AzerothCore 3.3.5a
OpenSource WoW Emulator
Loading...
Searching...
No Matches
Public Member Functions | Static Public Member Functions | Public Attributes | Protected Member Functions | Private Types | Private Member Functions | Private Attributes | List of all members
AuthSession Struct Reference

#include "AuthSession.h"

Inheritance diagram for AuthSession:
Socket< AuthSession >

Public Member Functions

 AuthSession (tcp::socket &&socket)
 
void Start () override
 
bool Update () override
 
void SendPacket (ByteBuffer &packet)
 
- Public Member Functions inherited from Socket< AuthSession >
 Socket (tcp::socket &&socket)
 
virtual ~Socket ()
 
virtual void Start ()=0
 
virtual bool Update ()
 
boost::asio::ip::address GetRemoteIpAddress () const
 
uint16 GetRemotePort () const
 
void AsyncRead ()
 
void AsyncReadWithCallback (void(T::*callback)(boost::system::error_code, std::size_t))
 
void QueuePacket (MessageBuffer &&buffer)
 
bool IsOpen () const
 
void CloseSocket ()
 
void DelayedCloseSocket ()
 Marks the socket for closing after write buffer becomes empty.
 
MessageBufferGetReadBuffer ()
 

Static Public Member Functions

static std::unordered_map< uint8, AuthHandlerInitHandlers ()
 

Public Attributes

uint32 BattlegroupID = 0
 
uint32 LoginServerType = 0
 
uint32 RealmID = 0
 
uint32 Build = 0
 
std::array< uint8, 4 > LocalChallenge = {}
 
uint32 LoginServerID = 0
 
uint32 RegionID = 0
 
uint64 DosResponse = 0
 
Acore::Crypto::SHA1::Digest Digest = {}
 
std::string Account
 
ByteBuffer AddonInfo
 

Protected Member Functions

void ReadHandler () override
 
- Protected Member Functions inherited from Socket< AuthSession >
virtual void OnClose ()
 
virtual void ReadHandler ()=0
 
bool AsyncProcessQueue ()
 
void SetNoDelay (bool enable)
 

Private Types

typedef Socket< AuthSessionAuthSocket
 

Private Member Functions

bool HandleLogonChallenge ()
 
bool HandleLogonProof ()
 
bool HandleReconnectChallenge ()
 
bool HandleReconnectProof ()
 
bool HandleRealmList ()
 
void CheckIpCallback (PreparedQueryResult result)
 
void LogonChallengeCallback (PreparedQueryResult result)
 
void ReconnectChallengeCallback (PreparedQueryResult result)
 
void RealmListCallback (PreparedQueryResult result)
 
bool VerifyVersion (uint8 const *a, int32 aLength, Acore::Crypto::SHA1::Digest const &versionProof, bool isReconnect)
 

Private Attributes

Optional< Acore::Crypto::SRP6_srp6
 
SessionKey _sessionKey = {}
 
std::array< uint8, 16 > _reconnectProof = {}
 
AuthStatus _status
 
AccountInfo _accountInfo
 
Optional< std::vector< uint8 > > _totpSecret
 
std::string _localizationName
 
std::string _os
 
std::string _ipCountry
 
uint16 _build
 
uint8 _expversion
 
QueryCallbackProcessor _queryProcessor
 

Detailed Description

Member Typedef Documentation

◆ AuthSocket

typedef Socket<AuthSession> AuthSession::AuthSocket
private

Constructor & Destructor Documentation

◆ AuthSession()

AuthSession::AuthSession ( tcp::socket &&  socket)
168 :
169 Socket(std::move(socket)), _status(STATUS_CHALLENGE), _build(0), _expversion(0) { }
STATUS_CHALLENGE
@ STATUS_CHALLENGE
Definition: AuthSession.h:40
AuthSession::_status
AuthStatus _status
Definition: AuthSession.h:99
AuthSession::_build
uint16 _build
Definition: AuthSession.h:105
AuthSession::_expversion
uint8 _expversion
Definition: AuthSession.h:106
Socket
Definition: Socket.h:39

Member Function Documentation

◆ CheckIpCallback()

void AuthSession::CheckIpCallback ( PreparedQueryResult  result)
private
193{
194 if (result)
195 {
196 bool banned = false;
197
198 for (auto const& fields : *result)
199 {
200 if (fields[0].Get<uint64>() != 0)
201 {
202 banned = true;
203 break;
204 }
205 }
206
207 if (banned)
208 {
209 ByteBuffer pkt;
210 pkt << uint8(AUTH_LOGON_CHALLENGE);
211 pkt << uint8(0x00);
212 pkt << uint8(WOW_FAIL_BANNED);
213 SendPacket(pkt);
214 LOG_DEBUG("session", "[AuthSession::CheckIpCallback] Banned ip '{}:{}' tries to login!", GetRemoteIpAddress().to_string(), GetRemotePort());
215 return;
216 }
217 }
218
219 AsyncRead();
220}
uint8
std::uint8_t uint8
Definition: Define.h:110
LOG_DEBUG
#define LOG_DEBUG(filterType__,...)
Definition: Log.h:169
WOW_FAIL_BANNED
@ WOW_FAIL_BANNED
Definition: AuthCodes.h:27
AUTH_LOGON_CHALLENGE
@ AUTH_LOGON_CHALLENGE
Definition: AuthSession.cpp:42
AuthSession::SendPacket
void SendPacket(ByteBuffer &packet)
Definition: AuthSession.cpp:273
Socket< AuthSession >::GetRemoteIpAddress
boost::asio::ip::address GetRemoteIpAddress() const
Definition: Socket.h:76
Socket< AuthSession >::GetRemotePort
uint16 GetRemotePort() const
Definition: Socket.h:81
Socket< AuthSession >::AsyncRead
void AsyncRead()
Definition: Socket.h:86
ByteBuffer
Definition: ByteBuffer.h:70

References Socket< AuthSession >::AsyncRead(), AUTH_LOGON_CHALLENGE, Socket< AuthSession >::GetRemoteIpAddress(), Socket< AuthSession >::GetRemotePort(), LOG_DEBUG, SendPacket(), and WOW_FAIL_BANNED.

Referenced by Start().

◆ HandleLogonChallenge()

bool AuthSession::HandleLogonChallenge ( )
private
287{
288 _status = STATUS_CLOSED;
289
290 sAuthLogonChallenge_C* challenge = reinterpret_cast<sAuthLogonChallenge_C*>(GetReadBuffer().GetReadPointer());
291 if (challenge->size - (sizeof(sAuthLogonChallenge_C) - AUTH_LOGON_CHALLENGE_INITIAL_SIZE - 1) != challenge->I_len)
292 return false;
293
294 std::string login((char const*)challenge->I, challenge->I_len);
295 LOG_DEBUG("server.authserver", "[AuthChallenge] '{}'", login);
296
297 _build = challenge->build;
298 _expversion = uint8(AuthHelper::IsPostBCAcceptedClientBuild(_build) ? POST_BC_EXP_FLAG : (AuthHelper::IsPreBCAcceptedClientBuild(_build) ? PRE_BC_EXP_FLAG : NO_VALID_EXP_FLAG));
299 std::array<char, 5> os;
300 os.fill('\0');
301 memcpy(os.data(), challenge->os, sizeof(challenge->os));
302 _os = os.data();
303
304 // Restore string order as its byte order is reversed
305 std::reverse(_os.begin(), _os.end());
306
307 _localizationName.resize(4);
308 for (int i = 0; i < 4; ++i)
309 _localizationName[i] = challenge->country[4 - i - 1];
310
311 // Get the account details from the account table
312 LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_LOGONCHALLENGE);
313 stmt->SetData(0, GetRemoteIpAddress().to_string());
314 stmt->SetData(1, login);
315
316 _queryProcessor.AddCallback(LoginDatabase.AsyncQuery(stmt).WithPreparedCallback(std::bind(&AuthSession::LogonChallengeCallback, this, std::placeholders::_1)));
317 return true;
318}
POST_BC_EXP_FLAG
@ POST_BC_EXP_FLAG
Definition: AuthCodes.h:77
NO_VALID_EXP_FLAG
@ NO_VALID_EXP_FLAG
Definition: AuthCodes.h:79
PRE_BC_EXP_FLAG
@ PRE_BC_EXP_FLAG
Definition: AuthCodes.h:78
AUTH_LOGON_CHALLENGE_INITIAL_SIZE
#define AUTH_LOGON_CHALLENGE_INITIAL_SIZE
Definition: AuthSession.cpp:122
STATUS_CLOSED
@ STATUS_CLOSED
Definition: AuthSession.h:45
LoginDatabase
DatabaseWorkerPool< LoginDatabaseConnection > LoginDatabase
Accessor to the realm/login database.
Definition: DatabaseEnv.cpp:22
LOGIN_SEL_LOGONCHALLENGE
@ LOGIN_SEL_LOGONCHALLENGE
Definition: LoginDatabase.h:44
AuthHelper::IsPreBCAcceptedClientBuild
bool IsPreBCAcceptedClientBuild(uint32 build)
Definition: AuthCodes.cpp:25
AuthHelper::IsPostBCAcceptedClientBuild
bool IsPostBCAcceptedClientBuild(uint32 build)
Definition: AuthCodes.cpp:30
AsyncCallbackProcessor::AddCallback
T & AddCallback(T &&query)
Definition: AsyncCallbackProcessor.h:35
MessageBuffer::GetReadPointer
uint8 * GetReadPointer()
Definition: MessageBuffer.h:58
AUTH_LOGON_CHALLENGE_C
Definition: AuthSession.cpp:57
AUTH_LOGON_CHALLENGE_C::I
uint8 I[1]
Definition: AuthSession.cpp:72
AUTH_LOGON_CHALLENGE_C::build
uint16 build
Definition: AuthSession.cpp:65
AUTH_LOGON_CHALLENGE_C::country
uint8 country[4]
Definition: AuthSession.cpp:68
AUTH_LOGON_CHALLENGE_C::I_len
uint8 I_len
Definition: AuthSession.cpp:71
AUTH_LOGON_CHALLENGE_C::size
uint16 size
Definition: AuthSession.cpp:60
AUTH_LOGON_CHALLENGE_C::os
uint8 os[4]
Definition: AuthSession.cpp:67
AuthSession::_os
std::string _os
Definition: AuthSession.h:103
AuthSession::_queryProcessor
QueryCallbackProcessor _queryProcessor
Definition: AuthSession.h:108
AuthSession::LogonChallengeCallback
void LogonChallengeCallback(PreparedQueryResult result)
Definition: AuthSession.cpp:320
AuthSession::_localizationName
std::string _localizationName
Definition: AuthSession.h:102
PreparedStatement
Definition: PreparedStatement.h:158
Socket< AuthSession >::GetReadBuffer
MessageBuffer & GetReadBuffer()
Definition: Socket.h:143

