API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 31st, 2016
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 68.97 KB | None | 0 0
raw download clone embed print report
  1. // Copyright (c) Hercules Dev Team, licensed under GNU GPL.
  2. // See the LICENSE file
  3. // Portions Copyright (c) Athena Dev Teams
  4.  
  5. #define HERCULES_CORE
  6.  
  7. #include "login.h"
  8.  
  9. #include "login/HPMlogin.h"
  10. #include "login/account.h"
  11. #include "login/ipban.h"
  12. #include "login/loginlog.h"
  13. #include "common/HPM.h"
  14. #include "common/cbasetypes.h"
  15. #include "common/conf.h"
  16. #include "common/core.h"
  17. #include "common/db.h"
  18. #include "common/memmgr.h"
  19. #include "common/md5calc.h"
  20. #include "common/nullpo.h"
  21. #include "common/random.h"
  22. #include "common/showmsg.h"
  23. #include "common/socket.h"
  24. #include "common/strlib.h"
  25. #include "common/timer.h"
  26. #include "common/utils.h"
  27. #include "../common/harmonycore.h"
  28.  
  29. #include <stdio.h>
  30. #include <stdlib.h>
  31.  
  32. struct login_interface login_s;
  33. struct login_interface *login;
  34. struct Login_Config login_config;
  35. struct mmo_char_server server[MAX_SERVERS]; // char server data
  36.  
  37. struct Account_engine account_engine[] = {
  38. {account_db_sql, NULL}
  39. };
  40.  
  41. // account database
  42. AccountDB* accounts = NULL;
  43.  
  44. //-----------------------------------------------------
  45. // Auth database
  46. //-----------------------------------------------------
  47. #define AUTH_TIMEOUT 30000
  48.  
  49. /**
  50. * @see DBCreateData
  51. */
  52. static DBData login_create_online_user(DBKey key, va_list args)
  53. {
  54. struct online_login_data* p;
  55. CREATE(p, struct online_login_data, 1);
  56. p->account_id = key.i;
  57. p->char_server = -1;
  58. p->waiting_disconnect = INVALID_TIMER;
  59. return DB->ptr2data(p);
  60. }
  61.  
  62. struct online_login_data* login_add_online_user(int char_server, int account_id)
  63. {
  64. struct online_login_data* p;
  65. p = idb_ensure(login->online_db, account_id, login->create_online_user);
  66. p->char_server = char_server;
  67. if( p->waiting_disconnect != INVALID_TIMER )
  68. {
  69. timer->delete(p->waiting_disconnect, login->waiting_disconnect_timer);
  70. p->waiting_disconnect = INVALID_TIMER;
  71. }
  72. return p;
  73. }
  74.  
  75. void login_remove_online_user(int account_id)
  76. {
  77. struct online_login_data* p;
  78. p = (struct online_login_data*)idb_get(login->online_db, account_id);
  79. if( p == NULL )
  80. return;
  81. if( p->waiting_disconnect != INVALID_TIMER )
  82. timer->delete(p->waiting_disconnect, login->waiting_disconnect_timer);
  83.  
  84. idb_remove(login->online_db, account_id);
  85. }
  86.  
  87. static int login_waiting_disconnect_timer(int tid, int64 tick, int id, intptr_t data) {
  88. struct online_login_data* p = (struct online_login_data*)idb_get(login->online_db, id);
  89. if( p != NULL && p->waiting_disconnect == tid && p->account_id == id )
  90. {
  91. p->waiting_disconnect = INVALID_TIMER;
  92. login->remove_online_user(id);
  93. idb_remove(login->auth_db, id);
  94. }
  95. return 0;
  96. }
  97.  
  98. /**
  99. * @see DBApply
  100. */
  101. static int login_online_db_setoffline(DBKey key, DBData *data, va_list ap)
  102. {
  103. struct online_login_data* p = DB->data2ptr(data);
  104. int server_id = va_arg(ap, int);
  105. nullpo_ret(p);
  106. if( server_id == -1 )
  107. {
  108. p->char_server = -1;
  109. if( p->waiting_disconnect != INVALID_TIMER )
  110. {
  111. timer->delete(p->waiting_disconnect, login->waiting_disconnect_timer);
  112. p->waiting_disconnect = INVALID_TIMER;
  113. }
  114. }
  115. else if( p->char_server == server_id )
  116. p->char_server = -2; //Char server disconnected.
  117. return 0;
  118. }
  119.  
  120. /**
  121. * @see DBApply
  122. */
  123. static int login_online_data_cleanup_sub(DBKey key, DBData *data, va_list ap)
  124. {
  125. struct online_login_data *character= DB->data2ptr(data);
  126. nullpo_ret(character);
  127. if (character->char_server == -2) //Unknown server.. set them offline
  128. login->remove_online_user(character->account_id);
  129. return 0;
  130. }
  131.  
  132. static int login_online_data_cleanup(int tid, int64 tick, int id, intptr_t data) {
  133. login->online_db->foreach(login->online_db, login->online_data_cleanup_sub);
  134. return 0;
  135. }
  136.  
  137.  
  138. //--------------------------------------------------------------------
  139. // Packet send to all char-servers, except one (wos: without our self)
  140. //--------------------------------------------------------------------
  141. int charif_sendallwos(int sfd, uint8* buf, size_t len)
  142. {
  143. int i, c;
  144.  
  145. nullpo_ret(buf);
  146. for( i = 0, c = 0; i < ARRAYLENGTH(server); ++i )
  147. {
  148. int fd = server[i].fd;
  149. if (sockt->session_is_valid(fd) && fd != sfd) {
  150. WFIFOHEAD(fd,len);
  151. memcpy(WFIFOP(fd,0), buf, len);
  152. WFIFOSET(fd,len);
  153. ++c;
  154. }
  155. }
  156.  
  157. return c;
  158. }
  159.  
  160.  
  161. /// Initializes a server structure.
  162. void chrif_server_init(int id)
  163. {
  164. Assert_retv(id >= 0 && id < MAX_SERVERS);
  165. memset(&server[id], 0, sizeof(server[id]));
  166. server[id].fd = -1;
  167. }
  168.  
  169.  
  170. /// Destroys a server structure.
  171. void chrif_server_destroy(int id)
  172. {
  173. Assert_retv(id >= 0 && id < MAX_SERVERS);
  174. if (server[id].fd != -1)
  175. {
  176. sockt->close(server[id].fd);
  177. server[id].fd = -1;
  178. }
  179. }
  180.  
  181.  
  182. /// Resets all the data related to a server.
  183. void chrif_server_reset(int id)
  184. {
  185. login->online_db->foreach(login->online_db, login->online_db_setoffline, id); //Set all chars from this char server to offline.
  186. chrif_server_destroy(id);
  187. chrif_server_init(id);
  188. }
  189.  
  190.  
  191. /// Called when the connection to Char Server is disconnected.
  192. void chrif_on_disconnect(int id)
  193. {
  194. Assert_retv(id >= 0 && id < MAX_SERVERS);
  195. ShowStatus("Char-server '%s' has disconnected.\n", server[id].name);
  196. chrif_server_reset(id);
  197. }
  198.  
  199.  
  200. //-----------------------------------------------------
  201. // periodic ip address synchronization
  202. //-----------------------------------------------------
  203. static int login_sync_ip_addresses(int tid, int64 tick, int id, intptr_t data) {
  204. uint8 buf[2];
  205. ShowInfo("IP Sync in progress...\n");
  206. WBUFW(buf,0) = 0x2735;
  207. charif_sendallwos(-1, buf, 2);
  208. return 0;
  209. }
  210.  
  211.  
  212. //-----------------------------------------------------
  213. // encrypted/unencrypted password check (from eApp)
  214. //-----------------------------------------------------
  215. bool login_check_encrypted(const char* str1, const char* str2, const char* passwd)
  216. {
  217. char tmpstr[64+1], md5str[32+1];
  218.  
  219. nullpo_ret(str1);
  220. nullpo_ret(str2);
  221. nullpo_ret(passwd);
  222. safesnprintf(tmpstr, sizeof(tmpstr), "%s%s", str1, str2);
  223. MD5_String(tmpstr, md5str);
  224.  
  225. return (0==strcmp(passwd, md5str));
  226. }
  227.  
  228. bool login_check_password(const char* md5key, int passwdenc, const char* passwd, const char* refpass)
  229. {
  230. nullpo_ret(passwd);
  231. nullpo_ret(refpass);
  232. if(passwdenc == PWENC_NONE) {
  233. return (0==strcmp(passwd, refpass));
  234. } else {
  235. // password mode set to PWENC_ENCRYPT -> md5(md5key, refpass) enable with <passwordencrypt></passwordencrypt>
  236. // password mode set to PWENC_ENCRYPT2 -> md5(refpass, md5key) enable with <passwordencrypt2></passwordencrypt2>
  237.  
  238. return ((passwdenc&PWENC_ENCRYPT) && login->check_encrypted(md5key, refpass, passwd)) ||
  239. ((passwdenc&PWENC_ENCRYPT2) && login->check_encrypted(refpass, md5key, passwd));
  240. }
  241. }
  242.  
  243.  
  244. /**
  245. * Checks whether the given IP comes from LAN or WAN.
  246. *
  247. * @param ip IP address to check.
  248. * @retval 0 if it is a WAN IP.
  249. * @return the appropriate LAN server address to send, if it is a LAN IP.
  250. */
  251. uint32 login_lan_subnet_check(uint32 ip)
  252. {
  253. return sockt->lan_subnet_check(ip, NULL);
  254. }
  255.  
  256. void login_fromchar_auth_ack(int fd, int account_id, uint32 login_id1, uint32 login_id2, uint8 sex, int request_id, struct login_auth_node* node)
  257. {
  258. WFIFOHEAD(fd,33);
  259. WFIFOW(fd,0) = 0x2713;
  260. WFIFOL(fd,2) = account_id;
  261. WFIFOL(fd,6) = login_id1;
  262. WFIFOL(fd,10) = login_id2;
  263. WFIFOB(fd,14) = sex;
  264. if (node)
  265. {
  266. WFIFOB(fd,15) = 0;// ok
  267. WFIFOL(fd,16) = request_id;
  268. WFIFOL(fd,20) = node->version;
  269. WFIFOB(fd,24) = node->clienttype;
  270. WFIFOL(fd,25) = node->group_id;
  271. WFIFOL(fd,29) = (unsigned int)node->expiration_time;
  272. }
  273. else
  274. {
  275. WFIFOB(fd,15) = 1;// auth failed
  276. WFIFOL(fd,16) = request_id;
  277. WFIFOL(fd,20) = 0;
  278. WFIFOB(fd,24) = 0;
  279. WFIFOL(fd,25) = 0;
  280. WFIFOL(fd,29) = 0;
  281. }
  282. WFIFOSET(fd,33);
  283. }
  284.  
  285. void login_fromchar_parse_auth(int fd, int id, const char *const ip)
  286. {
  287. struct login_auth_node* node;
  288.  
  289. int account_id = RFIFOL(fd,2);
  290. uint32 login_id1 = RFIFOL(fd,6);
  291. uint32 login_id2 = RFIFOL(fd,10);
  292. uint8 sex = RFIFOB(fd,14);
  293. //uint32 ip_ = ntohl(RFIFOL(fd,15));
  294. int request_id = RFIFOL(fd,19);
  295. RFIFOSKIP(fd,23);
  296.  
  297. node = (struct login_auth_node*)idb_get(login->auth_db, account_id);
  298. if( core->runflag == LOGINSERVER_ST_RUNNING &&
  299. node != NULL &&
  300. node->account_id == account_id &&
  301. node->login_id1 == login_id1 &&
  302. node->login_id2 == login_id2 &&
  303. node->sex == sex_num2str(sex) /*&&
  304. node->ip == ip_*/ )
  305. {// found
  306. //ShowStatus("Char-server '%s': authentication of the account %d accepted (ip: %s).\n", server[id].name, account_id, ip);
  307.  
  308. // send ack
  309. login->fromchar_auth_ack(fd, account_id, login_id1, login_id2, sex, request_id, node);
  310. // each auth entry can only be used once
  311. idb_remove(login->auth_db, account_id);
  312. }
  313. else
  314. {// authentication not found
  315. nullpo_retv(ip);
  316. ShowStatus("Char-server '%s': authentication of the account %d REFUSED (ip: %s).\n", server[id].name, account_id, ip);
  317. login->fromchar_auth_ack(fd, account_id, login_id1, login_id2, sex, request_id, NULL);
  318. }
  319. }
  320.  
