nchebrov/azerothcore-wotlk
1
0
Fork 0
mirror of https://github.com/mod-playerbots/azerothcore-wotlk.git synced 2026-01-30 00:53:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(Core/DB/Authserver): remove sha_pass_hash (#4827)

Browse Source
This commit is contained in:
UltraNix
2021-03-21 15:17:57 +01:00
committed by GitHub
parent e9ed6380a6
commit 485f7e7639
54 changed files with 1095 additions and 744 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
src/server/game/Accounts/AccountMgr.cpp
View File

@@ -5,11 +5,12 @@
*/
#include "AccountMgr.h"
#include "CryptoHash.h"
#include "DatabaseEnv.h"
#include "ObjectAccessor.h"
#include "Player.h"
#include "ScriptMgr.h"
#include "SHA1.h"
#include "SRP6.h"
#include "Util.h"
#include "WorldSession.h"
@@ -28,13 +29,15 @@ namespace AccountMgr
Utf8ToUpperOnlyLatin(password);
if (GetId(username))
return AOR_NAME_ALREDY_EXIST; // username does already exist
return AOR_NAME_ALREADY_EXIST; // username does already exist
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
stmt->setString(0, username);
stmt->setString(1, CalculateShaPassHash(username, password));
stmt->setInt8(2, uint8(sWorld->getIntConfig(CONFIG_EXPANSION)));
auto [salt, verifier] = acore::Crypto::SRP6::MakeRegistrationData(username, password);
stmt->setBinary(1, salt);
stmt->setBinary(2, verifier);
stmt->setInt8(3, uint8(sWorld->getIntConfig(CONFIG_EXPANSION)));
LoginDatabase.Execute(stmt);
@@ -141,11 +144,15 @@ namespace AccountMgr
Utf8ToUpperOnlyLatin(newPassword);
stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_USERNAME);
stmt->setString(0, newUsername);
stmt->setString(1, CalculateShaPassHash(newUsername, newPassword));
stmt->setUInt32(2, accountId);
stmt->setUInt32(1, accountId);
LoginDatabase.Execute(stmt);
auto [salt, verifier] = acore::Crypto::SRP6::MakeRegistrationData(newUsername, newPassword);
stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON);
stmt->setBinary(0, salt);
stmt->setBinary(1, verifier);
stmt->setUInt32(2, accountId);
LoginDatabase.Execute(stmt);
return AOR_OK;
@@ -170,11 +177,12 @@ namespace AccountMgr
Utf8ToUpperOnlyLatin(username);
Utf8ToUpperOnlyLatin(newPassword);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_PASSWORD);
stmt->setString(0, CalculateShaPassHash(username, newPassword));
stmt->setUInt32(1, accountId);
auto [salt, verifier] = acore::Crypto::SRP6::MakeRegistrationData(username, newPassword);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGON);
stmt->setBinary(0, salt);
stmt->setBinary(1, verifier);
stmt->setUInt32(2, accountId);;
LoginDatabase.Execute(stmt);
sScriptMgr->OnPasswordChange(accountId);
@@ -236,10 +244,15 @@ namespace AccountMgr
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_CHECK_PASSWORD);
stmt->setUInt32(0, accountId);
stmt->setString(1, CalculateShaPassHash(username, password));
PreparedQueryResult result = LoginDatabase.Query(stmt);
if (PreparedQueryResult result = LoginDatabase.Query(stmt))
{
acore::Crypto::SRP6::Salt salt = (*result)[0].GetBinary<acore::Crypto::SRP6::SALT_LENGTH>();
acore::Crypto::SRP6::Verifier verifier = (*result)[1].GetBinary<acore::Crypto::SRP6::VERIFIER_LENGTH>();
if (acore::Crypto::SRP6::CheckLogin(username, password, salt, verifier))
return true;
}
return !!result;
return false;
}
uint32 GetCharactersCount(uint32 accountId)
@@ -252,18 +265,6 @@ namespace AccountMgr
return (result) ? (*result)[0].GetUInt64() : 0;
}
std::string CalculateShaPassHash(std::string const& name, std::string const& password)
{
SHA1Hash sha;
sha.Initialize();
sha.UpdateData(name);
sha.UpdateData(":");
sha.UpdateData(password);
sha.Finalize();
return ByteArrayToHexStr(sha.GetDigest(), sha.GetLength());
}
bool IsPlayerAccount(uint32 gmlevel)
{
return gmlevel == SEC_PLAYER;