nchebrov/azerothcore-wotlk
1
0
Fork 0
mirror of https://github.com/mod-playerbots/azerothcore-wotlk.git synced 2026-01-31 01:23:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(Core/DB/Authserver): remove sha_pass_hash (#4827)

Browse Source
This commit is contained in:
UltraNix
2021-03-21 15:17:57 +01:00
committed by GitHub
parent e9ed6380a6
commit 485f7e7639
54 changed files with 1095 additions and 744 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
src/server/game/Accounts/AccountMgr.cpp
View File

@@ -5,11 +5,12 @@
*/
#include "AccountMgr.h"
#include "CryptoHash.h"
#include "DatabaseEnv.h"
#include "ObjectAccessor.h"
#include "Player.h"
#include "ScriptMgr.h"
#include "SHA1.h"
#include "SRP6.h"
#include "Util.h"
#include "WorldSession.h"
@@ -28,13 +29,15 @@ namespace AccountMgr
Utf8ToUpperOnlyLatin(password);
if (GetId(username))
return AOR_NAME_ALREDY_EXIST; // username does already exist
return AOR_NAME_ALREADY_EXIST; // username does already exist
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
stmt->setString(0, username);
stmt->setString(1, CalculateShaPassHash(username, password));
stmt->setInt8(2, uint8(sWorld->getIntConfig(CONFIG_EXPANSION)));
auto [salt, verifier] = acore::Crypto::SRP6::MakeRegistrationData(username, password);
stmt->setBinary(1, salt);
stmt->setBinary(2, verifier);
stmt->setInt8(3, uint8(sWorld->getIntConfig(CONFIG_EXPANSION)));
LoginDatabase.Execute(stmt);
@@ -141,11 +144,15 @@ namespace AccountMgr
Utf8ToUpperOnlyLatin(newPassword);
stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_USERNAME);
stmt->setString(0, newUsername);
stmt->setString(1, CalculateShaPassHash(newUsername, newPassword));
stmt->setUInt32(2, accountId);
stmt->setUInt32(1, accountId);
LoginDatabase.Execute(stmt);
auto [salt, verifier] = acore::Crypto::SRP6::MakeRegistrationData(newUsername, newPassword);
stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON);
stmt->setBinary(0, salt);
stmt->setBinary(1, verifier);
stmt->setUInt32(2, accountId);
LoginDatabase.Execute(stmt);
return AOR_OK;
@@ -170,11 +177,12 @@ namespace AccountMgr
Utf8ToUpperOnlyLatin(username);
Utf8ToUpperOnlyLatin(newPassword);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_PASSWORD);
stmt->setString(0, CalculateShaPassHash(username, newPassword));
stmt->setUInt32(1, accountId);
auto [salt, verifier] = acore::Crypto::SRP6::MakeRegistrationData(username, newPassword);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON);
stmt->setBinary(0, salt);
stmt->setBinary(1, verifier);
stmt->setUInt32(2, accountId);;
LoginDatabase.Execute(stmt);
sScriptMgr->OnPasswordChange(accountId);
@@ -236,10 +244,15 @@ namespace AccountMgr
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_CHECK_PASSWORD);
stmt->setUInt32(0, accountId);
stmt->setString(1, CalculateShaPassHash(username, password));
PreparedQueryResult result = LoginDatabase.Query(stmt);
if (PreparedQueryResult result = LoginDatabase.Query(stmt))
{
acore::Crypto::SRP6::Salt salt = (*result)[0].GetBinary<acore::Crypto::SRP6::SALT_LENGTH>();
acore::Crypto::SRP6::Verifier verifier = (*result)[1].GetBinary<acore::Crypto::SRP6::VERIFIER_LENGTH>();
if (acore::Crypto::SRP6::CheckLogin(username, password, salt, verifier))
return true;
}
return !!result;
return false;
}
uint32 GetCharactersCount(uint32 accountId)
@@ -252,18 +265,6 @@ namespace AccountMgr
return (result) ? (*result)[0].GetUInt64() : 0;
}
std::string CalculateShaPassHash(std::string const& name, std::string const& password)
{
SHA1Hash sha;
sha.Initialize();
sha.UpdateData(name);
sha.UpdateData(":");
sha.UpdateData(password);
sha.Finalize();
return ByteArrayToHexStr(sha.GetDigest(), sha.GetLength());
}
bool IsPlayerAccount(uint32 gmlevel)
{
return gmlevel == SEC_PLAYER;