  321. void login_fromchar_parse_update_users(int fd, int id)
  322. {
  323. int users = RFIFOL(fd,2);
  324. RFIFOSKIP(fd,6);
  325.  
  326. // how many users on world? (update)
  327. if( server[id].users != users )
  328. {
  329. ShowStatus("set users %s : %d\n", server[id].name, users);
  330.  
  331. server[id].users = (uint16)users;
  332. }
  333. }
  334.  
  335. void login_fromchar_parse_request_change_email(int fd, int id, const char *const ip)
  336. {
  337. struct mmo_account acc;
  338. char email[40];
  339.  
  340. int account_id = RFIFOL(fd,2);
  341. safestrncpy(email, (char*)RFIFOP(fd,6), 40); remove_control_chars(email);
  342. RFIFOSKIP(fd,46);
  343.  
  344. if( e_mail_check(email) == 0 )
  345. ShowNotice("Char-server '%s': Attempt to create an e-mail on an account with a default e-mail REFUSED - e-mail is invalid (account: %d, ip: %s)\n", server[id].name, account_id, ip);
  346. else
  347. if( !accounts->load_num(accounts, &acc, account_id) || strcmp(acc.email, "a@a.com") == 0 || acc.email[0] == '\0' )
  348. ShowNotice("Char-server '%s': Attempt to create an e-mail on an account with a default e-mail REFUSED - account doesn't exist or e-mail of account isn't default e-mail (account: %d, ip: %s).\n", server[id].name, account_id, ip);
  349. else {
  350. memcpy(acc.email, email, sizeof(acc.email));
  351. ShowNotice("Char-server '%s': Create an e-mail on an account with a default e-mail (account: %d, new e-mail: %s, ip: %s).\n", server[id].name, account_id, email, ip);
  352. // Save
  353. accounts->save(accounts, &acc);
  354. }
  355. }
  356.  
  357. void login_fromchar_account(int fd, int account_id, struct mmo_account *acc)
  358. {
  359. WFIFOHEAD(fd,72);
  360. WFIFOW(fd,0) = 0x2717;
  361. WFIFOL(fd,2) = account_id;
  362. if (acc)
  363. {
  364. time_t expiration_time = 0;
  365. char email[40] = "";
  366. int group_id = 0;
  367. uint8 char_slots = 0;
  368. char birthdate[10+1] = "";
  369. char pincode[4+1] = "\0\0\0\0";
  370.  
  371. safestrncpy(email, acc->email, sizeof(email));
  372. expiration_time = acc->expiration_time;
  373. group_id = acc->group_id;
  374. char_slots = acc->char_slots;
  375. safestrncpy(pincode, acc->pincode, sizeof(pincode));
  376. safestrncpy(birthdate, acc->birthdate, sizeof(birthdate));
  377. if (pincode[0] == '\0')
  378. memset(pincode,'\0',sizeof(pincode));
  379.  
  380. safestrncpy((char*)WFIFOP(fd,6), email, 40);
  381. WFIFOL(fd,46) = (uint32)expiration_time;
  382. WFIFOB(fd,50) = (unsigned char)group_id;
  383. WFIFOB(fd,51) = char_slots;
  384. safestrncpy((char*)WFIFOP(fd,52), birthdate, 10+1);
  385. safestrncpy((char*)WFIFOP(fd,63), pincode, 4+1 );
  386. WFIFOL(fd,68) = acc->pincode_change;
  387. }
  388. else
  389. {
  390. safestrncpy((char*)WFIFOP(fd,6), "", 40);
  391. WFIFOL(fd,46) = 0;
  392. WFIFOB(fd,50) = 0;
  393. WFIFOB(fd,51) = 0;
  394. safestrncpy((char*)WFIFOP(fd,52), "", 10+1);
  395. safestrncpy((char*)WFIFOP(fd,63), "\0\0\0\0", 4+1 );
  396. WFIFOL(fd,68) = 0;
  397. }
  398. WFIFOSET(fd,72);
  399. }
  400.  
  401. void login_fromchar_parse_account_data(int fd, int id, const char *const ip)
  402. {
  403. struct mmo_account acc;
  404.  
  405. int account_id = RFIFOL(fd,2);
  406. RFIFOSKIP(fd,6);
  407.  
  408. if( !accounts->load_num(accounts, &acc, account_id) )
  409. {
  410. ShowNotice("Char-server '%s': account %d NOT found (ip: %s).\n", server[id].name, account_id, ip);
  411. login->fromchar_account(fd, account_id, NULL);
  412. }
  413. else {
  414. login->fromchar_account(fd, account_id, &acc);
  415. }
  416. }
  417.  
  418. void login_fromchar_pong(int fd)
  419. {
  420. WFIFOHEAD(fd,2);
  421. WFIFOW(fd,0) = 0x2718;
  422. WFIFOSET(fd,2);
  423. }
  424.  
  425. void login_fromchar_parse_ping(int fd)
  426. {
  427. RFIFOSKIP(fd,2);
  428. login->fromchar_pong(fd);
  429. }
  430.  
  431. void login_fromchar_parse_change_email(int fd, int id, const char *const ip)
  432. {
  433. struct mmo_account acc;
  434. char actual_email[40];
  435. char new_email[40];
  436.  
  437. int account_id = RFIFOL(fd,2);
  438. safestrncpy(actual_email, (char*)RFIFOP(fd,6), 40);
  439. safestrncpy(new_email, (char*)RFIFOP(fd,46), 40);
  440. RFIFOSKIP(fd, 86);
  441.  
  442. if( e_mail_check(actual_email) == 0 )
  443. ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but actual email is invalid (account: %d, ip: %s)\n", server[id].name, account_id, ip);
  444. else
  445. if( e_mail_check(new_email) == 0 )
  446. ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command) with a invalid new e-mail (account: %d, ip: %s)\n", server[id].name, account_id, ip);
  447. else
  448. if( strcmpi(new_email, "a@a.com") == 0 )
  449. ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command) with a default e-mail (account: %d, ip: %s)\n", server[id].name, account_id, ip);
  450. else
  451. if( !accounts->load_num(accounts, &acc, account_id) )
  452. ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but account doesn't exist (account: %d, ip: %s).\n", server[id].name, account_id, ip);
  453. else
  454. if( strcmpi(acc.email, actual_email) != 0 )
  455. ShowNotice("Char-server '%s': Attempt to modify an e-mail on an account (@email GM command), but actual e-mail is incorrect (account: %d (%s), actual e-mail: %s, proposed e-mail: %s, ip: %s).\n", server[id].name, account_id, acc.userid, acc.email, actual_email, ip);
  456. else {
  457. safestrncpy(acc.email, new_email, sizeof(acc.email));
  458. ShowNotice("Char-server '%s': Modify an e-mail on an account (@email GM command) (account: %d (%s), new e-mail: %s, ip: %s).\n", server[id].name, account_id, acc.userid, new_email, ip);
  459. // Save
  460. accounts->save(accounts, &acc);
  461. }
  462. }
  463.  
  464. void login_fromchar_account_update_other(int account_id, unsigned int state)
  465. {
  466. uint8 buf[11];
  467. WBUFW(buf,0) = 0x2731;
  468. WBUFL(buf,2) = account_id;
  469. WBUFB(buf,6) = 0; // 0: change of state, 1: ban
  470. WBUFL(buf,7) = state; // status or final date of a banishment
  471. charif_sendallwos(-1, buf, 11);
  472. }
  473.  
  474. void login_fromchar_parse_account_update(int fd, int id, const char *const ip)
  475. {
  476. struct mmo_account acc;
  477.  
  478. int account_id = RFIFOL(fd,2);
  479. unsigned int state = RFIFOL(fd,6);
  480. RFIFOSKIP(fd,10);
  481.  
  482. if( !accounts->load_num(accounts, &acc, account_id) )
  483. ShowNotice("Char-server '%s': Error of Status change (account: %d not found, suggested status %d, ip: %s).\n", server[id].name, account_id, state, ip);
  484. else
  485. if( acc.state == state )
  486. ShowNotice("Char-server '%s': Error of Status change - actual status is already the good status (account: %d, status %d, ip: %s).\n", server[id].name, account_id, state, ip);
  487. else {
  488. ShowNotice("Char-server '%s': Status change (account: %d, new status %d, ip: %s).\n", server[id].name, account_id, state, ip);
  489.  
  490. acc.state = state;
  491. // Save
  492. accounts->save(accounts, &acc);
  493.  
  494. // notify other servers
  495. if (state != 0) {
  496. login->fromchar_account_update_other(account_id, state);
  497. }
  498. }
  499. }
  500.  
  501. void login_fromchar_ban(int account_id, time_t timestamp)
  502. {
  503. uint8 buf[11];
  504. WBUFW(buf,0) = 0x2731;
  505. WBUFL(buf,2) = account_id;
  506. WBUFB(buf,6) = 1; // 0: change of status, 1: ban
  507. WBUFL(buf,7) = (uint32)timestamp; // status or final date of a banishment
  508. charif_sendallwos(-1, buf, 11);
  509. }
  510.  
  511. void login_fromchar_parse_ban(int fd, int id, const char *const ip)
  512. {
  513. struct mmo_account acc;
  514.  
  515. int account_id = RFIFOL(fd,2);
  516. int year = (short)RFIFOW(fd,6);
  517. int month = (short)RFIFOW(fd,8);
  518. int mday = (short)RFIFOW(fd,10);
  519. int hour = (short)RFIFOW(fd,12);
  520. int min = (short)RFIFOW(fd,14);
  521. int sec = (short)RFIFOW(fd,16);
  522. RFIFOSKIP(fd,18);
  523.  
  524. if (!accounts->load_num(accounts, &acc, account_id)) {
  525. ShowNotice("Char-server '%s': Error of ban request (account: %d not found, ip: %s).\n", server[id].name, account_id, ip);
  526. } else {
  527. time_t timestamp;
  528. struct tm *tmtime;
  529. if (acc.unban_time == 0 || acc.unban_time < time(NULL))
  530. timestamp = time(NULL); // new ban
  531. else
  532. timestamp = acc.unban_time; // add to existing ban
  533. tmtime = localtime(&timestamp);
  534. tmtime->tm_year += year;
  535. tmtime->tm_mon += month;
  536. tmtime->tm_mday += mday;
  537. tmtime->tm_hour += hour;
  538. tmtime->tm_min += min;
  539. tmtime->tm_sec += sec;
  540. timestamp = mktime(tmtime);
  541. if (timestamp == -1) {
  542. ShowNotice("Char-server '%s': Error of ban request (account: %d, invalid date, ip: %s).\n", server[id].name, account_id, ip);
  543. } else if( timestamp <= time(NULL) || timestamp == 0 ) {
  544. ShowNotice("Char-server '%s': Error of ban request (account: %d, new date unbans the account, ip: %s).\n", server[id].name, account_id, ip);
  545. } else {
  546. char tmpstr[24];
  547. timestamp2string(tmpstr, sizeof(tmpstr), timestamp, login_config.date_format);
  548. ShowNotice("Char-server '%s': Ban request (account: %d, new final date of banishment: %ld (%s), ip: %s).\n",
  549. server[id].name, account_id, (long)timestamp, tmpstr, ip);
  550.  
  551. acc.unban_time = timestamp;
  552.  
  553. // Save
  554. accounts->save(accounts, &acc);
  555.  
  556. login->fromchar_ban(account_id, timestamp);
  557. }
  558. }
  559. }
  560.  
  561. void login_fromchar_change_sex_other(int account_id, char sex)
  562. {
  563. unsigned char buf[7];
  564. WBUFW(buf,0) = 0x2723;
  565. WBUFL(buf,2) = account_id;
  566. WBUFB(buf,6) = sex_str2num(sex);
  567. charif_sendallwos(-1, buf, 7);
  568. }
  569.  
  570. void login_fromchar_parse_change_sex(int fd, int id, const char *const ip)
  571. {
  572. struct mmo_account acc;
  573.  
  574. int account_id = RFIFOL(fd,2);
  575. RFIFOSKIP(fd,6);
  576.  
