diff options
| -rw-r--r-- | src/server/authserver/Server/AuthSession.cpp | 59 | ||||
| -rw-r--r-- | src/server/game/Accounts/AccountMgr.cpp | 2 | ||||
| -rw-r--r-- | src/server/game/World/World.cpp | 2 | ||||
| -rw-r--r-- | src/server/game/World/World.h | 1 |
4 files changed, 60 insertions, 4 deletions
diff --git a/src/server/authserver/Server/AuthSession.cpp b/src/server/authserver/Server/AuthSession.cpp index 9260558c613..b8e498c3a26 100644 --- a/src/server/authserver/Server/AuthSession.cpp +++ b/src/server/authserver/Server/AuthSession.cpp @@ -134,6 +134,7 @@ std::array<uint8, 16> VersionChallenge = { { 0xBA, 0xA3, 0x1E, 0x99, 0xA0, 0x0B, return; } + bool const shouldUpdate = sConfigMgr->GetBoolDefault("AllowDeprecatedExternalPasswords", false, true); bool hadWarning = false; uint32 c = 0; LoginDatabaseTransaction tx = LoginDatabase.BeginTransaction(); @@ -144,10 +145,37 @@ std::array<uint8, 16> VersionChallenge = { { 0xBA, 0xA3, 0x1E, 0x99, 0xA0, 0x0B, HexStrToByteArray<Trinity::Crypto::SHA1::DIGEST_LENGTH>((*result)[1].GetString()) ); - if ((*result)[2].GetInt64() && !hadWarning) + if ((*result)[2].GetInt64()) { - hadWarning = true; - TC_LOG_WARN("server.authserver", "(!) You appear to be using an outdated external account management tool.\n(!!) This is INSECURE, has been deprecated, and will cease to function entirely in the near future.\n(!) Update your external tool.\n(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157."); + if (!hadWarning) + { + hadWarning = true; + if (shouldUpdate) + { + TC_LOG_WARN("server.authserver", + " ========\n" + "(!) You appear to be using an outdated external account management tool.\n" + "(!!) This is INSECURE, has been deprecated, and will cease to function entirely on September 6, 2020.\n" + "(!) Update your external tool.\n" + "(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.\n" + " ========"); + } + else + { + TC_LOG_ERROR("server.authserver", + " ========\n" + "(!) You appear to be using an outdated external account management tool.\n" + "(!!) This is INSECURE, and the account(s) in question will not be able to log in.\n" + "(!) Update your external tool.\n" + "(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.\n" + "(!) You can override this behavior by adding \"AllowDeprecatedExternalPasswords = 1\" to your authserver.conf file.\n" + "(!!) Note that this override will cease to function entirely on September 6, 2020.\n" + " ========"); + } + } + + if (!shouldUpdate) + continue; } LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON); @@ -441,6 +469,23 @@ void AuthSession::LogonChallengeCallback(PreparedQueryResult result) if (!fields[10].IsNull()) { + if (!sConfigMgr->GetBoolDefault("AllowDeprecatedExternalPasswords", false, true)) + { + TC_LOG_ERROR("server.authserver", + " ========\n" + "(!) You appear to be using an outdated external account management tool.\n" + "(!!) This is INSECURE, and the login attempt from account '%s' was BLOCKED.\n" + "(!) Update your external tool.\n" + "(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.\n" + "(!) You can override this behavior by adding \"AllowDeprecatedExternalPasswords = 1\" to your authserver.conf file.\n" + "(!!) Note that this override will cease to function entirely on September 6, 2020.\n" + " ========", _accountInfo.Login.c_str()); + + pkt << uint8(WOW_FAIL_UNLOCKABLE_LOCK); + SendPacket(pkt); + return; + } + // if this is reached, s/v were reset and we need to recalculate from sha_pass_hash Trinity::Crypto::SHA1::Digest sha_pass_hash; HexStrToByteArray(fields[10].GetString(), sha_pass_hash); @@ -451,7 +496,13 @@ void AuthSession::LogonChallengeCallback(PreparedQueryResult result) stmt->setUInt32(2, _accountInfo.Id); LoginDatabase.Execute(stmt); - TC_LOG_WARN("server.authserver", "(!) You appear to be using an outdated external account management tool.\n(!!) This is INSECURE, has been deprecated, and will cease to function entirely in the near future.\n(!) Update your external tool.\n(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157."); + TC_LOG_WARN("server.authserver", + " ========\n" + "(!) You appear to be using an outdated external account management tool.\n" + "(!!) This is INSECURE, has been deprecated, and will cease to function entirely on September 6, 2020.\n" + "(!) Update your external tool.\n" + "(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.\n" + " ========"); _srp6.emplace(_accountInfo.Login, salt, verifier); } diff --git a/src/server/game/Accounts/AccountMgr.cpp b/src/server/game/Accounts/AccountMgr.cpp index 19876a4e192..244e463563d 100644 --- a/src/server/game/Accounts/AccountMgr.cpp +++ b/src/server/game/Accounts/AccountMgr.cpp @@ -187,6 +187,7 @@ AccountOpResult AccountMgr::ChangeUsername(uint32 accountId, std::string newUser stmt->setUInt32(2, accountId); LoginDatabase.Execute(stmt); + if (sWorld->getBoolConfig(CONFIG_SET_SHAPASSHASH)) { LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON_LEGACY); stmt->setString(0, CalculateShaPassHash_DEPRECATED_DONOTUSE(newUsername, newPassword)); @@ -223,6 +224,7 @@ AccountOpResult AccountMgr::ChangePassword(uint32 accountId, std::string newPass stmt->setUInt32(2, accountId);; LoginDatabase.Execute(stmt); + if (sWorld->getBoolConfig(CONFIG_SET_SHAPASSHASH)) { LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON_LEGACY); stmt->setString(0, CalculateShaPassHash_DEPRECATED_DONOTUSE(username, newPassword)); diff --git a/src/server/game/World/World.cpp b/src/server/game/World/World.cpp index 06387511eba..27823c9a5f1 100644 --- a/src/server/game/World/World.cpp +++ b/src/server/game/World/World.cpp @@ -1489,6 +1489,8 @@ void World::LoadConfigSettings(bool reload) m_int_configs[CONFIG_BIRTHDAY_TIME] = sConfigMgr->GetIntDefault("BirthdayTime", 1222964635); + m_bool_configs[CONFIG_SET_SHAPASSHASH] = sConfigMgr->GetBoolDefault("SetDeprecatedExternalPasswords", false, true); + m_bool_configs[CONFIG_IP_BASED_ACTION_LOGGING] = sConfigMgr->GetBoolDefault("Allow.IP.Based.Action.Logging", false); // AHBot diff --git a/src/server/game/World/World.h b/src/server/game/World/World.h index 9ca43bc30ab..1b37c9b897e 100644 --- a/src/server/game/World/World.h +++ b/src/server/game/World/World.h @@ -159,6 +159,7 @@ enum WorldBoolConfigs CONFIG_EVENT_ANNOUNCE, CONFIG_STATS_LIMITS_ENABLE, CONFIG_INSTANCES_RESET_ANNOUNCE, + CONFIG_SET_SHAPASSHASH, CONFIG_IP_BASED_ACTION_LOGGING, CONFIG_ALLOW_TRACK_BOTH_RESOURCES, CONFIG_CALCULATE_CREATURE_ZONE_AREA_DATA, |