WildEgo/server
1
0
Fork 0
forked from metin2/server
Code Pull Requests Activity

change: Ignore build files, replace mysql password with Argon2.

Browse Source 
add: Missing .gitignore.
This commit is contained in:
WildEgo
2024-05-31 10:49:21 +01:00
parent ae708d9315
commit 65a81ec4a1
9 changed files with 95 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/game/CMakeLists.txt
View File

@ -30,6 +30,10 @@ target_compile_options(${PROJECT_NAME} PUBLIC -fsigned-char)
find_package(unofficial-libmysql REQUIRED)
target_link_libraries(${PROJECT_NAME} unofficial::libmysql::libmysql)
# Argon2
find_package(unofficial-argon2 CONFIG REQUIRED)
target_link_libraries(${PROJECT_NAME} unofficial::argon2::libargon2)
# Crypto++
find_package(cryptopp CONFIG REQUIRED)
target_link_libraries (${PROJECT_NAME} cryptopp::cryptopp)

52
src/game/src/db.cpp
View File

@ -284,9 +284,9 @@ void DBManager::AnalyzeReturnQuery(SQLMsg * pMsg)
MYSQL_ROW row = mysql_fetch_row(pMsg->Get()->pSQLResult);
int col = 0;
// PASSWORD('%s'), password, securitycode, social_id, id, status
char szEncrytPassword[45 + 1];
char szPassword[45 + 1];
// '%s', password, securitycode, social_id, id, status
char szPlainPassword[128 + 1];
char szHashedPassword[128 + 1];
char szMatrixCode[MATRIX_CODE_MAX_LEN + 1];
char szSocialID[SOCIAL_ID_MAX_LEN + 1];
char szStatus[ACCOUNT_STATUS_MAX_LEN + 1];
@ -296,19 +296,19 @@ void DBManager::AnalyzeReturnQuery(SQLMsg * pMsg)
{
SPDLOG_ERROR("error column {}", col);
M2_DELETE(pinfo);
break;
break;
}
strlcpy(szEncrytPassword, row[col++], sizeof(szEncrytPassword));
strlcpy(szPlainPassword, row[col++], sizeof(szPlainPassword));
if (!row[col])
{
SPDLOG_ERROR("error column {}", col);
SPDLOG_ERROR("error column {}", col);
M2_DELETE(pinfo);
break;
}
strlcpy(szPassword, row[col++], sizeof(szPassword));
break;
}
strlcpy(szHashedPassword, row[col++], sizeof(szHashedPassword));
if (!row[col])
{
@ -321,29 +321,29 @@ void DBManager::AnalyzeReturnQuery(SQLMsg * pMsg)
}
if (!row[col])
{
{
SPDLOG_ERROR("error column {}", col);
M2_DELETE(pinfo);
break;
}
}
strlcpy(szSocialID, row[col++], sizeof(szSocialID));
if (!row[col])
{
SPDLOG_ERROR("error column {}", col);
M2_DELETE(pinfo);
break;
}
str_to_number(dwID, row[col++]);
if (!row[col])
{
SPDLOG_ERROR("error column {}", col);
SPDLOG_ERROR("error column {}", col);
M2_DELETE(pinfo);
break;
}
}
str_to_number(dwID, row[col++]);
if (!row[col])
{
SPDLOG_ERROR("error column {}", col);
M2_DELETE(pinfo);
break;
}
strlcpy(szStatus, row[col++], sizeof(szStatus));
@ -374,9 +374,9 @@ void DBManager::AnalyzeReturnQuery(SQLMsg * pMsg)
SPDLOG_DEBUG("Create_Time {} {}", retValue, szCreateDate);
SPDLOG_DEBUG("Block Time {} ", strncmp(szCreateDate, g_stBlockDate.c_str(), 8));
int nPasswordDiff = strcmp(szEncrytPassword, szPassword);
bool loginStatus = hash_secure_verify(szHashedPassword, szPlainPassword);
if (nPasswordDiff)
if (!loginStatus)
{
LoginFailure(d, "WRONGPWD");
SPDLOG_DEBUG(" WRONGPWD");