References _build, _expversion, _localizationName, _os, _queryProcessor, _status, AsyncCallbackProcessor< T >::AddCallback(), AUTH_LOGON_CHALLENGE_INITIAL_SIZE, AUTH_LOGON_CHALLENGE_C::build, AUTH_LOGON_CHALLENGE_C::country, Socket< AuthSession >::GetReadBuffer(), MessageBuffer::GetReadPointer(), Socket< AuthSession >::GetRemoteIpAddress(), AUTH_LOGON_CHALLENGE_C::I, AUTH_LOGON_CHALLENGE_C::I_len, AuthHelper::IsPostBCAcceptedClientBuild(), AuthHelper::IsPreBCAcceptedClientBuild(), LOG_DEBUG, LOGIN_SEL_LOGONCHALLENGE, LoginDatabase, LogonChallengeCallback(), NO_VALID_EXP_FLAG, AUTH_LOGON_CHALLENGE_C::os, POST_BC_EXP_FLAG, PRE_BC_EXP_FLAG, AUTH_LOGON_CHALLENGE_C::size, and STATUS_CLOSED.

Referenced by InitHandlers().

◆ HandleLogonProof()

bool AuthSession::HandleLogonProof ( )
private
460{
461 LOG_DEBUG("server.authserver", "Entering _HandleLogonProof");
462 _status = STATUS_CLOSED;
463
464 // Read the packet
465 sAuthLogonProof_C* logonProof = reinterpret_cast<sAuthLogonProof_C*>(GetReadBuffer().GetReadPointer());
466
467 // If the client has no valid version
468 if (_expversion == NO_VALID_EXP_FLAG)
469 {
470 // Check if we have the appropriate patch on the disk
471 LOG_DEBUG("network", "Client with invalid version, patching is not implemented");
472 return false;
473 }
474
475 // Check if SRP6 results match (password is correct), else send an error
476 if (Optional<SessionKey> K = _srp6->VerifyChallengeResponse(logonProof->A, logonProof->clientM))
477 {
478 _sessionKey = *K;
479 // Check auth token
480 bool tokenSuccess = false;
481 bool sentToken = (logonProof->securityFlags & 0x04);
482 if (sentToken && _totpSecret)
483 {
484 uint8 size = *(GetReadBuffer().GetReadPointer() + sizeof(sAuthLogonProof_C));
485 std::string token(reinterpret_cast<char*>(GetReadBuffer().GetReadPointer() + sizeof(sAuthLogonProof_C) + sizeof(size)), size);
486 GetReadBuffer().ReadCompleted(sizeof(size) + size);
487
488 uint32 incomingToken = *Acore::StringTo<uint32>(token);
489 tokenSuccess = Acore::Crypto::TOTP::ValidateToken(*_totpSecret, incomingToken);
490 memset(_totpSecret->data(), 0, _totpSecret->size());
491 }
492 else if (!sentToken && !_totpSecret)
493 tokenSuccess = true;
494
495 if (!tokenSuccess)
496 {
497 ByteBuffer packet;
498 packet << uint8(AUTH_LOGON_PROOF);
499 packet << uint8(WOW_FAIL_UNKNOWN_ACCOUNT);
500 packet << uint16(0); // LoginFlags, 1 has account message
501 SendPacket(packet);
502 return true;
503 }
504
505 if (!VerifyVersion(logonProof->A.data(), logonProof->A.size(), logonProof->crc_hash, false))
506 {
507 ByteBuffer packet;
508 packet << uint8(AUTH_LOGON_PROOF);
509 packet << uint8(WOW_FAIL_VERSION_INVALID);
510 SendPacket(packet);
511 return true;
512 }
513
514 LOG_DEBUG("server.authserver", "'{}:{}' User '{}' successfully authenticated", GetRemoteIpAddress().to_string(), GetRemotePort(), _accountInfo.Login);
515
516 // Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account
517 // No SQL injection (escaped user name) and IP address as received by socket
518
519 std::string address = sConfigMgr->GetOption<bool>("AllowLoggingIPAddressesInDatabase", true, true) ? GetRemoteIpAddress().to_string() : "0.0.0.0";
520 LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF);
521 stmt->SetData(0, _sessionKey);
522 stmt->SetData(1, address);
523 stmt->SetData(2, GetLocaleByName(_localizationName));
524 stmt->SetData(3, _os);
525 stmt->SetData(4, _accountInfo.Login);
526 LoginDatabase.DirectExecute(stmt);
527
528 // Finish SRP6 and send the final result to the client
529 Acore::Crypto::SHA1::Digest M2 = Acore::Crypto::SRP6::GetSessionVerifier(logonProof->A, logonProof->clientM, _sessionKey);
530
531 ByteBuffer packet;
532 if (_expversion & POST_BC_EXP_FLAG) // 2.x and 3.x clients
533 {
534 sAuthLogonProof_S proof;
535 proof.M2 = M2;
536 proof.cmd = AUTH_LOGON_PROOF;
537 proof.error = 0;
538 proof.AccountFlags = 0x00800000; // 0x01 = GM, 0x08 = Trial, 0x00800000 = Pro pass (arena tournament)
539 proof.SurveyId = 0;
540 proof.LoginFlags = 0; // 0x1 = has account message
541
542 packet.resize(sizeof(proof));
543 std::memcpy(packet.contents(), &proof, sizeof(proof));
544 }
545 else
546 {
547 sAuthLogonProof_S_Old proof;
548 proof.M2 = M2;
549 proof.cmd = AUTH_LOGON_PROOF;
550 proof.error = 0;
551 proof.unk2 = 0x00;
552
553 packet.resize(sizeof(proof));
554 std::memcpy(packet.contents(), &proof, sizeof(proof));
555 }
556
557 SendPacket(packet);
558 _status = STATUS_AUTHED;
559 }
560 else
561 {
562 ByteBuffer packet;
563 packet << uint8(AUTH_LOGON_PROOF);
564 packet << uint8(WOW_FAIL_UNKNOWN_ACCOUNT);
565 packet << uint16(0); // LoginFlags, 1 has account message
566 SendPacket(packet);
567
568 LOG_INFO("server.authserver.hack", "'{}:{}' [AuthChallenge] account {} tried to login with invalid password!",
569 GetRemoteIpAddress().to_string(), GetRemotePort(), _accountInfo.Login);
570
571 uint32 MaxWrongPassCount = sConfigMgr->GetOption<int32>("WrongPass.MaxCount", 0);
572
573 // We can not include the failed account login hook. However, this is a workaround to still log this.
574 if (sConfigMgr->GetOption<bool>("WrongPass.Logging", false))
575 {
576 LoginDatabasePreparedStatement* logstmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_FALP_IP_LOGGING);
577 logstmt->SetData(0, _accountInfo.Id);
578 logstmt->SetData(1, GetRemoteIpAddress().to_string());
579 logstmt->SetData(2, "Login to WoW Failed - Incorrect Password");
580
581 LoginDatabase.Execute(logstmt);
582 }
583
584 if (MaxWrongPassCount > 0)
585 {