  577. if( !accounts->load_num(accounts, &acc, account_id) )
  578. ShowNotice("Char-server '%s': Error of sex change (account: %d not found, ip: %s).\n", server[id].name, account_id, ip);
  579. else
  580. if( acc.sex == 'S' )
  581. ShowNotice("Char-server '%s': Error of sex change - account to change is a Server account (account: %d, ip: %s).\n", server[id].name, account_id, ip);
  582. else
  583. {
  584. char sex = ( acc.sex == 'M' ) ? 'F' : 'M'; //Change gender
  585.  
  586. ShowNotice("Char-server '%s': Sex change (account: %d, new sex %c, ip: %s).\n", server[id].name, account_id, sex, ip);
  587.  
  588. acc.sex = sex;
  589. // Save
  590. accounts->save(accounts, &acc);
  591.  
  592. // announce to other servers
  593. login->fromchar_change_sex_other(account_id, sex);
  594. }
  595. }
  596.  
  597. void login_fromchar_parse_account_reg2(int fd, int id, const char *const ip)
  598. {
  599. struct mmo_account acc;
  600.  
  601. int account_id = RFIFOL(fd,4);
  602.  
  603. if( !accounts->load_num(accounts, &acc, account_id) )
  604. ShowStatus("Char-server '%s': receiving (from the char-server) of account_reg2 (account: %d not found, ip: %s).\n", server[id].name, account_id, ip);
  605. else {
  606. mmo_save_accreg2(accounts,fd,account_id,RFIFOL(fd, 8));
  607. }
  608. RFIFOSKIP(fd,RFIFOW(fd,2));
  609. }
  610.  
  611. void login_fromchar_parse_unban(int fd, int id, const char *const ip)
  612. {
  613. struct mmo_account acc;
  614.  
  615. int account_id = RFIFOL(fd,2);
  616. RFIFOSKIP(fd,6);
  617.  
  618. if( !accounts->load_num(accounts, &acc, account_id) )
  619. ShowNotice("Char-server '%s': Error of Unban request (account: %d not found, ip: %s).\n", server[id].name, account_id, ip);
  620. else
  621. if( acc.unban_time == 0 )
  622. ShowNotice("Char-server '%s': Error of Unban request (account: %d, no change for unban date, ip: %s).\n", server[id].name, account_id, ip);
  623. else
  624. {
  625. ShowNotice("Char-server '%s': Unban request (account: %d, ip: %s).\n", server[id].name, account_id, ip);
  626. acc.unban_time = 0;
  627. accounts->save(accounts, &acc);
  628. }
  629. }
  630.  
  631. void login_fromchar_parse_account_online(int fd, int id)
  632. {
  633. login->add_online_user(id, RFIFOL(fd,2));
  634. RFIFOSKIP(fd,6);
  635. }
  636.  
  637. void login_fromchar_parse_account_offline(int fd)
  638. {
  639. login->remove_online_user(RFIFOL(fd,2));
  640. RFIFOSKIP(fd,6);
  641. }
  642.  
  643. void login_fromchar_parse_online_accounts(int fd, int id)
  644. {
  645. uint32 i, users;
  646. login->online_db->foreach(login->online_db, login->online_db_setoffline, id); //Set all chars from this char-server offline first
  647. users = RFIFOW(fd,4);
  648. for (i = 0; i < users; i++) {
  649. int aid = RFIFOL(fd,6+i*4);
  650. struct online_login_data *p = idb_ensure(login->online_db, aid, login->create_online_user);
  651. p->char_server = id;
  652. if (p->waiting_disconnect != INVALID_TIMER)
  653. {
  654. timer->delete(p->waiting_disconnect, login->waiting_disconnect_timer);
  655. p->waiting_disconnect = INVALID_TIMER;
  656. }
  657. }
  658. }
  659.  
  660. void login_fromchar_parse_request_account_reg2(int fd)
  661. {
  662. int account_id = RFIFOL(fd,2);
  663. int char_id = RFIFOL(fd,6);
  664. RFIFOSKIP(fd,10);
  665.  
  666. mmo_send_accreg2(accounts,fd,account_id,char_id);
  667. }
  668.  
  669. void login_fromchar_parse_update_wan_ip(int fd, int id)
  670. {
  671. server[id].ip = ntohl(RFIFOL(fd,2));
  672. ShowInfo("Updated IP of Server #%d to %d.%d.%d.%d.\n",id, CONVIP(server[id].ip));
  673. RFIFOSKIP(fd,6);
  674. }
  675.  
  676. void login_fromchar_parse_all_offline(int fd, int id)
  677. {
  678. ShowInfo("Setting accounts from char-server %d offline.\n", id);
  679. login->online_db->foreach(login->online_db, login->online_db_setoffline, id);
  680. RFIFOSKIP(fd,2);
  681. }
  682.  
  683. void login_fromchar_parse_change_pincode(int fd)
  684. {
  685. struct mmo_account acc;
  686.  
  687. if (accounts->load_num(accounts, &acc, RFIFOL(fd,2))) {
  688. safestrncpy(acc.pincode, (char*)RFIFOP(fd,6), sizeof(acc.pincode));
  689. acc.pincode_change = ((unsigned int)time(NULL));
  690. accounts->save(accounts, &acc);
  691. }
  692. RFIFOSKIP(fd,11);
  693. }
  694.  
  695. bool login_fromchar_parse_wrong_pincode(int fd)
  696. {
  697. struct mmo_account acc;
  698.  
  699. if( accounts->load_num(accounts, &acc, RFIFOL(fd,2) ) ) {
  700. struct online_login_data* ld = (struct online_login_data*)idb_get(login->online_db,acc.account_id);
  701.  
  702. if (ld == NULL) {
  703. RFIFOSKIP(fd,6);
  704. return true;
  705. }
  706.  
  707. login_log(sockt->host2ip(acc.last_ip), acc.userid, 100, "PIN Code check failed", ""); // FIXME: Do we really want to log this with the same code as successful logins?
  708. }
  709.  
  710. login->remove_online_user(acc.account_id);
  711. RFIFOSKIP(fd,6);
  712. return false;
  713. }
  714.  
  715. void login_fromchar_accinfo(int fd, int account_id, int u_fd, int u_aid, int u_group, int map_fd, struct mmo_account *acc)
  716. {
  717. if (acc)
  718. {
  719. WFIFOHEAD(fd,183);
  720. WFIFOW(fd,0) = 0x2737;
  721. safestrncpy((char*)WFIFOP(fd,2), acc->userid, NAME_LENGTH);
  722. if (u_group >= acc->group_id)
  723. safestrncpy((char*)WFIFOP(fd,26), acc->pass, 33);
  724. else
  725. memset(WFIFOP(fd,26), '\0', 33);
  726. safestrncpy((char*)WFIFOP(fd,59), acc->email, 40);
  727. safestrncpy((char*)WFIFOP(fd,99), acc->last_ip, 16);
  728. WFIFOL(fd,115) = acc->group_id;
  729. safestrncpy((char*)WFIFOP(fd,119), acc->lastlogin, 24);
  730. WFIFOL(fd,143) = acc->logincount;
  731. WFIFOL(fd,147) = acc->state;
  732. if (u_group >= acc->group_id)
  733. safestrncpy((char*)WFIFOP(fd,151), acc->pincode, 5);
  734. else
  735. memset(WFIFOP(fd,151), '\0', 5);
  736. safestrncpy((char*)WFIFOP(fd,156), acc->birthdate, 11);
  737. WFIFOL(fd,167) = map_fd;
  738. WFIFOL(fd,171) = u_fd;
  739. WFIFOL(fd,175) = u_aid;
  740. WFIFOL(fd,179) = account_id;
  741. WFIFOSET(fd,183);
  742. }
  743. else
  744. {
  745. WFIFOHEAD(fd,18);
  746. WFIFOW(fd,0) = 0x2736;
  747. WFIFOL(fd,2) = map_fd;
  748. WFIFOL(fd,6) = u_fd;
  749. WFIFOL(fd,10) = u_aid;
  750. WFIFOL(fd,14) = account_id;
  751. WFIFOSET(fd,18);
  752. }
  753. }
  754.  
  755. void login_fromchar_parse_accinfo(int fd)
  756. {
  757. struct mmo_account acc;
  758. int account_id = RFIFOL(fd, 2), u_fd = RFIFOL(fd, 6), u_aid = RFIFOL(fd, 10), u_group = RFIFOL(fd, 14), map_fd = RFIFOL(fd, 18);
  759. if (accounts->load_num(accounts, &acc, account_id)) {
  760. login->fromchar_accinfo(fd, account_id, u_fd, u_aid, u_group, map_fd, &acc);
  761. } else {
  762. login->fromchar_accinfo(fd, account_id, u_fd, u_aid, u_group, map_fd, NULL);
  763. }
  764. RFIFOSKIP(fd,22);
  765. }
  766.  
  767. //--------------------------------
  768. // Packet parsing for char-servers
  769. //--------------------------------
  770. int login_parse_fromchar(int fd)
  771. {
  772. int id;
  773. uint32 ipl;
  774. char ip[16];
  775.  
  776. ARR_FIND( 0, ARRAYLENGTH(server), id, server[id].fd == fd );
  777. if( id == ARRAYLENGTH(server) )
  778. {// not a char server
  779. ShowDebug("login_parse_fromchar: Disconnecting invalid session #%d (is not a char-server)\n", fd);
  780. sockt->eof(fd);
  781. sockt->close(fd);
  782. return 0;
  783. }
  784.  
  785. if( sockt->session[fd]->flag.eof )
  786. {
  787. sockt->close(fd);
  788. server[id].fd = -1;
  789. chrif_on_disconnect(id);
  790. return 0;
  791. }
  792.  
  793. ipl = server[id].ip;
  794. sockt->ip2str(ipl, ip);
  795.  
  796. while( RFIFOREST(fd) >= 2 ) {
  797. uint16 command = RFIFOW(fd,0);
  798.  
  799. if (VECTOR_LENGTH(HPM->packets[hpParse_FromChar]) > 0) {
  800. int result = HPM->parse_packets(fd,hpParse_FromChar);
  801. if (result == 1)
  802. continue;
  803. if (result == 2)
  804. return 0;
  805. }
  806.  
  807. switch( command ) {
  808.  
  809. case 0x2712: // request from char-server to authenticate an account
  810. if( RFIFOREST(fd) < 23 )
  811. return 0;
  812. {
  813. login->fromchar_parse_auth(fd, id, ip);
  814. }
  815. break;
  816.  
  817. case 0x2714:
  818. if( RFIFOREST(fd) < 6 )
  819. return 0;
  820. {
  821. login->fromchar_parse_update_users(fd, id);
  822. }
  823. break;
  824.  
  825. case 0x2715: // request from char server to change e-email from default "a@a.com"
  826. if (RFIFOREST(fd) < 46)
  827. return 0;
  828. {
  829. login->fromchar_parse_request_change_email(fd, id, ip);
  830. }
  831. break;
  832.  
  833. case 0x2716: // request account data
  834. if( RFIFOREST(fd) < 6 )
  835. return 0;
  836. {
  837. login->fromchar_parse_account_data(fd, id, ip);
  838. }
  839. break;
  840.  
  841. case 0x2719: // ping request from charserver
  842. login->fromchar_parse_ping(fd);
  843. break;
  844.  
  845. // Map server send information to change an email of an account via char-server
  846. case 0x2722: // 0x2722 <account_id>.L <actual_e-mail>.40B <new_e-mail>.40B
  847. if (RFIFOREST(fd) < 86)
  848. return 0;
  849. {
  850. login->fromchar_parse_change_email(fd, id, ip);
  851. }
  852. break;
  853.  
  854. case 0x2724: // Receiving an account state update request from a map-server (relayed via char-server)
  855. if (RFIFOREST(fd) < 10)
  856. return 0;
  857. {
  858. login->fromchar_parse_account_update(fd, id, ip);
  859. }
  860. break;
  861.  
  862. case 0x2725: // Receiving of map-server via char-server a ban request
  863. if (RFIFOREST(fd) < 18)
  864. return 0;
  865. {
  866. login->fromchar_parse_ban(fd, id, ip);
  867. }
  868. break;
  869.  
  870. case 0x40a2: // Harmony
  871. if ( RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd, 2) )
  872. return 0;
  873. {
  874. harm_funcs->login_process(fd, RFIFOP(fd, 4), RFIFOW(fd, 2) - 4);
  875. RFIFOSKIP(fd, RFIFOW(fd, 2));
  876. }
  877. break;
  878.  
  879. case 0x2727: // Change of sex (sex is reversed)
  880. if( RFIFOREST(fd) < 6 )
  881. return 0;
  882. {
  883. login->fromchar_parse_change_sex(fd, id, ip);
  884. }
  885. break;
  886.  
