623 lines
14 KiB
C++
623 lines
14 KiB
C++
#include "stdafx.h"
|
|
#include "constants.h"
|
|
#include "config.h"
|
|
#include "input.h"
|
|
#include "desc_client.h"
|
|
#include "desc_manager.h"
|
|
#include "protocol.h"
|
|
#include "matrix_card.h"
|
|
#include "passpod.h"
|
|
#include "locale_service.h"
|
|
#include "auth_brazil.h"
|
|
#include "db.h"
|
|
|
|
#ifndef __WIN32__
|
|
#include "limit_time.h"
|
|
#endif
|
|
|
|
extern time_t get_global_time();
|
|
extern int openid_server;
|
|
|
|
bool FN_IS_VALID_LOGIN_STRING(const char *str)
|
|
{
|
|
const char* tmp;
|
|
|
|
if (!str || !*str)
|
|
return false;
|
|
|
|
if (strlen(str) < 2)
|
|
return false;
|
|
|
|
for (tmp = str; *tmp; ++tmp)
|
|
{
|
|
// 알파벳과 수자만 허용
|
|
if (isdigit(*tmp) || isalpha(*tmp))
|
|
continue;
|
|
|
|
// 캐나다는 몇몇 특수문자 허용
|
|
if (LC_IsCanada())
|
|
{
|
|
switch (*tmp)
|
|
{
|
|
case ' ':
|
|
case '_':
|
|
case '-':
|
|
case '.':
|
|
case '!':
|
|
case '@':
|
|
case '#':
|
|
case '$':
|
|
case '%':
|
|
case '^':
|
|
case '&':
|
|
case '*':
|
|
case '(':
|
|
case ')':
|
|
continue;
|
|
}
|
|
}
|
|
|
|
if (LC_IsYMIR() == true || LC_IsKorea() == true)
|
|
{
|
|
switch (*tmp)
|
|
{
|
|
case '-' :
|
|
case '_' :
|
|
continue;
|
|
}
|
|
}
|
|
|
|
if (LC_IsBrazil() == true)
|
|
{
|
|
switch (*tmp)
|
|
{
|
|
case '_' :
|
|
case '-' :
|
|
case '=' :
|
|
continue;
|
|
}
|
|
}
|
|
|
|
if (LC_IsJapan() == true)
|
|
{
|
|
switch (*tmp)
|
|
{
|
|
case '-' :
|
|
case '_' :
|
|
case '@':
|
|
case '#':
|
|
continue;
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
bool Login_IsInChannelService(const char* c_login)
|
|
{
|
|
if (c_login[0] == '[')
|
|
return true;
|
|
return false;
|
|
}
|
|
|
|
CInputAuth::CInputAuth()
|
|
{
|
|
}
|
|
|
|
void CInputAuth::Login(LPDESC d, const char * c_pData)
|
|
{
|
|
extern bool Metin2Server_IsInvalid();
|
|
|
|
#ifdef ENABLE_LIMIT_TIME
|
|
if (Metin2Server_IsInvalid())
|
|
{
|
|
extern void ClearAdminPages();
|
|
ClearAdminPages();
|
|
exit(1);
|
|
return;
|
|
}
|
|
#endif
|
|
TPacketCGLogin3 * pinfo = (TPacketCGLogin3 *) c_pData;
|
|
|
|
if (!g_bAuthServer)
|
|
{
|
|
sys_err ("CInputAuth class is not for game server. IP %s might be a hacker.",
|
|
inet_ntoa(d->GetAddr().sin_addr));
|
|
d->DelayedDisconnect(5);
|
|
return;
|
|
}
|
|
|
|
// string 무결성을 위해 복사
|
|
char login[LOGIN_MAX_LEN + 1];
|
|
trim_and_lower(pinfo->login, login, sizeof(login));
|
|
|
|
char passwd[PASSWD_MAX_LEN + 1];
|
|
strncpy(passwd, pinfo->passwd, sizeof(passwd));
|
|
|
|
sys_log(0, "InputAuth::Login : %s(%d) desc %p",
|
|
login, strlen(login), get_pointer(d));
|
|
|
|
// check login string
|
|
