aboutsummaryrefslogtreecommitdiff
path: root/src/server/bnetserver/Server/SessionManager.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/bnetserver/Server/SessionManager.cpp')
-rw-r--r--src/server/bnetserver/Server/SessionManager.cpp45
1 files changed, 45 insertions, 0 deletions
diff --git a/src/server/bnetserver/Server/SessionManager.cpp b/src/server/bnetserver/Server/SessionManager.cpp
index 3336df4892a..e503bba4219 100644
--- a/src/server/bnetserver/Server/SessionManager.cpp
+++ b/src/server/bnetserver/Server/SessionManager.cpp
@@ -16,6 +16,9 @@
*/
#include "SessionManager.h"
+#include "DatabaseEnv.h"
+#include "SRP6.h"
+#include "Util.h"
bool Battlenet::SessionManager::StartNetwork(Trinity::Asio::IoContext& ioContext, std::string const& bindIp, uint16 port, int threadCount)
{
@@ -27,6 +30,48 @@ bool Battlenet::SessionManager::StartNetwork(Trinity::Asio::IoContext& ioContext
return true;
}
+void Battlenet::SessionManager::FixLegacyAuthHashes()
+{
+ TC_LOG_INFO("server.bnetserver", "Updating password hashes...");
+ uint32 const start = getMSTime();
+ // the auth update query nulls salt/verifier if they cannot be converted
+ // if they are non-null but s/v have been cleared, that means a legacy tool touched our auth DB (otherwise, the core might've done it itself, it used to use those hacks too)
+ QueryResult result = LoginDatabase.Query("SELECT id, sha_pass_hash, IF((salt IS null) AND (verifier IS null), 0, 1) AS shouldWarn FROM account WHERE s != DEFAULT(s) OR v != DEFAULT(v) OR salt IS NULL OR verifier IS NULL");
+ if (!result)
+ {
+ TC_LOG_INFO("server.bnetserver", ">> No password hashes to update - this took us %u ms to realize", GetMSTimeDiffToNow(start));
+ return;
+ }
+
+ bool hadWarning = false;
+ uint32 c = 0;
+ LoginDatabaseTransaction tx = LoginDatabase.BeginTransaction();
+ do
+ {
+ uint32 const id = (*result)[0].GetUInt32();
+ std::pair<Trinity::Crypto::SRP6::Salt, Trinity::Crypto::SRP6::Verifier> registrationData = Trinity::Crypto::SRP6::MakeRegistrationDataFromHash_DEPRECATED_DONOTUSE(
+ HexStrToByteArray<Trinity::Crypto::SHA1::DIGEST_LENGTH>((*result)[1].GetString())
+ );
+
+ if ((*result)[2].GetInt64() && !hadWarning)
+ {
+ hadWarning = true;
+ TC_LOG_WARN("server.bnetserver", "(!) You appear to be using an outdated external account management tool.\n(!!) This is INSECURE, has been deprecated, and will cease to function entirely in the near future.\n(!) Update your external tool.\n(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.");
+ }
+
+ LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON);
+ stmt->setBinary(0, registrationData.first);
+ stmt->setBinary(1, registrationData.second);
+ stmt->setUInt32(2, id);
+ tx->Append(stmt);
+
+ ++c;
+ } while (result->NextRow());
+ LoginDatabase.CommitTransaction(tx);
+
+ TC_LOG_INFO("server.bnetserver", ">> %u password hashes updated in %u ms", c, GetMSTimeDiffToNow(start));
+}
+
NetworkThread<Battlenet::Session>* Battlenet::SessionManager::CreateThreads() const
{
return new NetworkThread<Session>[GetNetworkThreadCount()];