3
src/server/game/Accounts/AccountMgr.h
View File

@@ -15,7 +15,7 @@ enum AccountOpResult
AOR_OK,
AOR_NAME_TOO_LONG,
AOR_PASS_TOO_LONG,
AOR_NAME_ALREDY_EXIST,
AOR_NAME_ALREADY_EXIST,
AOR_NAME_NOT_EXIST,
AOR_DB_INTERNAL_ERROR
};
@@ -36,7 +36,6 @@ namespace AccountMgr
uint32 GetSecurity(uint32 accountId, int32 realmId);
bool GetName(uint32 accountId, std::string& name);
uint32 GetCharactersCount(uint32 accountId);
std::string CalculateShaPassHash(std::string const& name, std::string const& password);
bool IsPlayerAccount(uint32 gmlevel);
bool IsGMAccount(uint32 gmlevel);

4
src/server/game/Guilds/Guild.cpp
View File

@@ -1740,7 +1740,7 @@ void Guild::HandleMemberDepositMoney(WorldSession* session, uint32 amount)
CharacterDatabase.CommitTransaction(trans);
std::string aux = ByteArrayToHexStr(reinterpret_cast<uint8*>(&m_bankMoney), 8, true);
std::string aux = acore::Impl::ByteArrayToHexStr(reinterpret_cast<uint8*>(&m_bankMoney), 8, true);
_BroadcastEvent(GE_BANK_MONEY_SET, 0, aux.c_str());
if (amount > 10 * GOLD)
@@ -1789,7 +1789,7 @@ bool Guild::HandleMemberWithdrawMoney(WorldSession* session, uint32 amount, bool
if (amount > 10 * GOLD)
CharacterDatabase.PExecute("INSERT INTO log_money VALUES(%u, %u, \"%s\", \"%s\", %u, \"%s\", %u, \"<GB WITHDRAW> %s (guild id: %u, members: %u, new amount: %u, leader guid low: %u, char level: %u)\", NOW())", session->GetAccountId(), player->GetGUIDLow(), player->GetName().c_str(), session->GetRemoteAddress().c_str(), 0, "", amount, GetName().c_str(), GetId(), GetMemberCount(), GetTotalBankMoney(), (uint32)(GetLeaderGUID() & 0xFFFFFFFF), player->getLevel());
std::string aux = ByteArrayToHexStr(reinterpret_cast<uint8*>(&m_bankMoney), 8, true);
std::string aux = acore::Impl::ByteArrayToHexStr(reinterpret_cast<uint8*>(&m_bankMoney), 8, true);
_BroadcastEvent(GE_BANK_MONEY_SET, 0, aux.c_str());
return true;
}

1
src/server/game/Handlers/MiscHandler.cpp
View File

@@ -32,7 +32,6 @@
#include "Pet.h"
#include "Player.h"
#include "ScriptMgr.h"
#include "SHA1.h"
#include "SocialMgr.h"
#include "Spell.h"
#include "UpdateData.h"

2
src/server/game/Server/WorldSession.cpp
View File

@@ -1331,7 +1331,7 @@ void WorldSession::ProcessQueryCallbackLogin()
}
}
void WorldSession::InitWarden(BigNumber* k, std::string const& os)
void WorldSession::InitWarden(SessionKey const& k, std::string const& os)
{
if (os == "Win")
{

4
src/server/game/Server/WorldSession.h
View File

@@ -12,10 +12,10 @@
#define __WORLDSESSION_H
#include "AccountMgr.h"
#include "AuthDefines.h"
#include "AddonMgr.h"
#include "BanManager.h"
#include "Common.h"
#include "Cryptography/BigNumber.h"
#include "DatabaseEnv.h"
#include "GossipDef.h"
#include "Opcodes.h"
@@ -239,7 +239,7 @@ public:
void SetTotalTime(uint32 TotalTime) { m_total_time = TotalTime; }
uint32 GetTotalTime() const { return m_total_time; }
void InitWarden(BigNumber* k, std::string const& os);
void InitWarden(SessionKey const&, std::string const& os);
/// Session in auth.queue currently
void SetInQueue(bool state) { m_inQueue = state; }

