Core/Misc:

* Fix some codestyle, fix some typos * Change CMakeLists for: Custom (can be uncommented), Events, World ** Custom is theoretically unchanged. You can, however, uncomment the glob_recurse that initializes every file within. This might be easier for beginners. * Introducing the IP Based Action Log System: ** On several different actions, e.g. Login, Character Login, etc., a new entry is added ** Can be logged on and off in worldserver config *** Disabled by default to prevent increased log db size for unknowing users. * Add a new row to account table called 'last_attempt_ip' ** Lists the last ip trying to connect to the account * Add a new type of HookScripts: AccountScript ** Includes: OnAccountLogin, OnFailedAccountLogin, OnEmailChange, OnFailedChange, OnPasswordChange, OnFailedPasswordChange * Added new Hook to PlayerScripts: OnFailedPlayerDelete * Added new variables to PlayerScripts: OnPlayerDelete
author: Ascathor <Break_the_Chain@web.de> 2014-05-02 03:44:21 +0200
committer: Ascathor <Break_the_Chain@web.de> 2014-06-13 16:25:11 +0200
commit: 6949735098144e478451e73179ca2d9c6e7344f7 (patch)
tree: 083b22ce75e2a5b40f6623c18feb74e8dd448063 /src/server/game/Server
parent: 58043720420a0f59e95a5e7d226fec3ee98ebfa4 (diff)
2 files changed, 42 insertions, 22 deletions
diff --git a/src/server/game/Server/WorldSession.h b/src/server/game/Server/WorldSession.h
index 61d2fa6d106..3422934fcd9 100644
--- a/src/server/game/Server/WorldSession.h
+++ b/src/server/game/Server/WorldSession.h
@@ -979,10 +979,11 @@ class WorldSession
         // characters who failed on Player::BuildEnumData shouldn't login
         std::set<uint32> _legitCharacters;
 
-        uint32 m_GUIDLow;                                   // set loggined or recently logout player (while m_playerRecentlyLogout set)
+        uint32 m_GUIDLow;                                   // set logined or recently logout player (while m_playerRecentlyLogout set)
         Player* _player;
         WorldSocket* m_Socket;
-        std::string m_Address;
+        std::string m_Address;                              // Current Remote Address
+     // std::string m_LAddress;                             // Last Attempted Remote Adress - we can not set attempted ip for a non-existing session!
 
         AccountTypes _security;
         uint32 _accountId;
diff --git a/src/server/game/Server/WorldSocket.cpp b/src/server/game/Server/WorldSocket.cpp
index 605b863bfa1..d35ee80099d 100644
--- a/src/server/game/Server/WorldSocket.cpp
+++ b/src/server/game/Server/WorldSocket.cpp
@@ -263,7 +263,7 @@ int WorldSocket::open (void *a)
     return 0;
 }
 
-int WorldSocket::close (u_long)
+int WorldSocket::close(u_long)
 {
     shutdown();
 
@@ -274,7 +274,7 @@ int WorldSocket::close (u_long)
     return 0;
 }
 
-int WorldSocket::handle_input (ACE_HANDLE)
+int WorldSocket::handle_input(ACE_HANDLE)
 {
     if (closing_)
         return -1;
@@ -310,7 +310,7 @@ int WorldSocket::handle_input (ACE_HANDLE)
     ACE_NOTREACHED(return -1);
 }
 
-int WorldSocket::handle_output (ACE_HANDLE)
+int WorldSocket::handle_output(ACE_HANDLE)
 {
     ACE_GUARD_RETURN (LockType, Guard, m_OutBufferLock, -1);
 
@@ -356,7 +356,7 @@ int WorldSocket::handle_output (ACE_HANDLE)
     ACE_NOTREACHED (return 0);
 }
 
-int WorldSocket::handle_output_queue (GuardType& g)
+int WorldSocket::handle_output_queue(GuardType& g)
 {
     if (msg_queue()->is_empty())
         return cancel_wakeup_output(g);
@@ -417,7 +417,7 @@ int WorldSocket::handle_output_queue (GuardType& g)
     ACE_NOTREACHED(return -1);
 }
 
-int WorldSocket::handle_close (ACE_HANDLE h, ACE_Reactor_Mask)
+int WorldSocket::handle_close(ACE_HANDLE h, ACE_Reactor_Mask)
 {
     // Critical section
     {
@@ -617,7 +617,7 @@ int WorldSocket::handle_input_missing_data (void)
     return size_t(n) == recv_size ? 1 : 2;
 }
 
-int WorldSocket::cancel_wakeup_output (GuardType& g)
+int WorldSocket::cancel_wakeup_output(GuardType& g)
 {
     if (!m_OutActive)
         return 0;
@@ -637,7 +637,7 @@ int WorldSocket::cancel_wakeup_output (GuardType& g)
     return 0;
 }
 
-int WorldSocket::schedule_wakeup_output (GuardType& g)
+int WorldSocket::schedule_wakeup_output(GuardType& g)
 {
     if (m_OutActive)
         return 0;
@@ -758,6 +758,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     uint64 unk4;
     WorldPacket packet, SendAddonPacked;
     BigNumber k;
+    bool wardenActive = sWorld->getBoolConfig(CONFIG_WARDEN_ENABLED);
 
     if (sWorld->IsClosed())
     {
@@ -795,6 +796,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     // Stop if the account is not found
     if (!result)
     {
+        // We can not log here, as we do not know the account. Thus, no accountId.
         SendAuthResponseError(AUTH_UNKNOWN_ACCOUNT);
         TC_LOG_ERROR("network", "WorldSocket::HandleAuthSession: Sent Auth Response (unknown account).");
         return -1;
@@ -807,19 +809,34 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     if (expansion > world_expansion)
         expansion = world_expansion;
 