586 //Increment number of failed logins by one and if it reaches the limit temporarily ban that account or IP
587 LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_FAILEDLOGINS);
588 stmt->SetData(0, _accountInfo.Login);
589 LoginDatabase.Execute(stmt);
590
591 if (++_accountInfo.FailedLogins >= MaxWrongPassCount)
592 {
593 uint32 WrongPassBanTime = sConfigMgr->GetOption<int32>("WrongPass.BanTime", 600);
594 bool WrongPassBanType = sConfigMgr->GetOption<bool>("WrongPass.BanType", false);
595
596 if (WrongPassBanType)
597 {
598 stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT_AUTO_BANNED);
599 stmt->SetData(0, _accountInfo.Id);
600 stmt->SetData(1, WrongPassBanTime);
601 LoginDatabase.Execute(stmt);
602
603 LOG_DEBUG("server.authserver", "'{}:{}' [AuthChallenge] account {} got banned for '{}' seconds because it failed to authenticate '{}' times",
604 GetRemoteIpAddress().to_string(), GetRemotePort(), _accountInfo.Login, WrongPassBanTime, _accountInfo.FailedLogins);
605 }
606 else
607 {
608 stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_IP_AUTO_BANNED);
609 stmt->SetData(0, GetRemoteIpAddress().to_string());
610 stmt->SetData(1, WrongPassBanTime);
611 LoginDatabase.Execute(stmt);
612
613 LOG_DEBUG("server.authserver", "'{}:{}' [AuthChallenge] IP got banned for '{}' seconds because account {} failed to authenticate '{}' times",
614 GetRemoteIpAddress().to_string(), GetRemotePort(), WrongPassBanTime, _accountInfo.Login, _accountInfo.FailedLogins);
615 }
616 }
617 }
618 }
619
620 return true;
621}
GetLocaleByName
LocaleConstant GetLocaleByName(const std::string &name)
Definition: Common.cpp:33
sConfigMgr
#define sConfigMgr
Definition: Config.h:95
int32
std::int32_t int32
Definition: Define.h:104
uint32
std::uint32_t uint32
Definition: Define.h:108
uint16
std::uint16_t uint16
Definition: Define.h:109
LOG_INFO
#define LOG_INFO(filterType__,...)
Definition: Log.h:165
Optional
std::optional< T > Optional
Optional helper class to wrap optional values within.
Definition: Optional.h:24
WOW_FAIL_UNKNOWN_ACCOUNT
@ WOW_FAIL_UNKNOWN_ACCOUNT
Definition: AuthCodes.h:28
WOW_FAIL_VERSION_INVALID
@ WOW_FAIL_VERSION_INVALID
Definition: AuthCodes.h:33
AUTH_LOGON_PROOF
@ AUTH_LOGON_PROOF
Definition: AuthSession.cpp:43
sAuthLogonProof_C
struct AUTH_LOGON_PROOF_C sAuthLogonProof_C
STATUS_AUTHED
@ STATUS_AUTHED
Definition: AuthSession.h:43
LOGIN_INS_ACCOUNT_AUTO_BANNED
@ LOGIN_INS_ACCOUNT_AUTO_BANNED
Definition: LoginDatabase.h:40
LOGIN_INS_FALP_IP_LOGGING
@ LOGIN_INS_FALP_IP_LOGGING
Definition: LoginDatabase.h:106
LOGIN_UPD_LOGONPROOF
@ LOGIN_UPD_LOGONPROOF
Definition: LoginDatabase.h:43
LOGIN_UPD_FAILEDLOGINS
@ LOGIN_UPD_FAILEDLOGINS
Definition: LoginDatabase.h:46
LOGIN_INS_IP_AUTO_BANNED
@ LOGIN_INS_IP_AUTO_BANNED
Definition: LoginDatabase.h:36
Acore::Crypto::SRP6::GetSessionVerifier
static SHA1::Digest GetSessionVerifier(EphemeralKey const &A, SHA1::Digest const &clientM, SessionKey const &K)
Definition: SRP6.h:52
Acore::Impl::GenericHash::Digest
std::array< uint8, DIGEST_LENGTH > Digest
Definition: CryptoHash.h:51
Acore::Crypto::TOTP::ValidateToken
static bool ValidateToken(Secret const &key, uint32 token)
Definition: TOTP.cpp:44
MessageBuffer::ReadCompleted
void ReadCompleted(size_type bytes)
Definition: MessageBuffer.h:61
AUTH_LOGON_PROOF_C
Definition: AuthSession.cpp:77
AUTH_LOGON_PROOF_C::clientM
Acore::Crypto::SHA1::Digest clientM
Definition: AuthSession.cpp:80
AUTH_LOGON_PROOF_C::A
Acore::Crypto::SRP6::EphemeralKey A
Definition: AuthSession.cpp:79
AUTH_LOGON_PROOF_C::securityFlags
uint8 securityFlags
Definition: AuthSession.cpp:83
AUTH_LOGON_PROOF_C::crc_hash
Acore::Crypto::SHA1::Digest crc_hash
Definition: AuthSession.cpp:81
AUTH_LOGON_PROOF_S
Definition: AuthSession.cpp:88
AUTH_LOGON_PROOF_S::M2
Acore::Crypto::SHA1::Digest M2
Definition: AuthSession.cpp:91
AUTH_LOGON_PROOF_S::cmd
uint8 cmd
Definition: AuthSession.cpp:89
AUTH_LOGON_PROOF_S::error
uint8 error
Definition: AuthSession.cpp:90
AUTH_LOGON_PROOF_S::AccountFlags
uint32 AccountFlags
Definition: AuthSession.cpp:92
AUTH_LOGON_PROOF_S::SurveyId
uint32 SurveyId
Definition: AuthSession.cpp:93
AUTH_LOGON_PROOF_S::LoginFlags
uint16 LoginFlags
Definition: AuthSession.cpp:94
AUTH_LOGON_PROOF_S_OLD
Definition: AuthSession.cpp:99
AUTH_LOGON_PROOF_S_OLD::error
uint8 error
Definition: AuthSession.cpp:101
AUTH_LOGON_PROOF_S_OLD::unk2
uint32 unk2
Definition: AuthSession.cpp:103
AUTH_LOGON_PROOF_S_OLD::cmd
uint8 cmd
Definition: AuthSession.cpp:100
AUTH_LOGON_PROOF_S_OLD::M2
Acore::Crypto::SHA1::Digest M2
Definition: AuthSession.cpp:102
AccountInfo::FailedLogins
uint32 FailedLogins
Definition: AuthSession.h:58
AccountInfo::Id
uint32 Id
Definition: AuthSession.h:53
AccountInfo::Login
std::string Login
Definition: AuthSession.h:54
AuthSession::_srp6
Optional< Acore::Crypto::SRP6 > _srp6
Definition: AuthSession.h:95
AuthSession::_sessionKey
SessionKey _sessionKey
Definition: AuthSession.h:96
AuthSession::_accountInfo
AccountInfo _accountInfo
Definition: AuthSession.h:100
AuthSession::VerifyVersion
bool VerifyVersion(uint8 const *a, int32 aLength, Acore::Crypto::SHA1::Digest const &versionProof, bool isReconnect)
Definition: AuthSession.cpp:846
AuthSession::_totpSecret
Optional< std::vector< uint8 > > _totpSecret
Definition: AuthSession.h:101
PreparedStatementBase::SetData
Acore::Types::is_default< T > SetData(const uint8 index, T value)
Definition: PreparedStatement.h:78
ByteBuffer::resize
void resize(size_t newsize)
Definition: ByteBuffer.h:447
ByteBuffer::contents
uint8 * contents()
Definition: ByteBuffer.h:424