56
src/server/game/Server/WorldSocket.cpp
View File

@@ -8,13 +8,14 @@
#include "BigNumber.h"
#include "ByteBuffer.h"
#include "Common.h"
#include "CryptoHash.h"
#include "CryptoRandom.h"
#include "DatabaseEnv.h"
#include "Log.h"
#include "Opcodes.h"
#include "PacketLog.h"
#include "Player.h"
#include "ScriptMgr.h"
#include "SHA1.h"
#include "SharedDefines.h"
#include "Util.h"
#include "World.h"
@@ -92,9 +93,10 @@ struct ClientPktHeader
WorldSocket::WorldSocket(void): WorldHandler(),
m_LastPingTime(SystemTimePoint::min()), m_OverSpeedPings(0), m_Session(0),
m_RecvWPct(0), m_RecvPct(), m_Header(sizeof (ClientPktHeader)),
m_OutBuffer(0), m_OutBufferSize(65536), m_OutActive(false),
m_Seed(static_cast<uint32> (rand32()))
m_OutBuffer(0), m_OutBufferSize(65536), m_OutActive(false)
{
acore::Crypto::GetRandomBytes(m_Seed);
reference_counting_policy().value (ACE_Event_Handler::Reference_Counting_Policy::ENABLED);
msg_queue()->high_water_mark(8 * 1024 * 1024);
@@ -157,7 +159,9 @@ int WorldSocket::SendPacket(WorldPacket const& pct)
sPacketLog->LogPacket(pct, SERVER_TO_CLIENT);
ServerPktHeader header(pct.size() + 2, pct.GetOpcode());
m_Crypt.EncryptSend ((uint8*)header.header, header.getHeaderLength());
if (m_Crypt.IsInitialized())
m_Crypt.EncryptSend((uint8*)header.header, header.getHeaderLength());
if (m_OutBuffer->space() >= pct.size() + header.getHeaderLength() && msg_queue()->is_empty())
{
@@ -235,15 +239,8 @@ int WorldSocket::open(void* a)
// Send startup packet.
WorldPacket packet (SMSG_AUTH_CHALLENGE, 24);
packet << uint32(1); // 1...31
packet << m_Seed;
BigNumber seed1;
seed1.SetRand(16 * 8);
packet.append(seed1.AsByteArray(16).get(), 16); // new encryption seeds
BigNumber seed2;
seed2.SetRand(16 * 8);
packet.append(seed2.AsByteArray(16).get(), 16); // new encryption seeds
packet.append(m_Seed);
packet.append(acore::Crypto::GetRandomBytes<32>()); // new encryption seeds
if (SendPacket(packet) == -1)
return -1;
@@ -470,7 +467,8 @@ int WorldSocket::handle_input_header(void)
ACE_ASSERT (m_Header.length() == sizeof(ClientPktHeader));
m_Crypt.DecryptRecv ((uint8*) m_Header.rd_ptr(), sizeof(ClientPktHeader));
if (m_Crypt.IsInitialized())
m_Crypt.DecryptRecv((uint8*) m_Header.rd_ptr(), sizeof(ClientPktHeader));
ClientPktHeader& header = *((ClientPktHeader*) m_Header.rd_ptr());
@@ -736,8 +734,6 @@ int WorldSocket::ProcessIncoming(WorldPacket* new_pct)
int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
{
// NOTE: ATM the socket is singlethread, have this in mind ...
uint8 digest[20];
uint32 clientSeed;
uint32 loginServerID, loginServerType, regionID, battlegroupID, realm;
uint64 DosResponse;
uint32 BuiltNumberClient;
@@ -747,10 +743,10 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
//uint8 expansion = 0;
LocaleConstant locale;
std::string account;
SHA1Hash sha;
WorldPacket packet, SendAddonPacked;
std::array<uint8, 4> clientSeed;
acore::Crypto::SHA1::Digest digest;
BigNumber k;
bool wardenActive = sWorld->getBoolConfig(CONFIG_WARDEN_ENABLED);
if (sWorld->IsClosed())
@@ -768,12 +764,12 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
recvPacket >> loginServerID;
recvPacket >> account;
recvPacket >> loginServerType;
recvPacket >> clientSeed;
recvPacket.read(clientSeed);
recvPacket >> regionID;
recvPacket >> battlegroupID;
recvPacket >> realm;
recvPacket >> DosResponse;
recvPacket.read(digest, 20);
recvPacket.read(digest);
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outStaticDebug ("WorldSocket::HandleAuthSession: client %u, loginServerID %u, account %s, loginServerType %u, clientseed %u", BuiltNumberClient, loginServerID, account.c_str(), loginServerType, clientSeed);
@@ -843,7 +839,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
security = SEC_ADMINISTRATOR;
*/
k.SetHexStr (fields[1].GetCString());
SessionKey sessionKey = fields[1].GetBinary<SESSION_KEY_LENGTH>();
int64 mutetime = fields[6].GetInt64();
//! Negative mutetime indicates amount of seconds to be muted effective on next login - which is now.
@@ -934,17 +930,17 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
}
// Check that Key and account name are the same on client and server
uint32 t = 0;
uint32 seed = m_Seed;
uint8 t[4] = { 0x00, 0x00, 0x00, 0x00 };
acore::Crypto::SHA1 sha;
sha.UpdateData (account);
sha.UpdateData ((uint8*) & t, 4);
sha.UpdateData ((uint8*) & clientSeed, 4);
sha.UpdateData ((uint8*) & seed, 4);
sha.UpdateBigNumbers (&k, nullptr);
sha.UpdateData(t);
sha.UpdateData(clientSeed);
sha.UpdateData(m_Seed);
sha.UpdateData(sessionKey);
sha.Finalize();
if (memcmp (sha.GetDigest(), digest, 20))
if (sha.GetDigest() != digest)
{
packet.Initialize (SMSG_AUTH_RESPONSE, 1);
packet << uint8 (AUTH_FAILED);
@@ -984,7 +980,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
// NOTE ATM the socket is single-threaded, have this in mind ...
ACE_NEW_RETURN(m_Session, WorldSession(id, this, AccountTypes(security), expansion, mutetime, locale, recruiter, isRecruiter, skipQueue, TotalTime), -1);
m_Crypt.Init(&k);
m_Crypt.Init(sessionKey);
// First reject the connection if packet contains invalid data or realm state doesn't allow logging in
if (sWorld->IsClosed())
@@ -1019,7 +1015,7 @@ int WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
// Initialize Warden system only if it is enabled by config
if (wardenActive)
m_Session->InitWarden(&k, os);
m_Session->InitWarden(sessionKey, os);
// Sleep this Network thread for
uint32 sleepTime = sWorld->getIntConfig(CONFIG_SESSION_ADD_DELAY);