if (false == FN_IS_VALID_LOGIN_STRING(login))
|
|
{
|
|
sys_log(0, "InputAuth::Login : IS_NOT_VALID_LOGIN_STRING(%s) desc %p",
|
|
login, get_pointer(d));
|
|
LoginFailure(d, "NOID");
|
|
return;
|
|
}
|
|
|
|
if (g_bNoMoreClient)
|
|
{
|
|
TPacketGCLoginFailure failurePacket;
|
|
|
|
failurePacket.header = HEADER_GC_LOGIN_FAILURE;
|
|
strncpy(failurePacket.szStatus, "SHUTDOWN", sizeof(failurePacket.szStatus));
|
|
|
|
d->Packet(&failurePacket, sizeof(failurePacket));
|
|
return;
|
|
}
|
|
|
|
if (DESC_MANAGER::instance().FindByLoginName(login))
|
|
{
|
|
LoginFailure(d, "ALREADY");
|
|
return;
|
|
}
|
|
|
|
DWORD dwKey = DESC_MANAGER::instance().CreateLoginKey(d);
|
|
DWORD dwPanamaKey = dwKey ^ pinfo->adwClientKey[0] ^ pinfo->adwClientKey[1] ^ pinfo->adwClientKey[2] ^ pinfo->adwClientKey[3];
|
|
d->SetPanamaKey(dwPanamaKey);
|
|
|
|
sys_log(0, "InputAuth::Login : key %u:0x%x login %s", dwKey, dwPanamaKey, login);
|
|
|
|
// BRAZIL_AUTH
|
|
if (LC_IsBrazil() && !test_server)
|
|
{
|
|
int result = auth_brazil(login, passwd);
|
|
|
|
switch (result)
|
|
{
|
|
case AUTH_BRAZIL_SERVER_ERR:
|
|
case AUTH_BRAZIL_NOID:
|
|
LoginFailure(d, "NOID");
|
|
return;
|
|
case AUTH_BRAZIL_WRONGPWD:
|
|
LoginFailure(d, "WRONGPWD");
|
|
return;
|
|
case AUTH_BRAZIL_FLASHUSER:
|
|
LoginFailure(d, "FLASH");
|
|
return;
|
|
}
|
|
}
|
|
|
|
TPacketCGLogin3 * p = M2_NEW TPacketCGLogin3;
|
|
thecore_memcpy(p, pinfo, sizeof(TPacketCGLogin3));
|
|
|
|
char szPasswd[PASSWD_MAX_LEN * 2 + 1];
|
|
DBManager::instance().EscapeString(szPasswd, sizeof(szPasswd), passwd, strlen(passwd));
|
|
|
|
char szLogin[LOGIN_MAX_LEN * 2 + 1];
|
|
DBManager::instance().EscapeString(szLogin, sizeof(szLogin), login, strlen(login));
|
|
|
|
// CHANNEL_SERVICE_LOGIN
|
|
if (Login_IsInChannelService(szLogin))
|
|
{
|
|
sys_log(0, "ChannelServiceLogin [%s]", szLogin);
|
|
|
|
DBManager::instance().ReturnQuery(QID_AUTH_LOGIN, dwKey, p,
|
|
"SELECT '%s',password,securitycode,social_id,id,status,availDt - NOW() > 0,"
|
|
"UNIX_TIMESTAMP(silver_expire),"
|
|
"UNIX_TIMESTAMP(gold_expire),"
|
|
"UNIX_TIMESTAMP(safebox_expire),"
|
|
"UNIX_TIMESTAMP(autoloot_expire),"
|
|
"UNIX_TIMESTAMP(fish_mind_expire),"
|
|
"UNIX_TIMESTAMP(marriage_fast_expire),"
|
|
"UNIX_TIMESTAMP(money_drop_rate_expire),"
|
|
"UNIX_TIMESTAMP(create_time)"
|
|
" FROM account WHERE login='%s'",
|
|
|
|
szPasswd, szLogin);
|
|
}
|
|
// END_OF_CHANNEL_SERVICE_LOGIN
|
|
else
|
|
{
|
|
DBManager::instance().ReturnQuery(QID_AUTH_LOGIN, dwKey, p,
|
|
"SELECT PASSWORD('%s'),password,securitycode,social_id,id,status,availDt - NOW() > 0,"
|
|
"UNIX_TIMESTAMP(silver_expire),"
|
|