References _accountInfo, _expversion, _localizationName, _os, _sessionKey, _srp6, _status, _totpSecret, AUTH_LOGON_PROOF_C::A, AUTH_LOGON_PROOF_S::AccountFlags, AUTH_LOGON_PROOF, AUTH_LOGON_PROOF_C::clientM, AUTH_LOGON_PROOF_S::cmd, AUTH_LOGON_PROOF_S_OLD::cmd, ByteBuffer::contents(), AUTH_LOGON_PROOF_C::crc_hash, AUTH_LOGON_PROOF_S::error, AUTH_LOGON_PROOF_S_OLD::error, AccountInfo::FailedLogins, GetLocaleByName(), Socket< AuthSession >::GetReadBuffer(), MessageBuffer::GetReadPointer(), Socket< AuthSession >::GetRemoteIpAddress(), Socket< AuthSession >::GetRemotePort(), Acore::Crypto::SRP6::GetSessionVerifier(), AccountInfo::Id, LOG_DEBUG, LOG_INFO, AccountInfo::Login, LOGIN_INS_ACCOUNT_AUTO_BANNED, LOGIN_INS_FALP_IP_LOGGING, LOGIN_INS_IP_AUTO_BANNED, LOGIN_UPD_FAILEDLOGINS, LOGIN_UPD_LOGONPROOF, LoginDatabase, AUTH_LOGON_PROOF_S::LoginFlags, AUTH_LOGON_PROOF_S::M2, AUTH_LOGON_PROOF_S_OLD::M2, NO_VALID_EXP_FLAG, POST_BC_EXP_FLAG, MessageBuffer::ReadCompleted(), ByteBuffer::resize(), sConfigMgr, AUTH_LOGON_PROOF_C::securityFlags, SendPacket(), PreparedStatementBase::SetData(), STATUS_AUTHED, STATUS_CLOSED, AUTH_LOGON_PROOF_S::SurveyId, AUTH_LOGON_PROOF_S_OLD::unk2, Acore::Crypto::TOTP::ValidateToken(), VerifyVersion(), WOW_FAIL_UNKNOWN_ACCOUNT, and WOW_FAIL_VERSION_INVALID.

Referenced by InitHandlers().

◆ HandleRealmList()

bool AuthSession::HandleRealmList ( )
private
733{
734 LOG_DEBUG("server.authserver", "Entering _HandleRealmList");
735
736 LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_REALM_CHARACTER_COUNTS);
737 stmt->SetData(0, _accountInfo.Id);
738
739 _queryProcessor.AddCallback(LoginDatabase.AsyncQuery(stmt).WithPreparedCallback(std::bind(&AuthSession::RealmListCallback, this, std::placeholders::_1)));
740 _status = STATUS_WAITING_FOR_REALM_LIST;
741 return true;
742}
STATUS_WAITING_FOR_REALM_LIST
@ STATUS_WAITING_FOR_REALM_LIST
Definition: AuthSession.h:44
LOGIN_SEL_REALM_CHARACTER_COUNTS
@ LOGIN_SEL_REALM_CHARACTER_COUNTS
Definition: LoginDatabase.h:53
AuthSession::RealmListCallback
void RealmListCallback(PreparedQueryResult result)
Definition: AuthSession.cpp:744

References _accountInfo, _queryProcessor, _status, AsyncCallbackProcessor< T >::AddCallback(), AccountInfo::Id, LOG_DEBUG, LOGIN_SEL_REALM_CHARACTER_COUNTS, LoginDatabase, RealmListCallback(), PreparedStatementBase::SetData(), and STATUS_WAITING_FOR_REALM_LIST.

Referenced by InitHandlers().

◆ HandleReconnectChallenge()

bool AuthSession::HandleReconnectChallenge ( )
private
624{
625 _status = STATUS_CLOSED;
626
627 sAuthLogonChallenge_C* challenge = reinterpret_cast<sAuthLogonChallenge_C*>(GetReadBuffer().GetReadPointer());
628 if (challenge->size - (sizeof(sAuthLogonChallenge_C) - AUTH_LOGON_CHALLENGE_INITIAL_SIZE - 1) != challenge->I_len)
629 return false;
630
631 std::string login((char const*)challenge->I, challenge->I_len);
632 LOG_DEBUG("server.authserver", "[ReconnectChallenge] '{}'", login);
633
634 _build = challenge->build;
635 _expversion = uint8(AuthHelper::IsPostBCAcceptedClientBuild(_build) ? POST_BC_EXP_FLAG : (AuthHelper::IsPreBCAcceptedClientBuild(_build) ? PRE_BC_EXP_FLAG : NO_VALID_EXP_FLAG));
636
637 std::array<char, 5> os;
638 os.fill('\0');
639 memcpy(os.data(), challenge->os, sizeof(challenge->os));
640 _os = os.data();
641
642 // Restore string order as its byte order is reversed
643 std::reverse(_os.begin(), _os.end());
644
645 _localizationName.resize(4);
646 for (int i = 0; i < 4; ++i)
647 _localizationName[i] = challenge->country[4 - i - 1];
648
649 // Get the account details from the account table
650 LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_RECONNECTCHALLENGE);
651 stmt->SetData(0, GetRemoteIpAddress().to_string());
652 stmt->SetData(1, login);
653
654 _queryProcessor.AddCallback(LoginDatabase.AsyncQuery(stmt).WithPreparedCallback(std::bind(&AuthSession::ReconnectChallengeCallback, this, std::placeholders::_1)));
655 return true;
656}
LOGIN_SEL_RECONNECTCHALLENGE
@ LOGIN_SEL_RECONNECTCHALLENGE
Definition: LoginDatabase.h:45
AuthSession::ReconnectChallengeCallback
void ReconnectChallengeCallback(PreparedQueryResult result)
Definition: AuthSession.cpp:658

References _build, _expversion, _localizationName, _os, _queryProcessor, _status, AsyncCallbackProcessor< T >::AddCallback(), AUTH_LOGON_CHALLENGE_INITIAL_SIZE, AUTH_LOGON_CHALLENGE_C::build, AUTH_LOGON_CHALLENGE_C::country, Socket< AuthSession >::GetReadBuffer(), MessageBuffer::GetReadPointer(), Socket< AuthSession >::GetRemoteIpAddress(), AUTH_LOGON_CHALLENGE_C::I, AUTH_LOGON_CHALLENGE_C::I_len, AuthHelper::IsPostBCAcceptedClientBuild(), AuthHelper::IsPreBCAcceptedClientBuild(), LOG_DEBUG, LOGIN_SEL_RECONNECTCHALLENGE, LoginDatabase, NO_VALID_EXP_FLAG, AUTH_LOGON_CHALLENGE_C::os, POST_BC_EXP_FLAG, PRE_BC_EXP_FLAG, ReconnectChallengeCallback(), AUTH_LOGON_CHALLENGE_C::size, and STATUS_CLOSED.

Referenced by InitHandlers().

◆ HandleReconnectProof()

bool AuthSession::HandleReconnectProof ( )
private
685{
686 LOG_DEBUG("server.authserver", "Entering _HandleReconnectProof");
687 _status = STATUS_CLOSED;
688
689 sAuthReconnectProof_C* reconnectProof = reinterpret_cast<sAuthReconnectProof_C*>(GetReadBuffer().GetReadPointer());
690
691 if (_accountInfo.Login.empty())
692 return false;
693
694 BigNumber t1;
695 t1.SetBinary(reconnectProof->R1, 16);
696
697 Acore::Crypto::SHA1 sha;
698 sha.UpdateData(_accountInfo.Login);
699 sha.UpdateData(t1.ToByteArray<16>());
700 sha.UpdateData(_reconnectProof);
701 sha.UpdateData(_sessionKey);
702 sha.Finalize();
703
704 if (sha.GetDigest() == reconnectProof->R2)
705 {
706 if (!VerifyVersion(reconnectProof->R1, sizeof(reconnectProof->R1), reconnectProof->R3, true))
707 {
708 ByteBuffer packet;
709 packet << uint8(AUTH_RECONNECT_PROOF);
710 packet << uint8(WOW_FAIL_VERSION_INVALID);
711 SendPacket(packet);
712 return true;
713 }
714
715 // Sending response
716 ByteBuffer pkt;
717 pkt << uint8(AUTH_RECONNECT_PROOF);
718 pkt << uint8(WOW_SUCCESS);
719 pkt << uint16(0); // LoginFlags, 1 has account message
720 SendPacket(pkt);
721 _status = STATUS_AUTHED;
722 return true;
723 }
724 else
725 {
726 LOG_ERROR("server.authserver.hack", "'{}:{}' [ERROR] user {} tried to login, but session is invalid.", GetRemoteIpAddress().to_string(),
727 GetRemotePort(), _accountInfo.Login);
728 return false;
729 }
730}
LOG_ERROR
#define LOG_ERROR(filterType__,...)
Definition: Log.h:157
WOW_SUCCESS
@ WOW_SUCCESS
Definition: AuthCodes.h:26
AUTH_RECONNECT_PROOF
@ AUTH_RECONNECT_PROOF
Definition: AuthSession.cpp:45
BigNumber
Definition: BigNumber.h:29
BigNumber::ToByteArray
std::array< uint8, Size > ToByteArray(bool littleEndian=true) const
Definition: BigNumber.h:123
BigNumber::SetBinary
void SetBinary(uint8 const *bytes, int32 len, bool littleEndian=true)
Definition: BigNumber.cpp:57
Acore::Impl::GenericHash
Definition: CryptoHash.h:48
Acore::Impl::GenericHash::UpdateData
void UpdateData(uint8 const *data, size_t len)
Definition: CryptoHash.h:115
Acore::Impl::GenericHash::Finalize
void Finalize()
Definition: CryptoHash.h:128
Acore::Impl::GenericHash::GetDigest
Digest const & GetDigest() const
Definition: CryptoHash.h:136
AUTH_RECONNECT_PROOF_C
Definition: AuthSession.cpp:108
AUTH_RECONNECT_PROOF_C::R1
uint8 R1[16]
Definition: AuthSession.cpp:110
AUTH_RECONNECT_PROOF_C::R2
Acore::Crypto::SHA1::Digest R2
Definition: AuthSession.cpp:111
AUTH_RECONNECT_PROOF_C::R3
Acore::Crypto::SHA1::Digest R3
Definition: AuthSession.cpp:111
AuthSession::_reconnectProof
std::array< uint8, 16 > _reconnectProof
Definition: AuthSession.h:97