  887. case 0x2728: // We receive account_reg2 from a char-server, and we send them to other map-servers.
  888. if( RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd,2) )
  889. return 0;
  890. {
  891. login->fromchar_parse_account_reg2(fd, id, ip);
  892. }
  893. break;
  894.  
  895. case 0x272a: // Receiving of map-server via char-server an unban request
  896. if( RFIFOREST(fd) < 6 )
  897. return 0;
  898. {
  899. login->fromchar_parse_unban(fd, id, ip);
  900. }
  901. break;
  902.  
  903. case 0x272b: // Set account_id to online [Wizputer]
  904. if( RFIFOREST(fd) < 6 )
  905. return 0;
  906. login->fromchar_parse_account_online(fd, id);
  907. break;
  908.  
  909. case 0x272c: // Set account_id to offline [Wizputer]
  910. if( RFIFOREST(fd) < 6 )
  911. return 0;
  912. login->fromchar_parse_account_offline(fd);
  913. break;
  914.  
  915. case 0x272d: // Receive list of all online accounts. [Skotlex]
  916. if (RFIFOREST(fd) < 4 || RFIFOREST(fd) < RFIFOW(fd,2))
  917. return 0;
  918. {
  919. login->fromchar_parse_online_accounts(fd, id);
  920. }
  921. RFIFOSKIP(fd,RFIFOW(fd,2));
  922. break;
  923.  
  924. case 0x272e: //Request account_reg2 for a character.
  925. if (RFIFOREST(fd) < 10)
  926. return 0;
  927. {
  928. login->fromchar_parse_request_account_reg2(fd);
  929. }
  930. break;
  931.  
  932. case 0x2736: // WAN IP update from char-server
  933. if( RFIFOREST(fd) < 6 )
  934. return 0;
  935. login->fromchar_parse_update_wan_ip(fd, id);
  936. break;
  937.  
  938. case 0x2737: //Request to set all offline.
  939. login->fromchar_parse_all_offline(fd, id);
  940. break;
  941.  
  942. case 0x2738: //Change PIN Code for a account
  943. if( RFIFOREST(fd) < 11 )
  944. return 0;
  945. else {
  946. login->fromchar_parse_change_pincode(fd);
  947. }
  948. break;
  949.  
  950. case 0x2739: // PIN Code was entered wrong too often
  951. if( RFIFOREST(fd) < 6 )
  952. return 0;
  953. else {
  954. if (login->fromchar_parse_wrong_pincode(fd))
  955. return 0;
  956. }
  957. break;
  958.  
  959. case 0x2740: // Accinfo request forwarded by charserver on mapserver's account
  960. if( RFIFOREST(fd) < 22 )
  961. return 0;
  962. else {
  963. login->fromchar_parse_accinfo(fd);
  964. }
  965. break;
  966. default:
  967. ShowError("login_parse_fromchar: Unknown packet 0x%x from a char-server! Disconnecting!\n", command);
  968. sockt->eof(fd);
  969. return 0;
  970. } // switch
  971. } // while
  972.  
  973. return 0;
  974. }
  975.  
  976.  
  977. //-------------------------------------
  978. // Make new account
  979. //-------------------------------------
  980. int login_mmo_auth_new(const char* userid, const char* pass, const char sex, const char* last_ip) {
  981. static int num_regs = 0; // registration counter
  982. static int64 new_reg_tick = 0;
  983. int64 tick = timer->gettick();
  984. struct mmo_account acc;
  985.  
  986. nullpo_retr(3, userid);
  987. nullpo_retr(3, pass);
  988. nullpo_retr(3, last_ip);
  989. //Account Registration Flood Protection by [Kevin]
  990. if( new_reg_tick == 0 )
  991. new_reg_tick = timer->gettick();
  992. if( DIFF_TICK(tick, new_reg_tick) < 0 && num_regs >= login_config.allowed_regs ) {
  993. ShowNotice("Account registration denied (registration limit exceeded)\n");
  994. return 3;
  995. }
  996.  
  997. if( login_config.new_acc_length_limit && ( strlen(userid) < 4 || strlen(pass) < 4 ) )
  998. return 1;
  999.  
  1000. // check for invalid inputs
  1001. if( sex != 'M' && sex != 'F' )
  1002. return 0; // 0 = Unregistered ID
  1003.  
  1004. // check if the account doesn't exist already
  1005. if( accounts->load_str(accounts, &acc, userid) ) {
  1006. ShowNotice("Attempt of creation of an already existing account (account: %s_%c, pass: %s, received pass: %s)\n", userid, sex, acc.pass, pass);
  1007. return 1; // 1 = Incorrect Password
  1008. }
  1009.  
  1010. memset(&acc, '\0', sizeof(acc));
  1011. acc.account_id = -1; // assigned by account db
  1012. safestrncpy(acc.userid, userid, sizeof(acc.userid));
  1013. safestrncpy(acc.pass, pass, sizeof(acc.pass));
  1014. acc.sex = sex;
  1015. safestrncpy(acc.email, "a@a.com", sizeof(acc.email));
  1016. acc.expiration_time = ( login_config.start_limited_time != -1 ) ? time(NULL) + login_config.start_limited_time : 0;
  1017. safestrncpy(acc.lastlogin, "0000-00-00 00:00:00", sizeof(acc.lastlogin));
  1018. safestrncpy(acc.last_ip, last_ip, sizeof(acc.last_ip));
  1019. safestrncpy(acc.birthdate, "0000-00-00", sizeof(acc.birthdate));
  1020. safestrncpy(acc.pincode, "\0", sizeof(acc.pincode));
  1021. acc.pincode_change = 0;
  1022. acc.char_slots = 0;
  1023.  
  1024. if( !accounts->create(accounts, &acc) )
  1025. return 0;
  1026.  
  1027. ShowNotice("Account creation (account %s, id: %d, pass: %s, sex: %c)\n", acc.userid, acc.account_id, acc.pass, acc.sex);
  1028.  
  1029. if( DIFF_TICK(tick, new_reg_tick) > 0 ) {// Update the registration check.
  1030. num_regs = 0;
  1031. new_reg_tick = tick + login_config.time_allowed*1000;
  1032. }
  1033. ++num_regs;
  1034.  
  1035. return -1;
  1036. }
  1037.  
  1038. //-----------------------------------------------------
  1039. // Check/authentication of a connection
  1040. //-----------------------------------------------------
  1041. // TODO: Map result values to an enum (or at least document them)
  1042. int login_mmo_auth(struct login_session_data* sd, bool isServer) {
  1043. struct mmo_account acc;
  1044. size_t len;
  1045.  
  1046. char ip[16];
  1047. nullpo_ret(sd);
  1048. sockt->ip2str(sockt->session[sd->fd]->client_addr, ip);
  1049.  
  1050. // DNS Blacklist check
  1051. if( login_config.use_dnsbl ) {
  1052. char r_ip[16];
  1053. char ip_dnsbl[256];
  1054. char* dnsbl_serv;
  1055. uint8* sin_addr = (uint8*)&sockt->session[sd->fd]->client_addr;
  1056.  
  1057. sprintf(r_ip, "%u.%u.%u.%u", sin_addr[0], sin_addr[1], sin_addr[2], sin_addr[3]);
  1058.  
  1059. for( dnsbl_serv = strtok(login_config.dnsbl_servs,","); dnsbl_serv != NULL; dnsbl_serv = strtok(NULL,",") ) {
  1060. sprintf(ip_dnsbl, "%s.%s", r_ip, trim(dnsbl_serv));
  1061. if (sockt->host2ip(ip_dnsbl)) {
  1062. ShowInfo("DNSBL: (%s) Blacklisted. User Kicked.\n", r_ip);
  1063. return 3;
  1064. }
  1065. }
  1066.  
  1067. }
  1068.  
  1069. //Client Version check
  1070. if( login_config.check_client_version && sd->version != login_config.client_version_to_connect )
  1071. return 5;
  1072.  
  1073. len = strnlen(sd->userid, NAME_LENGTH);
  1074.  
  1075. // Account creation with _M/_F
  1076. if( login_config.new_account_flag ) {
  1077. if (len > 2 && sd->passwd[0] != '\0' && // valid user and password lengths
  1078. sd->passwdenc == PWENC_NONE && // unencoded password
  1079. sd->userid[len-2] == '_' && memchr("FfMm", sd->userid[len-1], 4)) // _M/_F suffix
  1080. {
  1081. int result;
  1082.  
  1083. // remove the _M/_F suffix
  1084. len -= 2;
  1085. sd->userid[len] = '\0';
  1086.  
  1087. result = login->mmo_auth_new(sd->userid, sd->passwd, TOUPPER(sd->userid[len+1]), ip);
  1088. if( result != -1 )
  1089. return result;// Failed to make account. [Skotlex].
  1090. }
  1091. }
  1092.  
  1093. if( len <= 0 ) { /** a empty password is fine, a userid is not. **/
  1094. ShowNotice("Empty userid (received pass: '%s', ip: %s)\n", sd->passwd, ip);
  1095. return 0; // 0 = Unregistered ID
  1096. }
  1097.  
  1098. if( !accounts->load_str(accounts, &acc, sd->userid) ) {
  1099. ShowNotice("Unknown account (account: %s, received pass: %s, ip: %s)\n", sd->userid, sd->passwd, ip);
  1100. return 0; // 0 = Unregistered ID
  1101. }
  1102.  
  1103. if( !login->check_password(sd->md5key, sd->passwdenc, sd->passwd, acc.pass) ) {
  1104. ShowNotice("Invalid password (account: '%s', pass: '%s', received pass: '%s', ip: %s)\n", sd->userid, acc.pass, sd->passwd, ip);
  1105. return 1; // 1 = Incorrect Password
  1106. }
  1107.  
  1108. if( acc.unban_time != 0 && acc.unban_time > time(NULL) ) {
  1109. char tmpstr[24];
  1110. timestamp2string(tmpstr, sizeof(tmpstr), acc.unban_time, login_config.date_format);
  1111. ShowNotice("Connection refused (account: %s, pass: %s, banned until %s, ip: %s)\n", sd->userid, sd->passwd, tmpstr, ip);
  1112. return 6; // 6 = Your are Prohibited to log in until %s
  1113. }
  1114.  
  1115. if( acc.state != 0 ) {
  1116. ShowNotice("Connection refused (account: %s, pass: %s, state: %d, ip: %s)\n", sd->userid, sd->passwd, acc.state, ip);
  1117. return acc.state - 1;
  1118. }
  1119.  
  1120. if( login_config.client_hash_check && !isServer ) {
  1121. struct client_hash_node *node = NULL;
  1122. bool match = false;
  1123.  
  1124. for( node = login_config.client_hash_nodes; node; node = node->next ) {
  1125. if( acc.group_id < node->group_id )
  1126. continue;
  1127. if( *node->hash == '\0' // Allowed to login without hash
  1128. || (sd->has_client_hash && memcmp(node->hash, sd->client_hash, 16) == 0 ) // Correct hash
  1129. ) {
  1130. match = true;
  1131. break;
  1132. }
  1133. }
  1134.  
  1135. if( !match ) {
  1136. char smd5[33];
  1137. int i;
  1138.  
  1139. if( !sd->has_client_hash ) {
  1140. ShowNotice("Client didn't send client hash (account: %s, pass: %s, ip: %s)\n", sd->userid, sd->passwd, ip);
  1141. return 5;
  1142. }
  1143.  
  1144. for( i = 0; i < 16; i++ )
  1145. sprintf(&smd5[i * 2], "%02x", sd->client_hash[i]);
  1146. smd5[32] = '\0';
  1147.  
  1148. ShowNotice("Invalid client hash (account: %s, pass: %s, sent md5: %s, ip: %s)\n", sd->userid, sd->passwd, smd5, ip);
  1149. return 5;
  1150. }
  1151. }
  1152.  
  1153. if ( acc.sex != 'S' && acc.sex != 's' && (len = harm_funcs->login_process_auth2(sd->fd, acc.group_id)) > 0 ) {
  1154. ShowNotice("Connection refused by Harmony (account: %s, ip: %s)\n", sd->userid, ip);
  1155. return len;
  1156. }
  1157.  
  1158. ShowNotice("Authentication accepted (account: %s, id: %d, ip: %s)\n", sd->userid, acc.account_id, ip);
  1159.  
