetString(); - lastPlayedCharacter.CharacterGUID = fields[5].GetUInt64(); - lastPlayedCharacter.LastPlayedTime = fields[6].GetUInt32(); - } + BigNumber ticket; + ticket.SetRand(20 * 8); - BigNumber ticket; - ticket.SetRand(20 * 8); + loginResult.set_login_ticket("TC-" + ByteArrayToHexStr(ticket.AsByteArray(20).get(), 20)); - loginResult.set_login_ticket("TC-" + ByteArrayToHexStr(ticket.AsByteArray(20).get(), 20)); + AddLoginTicket(loginResult.login_ticket(), std::move(accountInfo)); + } + else if (!accountInfo->IsBanned) + { + uint32 maxWrongPassword = uint32(sConfigMgr->GetIntDefault("WrongPass.MaxCount", 0)); + + if (sConfigMgr->GetBoolDefault("WrongPass.Logging", false)) + TC_LOG_DEBUG("server.rest", "[%s, Account %s, Id %u] Attempted to connect with wrong password!", ip_address.c_str(), login.c_str(), accountInfo->Id); - AddLoginTicket(loginResult.login_ticket(), std::move(accountInfo)); + if (maxWrongPassword) + { + SQLTransaction trans = LoginDatabase.BeginTransaction(); + stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_FAILED_LOGINS); + stmt->setUInt32(0, accountInfo->Id); + trans->Append(stmt); + + ++accountInfo->FailedLogins; + + TC_LOG_DEBUG("server.rest", "MaxWrongPass : %u, failed_login : %u", maxWrongPassword, accountInfo->Id); + + if (accountInfo->FailedLogins >= maxWrongPassword) + { + BanMode banType = BanMode(sConfigMgr->GetIntDefault("WrongPass.BanType", uint16(BanMode::BAN_IP))); + int32 banTime = sConfigMgr->GetIntDefault("WrongPass.BanTime", 600); + + if (banType == BanMode::BAN_ACCOUNT) + { + stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_BNET_ACCOUNT_AUTO_BANNED); + stmt->setUInt32(0, accountInfo->Id); + } + else + { + stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_IP_AUTO_BANNED); + stmt->setString(0, ip_address); + } + + stmt->setUInt32(1, banTime); + trans->Append(stmt); + + stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_RESET_FAILED_LOGINS); + stmt->setUInt32(0, accountInfo->Id); + trans->Append(stmt); + } + + LoginDatabase.CommitTransaction(trans); + } + } } loginResult.set_authentication_state(Battlenet::JSON::Login::DONE); |