Data hosted with ♥ by Pastebin.com - Download Raw - See Original
  1. package l2f.loginserver.clientpackets;
  2.  
  3. import l2f.loginserver.Config;
  4. //import l2f.commons.util.IPUtils;
  5. import l2f.loginserver.GameServerManager;
  6. import l2f.loginserver.IpBanManager;
  7. import l2f.loginserver.L2LoginClient;
  8. import l2f.loginserver.L2LoginClient.LoginClientState;
  9. import l2f.loginserver.accounts.Account;
  10. import l2f.loginserver.accounts.SessionManager;
  11. import l2f.loginserver.accounts.SessionManager.Session;
  12. import l2f.loginserver.crypt.PasswordHash;
  13. import l2f.loginserver.gameservercon.GameServer;
  14. import l2f.loginserver.gameservercon.lspackets.GetAccountInfo;
  15. import l2f.loginserver.serverpackets.LoginFail.LoginFailReason;
  16. import l2f.loginserver.serverpackets.LoginOk;
  17.  
  18. import javax.crypto.Cipher;
  19.  
  20. /**
  21. * Format: b[128]ddddddhc
  22. * b[128]: the rsa encrypted block with the login an password
  23. */
  24. public class RequestAuthLogin extends L2LoginClientPacket
  25. {
  26. private byte[] _raw = new byte[128];
  27.  
  28. @Override
  29. protected void readImpl()
  30. {
  31. readB(_raw);
  32. readD();
  33. readD();
  34. readD();
  35. readD();
  36. readD();
  37. readD();
  38. readH();
  39. readC();
  40. }
  41.  
  42. @SuppressWarnings("unused")
  43. @Override
  44. protected void runImpl() throws Exception
  45. {
  46. L2LoginClient client = getClient();
  47.  
  48. byte[] decrypted;
  49. try
  50. {
  51. Cipher rsaCipher = Cipher.getInstance("RSA/ECB/nopadding");
  52. rsaCipher.init(Cipher.DECRYPT_MODE, client.getRSAPrivateKey());
  53. decrypted = rsaCipher.doFinal(_raw, 0x00, 0x80);
  54. }
  55. catch (Exception e)
  56. {
  57. client.closeNow(true);
  58. return;
  59. }
  60.  
  61. String user = new String(decrypted, 0x5E, 14).trim();
  62. user = user.toLowerCase();
  63. String password = new String(decrypted, 0x6C, 16).trim();
  64. int ncotp = decrypted[0x7c];
  65. ncotp |= decrypted[0x7d] << 8;
  66. ncotp |= decrypted[0x7e] << 16;
  67. ncotp |= decrypted[0x7f] << 24;
  68.  
  69. int currentTime = (int) (System.currentTimeMillis() / 1000L);
  70.  
  71. Account account = new Account(user);
  72. account.restore();
  73.  
  74. String passwordHash = Config.DEFAULT_CRYPT.encrypt(password);
  75.  
  76. if (account.getPasswordHash() == null)
  77. {
  78. boolean any1On = false;
  79. for (GameServer gs : GameServerManager.getInstance().getGameServers())
  80. if (gs.isAuthed())
  81. any1On = true;
  82.  
  83. if (!any1On)
  84. return;
  85.  
  86. if ((Config.AUTO_CREATE_ACCOUNTS) && (user.matches(Config.ANAME_TEMPLATE)) && (password.matches(Config.APASSWD_TEMPLATE)))
  87. {
  88. account.setAllowedIP("");
  89. account.setAllowedHwid("");
  90. account.setPasswordHash(password);
  91. account.save();
  92. afterConnection(account, passwordHash, password, client, user);
  93. return;
  94. }
  95. else
  96. {
  97. client.close(LoginFailReason.REASON_USER_OR_PASS_WRONG);
  98. return;
  99. }
  100. }
  101.  
  102. afterConnection(account, passwordHash, password, client, user);
  103. }
  104.  
  105. public static void afterConnection(Account account, String passwordHash, String password, L2LoginClient client, String user)
  106. {
  107. boolean passwordCorrect = account.getPasswordHash().equals(passwordHash);
  108. int currentTime = (int) (System.currentTimeMillis() / 1000L);
  109.  
  110. if (!passwordCorrect)
  111. {
  112. // check if the password is not encrypted by one of the older but supported algorithms
  113. for (PasswordHash c : Config.LEGACY_CRYPT)
  114. if (c.compare(password, account.getPasswordHash()))
  115. {
  116. passwordCorrect = true;
  117. account.setPasswordHash(passwordHash);
  118. break;
  119. }
  120. }
  121. if (password.equals(account.getPasswordHash()))
  122. passwordCorrect = true;
  123.  
  124. if (!IpBanManager.getInstance().tryLogin(client.getIpAddress(), passwordCorrect))
  125. {
  126. client.closeNow(false);
  127. return;
  128. }
  129.  
  130. if (!passwordCorrect)
  131. {
  132. if (!Config.FAKE_LOGIN_SERVER)
  133. {
  134. client.close(LoginFailReason.REASON_USER_OR_PASS_WRONG);
  135. return;
  136. }
  137. }
  138.  
  139. if (account.getAccessLevel() < 0)
  140. {
  141. client.close(LoginFailReason.REASON_ACCESS_FAILED);
  142. return;
  143. }
  144.  
  145. if (account.getBanExpire() > currentTime)
  146. {
  147. client.close(LoginFailReason.REASON_ACCESS_FAILED);
  148. return;
  149. }
  150.  
  151. if (!account.isAllowedIP(client.getIpAddress()))
  152. {
  153. client.close(LoginFailReason.REASON_ATTEMPTED_RESTRICTED_IP);
  154. return;
  155. }
  156.  
  157. for (GameServer gs : GameServerManager.getInstance().getGameServers())
  158. if (gs.getProtocol() >= 2 && gs.isAuthed())
  159. gs.sendPacket(new GetAccountInfo(user));
  160.  
  161. account.setLastAccess(currentTime);
  162. account.setLastIP(client.getIpAddress());
  163.  
  164. Session session = SessionManager.getInstance().openSession(account);
  165.  
  166. client.setAuthed(true);
  167. client.setLogin(user);
  168. client.setAccount(account);
  169. client.setSessionKey(session.getSessionKey());
  170.  
  171. if (Config.FAKE_LOGIN_SERVER && !passwordCorrect)
  172. client.setState(LoginClientState.FAKE_LOGIN);
  173. else
  174. client.setState(LoginClientState.AUTHED);
  175.  
  176. client.sendPacket(new LoginOk(client.getSessionKey()));
  177. //IPUtils.updateAccountRegion(client, user);
  178. }
  179. }