49
src/game/src/input_auth.cpp
View File

@ -55,7 +55,7 @@ void CInputAuth::Login(LPDESC d, const char * c_pData)
return;
}
// string 무결성을 위해 복사
// Copy for string integrity
char login[LOGIN_MAX_LEN + 1];
trim_and_lower(pinfo->login, login, sizeof(login));
@ -106,41 +106,18 @@ void CInputAuth::Login(LPDESC d, const char * c_pData)
char szLogin[LOGIN_MAX_LEN * 2 + 1];
DBManager::instance().EscapeString(szLogin, sizeof(szLogin), login, strlen(login));
// CHANNEL_SERVICE_LOGIN
if (Login_IsInChannelService(szLogin))
{
SPDLOG_DEBUG("ChannelServiceLogin [{}]", szLogin);
DBManager::instance().ReturnQuery(QID_AUTH_LOGIN, dwKey, p,
"SELECT '%s',password,securitycode,social_id,id,status,availDt - NOW() > 0,"
"UNIX_TIMESTAMP(silver_expire),"
"UNIX_TIMESTAMP(gold_expire),"
"UNIX_TIMESTAMP(safebox_expire),"
"UNIX_TIMESTAMP(autoloot_expire),"
"UNIX_TIMESTAMP(fish_mind_expire),"
"UNIX_TIMESTAMP(marriage_fast_expire),"
"UNIX_TIMESTAMP(money_drop_rate_expire),"
"UNIX_TIMESTAMP(create_time)"
" FROM account WHERE login='%s'",
szPasswd, szLogin);
}
// END_OF_CHANNEL_SERVICE_LOGIN
else
{
DBManager::instance().ReturnQuery(QID_AUTH_LOGIN, dwKey, p,
"SELECT PASSWORD('%s'),password,securitycode,social_id,id,status,availDt - NOW() > 0,"
"UNIX_TIMESTAMP(silver_expire),"
"UNIX_TIMESTAMP(gold_expire),"
"UNIX_TIMESTAMP(safebox_expire),"
"UNIX_TIMESTAMP(autoloot_expire),"
"UNIX_TIMESTAMP(fish_mind_expire),"
"UNIX_TIMESTAMP(marriage_fast_expire),"
"UNIX_TIMESTAMP(money_drop_rate_expire),"
"UNIX_TIMESTAMP(create_time)"
" FROM account WHERE login='%s'",
szPasswd, szLogin);
}
DBManager::instance().ReturnQuery(QID_AUTH_LOGIN, dwKey, p,
"SELECT '%s',password,securitycode,social_id,id,status,availDt - NOW() > 0,"
"UNIX_TIMESTAMP(silver_expire),"
"UNIX_TIMESTAMP(gold_expire),"
"UNIX_TIMESTAMP(safebox_expire),"
"UNIX_TIMESTAMP(autoloot_expire),"
"UNIX_TIMESTAMP(fish_mind_expire),"
"UNIX_TIMESTAMP(marriage_fast_expire),"
"UNIX_TIMESTAMP(money_drop_rate_expire),"
"UNIX_TIMESTAMP(create_time)"
" FROM account WHERE login='%s'",
szPasswd, szLogin);
}
int CInputAuth::Analyze(LPDESC d, BYTE bHeader, const char * c_pData)

6
src/game/src/utils.cpp
View File

@ -1,5 +1,11 @@
#include <argon2.h>
#include "stdafx.h"
bool hash_secure_verify(const char *hashed_pwd, const char *plain_pwd)
{
return argon2id_verify(hashed_pwd, plain_pwd, strlen(plain_pwd)) == ARGON2_OK;
}
static int global_time_gap = 0;
time_t get_global_time()

2
src/game/src/utils.h
View File

@ -9,6 +9,8 @@
#define REMOVE_BIT(var, bit) ((var) &= ~(bit))
#define TOGGLE_BIT(var, bit) ((var) = (var) ^ (bit))
bool hash_secure_verify(const char *, const char *);
inline float DISTANCE_SQRT(int dx, int dy)
{
return ::sqrt((float)dx * dx + (float)dy * dy);