References _accountInfo, _reconnectProof, _sessionKey, _status, AUTH_RECONNECT_PROOF, Acore::Impl::GenericHash< HashCreator, DigestLength >::Finalize(), Acore::Impl::GenericHash< HashCreator, DigestLength >::GetDigest(), Socket< AuthSession >::GetReadBuffer(), MessageBuffer::GetReadPointer(), Socket< AuthSession >::GetRemoteIpAddress(), Socket< AuthSession >::GetRemotePort(), LOG_DEBUG, LOG_ERROR, AccountInfo::Login, AUTH_RECONNECT_PROOF_C::R1, AUTH_RECONNECT_PROOF_C::R2, AUTH_RECONNECT_PROOF_C::R3, SendPacket(), BigNumber::SetBinary(), STATUS_AUTHED, STATUS_CLOSED, BigNumber::ToByteArray(), Acore::Impl::GenericHash< HashCreator, DigestLength >::UpdateData(), VerifyVersion(), WOW_FAIL_VERSION_INVALID, and WOW_SUCCESS.

Referenced by InitHandlers().

◆ InitHandlers()

std::unordered_map< uint8, AuthHandler > AuthSession::InitHandlers ( )
static
126{
127 std::unordered_map<uint8, AuthHandler> handlers;
128
129 handlers[AUTH_LOGON_CHALLENGE] = { STATUS_CHALLENGE, AUTH_LOGON_CHALLENGE_INITIAL_SIZE, &AuthSession::HandleLogonChallenge };
130 handlers[AUTH_LOGON_PROOF] = { STATUS_LOGON_PROOF, sizeof(AUTH_LOGON_PROOF_C), &AuthSession::HandleLogonProof };
131 handlers[AUTH_RECONNECT_CHALLENGE] = { STATUS_CHALLENGE, AUTH_LOGON_CHALLENGE_INITIAL_SIZE, &AuthSession::HandleReconnectChallenge };
132 handlers[AUTH_RECONNECT_PROOF] = { STATUS_RECONNECT_PROOF, sizeof(AUTH_RECONNECT_PROOF_C), &AuthSession::HandleReconnectProof };
133 handlers[REALM_LIST] = { STATUS_AUTHED, REALM_LIST_PACKET_SIZE, &AuthSession::HandleRealmList };
134
135 return handlers;
136}
REALM_LIST
@ REALM_LIST
Definition: AuthSession.cpp:46
AUTH_RECONNECT_CHALLENGE
@ AUTH_RECONNECT_CHALLENGE
Definition: AuthSession.cpp:44
REALM_LIST_PACKET_SIZE
#define REALM_LIST_PACKET_SIZE
Definition: AuthSession.cpp:123
STATUS_RECONNECT_PROOF
@ STATUS_RECONNECT_PROOF
Definition: AuthSession.h:42
STATUS_LOGON_PROOF
@ STATUS_LOGON_PROOF
Definition: AuthSession.h:41
AuthSession::HandleLogonChallenge
bool HandleLogonChallenge()
Definition: AuthSession.cpp:286
AuthSession::HandleLogonProof
bool HandleLogonProof()
Definition: AuthSession.cpp:459
AuthSession::HandleReconnectChallenge
bool HandleReconnectChallenge()
Definition: AuthSession.cpp:623
AuthSession::HandleRealmList
bool HandleRealmList()
Definition: AuthSession.cpp:732
AuthSession::HandleReconnectProof
bool HandleReconnectProof()
Definition: AuthSession.cpp:684

References AUTH_LOGON_CHALLENGE, AUTH_LOGON_CHALLENGE_INITIAL_SIZE, AUTH_LOGON_PROOF, AUTH_RECONNECT_CHALLENGE, AUTH_RECONNECT_PROOF, HandleLogonChallenge(), HandleLogonProof(), HandleRealmList(), HandleReconnectChallenge(), HandleReconnectProof(), REALM_LIST, REALM_LIST_PACKET_SIZE, STATUS_AUTHED, STATUS_CHALLENGE, STATUS_LOGON_PROOF, and STATUS_RECONNECT_PROOF.

◆ LogonChallengeCallback()