+    // For hook purposes, we get Remoteaddress at this point.
+    std::string address = GetRemoteAddress();
+
+    // As we don't know if attempted login process by ip works, we update last_attempt_ip right away
+    stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_ATTEMPT_IP);
+
+    stmt->setString(0, address);
+    stmt->setString(1, account);
+
+    LoginDatabase.Execute(stmt);
+    // This also allows to check for possible "hack" attempts on account
+
+    // id has to be fetched at this point, so that first actual account response that fails can be logged
+    id = fields[0].GetUInt32();
+
     ///- Re-check ip locking (same check as in realmd).
     if (fields[3].GetUInt8() == 1) // if ip is locked
     {
-        if (strcmp (fields[2].GetCString(), GetRemoteAddress().c_str()))
+        if (strcmp (fields[2].GetCString(), address.c_str()))
         {
             SendAuthResponseError(AUTH_FAILED);
-            TC_LOG_DEBUG("network", "WorldSocket::HandleAuthSession: Sent Auth Response (Account IP differs).");
+            TC_LOG_DEBUG("network", "WorldSocket::HandleAuthSession: Sent Auth Response (Account IP differs. Original IP: %s, new IP: %s).", fields[2].GetCString(), address.c_str());
+            // We could log on hook only instead of an additional db log, however action logger is config based. Better keep DB logging as well
+            sScriptMgr->OnFailedAccountLogin(id);
             return -1;
         }
     }
 
-    id = fields[0].GetUInt32();
-
     k.SetHexStr(fields[1].GetCString());
 
     int64 mutetime = fields[5].GetInt64();
@@ -844,10 +861,10 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     std::string os = fields[8].GetString();
 
     // Must be done before WorldSession is created
-    if (sWorld->getBoolConfig(CONFIG_WARDEN_ENABLED) && os != "Win" && os != "OSX")
+    if (wardenActive && os != "Win" && os != "OSX")
     {
         SendAuthResponseError(AUTH_REJECT);
-        TC_LOG_ERROR("network", "WorldSocket::HandleAuthSession: Client %s attempted to log in using invalid client OS (%s).", GetRemoteAddress().c_str(), os.c_str());
+        TC_LOG_ERROR("network", "WorldSocket::HandleAuthSession: Client %s attempted to log in using invalid client OS (%s).", address.c_str(), os.c_str());
         return -1;
     }
 
@@ -871,7 +888,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BANS);
 
     stmt->setUInt32(0, id);
-    stmt->setString(1, GetRemoteAddress());
+    stmt->setString(1, address);
 
     PreparedQueryResult banresult = LoginDatabase.Query(stmt);
 
@@ -879,6 +896,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     {
         SendAuthResponseError(AUTH_BANNED);
         TC_LOG_ERROR("network", "WorldSocket::HandleAuthSession: Sent Auth Response (Account banned).");
+        sScriptMgr->OnFailedAccountLogin(id);
         return -1;
     }
 
@@ -889,6 +907,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     {
         SendAuthResponseError(AUTH_UNAVAILABLE);
         TC_LOG_INFO("network", "WorldSocket::HandleAuthSession: User tries to login but his security level is not enough");
+        sScriptMgr->OnFailedAccountLogin(id);
         return -1;
     }
 
@@ -903,8 +922,6 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     sha.UpdateBigNumbers(&k, NULL);
     sha.Finalize();
 
-    std::string address = GetRemoteAddress();
-
     if (memcmp(sha.GetDigest(), digest, 20))
     {
         SendAuthResponseError(AUTH_FAILED);
@@ -927,8 +944,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     if (result)
         isRecruiter = true;
 
-    // Update the last_ip in the database
-
+    // Update the last_ip in the database as it was successful for login
     stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_IP);
 
     stmt->setString(0, address);
@@ -946,8 +962,11 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     m_Session->ReadAddonsInfo(recvPacket);
     m_Session->LoadPermissions();
 
+    // At this point, we can safely hook a successful login
+    sScriptMgr->OnAccountLogin(id);
+
     // Initialize Warden system only if it is enabled by config
-    if (sWorld->getBoolConfig(CONFIG_WARDEN_ENABLED))
+    if (wardenActive)
         m_Session->InitWarden(&k, os);
 
     // Sleep this Network thread for
@@ -958,7 +977,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     return 0;
 }
 
-int WorldSocket::HandlePing (WorldPacket& recvPacket)
+int WorldSocket::HandlePing(WorldPacket& recvPacket)
 {
     uint32 ping;
     uint32 latency;
author	Ascathor <Break_the_Chain@web.de>	2014-05-02 03:44:21 +0200
committer	Ascathor <Break_the_Chain@web.de>	2014-06-13 16:25:11 +0200
commit	6949735098144e478451e73179ca2d9c6e7344f7 (patch)
tree	083b22ce75e2a5b40f6623c18feb74e8dd448063 /src/server/game/Server
parent	58043720420a0f59e95a5e7d226fec3ee98ebfa4 (diff)