2
src/server/game/Server/WorldSocket.h
View File

@@ -189,7 +189,7 @@ private:
/// True if the socket is registered with the reactor for output
bool m_OutActive;
uint32 m_Seed;
std::array<uint8, 4> m_Seed;
};
#endif /* _WORLDSOCKET_H */

6
src/server/game/Warden/Warden.cpp
View File

@@ -20,7 +20,7 @@
#include <openssl/md5.h>
#include <openssl/sha.h>
Warden::Warden() : _session(nullptr), _inputCrypto(16), _outputCrypto(16), _checkTimer(10000/*10 sec*/), _clientResponseTimer(0),
Warden::Warden() : _session(nullptr), _checkTimer(10000/*10 sec*/), _clientResponseTimer(0),
_dataSent(false), _module(nullptr), _initialized(false)
{
memset(_inputKey, 0, sizeof(_inputKey));
@@ -125,12 +125,12 @@ void Warden::Update(uint32 const diff)
void Warden::DecryptData(uint8* buffer, uint32 length)
{
_inputCrypto.UpdateData(length, buffer);
_inputCrypto.UpdateData(buffer, length);
}
void Warden::EncryptData(uint8* buffer, uint32 length)
{
_outputCrypto.UpdateData(length, buffer);
_outputCrypto.UpdateData(buffer, length);
}
bool Warden::IsValidCheckSum(uint32 checksum, const uint8* data, const uint16 length)