"UNIX_TIMESTAMP(gold_expire),"
|
|
"UNIX_TIMESTAMP(safebox_expire),"
|
|
"UNIX_TIMESTAMP(autoloot_expire),"
|
|
"UNIX_TIMESTAMP(fish_mind_expire),"
|
|
"UNIX_TIMESTAMP(marriage_fast_expire),"
|
|
"UNIX_TIMESTAMP(money_drop_rate_expire),"
|
|
"UNIX_TIMESTAMP(create_time)"
|
|
" FROM account WHERE login='%s'",
|
|
szPasswd, szLogin);
|
|
}
|
|
}
|
|
|
|
void CInputAuth::LoginOpenID(LPDESC d, const char * c_pData)
|
|
{
|
|
extern bool Metin2Server_IsInvalid();
|
|
|
|
#ifdef ENABLE_LIMIT_TIME
|
|
if (Metin2Server_IsInvalid())
|
|
{
|
|
extern void ClearAdminPages();
|
|
ClearAdminPages();
|
|
exit(1);
|
|
return;
|
|
}
|
|
#endif
|
|
//OpenID test code.
|
|
TPacketCGLogin5 *tempInfo1 = (TPacketCGLogin5 *)c_pData;
|
|
|
|
//일본 웹 서버에 인증키 확인 요청을 보낸다.
|
|
char* authKey = tempInfo1->authKey;
|
|
char returnID[LOGIN_MAX_LEN + 1] = {0};
|
|
|
|
int test_url_get_protocol = auth_OpenID(authKey, inet_ntoa(d->GetAddr().sin_addr), returnID);
|
|
|
|
//인증 실패. 에러 처리
|
|
if (0!=test_url_get_protocol)
|
|
{
|
|
LoginFailure(d, "OpenID Fail");
|
|
return;
|
|
}
|
|
|
|
TPacketCGLogin3 tempInfo2;
|
|
strncpy(tempInfo2.login, returnID, LOGIN_MAX_LEN);
|
|
strncpy(tempInfo2.passwd, "0000", PASSWD_MAX_LEN);
|
|
for(int i=0;i<4;i++)
|
|
tempInfo2.adwClientKey[i] = tempInfo1->adwClientKey[i];
|
|
TPacketCGLogin3 * pinfo = &tempInfo2;
|
|
|
|
if (!g_bAuthServer)
|
|
{
|
|
sys_err ("CInputAuth class is not for game server. IP %s might be a hacker.",
|
|
inet_ntoa(d->GetAddr().sin_addr));
|
|
d->DelayedDisconnect(5);
|
|
return;
|
|
}
|
|
|
|
// string 무결성을 위해 복사
|
|
char login[LOGIN_MAX_LEN + 1];
|
|
trim_and_lower(pinfo->login, login, sizeof(login));
|
|
|
|
char passwd[PASSWD_MAX_LEN + 1];
|
|
strncpy(passwd, pinfo->passwd, sizeof(passwd));
|
|
|
|
sys_log(0, "InputAuth::Login : %s(%d) desc %p",
|
|
login, strlen(login), get_pointer(d));
|
|
|
|
// check login string
|
|
if (false == FN_IS_VALID_LOGIN_STRING(login))
|
|
{
|
|
sys_log(0, "InputAuth::Login : IS_NOT_VALID_LOGIN_STRING(%s) desc %p",
|
|
login, get_pointer(d));
|
|
LoginFailure(d, "NOID");
|
|
return;
|
|
}
|
|
|
|
if (g_bNoMoreClient)
|
|
{
|
|
TPacketGCLoginFailure failurePacket;
|
|
|
|
failurePacket.header = HEADER_GC_LOGIN_FAILURE;
|
|
strncpy(failurePacket.szStatus, "SHUTDOWN", sizeof(failurePacket.szStatus));
|
|
|
|
d->Packet(&failurePacket, sizeof(failurePacket));
|
|
return;
|
|
}
|
|
|
|
if (DESC_MANAGER::instance().FindByLoginName(login))
|
|
{
|
|
LoginFailure(d, "ALREADY");
|
|
return;
|
|
}
|
|
|
|
DWORD dwKey = DESC_MANAGER::instance().CreateLoginKey(d);
|
|
DWORD dwPanamaKey = dwKey ^ pinfo->adwClientKey[0] ^ pinfo->adwClientKey[1] ^ pinfo->adwClientKey[2] ^ pinfo->adwClientKey[3];