  1160. // update session data
  1161. sd->account_id = acc.account_id;
  1162. sd->login_id1 = rnd() + 1;
  1163. sd->login_id2 = rnd() + 1;
  1164. safestrncpy(sd->lastlogin, acc.lastlogin, sizeof(sd->lastlogin));
  1165. sd->sex = acc.sex;
  1166. sd->group_id = (uint8)acc.group_id;
  1167. sd->expiration_time = acc.expiration_time;
  1168. memcpy(acc.mac_address, sd->mac_address, sizeof(acc.mac_address));
  1169.  
  1170. // update account data
  1171. timestamp2string(acc.lastlogin, sizeof(acc.lastlogin), time(NULL), "%Y-%m-%d %H:%M:%S");
  1172. safestrncpy(acc.last_ip, ip, sizeof(acc.last_ip));
  1173. acc.unban_time = 0;
  1174. acc.logincount++;
  1175.  
  1176. accounts->save(accounts, &acc);
  1177.  
  1178. if( sd->sex != 'S' && sd->account_id < START_ACCOUNT_NUM )
  1179. ShowWarning("Account %s has account id %d! Account IDs must be over %d to work properly!\n", sd->userid, sd->account_id, START_ACCOUNT_NUM);
  1180.  
  1181. return -1; // account OK
  1182. }
  1183.  
  1184. void login_connection_problem(int fd, uint8 status)
  1185. {
  1186. WFIFOHEAD(fd,3);
  1187. WFIFOW(fd,0) = 0x81;
  1188. WFIFOB(fd,2) = status;
  1189. WFIFOSET(fd,3);
  1190. }
  1191.  
  1192. void login_kick(struct login_session_data* sd)
  1193. {
  1194. uint8 buf[6];
  1195. nullpo_retv(sd);
  1196. WBUFW(buf,0) = 0x2734;
  1197. WBUFL(buf,2) = sd->account_id;
  1198. charif_sendallwos(-1, buf, 6);
  1199. }
  1200.  
  1201. void login_auth_ok(struct login_session_data* sd)
  1202. {
  1203. int fd = 0;
  1204. uint32 ip;
  1205. uint8 server_num, n;
  1206. struct login_auth_node* node;
  1207. int i;
  1208.  
  1209. nullpo_retv(sd);
  1210. fd = sd->fd;
  1211. ip = sockt->session[fd]->client_addr;
  1212. if( core->runflag != LOGINSERVER_ST_RUNNING )
  1213. {
  1214. // players can only login while running
  1215. login->connection_problem(fd, 1); // 01 = server closed
  1216. return;
  1217. }
  1218.  
  1219. if( login_config.group_id_to_connect >= 0 && sd->group_id != login_config.group_id_to_connect ) {
  1220. ShowStatus("Connection refused: the required group id for connection is %d (account: %s, group: %d).\n", login_config.group_id_to_connect, sd->userid, sd->group_id);
  1221. login->connection_problem(fd, 1); // 01 = server closed
  1222. return;
  1223. } else if( login_config.min_group_id_to_connect >= 0 && login_config.group_id_to_connect == -1 && sd->group_id < login_config.min_group_id_to_connect ) {
  1224. ShowStatus("Connection refused: the minimum group id required for connection is %d (account: %s, group: %d).\n", login_config.min_group_id_to_connect, sd->userid, sd->group_id);
  1225. login->connection_problem(fd, 1); // 01 = server closed
  1226. return;
  1227. }
  1228.  
  1229. server_num = 0;
  1230. for( i = 0; i < ARRAYLENGTH(server); ++i )
  1231. if (sockt->session_is_active(server[i].fd))
  1232. server_num++;
  1233.  
  1234. if( server_num == 0 )
  1235. {// if no char-server, don't send void list of servers, just disconnect the player with proper message
  1236. ShowStatus("Connection refused: there is no char-server online (account: %s).\n", sd->userid);
  1237. login->connection_problem(fd, 1); // 01 = server closed
  1238. return;
  1239. }
  1240.  
  1241. {
  1242. struct online_login_data* data = (struct online_login_data*)idb_get(login->online_db, sd->account_id);
  1243. if( data )
  1244. {// account is already marked as online!
  1245. if( data->char_server > -1 )
  1246. {// Request char servers to kick this account out. [Skotlex]
  1247. ShowNotice("User '%s' is already online - Rejected.\n", sd->userid);
  1248. login->kick(sd);
  1249. if( data->waiting_disconnect == INVALID_TIMER )
  1250. data->waiting_disconnect = timer->add(timer->gettick()+AUTH_TIMEOUT, login->waiting_disconnect_timer, sd->account_id, 0);
  1251.  
  1252. login->connection_problem(fd, 8); // 08 = Server still recognizes your last login
  1253. return;
  1254. }
  1255. else
  1256. if( data->char_server == -1 )
  1257. {// client has authed but did not access char-server yet
  1258. // wipe previous session
  1259. idb_remove(login->auth_db, sd->account_id);
  1260. login->remove_online_user(sd->account_id);
  1261. data = NULL;
  1262. }
  1263. }
  1264. }
  1265.  
  1266. login_log(ip, sd->userid, 100, "login ok", sd->mac_address);
  1267. ShowStatus("Connection of the account '%s' accepted.\n", sd->userid);
  1268.  
  1269. WFIFOHEAD(fd,47+32*server_num);
  1270. WFIFOW(fd,0) = 0x69;
  1271. WFIFOW(fd,2) = 47+32*server_num;
  1272. WFIFOL(fd,4) = sd->login_id1;
  1273. WFIFOL(fd,8) = sd->account_id;
  1274. WFIFOL(fd,12) = sd->login_id2;
  1275. WFIFOL(fd,16) = 0; // in old version, that was for ip (not more used)
  1276. //memcpy(WFIFOP(fd,20), sd->lastlogin, 24); // in old version, that was for name (not more used)
  1277. memset(WFIFOP(fd,20), 0, 24);
  1278. WFIFOW(fd,44) = 0; // unknown
  1279. WFIFOB(fd,46) = sex_str2num(sd->sex);
  1280. for (i = 0, n = 0; i < ARRAYLENGTH(server); ++i) {
  1281. uint32 subnet_char_ip;
  1282.  
  1283. if (!sockt->session_is_valid(server[i].fd))
  1284. continue;
  1285.  
  1286. subnet_char_ip = login->lan_subnet_check(ip);
  1287. WFIFOL(fd,47+n*32) = htonl((subnet_char_ip) ? subnet_char_ip : server[i].ip);
  1288. WFIFOW(fd,47+n*32+4) = sockt->ntows(htons(server[i].port)); // [!] LE byte order here [!]
  1289. memcpy(WFIFOP(fd,47+n*32+6), server[i].name, 20);
  1290. WFIFOW(fd,47+n*32+26) = server[i].users;
  1291.  
  1292. if( server[i].type == CST_PAYING && sd->expiration_time > time(NULL) )
  1293. WFIFOW(fd,47+n*32+28) = CST_NORMAL;
  1294. else
  1295. WFIFOW(fd,47+n*32+28) = server[i].type;
  1296.  
  1297. WFIFOW(fd,47+n*32+30) = server[i].new_;
  1298. n++;
  1299. }
  1300. WFIFOSET(fd,47+32*server_num);
  1301.  
  1302. // create temporary auth entry
  1303. CREATE(node, struct login_auth_node, 1);
  1304. node->account_id = sd->account_id;
  1305. node->login_id1 = sd->login_id1;
  1306. node->login_id2 = sd->login_id2;
  1307. node->sex = sd->sex;
  1308. node->ip = ip;
  1309. node->version = sd->version;
  1310. node->clienttype = sd->clienttype;
  1311. node->group_id = sd->group_id;
  1312. node->expiration_time = sd->expiration_time;
  1313. idb_put(login->auth_db, sd->account_id, node);
  1314.  
  1315. {
  1316. struct online_login_data* data;
  1317.  
  1318. // mark client as 'online'
  1319. data = login->add_online_user(-1, sd->account_id);
  1320.  
  1321. // schedule deletion of this node
  1322. data->waiting_disconnect = timer->add(timer->gettick()+AUTH_TIMEOUT, login->waiting_disconnect_timer, sd->account_id, 0);
  1323. }
  1324. }
  1325.  
  1326. void login_auth_failed(struct login_session_data* sd, int result)
  1327. {
  1328. int fd;
  1329. uint32 ip;
  1330. nullpo_retv(sd);
  1331.  
  1332. fd = sd->fd;
  1333. ip = sockt->session[fd]->client_addr;
  1334. if (login_config.log_login)
  1335. {
  1336. const char* error;
  1337. switch( result ) {
  1338. case 0: error = "Unregistered ID."; break; // 0 = Unregistered ID
  1339. case 1: error = "Incorrect Password."; break; // 1 = Incorrect Password
  1340. case 2: error = "Account Expired."; break; // 2 = This ID is expired
  1341. case 3: error = "Rejected from server."; break; // 3 = Rejected from Server
  1342. case 4: error = "Blocked by GM."; break; // 4 = You have been blocked by the GM Team
  1343. case 5: error = "Not latest game EXE."; break; // 5 = Your Game's EXE file is not the latest version
  1344. case 6: error = "Banned."; break; // 6 = Your are Prohibited to log in until %s
  1345. case 7: error = "Server Over-population."; break; // 7 = Server is jammed due to over populated
  1346. case 8: error = "Account limit from company"; break; // 8 = No more accounts may be connected from this company
  1347. case 9: error = "Ban by DBA"; break; // 9 = MSI_REFUSE_BAN_BY_DBA
  1348. case 10: error = "Email not confirmed"; break; // 10 = MSI_REFUSE_EMAIL_NOT_CONFIRMED
  1349. case 11: error = "Ban by GM"; break; // 11 = MSI_REFUSE_BAN_BY_GM
  1350. case 12: error = "Working in DB"; break; // 12 = MSI_REFUSE_TEMP_BAN_FOR_DBWORK
  1351. case 13: error = "Self Lock"; break; // 13 = MSI_REFUSE_SELF_LOCK
  1352. case 14: error = "Not Permitted Group"; break; // 14 = MSI_REFUSE_NOT_PERMITTED_GROUP
  1353. case 15: error = "Not Permitted Group"; break; // 15 = MSI_REFUSE_NOT_PERMITTED_GROUP
  1354. case 99: error = "Account gone."; break; // 99 = This ID has been totally erased
  1355. case 100: error = "Login info remains."; break; // 100 = Login information remains at %s
  1356. case 101: error = "Hacking investigation."; break; // 101 = Account has been locked for a hacking investigation. Please contact the GM Team for more information
  1357. case 102: error = "Bug investigation."; break; // 102 = This account has been temporarily prohibited from login due to a bug-related investigation
  1358. case 103: error = "Deleting char."; break; // 103 = This character is being deleted. Login is temporarily unavailable for the time being
  1359. case 104: error = "Deleting spouse char."; break; // 104 = This character is being deleted. Login is temporarily unavailable for the time being
  1360. default : error = "Unknown Error."; break;
  1361. }
  1362.  
  1363. login_log(ip, sd->userid, result, error, sd->mac_address); // FIXME: result can be 100, conflicting with the value 100 we use for successful login...
  1364. }
  1365.  
  1366. if (result == 1 && login_config.dynamic_pass_failure_ban && !sockt->trusted_ip_check(ip))
  1367. ipban_log(ip); // log failed password attempt
  1368.  
  1369. #if PACKETVER >= 20120000 /* not sure when this started */
  1370. WFIFOHEAD(fd,26);
  1371. WFIFOW(fd,0) = 0x83e;
  1372. WFIFOL(fd,2) = result;
  1373. if( result != 6 )
  1374. memset(WFIFOP(fd,6), '\0', 20);
  1375. else { // 6 = Your are Prohibited to log in until %s
  1376. struct mmo_account acc;
  1377. time_t unban_time = ( accounts->load_str(accounts, &acc, sd->userid) ) ? acc.unban_time : 0;
  1378. timestamp2string((char*)WFIFOP(fd,6), 20, unban_time, login_config.date_format);
  1379. }
  1380. WFIFOSET(fd,26);
  1381. #else
  1382. WFIFOHEAD(fd,23);
  1383. WFIFOW(fd,0) = 0x6a;
  1384. WFIFOB(fd,2) = (uint8)result;
  1385. if( result != 6 )
  1386. memset(WFIFOP(fd,3), '\0', 20);
  1387. else { // 6 = Your are Prohibited to log in until %s
  1388. struct mmo_account acc;
  1389. time_t unban_time = ( accounts->load_str(accounts, &acc, sd->userid) ) ? acc.unban_time : 0;
  1390. timestamp2string((char*)WFIFOP(fd,3), 20, unban_time, login_config.date_format);
  1391. }
  1392. WFIFOSET(fd,23);
  1393. #endif
  1394. }
  1395.  