12
src/server/game/Warden/Warden.h
View File

@@ -7,11 +7,11 @@
#ifndef _WARDEN_BASE_H
#define _WARDEN_BASE_H
#include "ARC4.h"
#include "AuthDefines.h"
#include "ByteBuffer.h"
#include "Cryptography/ARC4.h"
#include "Cryptography/BigNumber.h"
#include "WardenCheckMgr.h"
#include <map>
#include <array>
enum WardenOpcodes
{
@@ -97,7 +97,7 @@ public:
Warden();
virtual ~Warden();
virtual void Init(WorldSession* session, BigNumber* k) = 0;
virtual void Init(WorldSession* session, SessionKey const& k) = 0;
virtual ClientWardenModule* GetModuleForClient() = 0;
virtual void InitializeModule() = 0;
virtual void RequestHash() = 0;
@@ -123,8 +123,8 @@ private:
uint8 _inputKey[16];
uint8 _outputKey[16];
uint8 _seed[16];
ARC4 _inputCrypto;
ARC4 _outputCrypto;
acore::Crypto::ARC4 _inputCrypto;
acore::Crypto::ARC4 _outputCrypto;
uint32 _checkTimer; // Timer for sending check requests
uint32 _clientResponseTimer; // Timer for client response delay
bool _dataSent;

22
src/server/game/Warden/WardenCheckMgr.cpp
View File

@@ -103,16 +103,6 @@ void WardenCheckMgr::LoadWardenChecks()
{
WardenCheckResult wr;
wr.Result.SetHexStr(checkResult.c_str());
int len = static_cast<int>(checkResult.size()) / 2;
if (wr.Result.GetNumBytes() < len)
{
uint8* temp = new uint8[len];
memset(temp, 0, len);
memcpy(temp, wr.Result.AsByteArray().get(), wr.Result.GetNumBytes());
std::reverse(temp, temp + len);
wr.Result.SetBinary((uint8*)temp, len);
delete [] temp;
}
CheckResultStore[id] = wr;
}
@@ -148,19 +138,7 @@ void WardenCheckMgr::LoadWardenChecks()
default:
{
if (checkType == PAGE_CHECK_A || checkType == PAGE_CHECK_B || checkType == DRIVER_CHECK)
{
wardenCheck.Data.SetHexStr(data.c_str());
int len = static_cast<int>(data.size()) / 2;
if (wardenCheck.Data.GetNumBytes() < len)
{
uint8 temp[24];
memset(temp, 0, len);
memcpy(temp, wardenCheck.Data.AsByteArray().get(), wardenCheck.Data.GetNumBytes());
std::reverse(temp, temp + len);
wardenCheck.Data.SetBinary((uint8*)temp, len);
}
}
CheckIdPool[WARDEN_CHECK_OTHER_TYPE].push_back(id);
break;