|
|
d->SetPanamaKey(dwPanamaKey);
|
|
|
|
sys_log(0, "InputAuth::Login : key %u:0x%x login %s", dwKey, dwPanamaKey, login);
|
|
|
|
// BRAZIL_AUTH
|
|
if (LC_IsBrazil() && !test_server)
|
|
{
|
|
int result = auth_brazil(login, passwd);
|
|
|
|
switch (result)
|
|
{
|
|
case AUTH_BRAZIL_SERVER_ERR:
|
|
case AUTH_BRAZIL_NOID:
|
|
LoginFailure(d, "NOID");
|
|
return;
|
|
case AUTH_BRAZIL_WRONGPWD:
|
|
LoginFailure(d, "WRONGPWD");
|
|
return;
|
|
case AUTH_BRAZIL_FLASHUSER:
|
|
LoginFailure(d, "FLASH");
|
|
return;
|
|
}
|
|
}
|
|
|
|
TPacketCGLogin3 * p = M2_NEW TPacketCGLogin3;
|
|
thecore_memcpy(p, pinfo, sizeof(TPacketCGLogin3));
|
|
|
|
char szPasswd[PASSWD_MAX_LEN * 2 + 1];
|
|
DBManager::instance().EscapeString(szPasswd, sizeof(szPasswd), passwd, strlen(passwd));
|
|
|
|
char szLogin[LOGIN_MAX_LEN * 2 + 1];
|
|
DBManager::instance().EscapeString(szLogin, sizeof(szLogin), login, strlen(login));
|
|
|
|
// CHANNEL_SERVICE_LOGIN
|
|
if (Login_IsInChannelService(szLogin))
|
|
{
|
|
sys_log(0, "ChannelServiceLogin [%s]", szLogin);
|
|
|
|
DBManager::instance().ReturnQuery(QID_AUTH_LOGIN_OPENID, dwKey, p,
|
|
"SELECT '%s',password,securitycode,social_id,id,status,availDt - NOW() > 0,"
|
|
"UNIX_TIMESTAMP(silver_expire),"
|
|
"UNIX_TIMESTAMP(gold_expire),"
|
|
"UNIX_TIMESTAMP(safebox_expire),"
|
|
"UNIX_TIMESTAMP(autoloot_expire),"
|
|
"UNIX_TIMESTAMP(fish_mind_expire),"
|
|
"UNIX_TIMESTAMP(marriage_fast_expire),"
|
|
"UNIX_TIMESTAMP(money_drop_rate_expire),"
|
|
"UNIX_TIMESTAMP(create_time)"
|
|
" FROM account WHERE login='%s'",
|
|
|
|
szPasswd, szLogin);
|
|
}
|
|
// END_OF_CHANNEL_SERVICE_LOGIN
|
|
else
|
|
{
|
|
DBManager::instance().ReturnQuery(QID_AUTH_LOGIN_OPENID, dwKey, p,
|
|
"SELECT PASSWORD('%s'),password,securitycode,social_id,id,status,availDt - NOW() > 0,"
|
|
"UNIX_TIMESTAMP(silver_expire),"
|
|
"UNIX_TIMESTAMP(gold_expire),"
|
|
"UNIX_TIMESTAMP(safebox_expire),"
|
|
"UNIX_TIMESTAMP(autoloot_expire),"
|
|
"UNIX_TIMESTAMP(fish_mind_expire),"
|
|
"UNIX_TIMESTAMP(marriage_fast_expire),"
|
|
"UNIX_TIMESTAMP(money_drop_rate_expire),"
|
|
"UNIX_TIMESTAMP(create_time)"
|
|
" FROM account WHERE login='%s'",
|
|
szPasswd, szLogin);
|
|
}
|
|
}
|
|
|
|
extern void socket_timeout(socket_t s, long sec, long usec);
|
|
|
|
//OpenID
|
|
int CInputAuth::auth_OpenID(const char *authKey, const char *ipAddr, char *rID)
|
|
{
|
|
//return value
|
|
//0 : normal execution
|
|
//1 : cannot connect to openid auth server
|
|
//2 : socket_write failed
|
|
//3 : openid auth server not reply
|
|
//4 : Reply Error
|
|
//5 : Incorrect auth key.