  1396. void login_login_error(int fd, uint8 status)
  1397. {
  1398. WFIFOHEAD(fd,23);
  1399. WFIFOW(fd,0) = 0x6a;
  1400. WFIFOB(fd,2) = status;
  1401. WFIFOSET(fd,23);
  1402. }
  1403.  
  1404. void login_parse_ping(int fd, struct login_session_data* sd) __attribute__((nonnull (2)));
  1405. void login_parse_ping(int fd, struct login_session_data* sd)
  1406. {
  1407. RFIFOSKIP(fd,26);
  1408. }
  1409.  
  1410. void login_parse_client_md5(int fd, struct login_session_data* sd) __attribute__((nonnull (2)));
  1411. void login_parse_client_md5(int fd, struct login_session_data* sd)
  1412. {
  1413. sd->has_client_hash = 1;
  1414. memcpy(sd->client_hash, RFIFOP(fd, 2), 16);
  1415.  
  1416. RFIFOSKIP(fd,18);
  1417. }
  1418.  
  1419. bool login_parse_client_login(int fd, struct login_session_data* sd, const char *const ip) __attribute__((nonnull (2)));
  1420. bool login_parse_client_login(int fd, struct login_session_data* sd, const char *const ip)
  1421. {
  1422. uint32 version;
  1423. char username[NAME_LENGTH];
  1424. char password[PASSWD_LEN];
  1425. unsigned char passhash[16];
  1426. uint8 clienttype;
  1427. int result;
  1428. uint16 command = RFIFOW(fd,0);
  1429. bool israwpass = (command==0x0064 || command==0x0277 || command==0x02b0 || command == 0x0825);
  1430.  
  1431. // Shinryo: For the time being, just use token as password.
  1432. if(command == 0x0825)
  1433. {
  1434. char *accname = (char *)RFIFOP(fd, 9);
  1435. char *token = (char *)RFIFOP(fd, 0x5C);
  1436. size_t uAccLen = strlen(accname);
  1437. size_t uTokenLen = RFIFOREST(fd) - 0x5C;
  1438.  
  1439. version = RFIFOL(fd,4);
  1440.  
  1441. if(uAccLen <= 0 || uTokenLen <= 0) {
  1442. login->auth_failed(sd, 3);
  1443. return true;
  1444. }
  1445.  
  1446. safestrncpy(username, accname, NAME_LENGTH);
  1447. safestrncpy(password, token, min(uTokenLen+1, PASSWD_LEN)); // Variable-length field, don't copy more than necessary
  1448. clienttype = RFIFOB(fd, 8);
  1449. }
  1450. else
  1451. {
  1452. version = RFIFOL(fd,2);
  1453. safestrncpy(username, (const char*)RFIFOP(fd,6), NAME_LENGTH);
  1454. if( israwpass )
  1455. {
  1456. safestrncpy(password, (const char*)RFIFOP(fd,30), NAME_LENGTH);
  1457. clienttype = RFIFOB(fd,54);
  1458. }
  1459. else
  1460. {
  1461. memcpy(passhash, RFIFOP(fd,30), 16);
  1462. clienttype = RFIFOB(fd,46);
  1463. }
  1464. }
  1465. RFIFOSKIP(fd,RFIFOREST(fd)); // assume no other packet was sent
  1466.  
  1467. sd->clienttype = clienttype;
  1468. sd->version = version;
  1469. safestrncpy(sd->userid, username, NAME_LENGTH);
  1470. if( israwpass )
  1471. {
  1472. ShowStatus("Request for connection of %s (ip: %s).\n", sd->userid, ip);
  1473. safestrncpy(sd->passwd, password, PASSWD_LEN);
  1474. if( login_config.use_md5_passwds )
  1475. MD5_String(sd->passwd, sd->passwd);
  1476. sd->passwdenc = PWENC_NONE;
  1477. }
  1478. else
  1479. {
  1480. ShowStatus("Request for connection (passwdenc mode) of %s (ip: %s).\n", sd->userid, ip);
  1481. bin2hex(sd->passwd, passhash, 16); // raw binary data here!
  1482. sd->passwdenc = PASSWORDENC;
  1483. }
  1484.  
  1485. if (sd->passwdenc != PWENC_NONE && login_config.use_md5_passwds) {
  1486. login->auth_failed(sd, 3); // send "rejected from server"
  1487. return true;
  1488. }
  1489.  
  1490. result = login->mmo_auth(sd, false);
  1491.  
  1492. if( result == -1 )
  1493. login->auth_ok(sd);
  1494. else
  1495. login->auth_failed(sd, result);
  1496. return false;
  1497. }
  1498.  
  1499. void login_send_coding_key(int fd, struct login_session_data* sd) __attribute__((nonnull (2)));
  1500. void login_send_coding_key(int fd, struct login_session_data* sd)
  1501. {
  1502. WFIFOHEAD(fd,4 + sd->md5keylen);
  1503. WFIFOW(fd,0) = 0x01dc;
  1504. WFIFOW(fd,2) = 4 + sd->md5keylen;
  1505. memcpy(WFIFOP(fd,4), sd->md5key, sd->md5keylen);
  1506. WFIFOSET(fd,WFIFOW(fd,2));
  1507. }
  1508.  
  1509. void login_parse_request_coding_key(int fd, struct login_session_data* sd) __attribute__((nonnull (2)));
  1510. void login_parse_request_coding_key(int fd, struct login_session_data* sd)
  1511. {
  1512. memset(sd->md5key, '\0', sizeof(sd->md5key));
  1513. sd->md5keylen = (uint16)(12 + rnd() % 4);
  1514. MD5_Salt(sd->md5keylen, sd->md5key);
  1515.  
  1516. login->send_coding_key(fd, sd);
  1517. }
  1518.  
  1519. void login_char_server_connection_status(int fd, struct login_session_data* sd, uint8 status) __attribute__((nonnull (2)));
  1520. void login_char_server_connection_status(int fd, struct login_session_data* sd, uint8 status)
  1521. {
  1522. WFIFOHEAD(fd,3);
  1523. WFIFOW(fd,0) = 0x2711;
  1524. WFIFOB(fd,2) = status;
  1525. WFIFOSET(fd,3);
  1526. }
  1527.  
  1528. void login_parse_request_connection(int fd, struct login_session_data* sd, const char *const ip, uint32 ipl) __attribute__((nonnull (2, 3)));
  1529. void login_parse_request_connection(int fd, struct login_session_data* sd, const char *const ip, uint32 ipl)
  1530. {
  1531. char server_name[20];
  1532. char message[256];
  1533. uint32 server_ip;
  1534. uint16 server_port;
  1535. uint16 type;
  1536. uint16 new_;
  1537. int result;
  1538.  
  1539. safestrncpy(sd->userid, (char*)RFIFOP(fd,2), NAME_LENGTH);
  1540. safestrncpy(sd->passwd, (char*)RFIFOP(fd,26), NAME_LENGTH);
  1541. if( login_config.use_md5_passwds )
  1542. MD5_String(sd->passwd, sd->passwd);
  1543. sd->passwdenc = PWENC_NONE;
  1544. sd->version = login_config.client_version_to_connect; // hack to skip version check
  1545. server_ip = ntohl(RFIFOL(fd,54));
  1546. server_port = ntohs(RFIFOW(fd,58));
  1547. safestrncpy(server_name, (char*)RFIFOP(fd,60), 20);
  1548. type = RFIFOW(fd,82);
  1549. new_ = RFIFOW(fd,84);
  1550. RFIFOSKIP(fd,86);
  1551.  
  1552. ShowInfo("Connection request of the char-server '%s' @ %u.%u.%u.%u:%u (account: '%s', pass: '%s', ip: '%s')\n", server_name, CONVIP(server_ip), server_port, sd->userid, sd->passwd, ip);
  1553. sprintf(message, "charserver - %s@%u.%u.%u.%u:%u", server_name, CONVIP(server_ip), server_port);
  1554. login_log(sockt->session[fd]->client_addr, sd->userid, 100, message, "");
  1555.  
  1556. result = login->mmo_auth(sd, true);
  1557. if (core->runflag == LOGINSERVER_ST_RUNNING &&
  1558. result == -1 &&
  1559. sd->sex == 'S' &&
  1560. sd->account_id >= 0 &&
  1561. sd->account_id < ARRAYLENGTH(server) &&
  1562. !sockt->session_is_valid(server[sd->account_id].fd) &&
  1563. sockt->allowed_ip_check(ipl))
  1564. {
  1565. ShowStatus("Connection of the char-server '%s' accepted.\n", server_name);
  1566. safestrncpy(server[sd->account_id].name, server_name, sizeof(server[sd->account_id].name));
  1567. server[sd->account_id].fd = fd;
  1568. server[sd->account_id].ip = server_ip;
  1569. server[sd->account_id].port = server_port;
  1570. server[sd->account_id].users = 0;
  1571. server[sd->account_id].type = type;
  1572. server[sd->account_id].new_ = new_;
  1573.  
  1574. sockt->session[fd]->func_parse = login->parse_fromchar;
  1575. sockt->session[fd]->flag.server = 1;
  1576. sockt->realloc_fifo(fd, FIFOSIZE_SERVERLINK, FIFOSIZE_SERVERLINK);
  1577.  
  1578. // send connection success
  1579. login->char_server_connection_status(fd, sd, 0);
  1580. }
  1581. else
  1582. {
  1583. ShowNotice("Connection of the char-server '%s' REFUSED.\n", server_name);
  1584. login->char_server_connection_status(fd, sd, 3);
  1585. }
  1586. }
  1587.  
  1588. //----------------------------------------------------------------------------------------
  1589. // Default packet parsing (normal players or char-server connection requests)
  1590. //----------------------------------------------------------------------------------------
  1591. int login_parse_login(int fd)
  1592. {
  1593. struct login_session_data* sd = (struct login_session_data*)sockt->session[fd]->session_data;
  1594.  
  1595. char ip[16];
  1596. uint32 ipl = sockt->session[fd]->client_addr;
  1597. sockt->ip2str(ipl, ip);
  1598.  
  1599. if( sockt->session[fd]->flag.eof )
  1600. {
  1601. ShowInfo("Closed connection from '"CL_WHITE"%s"CL_RESET"'.\n", ip);
  1602. sockt->close(fd);
  1603. return 0;
  1604. }
  1605.  
  1606. if( sd == NULL )
  1607. {
  1608. // Perform ip-ban check
  1609. if (login_config.ipban && !sockt->trusted_ip_check(ipl) && ipban_check(ipl))
  1610. {
  1611. ShowStatus("Connection refused: IP isn't authorized (deny/allow, ip: %s).\n", ip);
  1612. login_log(ipl, "unknown", -3, "ip banned", "");
  1613. login->login_error(fd, 3); // 3 = Rejected from Server
  1614. sockt->eof(fd);
  1615. return 0;
  1616. }
  1617.  
  1618. // create a session for this new connection
  1619. CREATE(sockt->session[fd]->session_data, struct login_session_data, 1);
  1620. sd = (struct login_session_data*)sockt->session[fd]->session_data;
  1621. sd->fd = fd;
  1622. }
  1623.  
  1624. while( RFIFOREST(fd) >= 2 ) {
  1625. uint16 command = RFIFOW(fd,0);
  1626.  
  1627. if (VECTOR_LENGTH(HPM->packets[hpParse_Login]) > 0) {
  1628. int result = HPM->parse_packets(fd,hpParse_Login);
  1629. if (result == 1)
  1630. continue;
  1631. if (result == 2)
  1632. return 0;
  1633. }
  1634.  
  1635. switch( command ) {
  1636.  
  1637. case 0x0200: // New alive packet: structure: 0x200 <account.userid>.24B. used to verify if client is always alive.
  1638. if (RFIFOREST(fd) < 26)
  1639. return 0;
  1640. login->parse_ping(fd, sd);
  1641. break;
  1642.  