28
src/server/game/Warden/WardenMac.cpp
View File

@@ -6,10 +6,10 @@
#include "ByteBuffer.h"
#include "Common.h"
#include "WardenKeyGeneration.h"
#include "Log.h"
#include "Opcodes.h"
#include "Player.h"
#include "SessionKeyGenerator.h"
#include "Util.h"
#include "WardenMac.h"
#include "WardenModuleMac.h"
@@ -26,11 +26,11 @@ WardenMac::~WardenMac()
{
}
void WardenMac::Init(WorldSession* pClient, BigNumber* K)
void WardenMac::Init(WorldSession* pClient, SessionKey const& K)
{
_session = pClient;
// Generate Warden Key
SHA1Randx WK(K->AsByteArray().get(), K->GetNumBytes());
SessionKeyGenerator<acore::Crypto::SHA1> WK(K);
WK.Generate(_inputKey, 16);
WK.Generate(_outputKey, 16);
/*
@@ -48,17 +48,17 @@ void WardenMac::Init(WorldSession* pClient, BigNumber* K)
_outputCrypto.Init(_outputKey);
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "Server side warden for client %u initializing...", pClient->GetAccountId());
sLog->outDebug(LOG_FILTER_WARDEN, "C->S Key: %s", ByteArrayToHexStr(_inputKey, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "S->C Key: %s", ByteArrayToHexStr(_outputKey, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, " Seed: %s", ByteArrayToHexStr(_seed, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "C->S Key: %s", acore::Impl::ByteArrayToHexStr(_inputKey).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "S->C Key: %s", acore::Impl::ByteArrayToHexStr(_outputKey).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, " Seed: %s", acore::Impl::ByteArrayToHexStr(_seed).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "Loading Module...");
#endif
_module = GetModuleForClient();
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "Module Key: %s", ByteArrayToHexStr(_module->Key, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "Module ID: %s", ByteArrayToHexStr(_module->Id, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "Module Key: %s", acore::Impl::ByteArrayToHexStr(_module->Key).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "Module ID: %s", acore::Impl::ByteArrayToHexStr(_module->Id).c_str());
#endif
RequestModule();
}
@@ -154,14 +154,14 @@ void WardenMac::HandleHashResult(ByteBuffer& buff)
buff.rpos(buff.wpos());
SHA1Hash sha1;
acore::Crypto::SHA1 sha1;
sha1.UpdateData((uint8*)keyIn, 16);
sha1.Finalize();
//const uint8 validHash[20] = { 0x56, 0x8C, 0x05, 0x4C, 0x78, 0x1A, 0x97, 0x2A, 0x60, 0x37, 0xA2, 0x29, 0x0C, 0x22, 0xB5, 0x25, 0x71, 0xA0, 0x6F, 0x4E };
// Verify key
if (memcmp(buff.contents() + 1, sha1.GetDigest(), 20) != 0)
if (memcmp(buff.contents() + 1, sha1.GetDigest().data(), 20) != 0)
{
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "Request hash reply: failed");
@@ -242,16 +242,16 @@ void WardenMac::HandleData(ByteBuffer& buff)
std::string str = "Test string!";
SHA1Hash sha1;
acore::Crypto::SHA1 sha1;
sha1.UpdateData(str);
uint32 magic = 0xFEEDFACE; // unsure
sha1.UpdateData((uint8*)&magic, 4);
sha1.Finalize();
uint8 sha1Hash[20];
buff.read(sha1Hash, 20);
std::array<uint8, acore::Crypto::SHA1::DIGEST_LENGTH> sha1Hash;
buff.read(sha1Hash.data(), sha1Hash.size());
if (memcmp(sha1Hash, sha1.GetDigest(), 20))
if (sha1Hash != sha1.GetDigest())
{
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "Handle data failed: SHA1 hash is wrong!");

3
src/server/game/Warden/WardenMac.h
View File

@@ -9,7 +9,6 @@
#include "ByteBuffer.h"
#include "ARC4.h"
#include "BigNumber.h"
#include "Warden.h"
#include <map>
@@ -22,7 +21,7 @@ public:
WardenMac();
~WardenMac() override;
void Init(WorldSession* session, BigNumber* k) override;
void Init(WorldSession* session, SessionKey const& k) override;
ClientWardenModule* GetModuleForClient() override;
void InitializeModule() override;
void RequestHash() override;