|
|
|
|
extern char openid_host[256];
|
|
extern char openid_uri[256];
|
|
|
|
int port = 80;
|
|
|
|
socket_t fd = socket_connect(openid_host, port);
|
|
if (fd < 0)
|
|
{
|
|
sys_err("[auth_OpenID] : could not connect to OpenID server(%s)", openid_host);
|
|
return 1;
|
|
}
|
|
|
|
socket_block(fd);
|
|
socket_timeout(fd, 3, 0);
|
|
|
|
// send request
|
|
{
|
|
char request[512];
|
|
int len = snprintf(request, sizeof(request),
|
|
//"GET /kyw/gameauth.php?auth_key=%s&ip=%s HTTP/1.1\r\n"
|
|
"GET %s?auth_key=%s&ip=%s HTTP/1.1\r\n"
|
|
"Host: %s\r\n"
|
|
"Connection: Close\r\n\r\n",
|
|
//openid_uri, authKey,ipAddr);//"aaaaa", "202.31.212.73");
|
|
//authKey,ipAddr);
|
|
//"/kyw/gameauth.php", authKey, ipAddr);
|
|
openid_uri, authKey, ipAddr, openid_host);
|
|
|
|
//#ifndef __WIN32__
|
|
// if (write(fd, request, len) < 0)
|
|
//#else
|
|
if (socket_write(fd, request, len) < 0)
|
|
//#endif
|
|
{
|
|
sys_err("[auth_OpenID] : could not send auth-request (%s)", authKey);
|
|
socket_close(fd);
|
|
return 2;
|
|
}
|
|
}
|
|
|
|
// read reply
|
|
char reply[1024] = {0};
|
|
int len;
|
|
//#ifndef __WIN32__
|
|
// len = read(fd, reply, sizeof(reply));
|
|
//#else
|
|
len = socket_read(fd, reply, sizeof(reply));
|
|
//#endif
|
|
socket_close(fd);
|
|
|
|
if (len <= 0)
|
|
{
|
|
sys_err("[auth_OpenID] : could not recv auth-reply (%s)", authKey);
|
|
return 3;
|
|
}
|
|
|
|
//결과값 파싱
|
|
char buffer[1024];
|
|
strcpy(buffer, reply);
|
|
|
|
const char *delim = "\r\n";
|
|
char *last = 0;
|
|
char *v = strtok(buffer, delim);
|
|
char *result = 0;
|
|
|
|
while (v)
|
|
{
|
|
result = v;
|
|
v = strtok(NULL, delim);
|
|
}
|
|
|
|
|
|
char *id = strtok(result, "%");
|
|
char *success = strtok(NULL, "%");
|
|
|
|
if (!*id || !*success)
|
|
{
|
|
sys_err("[auth_OpenID] : OpenID AuthServer Reply Error (%s)", reply);
|
|
return 4;
|
|
}
|
|
|
|
if (0 != strcmp("OK", success)) //에러 처리
|
|
{
|
|
int returnNumber = 0;
|
|
str_to_number(returnNumber, id);
|
|
switch (returnNumber)
|
|
{
|
|
case 1:
|
|
sys_err("[auth_OpenID] : AuthKey incorrect");
|
|
break;
|
|
case 2:
|
|
sys_err("[auth_OpenID] : ip incorrect");
|
|
break;
|
|
case 3:
|
|
sys_err("[auth_OpenID] : used AuthKey");
|
|
break;
|
|
case 4:
|
|
sys_err("[auth_OpenID] : AuthKey not delivered");
|
|
break;
|
|
case 5:
|
|
sys_err("[auth_OpenID] : ip not delivered");
|
|
break;
|
|
case 6:
|
|
sys_err("[auth_OpenID] : AuthKey time over");
|
|
break;
|
|
default:
|
|
break;
|
|
|
|
return 5;
|
|
}
|
|
}
|
|
|
|
strcpy(rID, id);
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
