From 556d91a2ea8d2a9507f1f9c7624f60f9abe3b23f Mon Sep 17 00:00:00 2001 From: Kitzunu <24550914+Kitzunu@users.noreply.github.com> Date: Thu, 19 Aug 2021 00:20:07 +0200 Subject: [PATCH] feat(Core/Network): Add conf to allow/disallow storing IP address (#7168) * feat(Core/Network): Add conf to allow/disallow storing the IP address * cherry-pick commit (https://github.com/TrinityCore/TrinityCore/commit/68bf7e6d12e1689d688db32c05066b8832922c67) Co-Authored-By: Giacomo Pozzoni --- src/server/authserver/Server/AuthSession.cpp | 3 +- src/server/authserver/authserver.conf.dist | 35 ++++++++++++-------- src/server/game/Server/WorldSocket.cpp | 7 ++-- src/server/game/World/IWorld.h | 1 + src/server/game/World/World.cpp | 3 ++ src/server/worldserver/worldserver.conf.dist | 9 +++++ 6 files changed, 42 insertions(+), 16 deletions(-) diff --git a/src/server/authserver/Server/AuthSession.cpp b/src/server/authserver/Server/AuthSession.cpp index b5c3f66c3..e5accf1d3 100644 --- a/src/server/authserver/Server/AuthSession.cpp +++ b/src/server/authserver/Server/AuthSession.cpp @@ -503,9 +503,10 @@ bool AuthSession::HandleLogonProof() // Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account // No SQL injection (escaped user name) and IP address as received by socket + std::string address = sConfigMgr->GetOption("AllowLoggingIPAddressesInDatabase", true, true) ? GetRemoteIpAddress().to_string() : "0.0.0.0"; LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF); stmt->setBinary(0, _sessionKey); - stmt->setString(1, GetRemoteIpAddress().to_string()); + stmt->setString(1, address); stmt->setUInt32(2, GetLocaleByName(_localizationName)); stmt->setString(3, _os); stmt->setString(4, _accountInfo.Login); diff --git a/src/server/authserver/authserver.conf.dist b/src/server/authserver/authserver.conf.dist index b7d339ff9..923074c33 100644 --- a/src/server/authserver/authserver.conf.dist +++ b/src/server/authserver/authserver.conf.dist @@ -135,6 +135,23 @@ WrongPass.BanType = 0 WrongPass.Logging = 0 +# +# BanExpiryCheckInterval +# Description: Time (in seconds) between checks for expired bans +# Default: 60 +# + +BanExpiryCheckInterval = 60 + +# +# StrictVersionCheck +# Description: Prevent modified clients from connecting +# Default: 0 - (Disabled) +# 1 - (Enabled) +# + +StrictVersionCheck = 0 + # # SourceDirectory # Description: The path to your AzerothCore source directory. @@ -168,21 +185,13 @@ MySQLExecutable = "" IPLocationFile = "" # -# BanExpiryCheckInterval -# Description: Time (in seconds) between checks for expired bans -# Default: 60 +# AllowLoggingIPAddressesInDatabase +# Description: Specifies if IP addresses can be logged to the database +# Default: 1 - (Enabled) +# 0 - (Disabled) # -BanExpiryCheckInterval = 60 - -# -# StrictVersionCheck -# Description: Prevent modified clients from connecting -# Default: 0 - (Disabled) -# 1 - (Enabled) -# - -StrictVersionCheck = 0 +AllowLoggingIPAddressesInDatabase = 1 # ################################################################################################### diff --git a/src/server/game/Server/WorldSocket.cpp b/src/server/game/Server/WorldSocket.cpp index 733c711fe..cde48d54f 100644 --- a/src/server/game/Server/WorldSocket.cpp +++ b/src/server/game/Server/WorldSocket.cpp @@ -7,6 +7,7 @@ #include "WorldSocket.h" #include "AccountMgr.h" #include "BigNumber.h" +#include "Config.h" #include "CryptoHash.h" #include "CryptoRandom.h" #include "DatabaseEnv.h" @@ -452,10 +453,12 @@ void WorldSocket::HandleAuthSessionCallback(std::shared_ptr authSes AccountInfo account(result->Fetch()); // For hook purposes, we get Remoteaddress at this point. - std::string address = GetRemoteIpAddress().to_string(); + std::string address = sConfigMgr->GetOption("AllowLoggingIPAddressesInDatabase", true, true) ? GetRemoteIpAddress().to_string() : "0.0.0.0"; + + LoginDatabasePreparedStatement* stmt = nullptr; // As we don't know if attempted login process by ip works, we update last_attempt_ip right away - LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_ATTEMPT_IP); + stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_ATTEMPT_IP); stmt->setString(0, address); stmt->setString(1, authSession->Account); LoginDatabase.Execute(stmt); diff --git a/src/server/game/World/IWorld.h b/src/server/game/World/IWorld.h index 9410b55e8..e1016b6f3 100644 --- a/src/server/game/World/IWorld.h +++ b/src/server/game/World/IWorld.h @@ -161,6 +161,7 @@ enum WorldBoolConfigs CONFIG_DUNGEON_ACCESS_REQUIREMENTS_LFG_DBC_LEVEL_OVERRIDE, CONFIG_REGEN_HP_CANNOT_REACH_TARGET_IN_RAID, CONFIG_SET_BOP_ITEM_TRADEABLE, + CONFIG_ALLOW_LOGGING_IP_ADDRESSES_IN_DATABASE, BOOL_CONFIG_VALUE_COUNT }; diff --git a/src/server/game/World/World.cpp b/src/server/game/World/World.cpp index 0152f8f54..804675a82 100644 --- a/src/server/game/World/World.cpp +++ b/src/server/game/World/World.cpp @@ -1404,6 +1404,9 @@ void World::LoadConfigSettings(bool reload) m_bool_configs[CONFIG_SET_BOP_ITEM_TRADEABLE] = sConfigMgr->GetOption("Item.SetItemTradeable", true); + // Specifies if IP addresses can be logged to the database + m_bool_configs[CONFIG_ALLOW_LOGGING_IP_ADDRESSES_IN_DATABASE] = sConfigMgr->GetOption("AllowLoggingIPAddressesInDatabase", true, true); + // call ScriptMgr if we're reloading the configuration sScriptMgr->OnAfterConfigLoad(reload); } diff --git a/src/server/worldserver/worldserver.conf.dist b/src/server/worldserver/worldserver.conf.dist index 954bc665e..96fde1b68 100644 --- a/src/server/worldserver/worldserver.conf.dist +++ b/src/server/worldserver/worldserver.conf.dist @@ -220,6 +220,15 @@ ThreadPool = 2 IPLocationFile = "" +# +# AllowLoggingIPAddressesInDatabase +# Description: Specifies if IP addresses can be logged to the database +# Default: 1 - (Enabled) +# 0 - (Disabled) +# + +AllowLoggingIPAddressesInDatabase = 1 + # ###################################################################################################