54
src/server/game/Warden/WardenWin.cpp
View File

@@ -7,12 +7,13 @@
#include "AccountMgr.h"
#include "ByteBuffer.h"
#include "Common.h"
#include "Cryptography/HMACSHA1.h"
#include "Cryptography/WardenKeyGeneration.h"
#include "CryptoRandom.h"
#include "Database/DatabaseEnv.h"
#include "HMAC.h"
#include "Log.h"
#include "Opcodes.h"
#include "Player.h"
#include "SessionKeyGenerator.h"
#include "Util.h"
#include "WardenCheckMgr.h"
#include "WardenModuleWin.h"
@@ -38,7 +39,7 @@ static constexpr uint8 GetCheckPacketBaseSize(uint8 type)
case LUA_EVAL_CHECK: return 1 + sizeof(_luaEvalPrefix) - 1 + sizeof(_luaEvalMidfix) - 1 + 4 + sizeof(_luaEvalPostfix) - 1;
case PAGE_CHECK_A: return (4 + 1);
case PAGE_CHECK_B: return (4 + 1);
case MODULE_CHECK: return (4 + SHA_DIGEST_LENGTH);
case MODULE_CHECK: return (4 + acore::Crypto::Constants::SHA1_DIGEST_LENGTH_BYTES);
case MEM_CHECK: return (1 + 4 + 1);
default: return 0;
}
@@ -90,11 +91,11 @@ WardenWin::~WardenWin()
{
}
void WardenWin::Init(WorldSession* session, BigNumber* k)
void WardenWin::Init(WorldSession* session, SessionKey const& k)
{
_session = session;
// Generate Warden Key
SHA1Randx WK(k->AsByteArray().get(), k->GetNumBytes());
SessionKeyGenerator<acore::Crypto::SHA1> WK(k);
WK.Generate(_inputKey, 16);
WK.Generate(_outputKey, 16);
@@ -104,17 +105,17 @@ void WardenWin::Init(WorldSession* session, BigNumber* k)
_outputCrypto.Init(_outputKey);
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "Server side warden for client %u initializing...", session->GetAccountId());
sLog->outDebug(LOG_FILTER_WARDEN, "C->S Key: %s", ByteArrayToHexStr(_inputKey, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "S->C Key: %s", ByteArrayToHexStr(_outputKey, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, " Seed: %s", ByteArrayToHexStr(_seed, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "C->S Key: %s", acore::Impl::ByteArrayToHexStr(_inputKey).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "S->C Key: %s", acore::Impl::ByteArrayToHexStr(_outputKey).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, " Seed: %s", acore::Impl::ByteArrayToHexStr(_seed).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "Loading Module...");
#endif
_module = GetModuleForClient();
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "Module Key: %s", ByteArrayToHexStr(_module->Key, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "Module ID: %s", ByteArrayToHexStr(_module->Id, 16).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "Module Key: %s", acore::Impl::ByteArrayToHexStr(_module->Key).c_str());
sLog->outDebug(LOG_FILTER_WARDEN, "Module ID: %s", acore::Impl::ByteArrayToHexStr(_module->Id).c_str());
#endif
RequestModule();
}
@@ -158,7 +159,7 @@ void WardenWin::InitializeModule()
Request.Function1[1] = 0x000218C0; // 0x00400000 + 0x000218C0 SFileGetFileSize
Request.Function1[2] = 0x00022530; // 0x00400000 + 0x00022530 SFileReadFile
Request.Function1[3] = 0x00022910; // 0x00400000 + 0x00022910 SFileCloseFile
Request.CheckSumm1 = BuildChecksum(&Request.Unk1, SHA_DIGEST_LENGTH);
Request.CheckSumm1 = BuildChecksum(&Request.Unk1, acore::Crypto::Constants::SHA1_DIGEST_LENGTH_BYTES);
Request.Command2 = WARDEN_SMSG_MODULE_INITIALIZE;
Request.Size2 = 8;
@@ -223,7 +224,7 @@ void WardenWin::HandleHashResult(ByteBuffer& buff)
buff.rpos(buff.wpos());
// Verify key
if (memcmp(buff.contents() + 1, Module.ClientKeySeedHash, SHA_DIGEST_LENGTH) != 0)
if (memcmp(buff.contents() + 1, Module.ClientKeySeedHash, acore::Crypto::Constants::SHA1_DIGEST_LENGTH_BYTES) != 0)
{
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "Request hash reply: failed");
@@ -396,8 +397,8 @@ void WardenWin::RequestChecks()
case PAGE_CHECK_A:
case PAGE_CHECK_B:
{
BigNumber tempNumber = check->Data;
buff.append(tempNumber.AsByteArray(0, false).get(), tempNumber.GetNumBytes());
std::vector<uint8> data = check->Data.ToByteVector(0, false);
buff.append(data.data(), data.size());
buff << uint32(check->Address);
buff << uint8(check->Length);
break;
@@ -410,19 +411,16 @@ void WardenWin::RequestChecks()
}
case DRIVER_CHECK:
{
BigNumber tempNumber = check->Data;
buff.append(tempNumber.AsByteArray(0, false).get(), tempNumber.GetNumBytes());
std::vector<uint8> data = check->Data.ToByteVector(0, false);
buff.append(data.data(), data.size());
buff << uint8(index++);
break;
}
case MODULE_CHECK:
{
uint32 seed = rand32();
buff << uint32(seed);
HmacHash hmac(4, (uint8*)&seed);
hmac.UpdateData(check->Str);
hmac.Finalize();
buff.append(hmac.GetDigest(), hmac.GetLength());
std::array<uint8, 4> seed = acore::Crypto::GetRandomBytes<4>();
buff.append(seed);
buff.append(acore::Crypto::HMAC_SHA1::GetDigestOf(seed, check->Str));
break;
}
/*case PROC_CHECK:
@@ -542,8 +540,9 @@ void WardenWin::HandleData(ByteBuffer& buff)
}
WardenCheckResult const* rs = sWardenCheckMgr->GetWardenResultById(checkId);
BigNumber tempNumber = rs->Result;
if (memcmp(buff.contents() + buff.rpos(), tempNumber.AsByteArray(0, false).get(), rd->Length) != 0)
std::vector<uint8> result = rs->Result.ToByteVector(0, false);
if (memcmp(buff.contents() + buff.rpos(), result.data(), rd->Length) != 0)
{
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "RESULT MEM_CHECK fail CheckId %u account Id %u", checkId, _session->GetAccountId());
@@ -622,18 +621,17 @@ void WardenWin::HandleData(ByteBuffer& buff)
}
WardenCheckResult const* rs = sWardenCheckMgr->GetWardenResultById(checkId);
BigNumber tempNumber = rs->Result;
if (memcmp(buff.contents() + buff.rpos(), tempNumber.AsByteArray(0, false).get(), SHA_DIGEST_LENGTH) != 0) // SHA1
if (memcmp(buff.contents() + buff.rpos(), rs->Result.ToByteArray<20>(false).data(), acore::Crypto::Constants::SHA1_DIGEST_LENGTH_BYTES) != 0) // SHA1
{
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "RESULT MPQ_CHECK fail, CheckId %u account Id %u", checkId, _session->GetAccountId());
#endif
checkFailed = checkId;
buff.rpos(buff.rpos() + SHA_DIGEST_LENGTH); // 20 bytes SHA1
buff.rpos(buff.rpos() + acore::Crypto::Constants::SHA1_DIGEST_LENGTH_BYTES); // 20 bytes SHA1
continue;
}
buff.rpos(buff.rpos() + SHA_DIGEST_LENGTH); // 20 bytes SHA1
buff.rpos(buff.rpos() + acore::Crypto::Constants::SHA1_DIGEST_LENGTH_BYTES); // 20 bytes SHA1
#if defined(ENABLE_EXTRAS) && defined(ENABLE_EXTRA_LOGS)
sLog->outDebug(LOG_FILTER_WARDEN, "RESULT MPQ_CHECK passed, CheckId %u account Id %u", checkId, _session->GetAccountId());
#endif