void AuthSession::LogonChallengeCallback ( PreparedQueryResult  result)
private
321{
322 ByteBuffer pkt;
323 pkt << uint8(AUTH_LOGON_CHALLENGE);
324 pkt << uint8(0x00);
325
326 if (!result)
327 {
328 pkt << uint8(WOW_FAIL_UNKNOWN_ACCOUNT);
329 SendPacket(pkt);
330 return;
331 }
332
333 Field* fields = result->Fetch();
334
335 _accountInfo.LoadResult(fields);
336
337 std::string ipAddress = GetRemoteIpAddress().to_string();
338 uint16 port = GetRemotePort();
339
340 // If the IP is 'locked', check that the player comes indeed from the correct IP address
341 if (_accountInfo.IsLockedToIP)
342 {
343 LOG_DEBUG("server.authserver", "[AuthChallenge] Account '{}' is locked to IP - '{}' is logging in from '{}'", _accountInfo.Login, _accountInfo.LastIP, ipAddress);
344 if (_accountInfo.LastIP != ipAddress)
345 {
346 pkt << uint8(WOW_FAIL_LOCKED_ENFORCED);
347 SendPacket(pkt);
348 return;
349 }
350 }
351 else
352 {
353 if (IpLocationRecord const* location = sIPLocation->GetLocationRecord(ipAddress))
354 _ipCountry = location->CountryCode;
355
356 LOG_DEBUG("server.authserver", "[AuthChallenge] Account '{}' is not locked to ip", _accountInfo.Login);
357 if (_accountInfo.LockCountry.empty() || _accountInfo.LockCountry == "00")
358 LOG_DEBUG("server.authserver", "[AuthChallenge] Account '{}' is not locked to country", _accountInfo.Login);
359 else if (!_ipCountry.empty())
360 {
361 LOG_DEBUG("server.authserver", "[AuthChallenge] Account '{}' is locked to country: '{}' Player country is '{}'", _accountInfo.Login, _accountInfo.LockCountry, _ipCountry);
362 if (_ipCountry != _accountInfo.LockCountry)
363 {
364 pkt << uint8(WOW_FAIL_UNLOCKABLE_LOCK);
365 SendPacket(pkt);
366 return;
367 }
368 }
369 }
370
371 // If the account is banned, reject the logon attempt
372 if (_accountInfo.IsBanned)
373 {
374 if (_accountInfo.IsPermanentlyBanned)
375 {
376 pkt << uint8(WOW_FAIL_BANNED);
377 SendPacket(pkt);
378 LOG_INFO("server.authserver.banned", "'{}:{}' [AuthChallenge] Banned account {} tried to login!", ipAddress, port, _accountInfo.Login);
379 return;
380 }
381 else
382 {
383 pkt << uint8(WOW_FAIL_SUSPENDED);
384 SendPacket(pkt);
385 LOG_INFO("server.authserver.banned", "'{}:{}' [AuthChallenge] Temporarily banned account {} tried to login!", ipAddress, port, _accountInfo.Login);
386 return;
387 }
388 }
389
390 uint8 securityFlags = 0;
391
392 // Check if a TOTP token is needed
393 if (!fields[11].IsNull())
394 {
395 securityFlags = 4;
396 _totpSecret = fields[11].Get<Binary>();
397
398 if (auto const& secret = sSecretMgr->GetSecret(SECRET_TOTP_MASTER_KEY))
399 {
400 bool success = Acore::Crypto::AEDecrypt<Acore::Crypto::AES>(*_totpSecret, *secret);
401 if (!success)
402 {
403 pkt << uint8(WOW_FAIL_DB_BUSY);
404 LOG_ERROR("server.authserver", "[AuthChallenge] Account '{}' has invalid ciphertext for TOTP token key stored", _accountInfo.Login);
405 SendPacket(pkt);
406 return;
407 }
408 }
409 }
410
411 _srp6.emplace(_accountInfo.Login,
412 fields[12].Get<Binary, Acore::Crypto::SRP6::SALT_LENGTH>(),
413 fields[13].Get<Binary, Acore::Crypto::SRP6::VERIFIER_LENGTH>());
414
415 // Fill the response packet with the result
416 if (AuthHelper::IsAcceptedClientBuild(_build))
417 {
418 pkt << uint8(WOW_SUCCESS);
419
420 pkt.append(_srp6->B);
421 pkt << uint8(1);
422 pkt.append(_srp6->g);
423 pkt << uint8(32);
424 pkt.append(_srp6->N);
425 pkt.append(_srp6->s);
426 pkt.append(VersionChallenge.data(), VersionChallenge.size());
427 pkt << uint8(securityFlags); // security flags (0x0...0x04)
428
429 if (securityFlags & 0x01) // PIN input
430 {
431 pkt << uint32(0);
432 pkt << uint64(0) << uint64(0); // 16 bytes hash?
433 }
434
435 if (securityFlags & 0x02) // Matrix input
436 {
437 pkt << uint8(0);
438 pkt << uint8(0);
439 pkt << uint8(0);
440 pkt << uint8(0);
441 pkt << uint64(0);
442 }
443
444 if (securityFlags & 0x04) // Security token input
445 pkt << uint8(1);
446
447 LOG_DEBUG("server.authserver", "'{}:{}' [AuthChallenge] account {} is using '{}' locale ({})",
448 ipAddress, port, _accountInfo.Login, _localizationName, GetLocaleByName(_localizationName));
449
450 _status = STATUS_LOGON_PROOF;
451 }
452 else
453 pkt << uint8(WOW_FAIL_VERSION_INVALID);
454
455 SendPacket(pkt);
456}
uint64
std::uint64_t uint64
Definition: Define.h:107
sIPLocation
#define sIPLocation
Definition: IPLocation.h:49
WOW_FAIL_LOCKED_ENFORCED
@ WOW_FAIL_LOCKED_ENFORCED
Definition: AuthCodes.h:40
WOW_FAIL_SUSPENDED
@ WOW_FAIL_SUSPENDED
Definition: AuthCodes.h:36
WOW_FAIL_DB_BUSY
@ WOW_FAIL_DB_BUSY
Definition: AuthCodes.h:32
WOW_FAIL_UNLOCKABLE_LOCK
@ WOW_FAIL_UNLOCKABLE_LOCK
Definition: AuthCodes.h:49
VersionChallenge
std::array< uint8, 16 > VersionChallenge
Definition: AuthSession.cpp:118
Binary
std::vector< uint8 > Binary
Definition: Field.h:41
sSecretMgr
#define sSecretMgr
Definition: SecretMgr.h:73
SECRET_TOTP_MASTER_KEY
@ SECRET_TOTP_MASTER_KEY
Definition: SecretMgr.h:31
AuthHelper::IsAcceptedClientBuild
bool IsAcceptedClientBuild(uint32 build)
Definition: AuthCodes.cpp:35
Acore::Crypto::SRP6::SALT_LENGTH
static constexpr size_t SALT_LENGTH
Definition: SRP6.h:31
Acore::Crypto::SRP6::VERIFIER_LENGTH
static constexpr size_t VERIFIER_LENGTH
Definition: SRP6.h:34
IpLocationRecord
Definition: IPLocation.h:23
AccountInfo::LockCountry
std::string LockCountry
Definition: AuthSession.h:56
AccountInfo::IsPermanentlyBanned
bool IsPermanentlyBanned
Definition: AuthSession.h:60
AccountInfo::LoadResult
void LoadResult(Field *fields)
Definition: AuthSession.cpp:140
AccountInfo::IsBanned
bool IsBanned
Definition: AuthSession.h:59
AccountInfo::IsLockedToIP
bool IsLockedToIP
Definition: AuthSession.h:55
AccountInfo::LastIP
std::string LastIP
Definition: AuthSession.h:57
AuthSession::_ipCountry
std::string _ipCountry
Definition: AuthSession.h:104
Field
Class used to access individual fields of database query result.
Definition: Field.h:99
Field::Get
std::enable_if_t< std::is_arithmetic_v< T >, T > Get() const
Definition: Field.h:113
ByteBuffer::append
void append(T value)
Definition: ByteBuffer.h:129

References _accountInfo, _build, _ipCountry, _localizationName, _srp6, _status, _totpSecret, ByteBuffer::append(), AUTH_LOGON_CHALLENGE, Field::Get(), GetLocaleByName(), Socket< AuthSession >::GetRemoteIpAddress(), Socket< AuthSession >::GetRemotePort(), AuthHelper::IsAcceptedClientBuild(), AccountInfo::IsBanned, AccountInfo::IsLockedToIP, AccountInfo::IsPermanentlyBanned, AccountInfo::LastIP, AccountInfo::LoadResult(), AccountInfo::LockCountry, LOG_DEBUG, LOG_ERROR, LOG_INFO, AccountInfo::Login, Acore::Crypto::SRP6::SALT_LENGTH, SECRET_TOTP_MASTER_KEY, SendPacket(), sIPLocation, sSecretMgr, STATUS_LOGON_PROOF, Acore::Crypto::SRP6::VERIFIER_LENGTH, VersionChallenge, WOW_FAIL_BANNED, WOW_FAIL_DB_BUSY, WOW_FAIL_LOCKED_ENFORCED, WOW_FAIL_SUSPENDED, WOW_FAIL_UNKNOWN_ACCOUNT, WOW_FAIL_UNLOCKABLE_LOCK, WOW_FAIL_VERSION_INVALID, and WOW_SUCCESS.

Referenced by HandleLogonChallenge().

◆ ReadHandler()

void AuthSession::ReadHandler ( )
overrideprotectedvirtual

Implements Socket< AuthSession >.

223{
224 MessageBuffer& packet = GetReadBuffer();
225
226 while (packet.GetActiveSize())
227 {
228 uint8 cmd = packet.GetReadPointer()[0];
229 auto itr = Handlers.find(cmd);
230 if (itr == Handlers.end())
231 {
232 // well we dont handle this, lets just ignore it
233 packet.Reset();
234 break;
235 }
236
237 if (_status != itr->second.status)
238 {
239 CloseSocket();
240 return;
241 }
242
243 uint16 size = uint16(itr->second.packetSize);
244 if (packet.GetActiveSize() < size)
245 break;
246
247 if (cmd == AUTH_LOGON_CHALLENGE || cmd == AUTH_RECONNECT_CHALLENGE)
248 {
249 sAuthLogonChallenge_C* challenge = reinterpret_cast<sAuthLogonChallenge_C*>(packet.GetReadPointer());
250 size += challenge->size;
251 if (size > MAX_ACCEPTED_CHALLENGE_SIZE)
252 {
253 CloseSocket();
254 return;
255 }
256 }
257
258 if (packet.GetActiveSize() < size)
259 break;
260
261 if (!(*this.*itr->second.handler)())
262 {
263 CloseSocket();
264 return;
265 }
266
267 packet.ReadCompleted(size);
268 }
269
270 AsyncRead();
271}
MAX_ACCEPTED_CHALLENGE_SIZE
#define MAX_ACCEPTED_CHALLENGE_SIZE
Definition: AuthSession.cpp:120
Handlers
std::unordered_map< uint8, AuthHandler > const Handlers
Definition: AuthSession.cpp:138
MessageBuffer
Definition: MessageBuffer.h:26
MessageBuffer::GetActiveSize
size_type GetActiveSize() const
Definition: MessageBuffer.h:64
MessageBuffer::Reset
void Reset()
Definition: MessageBuffer.h:46
Socket< AuthSession >::CloseSocket
void CloseSocket()
Definition: Socket.h:125

References _status, Socket< AuthSession >::AsyncRead(), AUTH_LOGON_CHALLENGE, AUTH_RECONNECT_CHALLENGE, Socket< AuthSession >::CloseSocket(), MessageBuffer::GetActiveSize(), Socket< AuthSession >::GetReadBuffer(), MessageBuffer::GetReadPointer(), Handlers, MAX_ACCEPTED_CHALLENGE_SIZE, MessageBuffer::ReadCompleted(), MessageBuffer::Reset(), and AUTH_LOGON_CHALLENGE_C::size.

