diff options
| author | Treeston <treeston.mmoc@gmail.com> | 2020-08-02 22:52:21 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-08-02 22:52:21 +0200 |
| commit | 3164b58c7d170810b69378950c0891e5f5b8678b (patch) | |
| tree | 893d675ab6fcfd71c294a8922f337f063836e9ce /src/server/worldserver | |
| parent | 10f49793f9a7cd67c7b8b203290d7ea5f1829795 (diff) | |
Core/Authserver: Re-organize the `accounts` table (PR #25135)
- no longer use sha_pass_hash for anything else core-side (.account, SOAP, RA)
- salt/verifier/session_key are now binary
- old s/v/sha_pass_hash fields kept around for backwards compatibility
- sha_pass_hash is still updated (for now), s/v are not
- sha_pass_hash is only read if s/v have been manually changed
- SRP6 b now uses the full 32 bytes of randomness (instead of randomly only using 19)
Diffstat (limited to 'src/server/worldserver')
| -rw-r--r-- | src/server/worldserver/RemoteAccess/RASession.cpp | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/src/server/worldserver/RemoteAccess/RASession.cpp b/src/server/worldserver/RemoteAccess/RASession.cpp index 65fb88a2680..6c8cb8b3468 100644 --- a/src/server/worldserver/RemoteAccess/RASession.cpp +++ b/src/server/worldserver/RemoteAccess/RASession.cpp @@ -20,9 +20,10 @@ #include "Config.h" #include "DatabaseEnv.h" #include "Log.h" +#include "ServerMotd.h" +#include "SRP6.h" #include "Util.h" #include "World.h" -#include "ServerMotd.h" #include <boost/asio/buffer.hpp> #include <boost/asio/read_until.hpp> #include <memory> @@ -159,22 +160,21 @@ bool RASession::CheckPassword(const std::string& user, const std::string& pass) Utf8ToUpperOnlyLatin(safe_pass); std::transform(safe_pass.begin(), safe_pass.end(), safe_pass.begin(), ::toupper); - std::string hash = AccountMgr::CalculateShaPassHash(safe_user, safe_pass); - LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_CHECK_PASSWORD_BY_NAME); stmt->setString(0, safe_user); - stmt->setString(1, hash); - - PreparedQueryResult result = LoginDatabase.Query(stmt); - if (!result) + if (PreparedQueryResult result = LoginDatabase.Query(stmt)) { - TC_LOG_INFO("commands.ra", "Wrong password for user: %s", user.c_str()); - return false; + Trinity::Crypto::SRP6::Salt salt = (*result)[0].GetBinary<Trinity::Crypto::SRP6::SALT_LENGTH>(); + Trinity::Crypto::SRP6::Verifier verifier = (*result)[1].GetBinary<Trinity::Crypto::SRP6::VERIFIER_LENGTH>(); + + if (Trinity::Crypto::SRP6::CheckLogin(safe_user, safe_pass, salt, verifier)) + return true; } - return true; + TC_LOG_INFO("commands.ra", "Wrong password for user: %s", user.c_str()); + return false; } bool RASession::ProcessCommand(std::string& command) |