2
src/server/game/Warden/WardenWin.h
View File

@@ -64,7 +64,7 @@ public:
WardenWin();
~WardenWin() override;
void Init(WorldSession* session, BigNumber* K) override;
void Init(WorldSession* session, SessionKey const& K) override;
ClientWardenModule* GetModuleForClient() override;
void InitializeModule() override;
void RequestHash() override;

1
src/server/game/World/IWorld.h
View File

@@ -164,6 +164,7 @@ enum WorldBoolConfigs
CONFIG_DEBUG_BATTLEGROUND,
CONFIG_DEBUG_ARENA,
CONFIG_REGEN_HP_CANNOT_REACH_TARGET_IN_RAID,
CONFIG_SET_SHAPASSHASH,
BOOL_CONFIG_VALUE_COUNT
};

2
src/server/game/World/World.cpp
View File

@@ -1413,6 +1413,8 @@ void World::LoadConfigSettings(bool reload)
m_int_configs[CONFIG_GM_LEVEL_CHANNEL_MODERATION] = sConfigMgr->GetOption<int32>("Channel.ModerationGMLevel", 1);
m_bool_configs[CONFIG_SET_SHAPASSHASH] = sConfigMgr->GetBoolDefault("SetDeprecatedExternalPasswords", false);
// call ScriptMgr if we're reloading the configuration
sScriptMgr->OnAfterConfigLoad(reload);
}