◆ RealmListCallback()

void AuthSession::RealmListCallback ( PreparedQueryResult  result)
private
745{
746 std::map<uint32, uint8> characterCounts;
747 if (result)
748 {
749 do
750 {
751 Field* fields = result->Fetch();
752 characterCounts[fields[0].Get<uint32>()] = fields[1].Get<uint8>();
753 } while (result->NextRow());
754 }
755
756 // Circle through realms in the RealmList and construct the return packet (including # of user characters in each realm)
757 ByteBuffer pkt;
758
759 size_t RealmListSize = 0;
760 for (auto const& [realmHandle, realm] : sRealmList->GetRealms())
761 {
762 // don't work with realms which not compatible with the client
763 bool okBuild = ((_expversion & POST_BC_EXP_FLAG) && realm.Build == _build) || ((_expversion & PRE_BC_EXP_FLAG) && !AuthHelper::IsPreBCAcceptedClientBuild(realm.Build));
764
765 // No SQL injection. id of realm is controlled by the database.
766 uint32 flag = realm.Flags;
767 RealmBuildInfo const* buildInfo = sRealmList->GetBuildInfo(realm.Build);
768 if (!okBuild)
769 {
770 if (!buildInfo)
771 continue;
772
773 flag |= REALM_FLAG_OFFLINE | REALM_FLAG_SPECIFYBUILD; // tell the client what build the realm is for
774 }
775
776 if (!buildInfo)
777 flag &= ~REALM_FLAG_SPECIFYBUILD;
778
779 std::string name = realm.Name;
780 if (_expversion & PRE_BC_EXP_FLAG && flag & REALM_FLAG_SPECIFYBUILD)
781 {
782 std::ostringstream ss;
783 ss << name << " (" << buildInfo->MajorVersion << '.' << buildInfo->MinorVersion << '.' << buildInfo->BugfixVersion << ')';
784 name = ss.str();
785 }
786
787 uint8 lock = (realm.AllowedSecurityLevel > _accountInfo.SecurityLevel) ? 1 : 0;
788
789 pkt << uint8(realm.Type); // realm type
790 if (_expversion & POST_BC_EXP_FLAG) // only 2.x and 3.x clients
791 pkt << uint8(lock); // if 1, then realm locked
792
793 pkt << uint8(flag); // RealmFlags
794 pkt << name;
795 pkt << boost::lexical_cast<std::string>(realm.GetAddressForClient(GetRemoteIpAddress()));
796 pkt << float(realm.PopulationLevel);
797 pkt << uint8(characterCounts[realm.Id.Realm]);
798 pkt << uint8(realm.Timezone); // realm category
799
800 if (_expversion & POST_BC_EXP_FLAG) // 2.x and 3.x clients
801 pkt << uint8(realm.Id.Realm);
802 else
803 pkt << uint8(0x0); // 1.12.1 and 1.12.2 clients
804
805 if (_expversion & POST_BC_EXP_FLAG && flag & REALM_FLAG_SPECIFYBUILD)
806 {
807 pkt << uint8(buildInfo->MajorVersion);
808 pkt << uint8(buildInfo->MinorVersion);
809 pkt << uint8(buildInfo->BugfixVersion);
810 pkt << uint16(buildInfo->Build);
811 }
812
813 ++RealmListSize;
814 }
815
816 if (_expversion & POST_BC_EXP_FLAG) // 2.x and 3.x clients
817 {
818 pkt << uint8(0x10);
819 pkt << uint8(0x00);
820 }
821 else // 1.12.1 and 1.12.2 clients
822 {
823 pkt << uint8(0x00);
824 pkt << uint8(0x02);
825 }
826
827 // make a ByteBuffer which stores the RealmList's size
828 ByteBuffer RealmListSizeBuffer;
829 RealmListSizeBuffer << uint32(0);
830
831 if (_expversion & POST_BC_EXP_FLAG) // only 2.x and 3.x clients
832 RealmListSizeBuffer << uint16(RealmListSize);
833 else
834 RealmListSizeBuffer << uint32(RealmListSize);
835
836 ByteBuffer hdr;
837 hdr << uint8(REALM_LIST);
838 hdr << uint16(pkt.size() + RealmListSizeBuffer.size());
839 hdr.append(RealmListSizeBuffer); // append RealmList's size buffer
840 hdr.append(pkt); // append realms in the realmlist
841 SendPacket(hdr);
842
843 _status = STATUS_AUTHED;
844}
REALM_FLAG_OFFLINE
@ REALM_FLAG_OFFLINE
Definition: Realm.h:28
REALM_FLAG_SPECIFYBUILD
@ REALM_FLAG_SPECIFYBUILD
Definition: Realm.h:29
sRealmList
#define sRealmList
Definition: RealmList.h:77
realm
Realm realm
Definition: World.cpp:112
AccountInfo::SecurityLevel
AccountTypes SecurityLevel
Definition: AuthSession.h:61
ByteBuffer::size
size_t size() const
Definition: ByteBuffer.h:444
RealmHandle::Realm
uint32 Realm
Definition: Realm.h:42
Realm::Flags
RealmFlags Flags
Definition: Realm.h:76
Realm::AllowedSecurityLevel
AccountTypes AllowedSecurityLevel
Definition: Realm.h:78
Realm::GetAddressForClient
boost::asio::ip::tcp_endpoint GetAddressForClient(boost::asio::ip::address const &clientAddr) const
Definition: Realm.cpp:23
Realm::Timezone
uint8 Timezone
Definition: Realm.h:77
Realm::PopulationLevel
float PopulationLevel
Definition: Realm.h:79
Realm::Build
uint32 Build
Definition: Realm.h:69
Realm::Name
std::string Name
Definition: Realm.h:74
Realm::Id
RealmHandle Id
Definition: Realm.h:68
Realm::Type
uint8 Type
Definition: Realm.h:75
RealmBuildInfo
Definition: RealmList.h:29
RealmBuildInfo::MajorVersion
uint32 MajorVersion
Definition: RealmList.h:31
RealmBuildInfo::BugfixVersion
uint32 BugfixVersion
Definition: RealmList.h:33
RealmBuildInfo::Build
uint32 Build
Definition: RealmList.h:30
RealmBuildInfo::MinorVersion
uint32 MinorVersion
Definition: RealmList.h:32

References _accountInfo, _build, _expversion, _status, Realm::AllowedSecurityLevel, ByteBuffer::append(), RealmBuildInfo::BugfixVersion, Realm::Build, RealmBuildInfo::Build, Realm::Flags, Field::Get(), Realm::GetAddressForClient(), Socket< AuthSession >::GetRemoteIpAddress(), Realm::Id, AuthHelper::IsPreBCAcceptedClientBuild(), RealmBuildInfo::MajorVersion, RealmBuildInfo::MinorVersion, Realm::Name, Realm::PopulationLevel, POST_BC_EXP_FLAG, PRE_BC_EXP_FLAG, realm, RealmHandle::Realm, REALM_FLAG_OFFLINE, REALM_FLAG_SPECIFYBUILD, REALM_LIST, AccountInfo::SecurityLevel, SendPacket(), ByteBuffer::size(), sRealmList, STATUS_AUTHED, Realm::Timezone, and Realm::Type.

Referenced by HandleRealmList().

◆ ReconnectChallengeCallback()

void AuthSession::ReconnectChallengeCallback ( PreparedQueryResult  result)
private
659{
660 ByteBuffer pkt;
661 pkt << uint8(AUTH_RECONNECT_CHALLENGE);
662
663 if (!result)
664 {
665 pkt << uint8(WOW_FAIL_UNKNOWN_ACCOUNT);
666 SendPacket(pkt);
667 return;
668 }
669
670 Field* fields = result->Fetch();
671
672 _accountInfo.LoadResult(fields);
673 _sessionKey = fields[11].Get<Binary, SESSION_KEY_LENGTH>();
674 Acore::Crypto::GetRandomBytes(_reconnectProof);
675 _status = STATUS_RECONNECT_PROOF;
676
677 pkt << uint8(WOW_SUCCESS);
678 pkt.append(_reconnectProof);
679 pkt.append(VersionChallenge.data(), VersionChallenge.size());
680
681 SendPacket(pkt);
682}
SESSION_KEY_LENGTH
constexpr size_t SESSION_KEY_LENGTH
Definition: AuthDefines.h:24
Acore::Crypto::GetRandomBytes
std::array< uint8, S > GetRandomBytes()
Definition: CryptoRandom.h:35

References _accountInfo, _reconnectProof, _sessionKey, _status, ByteBuffer::append(), AUTH_RECONNECT_CHALLENGE, Field::Get(), Acore::Crypto::GetRandomBytes(), AccountInfo::LoadResult(), SendPacket(), SESSION_KEY_LENGTH, STATUS_RECONNECT_PROOF, VersionChallenge, WOW_FAIL_UNKNOWN_ACCOUNT, and WOW_SUCCESS.