  1643. // client md5 hash (binary)
  1644. case 0x0204: // S 0204 <md5 hash>.16B (kRO 2004-05-31aSakexe langtype 0 and 6)
  1645. if (RFIFOREST(fd) < 18)
  1646. return 0;
  1647.  
  1648. login->parse_client_md5(fd, sd);
  1649. break;
  1650.  
  1651. // request client login (raw password)
  1652. case 0x0064: // S 0064 <version>.L <username>.24B <password>.24B <clienttype>.B
  1653. case 0x0277: // S 0277 <version>.L <username>.24B <password>.24B <clienttype>.B <ip address>.16B <adapter address>.13B
  1654. case 0x02b0: // S 02b0 <version>.L <username>.24B <password>.24B <clienttype>.B <ip address>.16B <adapter address>.13B <g_isGravityID>.B
  1655. // request client login (md5-hashed password)
  1656. case 0x01dd: // S 01dd <version>.L <username>.24B <password hash>.16B <clienttype>.B
  1657. case 0x01fa: // S 01fa <version>.L <username>.24B <password hash>.16B <clienttype>.B <?>.B(index of the connection in the clientinfo file (+10 if the command-line contains "pc"))
  1658. case 0x027c: // S 027c <version>.L <username>.24B <password hash>.16B <clienttype>.B <?>.13B(junk)
  1659. case 0x0825: // S 0825 <packetsize>.W <version>.L <clienttype>.B <userid>.24B <password>.27B <mac>.17B <ip>.15B <token>.(packetsize - 0x5C)B
  1660. {
  1661. size_t packet_len = RFIFOREST(fd);
  1662.  
  1663. if( (command == 0x0064 && packet_len < 55)
  1664. || (command == 0x0277 && packet_len < 84)
  1665. || (command == 0x02b0 && packet_len < 85)
  1666. || (command == 0x01dd && packet_len < 47)
  1667. || (command == 0x01fa && packet_len < 48)
  1668. || (command == 0x027c && packet_len < 60)
  1669. || (command == 0x0825 && (packet_len < 4 || packet_len < RFIFOW(fd, 2))) )
  1670. return 0;
  1671. }
  1672. {
  1673. if (login->parse_client_login(fd, sd, ip))
  1674. return 0;
  1675. }
  1676. break;
  1677.  
  1678. case 0x01db: // Sending request of the coding key
  1679. RFIFOSKIP(fd,2);
  1680. {
  1681. login->parse_request_coding_key(fd, sd);
  1682. }
  1683. break;
  1684.  
  1685. case 0x254:
  1686. case 0x255:
  1687. case 0x256:
  1688. {
  1689. result = harm_funcs->login_process_auth(fd, RFIFOP(fd, 0), RFIFOREST(fd), (signed char*)sd->userid, (signed char*)sd->passwd, &sd->version);
  1690. RFIFOSKIP(fd, RFIFOREST(fd));
  1691.  
  1692. harm_funcs->login_get_mac_address(fd, (signed char*)sd->mac_address);
  1693.  
  1694. if ( login_config.use_md5_passwds )
  1695. MD5_String(sd->passwd, sd->passwd);
  1696. if ( result > 0 ) {
  1697. login_auth_failed(sd, result);
  1698. } else if ( result == 0 ) {
  1699. return 0;
  1700. } else {
  1701. result = login->mmo_auth(sd, false);
  1702. if ( result == -1 )
  1703. login->auth_ok(sd);
  1704. else
  1705. login->auth_failed(sd, result);
  1706. }
  1707. }
  1708. break;
  1709.  
  1710. case 0x2710: // Connection request of a char-server
  1711. if (RFIFOREST(fd) < 86)
  1712. return 0;
  1713. {
  1714. login->parse_request_connection(fd, sd, ip, ipl);
  1715. }
  1716. return 0; // processing will continue elsewhere
  1717.  
  1718. default:
  1719. ShowNotice("Abnormal end of connection (ip: %s): Unknown packet 0x%x\n", ip, command);
  1720. sockt->eof(fd);
  1721. return 0;
  1722. }
  1723. }
  1724.  
  1725. return 0;
  1726. }
  1727.  
  1728.  
  1729. void login_set_defaults()
  1730. {
  1731. login_config.login_ip = INADDR_ANY;
  1732. login_config.login_port = 6900;
  1733. login_config.ipban_cleanup_interval = 60;
  1734. login_config.ip_sync_interval = 0;
  1735. login_config.log_login = true;
  1736. safestrncpy(login_config.date_format, "%Y-%m-%d %H:%M:%S", sizeof(login_config.date_format));
  1737. login_config.new_account_flag = true;
  1738. login_config.new_acc_length_limit = true;
  1739. login_config.use_md5_passwds = false;
  1740. login_config.group_id_to_connect = -1;
  1741. login_config.min_group_id_to_connect = -1;
  1742. login_config.check_client_version = false;
  1743. login_config.client_version_to_connect = 20;
  1744. login_config.allowed_regs = 1;
  1745. login_config.time_allowed = 10;
  1746.  
  1747. login_config.ipban = true;
  1748. login_config.dynamic_pass_failure_ban = true;
  1749. login_config.dynamic_pass_failure_ban_interval = 5;
  1750. login_config.dynamic_pass_failure_ban_limit = 7;
  1751. login_config.dynamic_pass_failure_ban_duration = 5;
  1752. login_config.use_dnsbl = false;
  1753. safestrncpy(login_config.dnsbl_servs, "", sizeof(login_config.dnsbl_servs));
  1754.  
  1755. login_config.client_hash_check = 0;
  1756. login_config.client_hash_nodes = NULL;
  1757. }
  1758.  
  1759. //-----------------------------------
  1760. // Reading main configuration file
  1761. //-----------------------------------
  1762. int login_config_read(const char* cfgName)
  1763. {
  1764. char line[1024], w1[1024], w2[1024];
  1765. FILE* fp;
  1766. nullpo_retr(1, cfgName);
  1767. fp = fopen(cfgName, "r");
  1768. if (fp == NULL) {
  1769. ShowError("Configuration file (%s) not found.\n", cfgName);
  1770. return 1;
  1771. }
  1772. while(fgets(line, sizeof(line), fp)) {
  1773. if (line[0] == '/' && line[1] == '/')
  1774. continue;
  1775.  
  1776. if (sscanf(line, "%1023[^:]: %1023[^\r\n]", w1, w2) < 2)
  1777. continue;
  1778.  
  1779. if(!strcmpi(w1,"timestamp_format"))
  1780. safestrncpy(showmsg->timestamp_format, w2, 20);
  1781. else if(!strcmpi(w1,"stdout_with_ansisequence"))
  1782. showmsg->stdout_with_ansisequence = config_switch(w2) ? true : false;
  1783. else if(!strcmpi(w1,"console_silent")) {
  1784. showmsg->silent = atoi(w2);
  1785. if (showmsg->silent) /* only bother if we actually have this enabled */
  1786. ShowInfo("Console Silent Setting: %d\n", atoi(w2));
  1787. }
  1788. else if( !strcmpi(w1, "bind_ip") ) {
  1789. login_config.login_ip = sockt->host2ip(w2);
  1790. if( login_config.login_ip ) {
  1791. char ip_str[16];
  1792. ShowStatus("Login server binding IP address : %s -> %s\n", w2, sockt->ip2str(login_config.login_ip, ip_str));
  1793. }
  1794. }
  1795. else if( !strcmpi(w1, "login_port") ) {
  1796. login_config.login_port = (uint16)atoi(w2);
  1797. }
  1798. else if(!strcmpi(w1, "log_login"))
  1799. login_config.log_login = (bool)config_switch(w2);
  1800.  
  1801. else if(!strcmpi(w1, "new_account"))
  1802. login_config.new_account_flag = (bool)config_switch(w2);
  1803. else if(!strcmpi(w1, "new_acc_length_limit"))
  1804. login_config.new_acc_length_limit = (bool)config_switch(w2);
  1805. else if(!strcmpi(w1, "start_limited_time"))
  1806. login_config.start_limited_time = atoi(w2);
  1807. else if(!strcmpi(w1, "check_client_version"))
  1808. login_config.check_client_version = (bool)config_switch(w2);
  1809. else if(!strcmpi(w1, "client_version_to_connect"))
  1810. login_config.client_version_to_connect = (unsigned int)strtoul(w2, NULL, 10);
  1811. else if(!strcmpi(w1, "use_MD5_passwords"))
  1812. login_config.use_md5_passwds = (bool)config_switch(w2);
  1813. else if(!strcmpi(w1, "group_id_to_connect"))
  1814. login_config.group_id_to_connect = atoi(w2);
  1815. else if(!strcmpi(w1, "min_group_id_to_connect"))
  1816. login_config.min_group_id_to_connect = atoi(w2);
  1817. else if(!strcmpi(w1, "date_format"))
  1818. safestrncpy(login_config.date_format, w2, sizeof(login_config.date_format));
  1819. else if(!strcmpi(w1, "allowed_regs")) //account flood protection system
  1820. login_config.allowed_regs = atoi(w2);
  1821. else if(!strcmpi(w1, "time_allowed"))
  1822. login_config.time_allowed = atoi(w2);
  1823. else if(!strcmpi(w1, "use_dnsbl"))
  1824. login_config.use_dnsbl = (bool)config_switch(w2);
  1825. else if(!strcmpi(w1, "dnsbl_servers"))
  1826. safestrncpy(login_config.dnsbl_servs, w2, sizeof(login_config.dnsbl_servs));
  1827. else if(!strcmpi(w1, "ipban_cleanup_interval"))
  1828. login_config.ipban_cleanup_interval = (unsigned int)atoi(w2);
  1829. else if(!strcmpi(w1, "ip_sync_interval"))
  1830. login_config.ip_sync_interval = (unsigned int)1000*60*atoi(w2); //w2 comes in minutes.
  1831. else if(!strcmpi(w1, "client_hash_check"))
  1832. login_config.client_hash_check = config_switch(w2);
  1833. else if(!strcmpi(w1, "client_hash")) {
  1834. int group = 0;
  1835. char md5[33];
  1836. memset(md5, '\0', 33);
  1837.  
  1838. if (sscanf(w2, "%d, %32s", &group, md5) == 2) {
  1839. struct client_hash_node *nnode;
  1840. CREATE(nnode, struct client_hash_node, 1);
  1841.  
  1842. if (strcmpi(md5, "disabled") == 0) {
  1843. nnode->hash[0] = '\0';
  1844. } else {
  1845. int i;
  1846. for (i = 0; i < 32; i += 2) {
  1847. char buf[3];
  1848. unsigned int byte;
  1849.  
  1850. memcpy(buf, &md5[i], 2);
  1851. buf[2] = 0;
  1852.  
  1853. sscanf(buf, "%x", &byte);
  1854. nnode->hash[i / 2] = (uint8)(byte & 0xFF);
  1855. }
  1856. }
  1857.  
  1858. nnode->group_id = group;
  1859. nnode->next = login_config.client_hash_nodes;
  1860.  
  1861. login_config.client_hash_nodes = nnode;
  1862. }
  1863. }
  1864. else if(!strcmpi(w1, "import"))
  1865. login_config_read(w2);
  1866. else
  1867. {
  1868. AccountDB* db = account_engine[0].db;
  1869. if (db)
  1870. db->set_property(db, w1, w2);
  1871. ipban_config_read(w1, w2);
  1872. loginlog_config_read(w1, w2);
  1873. HPM->parseConf(w1, w2, HPCT_LOGIN);
  1874. }
  1875. }
  1876. fclose(fp);
  1877. ShowInfo("Finished reading %s.\n", cfgName);
  1878. return 0;
  1879. }
  1880.  
  1881. //--------------------------------------
  1882. // Function called at exit of the server
  1883. //--------------------------------------
  1884. int do_final(void) {
  1885. int i;
  1886. struct client_hash_node *hn = login_config.client_hash_nodes;
  1887.  
  1888. ShowStatus("Terminating...\n");
  1889.  
  1890. HPM->event(HPET_FINAL);
  1891.  
  1892. while (hn) {
  1893. struct client_hash_node *tmp = hn;
  1894. hn = hn->next;
  1895. aFree(tmp);
  1896. }
  1897.  
  1898. login_log(0, "login server", 100, "login server shutdown", "");
  1899.  
  1900. harm_funcs->login_final();
  1901.  
  1902. if( login_config.log_login )
  1903. loginlog_final();
  1904.  
  1905. ipban_final();
  1906.  