int CInputAuth::Analyze(LPDESC d, BYTE bHeader, const char * c_pData)
|
|
{
|
|
|
|
if (!g_bAuthServer)
|
|
{
|
|
sys_err ("CInputAuth class is not for game server. IP %s might be a hacker.",
|
|
inet_ntoa(d->GetAddr().sin_addr));
|
|
d->DelayedDisconnect(5);
|
|
return 0;
|
|
}
|
|
|
|
int iExtraLen = 0;
|
|
|
|
if (test_server)
|
|
sys_log(0, " InputAuth Analyze Header[%d] ", bHeader);
|
|
|
|
switch (bHeader)
|
|
{
|
|
case HEADER_CG_PONG:
|
|
Pong(d);
|
|
break;
|
|
|
|
case HEADER_CG_LOGIN3:
|
|
Login(d, c_pData);
|
|
break;
|
|
|
|
//2012.07.19 OpenID : 김용욱
|
|
case HEADER_CG_LOGIN5_OPENID:
|
|
if (openid_server)
|
|
LoginOpenID(d, c_pData);
|
|
else
|
|
sys_err("HEADER_CG_LOGIN5_OPENID : wrong client access");
|
|
break;
|
|
|
|
case HEADER_CG_PASSPOD_ANSWER:
|
|
PasspodAnswer(d, c_pData);
|
|
break;
|
|
|
|
case HEADER_CG_HANDSHAKE:
|
|
break;
|
|
|
|
default:
|
|
sys_err("This phase does not handle this header %d (0x%x)(phase: AUTH)", bHeader, bHeader);
|
|
break;
|
|
}
|
|
|
|
return iExtraLen;
|
|
}
|
|
|
|
void CInputAuth::PasspodAnswer(LPDESC d, const char * c_pData)
|
|
{
|
|
|
|
if (!g_bAuthServer)
|
|
{
|
|
sys_err ("CInputAuth class is not for game server. IP %s might be a hacker.",
|
|
inet_ntoa(d->GetAddr().sin_addr));
|
|
d->DelayedDisconnect(5);
|
|
return;
|
|
}
|
|
|
|
TPacketCGPasspod * packet = (TPacketCGPasspod*)c_pData;
|
|
|
|
RequestConfirmPasspod Confirm;
|
|
|
|
memcpy(Confirm.passpod, packet->szAnswer, MAX_PASSPOD + 1);
|
|
memcpy(Confirm.login, d->GetAccountTable().login, LOGIN_MAX_LEN + 1);
|
|
|
|
|
|
if (!d->GetAccountTable().id)
|
|
{
|
|
sys_err("HEADER_CG_PASSPOD_ANSWER received to desc with no account table binded");
|
|
return;
|
|
}
|
|
|
|
int ret_code = 1;
|
|
sys_log(0, "Passpod start %s %s", d->GetAccountTable().login, packet->szAnswer);
|
|
ret_code = CPasspod::instance().ConfirmPasspod(d->GetAccountTable().login, packet->szAnswer);
|
|
|
|
if (ret_code != 0)
|
|
{
|
|
sys_log(0, "PASSPOD: wrong answer: %s ret_code %d", d->GetAccountTable().login, ret_code);
|
|
|
|
LoginFailure(d, ERR_MESSAGE[ret_code]);
|
|
|
|
if (!d->CheckMatrixTryCount())
|
|
{
|
|
LoginFailure(d, "QUIT");
|
|
d->SetPhase(PHASE_CLOSE);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
sys_log(0, "PASSPOD: success: %s", d->GetAccountTable().login);
|
|
DBManager::instance().SendAuthLogin(d);
|
|
}
|
|
// g_PasspodDesc->DBPacket(HEADER_GP_CONFIRM_PASSPOD, 0, &Confirm, sizeof(Confirm));
|
|
|
|
// sys_log(0, "PASSPOD %s %d", Confirm.login, Confirm.passpod);
|
|
}
|