[3.3.5] Core/Authserver: TOTP rewrite: (PR #23633)

- Proper management commands (.account 2fa) - Secrets can now be encrypted (set TOTPTokenSecret in .conf) - Secret now stored in binary - Argon2 and AES primitives - Base32/64 support
author: Treeston <treeston.mmoc@gmail.com> 2019-08-10 21:34:51 +0200
committer: GitHub <noreply@github.com> 2019-08-10 21:34:51 +0200
commit: 4211645834c467a03c60248e80818d3607be9ea7 (patch)
tree: 673a1695581503b6ea3e49da5c3e0d06bf5d892e /src/server/worldserver
parent: 3d356b97d4cc4c7ec4c641487241eae6dcc0558e (diff)
2 files changed, 24 insertions, 0 deletions
diff --git a/src/server/worldserver/Main.cpp b/src/server/worldserver/Main.cpp
index e163dd2566d..2accd7297c2 100644
--- a/src/server/worldserver/Main.cpp
+++ b/src/server/worldserver/Main.cpp
@@ -47,6 +47,8 @@
 #include "ScriptLoader.h"
 #include "ScriptMgr.h"
 #include "ScriptReloadMgr.h"
+#include "SecretMgr.h"
+#include "SharedDefines.h"
 #include "TCSoap.h"
 #include "World.h"
 #include "WorldSocket.h"
@@ -116,6 +118,7 @@ variables_map GetConsoleArguments(int argc, char** argv, fs::path& configFile, s
 /// Launch the Trinity server
 extern int main(int argc, char** argv)
 {
+    Trinity::Impl::CurrentServerProcessHolder::_type = SERVER_PROCESS_WORLDSERVER;
     signal(SIGABRT, &Trinity::AbortHandler);
 
     auto configFile = fs::absolute(_TRINITY_CORE_CONFIG);
@@ -247,6 +250,7 @@ extern int main(int argc, char** argv)
     });
 
     // Initialize the World
+    sSecretMgr->Initialize();
     sWorld->SetInitialWorldSettings();
 
     std::shared_ptr<void> mapManagementHandle(nullptr, [](void*)
diff --git a/src/server/worldserver/worldserver.conf.dist b/src/server/worldserver/worldserver.conf.dist
index c34a49a9e8d..c308bc9d03d 100644
--- a/src/server/worldserver/worldserver.conf.dist
+++ b/src/server/worldserver/worldserver.conf.dist
@@ -11,6 +11,7 @@
 #    PERFORMANCE SETTINGS
 #    SERVER LOGGING
 #    SERVER SETTINGS
+#    CRYPTOGRAPHY
 #    UPDATE SETTINGS
 #    HOTSWAP SETTINGS
 #    WARDEN SETTINGS
@@ -1296,6 +1297,25 @@ CacheDataQueries = 1
 ###################################################################################################
 
 ###################################################################################################
+# CRYPTOGRAPHY
+#
+#    TOTPMasterSecret
+#        Description: The key used by authserver to decrypt TOTP secrets from database storage.
+#                     You only need to set this here if you plan to use the in-game 2FA
+#                     management commands (.account 2fa), otherwise this can be left blank.
+#
+#                     The server will auto-detect if this does not match your authserver setting,
+#                     in which case any commands reliant on the secret will be disabled.
+#
+#        Default:     <blank>
+#
+
+TOTPMasterSecret =
+
+#
+###################################################################################################
+
+###################################################################################################
 # UPDATE SETTINGS
 #
 #    Updates.EnableDatabases
author	Treeston <treeston.mmoc@gmail.com>	2019-08-10 21:34:51 +0200
committer	GitHub <noreply@github.com>	2019-08-10 21:34:51 +0200
commit	4211645834c467a03c60248e80818d3607be9ea7 (patch)
tree	673a1695581503b6ea3e49da5c3e0d06bf5d892e /src/server/worldserver
parent	3d356b97d4cc4c7ec4c641487241eae6dcc0558e (diff)