Referenced by HandleReconnectChallenge().

◆ SendPacket()

void AuthSession::SendPacket ( ByteBuffer packet)
274{
275 if (!IsOpen())
276 return;
277
278 if (!packet.empty())
279 {
280 MessageBuffer buffer(packet.size());
281 buffer.Write(packet.contents(), packet.size());
282 QueuePacket(std::move(buffer));
283 }
284}
Socket< AuthSession >::QueuePacket
void QueuePacket(MessageBuffer &&buffer)
Definition: Socket.h:114
Socket< AuthSession >::IsOpen
bool IsOpen() const
Definition: Socket.h:123
ByteBuffer::empty
bool empty() const
Definition: ByteBuffer.h:445

References ByteBuffer::contents(), ByteBuffer::empty(), Socket< AuthSession >::IsOpen(), Socket< AuthSession >::QueuePacket(), ByteBuffer::size(), and MessageBuffer::Write().

Referenced by CheckIpCallback(), HandleLogonProof(), HandleReconnectProof(), LogonChallengeCallback(), RealmListCallback(), and ReconnectChallengeCallback().

◆ Start()

void AuthSession::Start ( )
overridevirtual

Implements Socket< AuthSession >.

172{
173 std::string ip_address = GetRemoteIpAddress().to_string();
174 LOG_TRACE("session", "Accepted connection from {}", ip_address);
175
176 LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_IP_INFO);
177 stmt->SetData(0, ip_address);
178
179 _queryProcessor.AddCallback(LoginDatabase.AsyncQuery(stmt).WithPreparedCallback(std::bind(&AuthSession::CheckIpCallback, this, std::placeholders::_1)));
180}
LOG_TRACE
#define LOG_TRACE(filterType__,...)
Definition: Log.h:173
LOGIN_SEL_IP_INFO
@ LOGIN_SEL_IP_INFO
Definition: LoginDatabase.h:34
AuthSession::CheckIpCallback
void CheckIpCallback(PreparedQueryResult result)
Definition: AuthSession.cpp:192

References _queryProcessor, AsyncCallbackProcessor< T >::AddCallback(), CheckIpCallback(), Socket< AuthSession >::GetRemoteIpAddress(), LOG_TRACE, LOGIN_SEL_IP_INFO, LoginDatabase, and PreparedStatementBase::SetData().

◆ Update()

bool AuthSession::Update ( )
overridevirtual

Reimplemented from Socket< AuthSession >.

183{
184 if (!AuthSocket::Update())
185 return false;
186
187 _queryProcessor.ProcessReadyCallbacks();
188
189 return true;
190}
AsyncCallbackProcessor::ProcessReadyCallbacks
void ProcessReadyCallbacks()
Definition: AsyncCallbackProcessor.h:41
Socket< AuthSession >::Update
virtual bool Update()
Definition: Socket.h:56

References _queryProcessor, AsyncCallbackProcessor< T >::ProcessReadyCallbacks(), and Socket< AuthSession >::Update().

◆ VerifyVersion()

bool AuthSession::VerifyVersion ( uint8 const *  a,
int32  aLength,
Acore::Crypto::SHA1::Digest const &  versionProof,
bool  isReconnect 
)
private
847{
848 if (!sConfigMgr->GetOption<bool>("StrictVersionCheck", false))
849 return true;
850
851 Acore::Crypto::SHA1::Digest zeros{};
852 Acore::Crypto::SHA1::Digest const* versionHash{ nullptr };
853
854 if (!isReconnect)
855 {
856 RealmBuildInfo const* buildInfo = sRealmList->GetBuildInfo(_build);
857 if (!buildInfo)
858 return false;
859
860 if (_os == "Win")
861 versionHash = &buildInfo->WindowsHash;
862 else if (_os == "OSX")
863 versionHash = &buildInfo->MacHash;
864
865 if (!versionHash)
866 return false;
867
868 if (zeros == *versionHash)
869 return true; // not filled serverside
870 }
871 else
872 versionHash = &zeros;
873
874 Acore::Crypto::SHA1 version;
875 version.UpdateData(a, aLength);
876 version.UpdateData(*versionHash);
877 version.Finalize();
878
879 return (versionProof == version.GetDigest());
880}
RealmBuildInfo::WindowsHash
std::array< uint8, 20 > WindowsHash
Definition: RealmList.h:35
RealmBuildInfo::MacHash
std::array< uint8, 20 > MacHash
Definition: RealmList.h:36

References _build, _os, Acore::Impl::GenericHash< HashCreator, DigestLength >::Finalize(), Acore::Impl::GenericHash< HashCreator, DigestLength >::GetDigest(), RealmBuildInfo::MacHash, sConfigMgr, sRealmList, Acore::Impl::GenericHash< HashCreator, DigestLength >::UpdateData(), and RealmBuildInfo::WindowsHash.

Referenced by HandleLogonProof(), and HandleReconnectProof().

Member Data Documentation

◆ _accountInfo

AccountInfo AuthSession::_accountInfo
private

Referenced by HandleLogonProof(), HandleRealmList(), HandleReconnectProof(), LogonChallengeCallback(), RealmListCallback(), and ReconnectChallengeCallback().

◆ _build

uint16 AuthSession::_build
private

Referenced by HandleLogonChallenge(), HandleReconnectChallenge(), LogonChallengeCallback(), RealmListCallback(), and VerifyVersion().

◆ _expversion

uint8 AuthSession::_expversion
private

Referenced by HandleLogonChallenge(), HandleLogonProof(), HandleReconnectChallenge(), and RealmListCallback().

◆ _ipCountry

std::string AuthSession::_ipCountry
private

Referenced by LogonChallengeCallback().

◆ _localizationName

std::string AuthSession::_localizationName
private

Referenced by HandleLogonChallenge(), HandleLogonProof(), HandleReconnectChallenge(), and LogonChallengeCallback().

◆ _os

std::string AuthSession::_os
private

Referenced by HandleLogonChallenge(), HandleLogonProof(), HandleReconnectChallenge(), and VerifyVersion().

◆ _queryProcessor

QueryCallbackProcessor AuthSession::_queryProcessor
private

Referenced by HandleLogonChallenge(), HandleRealmList(), HandleReconnectChallenge(), Start(), and Update().

◆ _reconnectProof

std::array<uint8, 16> AuthSession::_reconnectProof = {}
private

Referenced by HandleReconnectProof(), and ReconnectChallengeCallback().

◆ _sessionKey

SessionKey AuthSession::_sessionKey = {}
private

Referenced by HandleLogonProof(), HandleReconnectProof(), and ReconnectChallengeCallback().

◆ _srp6

Optional<Acore::Crypto::SRP6> AuthSession::_srp6
private

Referenced by HandleLogonProof(), and LogonChallengeCallback().

◆ _status

AuthStatus AuthSession::_status
private

Referenced by HandleLogonChallenge(), HandleLogonProof(), HandleRealmList(), HandleReconnectChallenge(), HandleReconnectProof(), LogonChallengeCallback(), ReadHandler(), RealmListCallback(), and ReconnectChallengeCallback().

◆ _totpSecret

Optional<std::vector<uint8> > AuthSession::_totpSecret
private

Referenced by HandleLogonProof(), and LogonChallengeCallback().

◆ Account

std::string AuthSession::Account

◆ AddonInfo

ByteBuffer AuthSession::AddonInfo

◆ BattlegroupID

uint32 AuthSession::BattlegroupID = 0

◆ Build

uint32 AuthSession::Build = 0

◆ Digest

Acore::Crypto::SHA1::Digest AuthSession::Digest = {}

◆ DosResponse

uint64 AuthSession::DosResponse = 0

◆ LocalChallenge

std::array<uint8, 4> AuthSession::LocalChallenge = {}

◆ LoginServerID

uint32 AuthSession::LoginServerID = 0

◆ LoginServerType

uint32 AuthSession::LoginServerType = 0

◆ RealmID

uint32 AuthSession::RealmID = 0

◆ RegionID

uint32 AuthSession::RegionID = 0