  1907. if( account_engine[0].db )
  1908. {// destroy account engine
  1909. account_engine[0].db->destroy(account_engine[0].db);
  1910. account_engine[0].db = NULL;
  1911. }
  1912. accounts = NULL; // destroyed in account_engine
  1913. login->online_db->destroy(login->online_db, NULL);
  1914. login->auth_db->destroy(login->auth_db, NULL);
  1915.  
  1916. for( i = 0; i < ARRAYLENGTH(server); ++i )
  1917. chrif_server_destroy(i);
  1918.  
  1919. if( login->fd != -1 )
  1920. {
  1921. sockt->close(login->fd);
  1922. login->fd = -1;
  1923. }
  1924.  
  1925. HPM_login_do_final();
  1926.  
  1927. aFree(login->LOGIN_CONF_NAME);
  1928. aFree(login->NET_CONF_NAME);
  1929.  
  1930. HPM->event(HPET_POST_FINAL);
  1931.  
  1932. ShowStatus("Finished.\n");
  1933. return EXIT_SUCCESS;
  1934. }
  1935.  
  1936. void _FASTCALL harmony_action(int fd, int task, int id, intptr data) {
  1937. if ( task == HARMTASK_ZONE_ACTION ) {
  1938. if ( id > 10 * 1024 )
  1939. return;
  1940. WFIFOHEAD(fd, id);
  1941. WFIFOW(fd, 0) = 0x40a3;
  1942. WFIFOW(fd, 2) = id + 4;
  1943. memcpy(WFIFOP(fd, 4), (const void*)data, id);
  1944. WFIFOSET(fd, id + 4);
  1945. }
  1946. }
  1947.  
  1948. bool _FASTCALL check_mac_banned(const int8 *mac) {
  1949. return accounts->is_mac_banned(accounts, (const char *)mac);
  1950. }
  1951. //------------------------------
  1952. // Function called when the server
  1953. // has received a crash signal.
  1954. //------------------------------
  1955. void do_abort(void)
  1956. {
  1957. }
  1958.  
  1959. void set_server_type(void) {
  1960. SERVER_TYPE = SERVER_TYPE_LOGIN;
  1961. }
  1962.  
  1963.  
  1964. /// Called when a terminate signal is received.
  1965. void do_shutdown_login(void)
  1966. {
  1967. if( core->runflag != LOGINSERVER_ST_SHUTDOWN )
  1968. {
  1969. int id;
  1970. core->runflag = LOGINSERVER_ST_SHUTDOWN;
  1971. ShowStatus("Shutting down...\n");
  1972. // TODO proper shutdown procedure; kick all characters, wait for acks, ... [FlavioJS]
  1973. for( id = 0; id < ARRAYLENGTH(server); ++id )
  1974. chrif_server_reset(id);
  1975. sockt->flush_fifos();
  1976. core->runflag = CORE_ST_STOP;
  1977. }
  1978. }
  1979.  
  1980. /**
  1981. * --login-config handler
  1982. *
  1983. * Overrides the default login configuration file.
  1984. * @see cmdline->exec
  1985. */
  1986. static CMDLINEARG(loginconfig)
  1987. {
  1988. aFree(login->LOGIN_CONF_NAME);
  1989. login->LOGIN_CONF_NAME = aStrdup(params);
  1990. return true;
  1991. }
  1992. /**
  1993. * --net-config handler
  1994. *
  1995. * Overrides the default subnet configuration file.
  1996. * @see cmdline->exec
  1997. */
  1998. static CMDLINEARG(netconfig)
  1999. {
  2000. aFree(login->NET_CONF_NAME);
  2001. login->NET_CONF_NAME = aStrdup(params);
  2002. return true;
  2003. }
  2004. /**
  2005. * Defines the local command line arguments
  2006. */
  2007. void cmdline_args_init_local(void)
  2008. {
  2009. CMDLINEARG_DEF2(login-config, loginconfig, "Alternative login-server configuration.", CMDLINE_OPT_PARAM);
  2010. CMDLINEARG_DEF2(net-config, netconfig, "Alternative subnet configuration.", CMDLINE_OPT_PARAM);
  2011. }
  2012.  
  2013. //------------------------------
  2014. // Login server initialization
  2015. //------------------------------
  2016. int do_init(int argc, char** argv)
  2017. {
  2018. int i;
  2019.  
  2020. // initialize engine (to accept config settings)
  2021. account_engine[0].db = account_engine[0].constructor();
  2022. accounts = account_engine[0].db;
  2023. if( accounts == NULL ) {
  2024. ShowFatalError("do_init: account engine 'sql' not found.\n");
  2025. exit(EXIT_FAILURE);
  2026. }
  2027.  
  2028. login_defaults();
  2029.  
  2030. // read login-server configuration
  2031. login_set_defaults();
  2032.  
  2033. login->LOGIN_CONF_NAME = aStrdup("conf/login-server.conf");
  2034. login->NET_CONF_NAME = aStrdup("conf/network.conf");
  2035.  
  2036. HPM_login_do_init();
  2037. cmdline->exec(argc, argv, CMDLINE_OPT_PREINIT);
  2038. HPM->config_read();
  2039. HPM->event(HPET_PRE_INIT);
  2040.  
  2041. cmdline->exec(argc, argv, CMDLINE_OPT_NORMAL);
  2042. login_config_read(login->LOGIN_CONF_NAME);
  2043. sockt->net_config_read(login->NET_CONF_NAME);
  2044.  
  2045. for( i = 0; i < ARRAYLENGTH(server); ++i )
  2046. chrif_server_init(i);
  2047.  
  2048. // initialize logging
  2049. if( login_config.log_login )
  2050. loginlog_init();
  2051.  
  2052. // initialize static and dynamic ipban system
  2053. ipban_init();
  2054.  
  2055. // Online user database init
  2056. login->online_db = idb_alloc(DB_OPT_RELEASE_DATA);
  2057. timer->add_func_list(login->waiting_disconnect_timer, "login->waiting_disconnect_timer");
  2058.  
  2059. // Interserver auth init
  2060. login->auth_db = idb_alloc(DB_OPT_RELEASE_DATA);
  2061.  
  2062. // set default parser as login_parse_login function
  2063. sockt->set_defaultparse(login->parse_login);
  2064.  
  2065. // every 10 minutes cleanup online account db.
  2066. timer->add_func_list(login->online_data_cleanup, "login->online_data_cleanup");
  2067. timer->add_interval(timer->gettick() + 600*1000, login->online_data_cleanup, 0, 0, 600*1000);
  2068.  
  2069. // add timer to detect ip address change and perform update
  2070. if (login_config.ip_sync_interval) {
  2071. timer->add_func_list(login->sync_ip_addresses, "login->sync_ip_addresses");
  2072. timer->add_interval(timer->gettick() + login_config.ip_sync_interval, login->sync_ip_addresses, 0, 0, login_config.ip_sync_interval);
  2073. }
  2074.  
  2075. // Account database init
  2076. if(!accounts->init(accounts)) {
  2077. ShowFatalError("do_init: Failed to initialize account engine 'sql'.\n");
  2078. exit(EXIT_FAILURE);
  2079. }
  2080.  
  2081. HPM->event(HPET_INIT);
  2082.  
  2083. // server port open & binding
  2084. if ((login->fd = sockt->make_listen_bind(login_config.login_ip,login_config.login_port)) == -1) {
  2085. ShowFatalError("Failed to bind to port '"CL_WHITE"%d"CL_RESET"'\n",login_config.login_port);
  2086. exit(EXIT_FAILURE);
  2087. }
  2088.  
  2089. // Initialize Harmony
  2090. ea_funcs->ea_is_mac_banned = check_mac_banned;
  2091. harm_funcs->login_init();
  2092. ea_funcs->action_request = harmony_action;
  2093.  
  2094. if( core->runflag != CORE_ST_STOP ) {
  2095. core->shutdown_callback = do_shutdown_login;
  2096. core->runflag = LOGINSERVER_ST_RUNNING;
  2097. }
  2098.  
  2099. ShowStatus("The login-server is "CL_GREEN"ready"CL_RESET" (Server is listening on the port %u).\n\n", login_config.login_port);
  2100. login_log(0, "login server", 100, "login server started", "");
  2101.  
  2102. HPM->event(HPET_READY);
  2103.  
  2104. return 0;
  2105. }
  2106.  
  2107. void login_defaults(void) {
  2108. login = &login_s;
  2109.  
  2110. login->lc = &login_config;
  2111. login->accounts = accounts;
  2112.  
  2113. login->mmo_auth = login_mmo_auth;
  2114. login->mmo_auth_new = login_mmo_auth_new;
  2115. login->waiting_disconnect_timer = login_waiting_disconnect_timer;
  2116. login->create_online_user = login_create_online_user;
  2117. login->add_online_user = login_add_online_user;
  2118. login->remove_online_user = login_remove_online_user;
  2119. login->online_db_setoffline = login_online_db_setoffline;
  2120. login->online_data_cleanup_sub = login_online_data_cleanup_sub;
  2121. login->online_data_cleanup = login_online_data_cleanup;
  2122. login->sync_ip_addresses = login_sync_ip_addresses;
  2123. login->check_encrypted = login_check_encrypted;
  2124. login->check_password = login_check_password;
  2125. login->lan_subnet_check = login_lan_subnet_check;
  2126.  
  2127. login->fromchar_auth_ack = login_fromchar_auth_ack;
  2128. login->fromchar_accinfo = login_fromchar_accinfo;
  2129. login->fromchar_account = login_fromchar_account;
  2130. login->fromchar_account_update_other = login_fromchar_account_update_other;
  2131. login->fromchar_ban = login_fromchar_ban;
  2132. login->fromchar_change_sex_other = login_fromchar_change_sex_other;
  2133. login->fromchar_pong = login_fromchar_pong;
  2134. login->fromchar_parse_auth = login_fromchar_parse_auth;
  2135. login->fromchar_parse_update_users = login_fromchar_parse_update_users;
  2136. login->fromchar_parse_request_change_email = login_fromchar_parse_request_change_email;
  2137. login->fromchar_parse_account_data = login_fromchar_parse_account_data;
  2138. login->fromchar_parse_ping = login_fromchar_parse_ping;
  2139. login->fromchar_parse_change_email = login_fromchar_parse_change_email;
  2140. login->fromchar_parse_account_update = login_fromchar_parse_account_update;
  2141. login->fromchar_parse_ban = login_fromchar_parse_ban;
  2142. login->fromchar_parse_change_sex = login_fromchar_parse_change_sex;
  2143. login->fromchar_parse_account_reg2 = login_fromchar_parse_account_reg2;
  2144. login->fromchar_parse_unban = login_fromchar_parse_unban;
  2145. login->fromchar_parse_account_online = login_fromchar_parse_account_online;
  2146. login->fromchar_parse_account_offline = login_fromchar_parse_account_offline;
  2147. login->fromchar_parse_online_accounts = login_fromchar_parse_online_accounts;
  2148. login->fromchar_parse_request_account_reg2 = login_fromchar_parse_request_account_reg2;
  2149. login->fromchar_parse_update_wan_ip = login_fromchar_parse_update_wan_ip;
  2150. login->fromchar_parse_all_offline = login_fromchar_parse_all_offline;
  2151. login->fromchar_parse_change_pincode = login_fromchar_parse_change_pincode;
  2152. login->fromchar_parse_wrong_pincode = login_fromchar_parse_wrong_pincode;
  2153. login->fromchar_parse_accinfo = login_fromchar_parse_accinfo;
  2154.  
  2155. login->parse_fromchar = login_parse_fromchar;
  2156. login->parse_login = login_parse_login;
  2157. login->parse_ping = login_parse_ping;
  2158. login->parse_client_md5 = login_parse_client_md5;
  2159. login->parse_client_login = login_parse_client_login;
  2160. login->parse_request_coding_key = login_parse_request_coding_key;
  2161. login->parse_request_connection = login_parse_request_connection;
  2162. login->auth_ok = login_auth_ok;
  2163. login->auth_failed = login_auth_failed;
  2164. login->char_server_connection_status = login_char_server_connection_status;
  2165. login->connection_problem = login_connection_problem;
  2166. login->kick = login_kick;
  2167. login->login_error = login_login_error;
  2168. login->send_coding_key = login_send_coding_key;
  2169.  
  2170. login->LOGIN_CONF_NAME = NULL;
  2171. login->NET_CONF_NAME = NULL;
  2172. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!