void Auth_Login_f() { client_t *invoker; int id,clientNum; if(Cmd_Argc() != 3) { Com_Printf("Usage: %s <login> <password>\n",Cmd_Argv(0)); return; } clientNum = SV_RemoteCmdGetInvokerClnum(); if(clientNum < 0 || clientNum > 63) { Com_Error(ERR_FATAL,"Auth_Login_f: index out of bounds.\n"); return; } invoker = &svs.clients[clientNum]; id = Auth_Authorize(Cmd_Argv(1),Cmd_Argv(2)); if(id < 0 || id > MAX_AUTH_ADMINS) { //Com_PrintLogFile("Failed login attempt from slot %d with login %s. Client dropped.",clientNum,Cmd_Argv(1)); SV_DropClient(invoker,"Incorrect login credentials.\n"); return; } invoker->uid = auth_admins.admins[id].uid; invoker->power = SV_RemoteCmdGetClPower(invoker); Com_Printf("^2Successfully authorized. UID: %d, name: %s, power: %d\n", auth_admins.admins[id].uid, auth_admins.admins[id].username, invoker->power); }
const char* Auth_GetSessionId(const char* username, const char *password) { int handle; byte buff[129]; unsigned long size; handle = Auth_Authorize(username, password); if(handle < 0) { return NULL; } size = sizeof(auth_admins.admins[handle].sessionid); Com_RandomBytes(buff, sizeof(buff)); //Sec_BinaryToHex((char *)buff,sizeof(buff),salt,&size); Sec_HashMemory( SEC_HASH_SHA256, buff, sizeof(buff), auth_admins.admins[handle].sessionid, &size, qfalse ); return auth_admins.admins[handle].sessionid; }
tcpclientstate_t HL2Rcon_SourceRconAuth(netadr_t *from, msg_t *msg, int *connectionId){ int packetlen; int packettype; int packetid; char* loginstring; char* username; char* password; byte msgbuf[32]; msg_t sendmsg; rconUser_t* user; int i; char buf[MAX_STRING_CHARS]; char stringlinebuf[MAX_STRING_CHARS]; MSG_BeginReading(msg); packetlen = MSG_ReadLong(msg); if(packetlen != msg->cursize - 4){//Not a source rcon packet Com_Printf("Not a source rcon packet: len %d size %d\n", packetlen, msg->cursize); return TCP_AUTHNOTME; } packetid = MSG_ReadLong(msg); packettype = MSG_ReadLong(msg); if(packettype != SERVERDATA_AUTH)//Not a source rcon auth-packet return TCP_AUTHNOTME; if(SV_PlayerBannedByip(from, buf, sizeof(buf))){ return TCP_AUTHBAD; } MSG_Init(&sendmsg, msgbuf, sizeof(msgbuf)); MSG_WriteLong(&sendmsg, 10); MSG_WriteLong(&sendmsg, 0); MSG_WriteLong(&sendmsg, SERVERDATA_RESPONSE_VALUE); MSG_WriteShort(&sendmsg, 0); if(NET_SendData(from->sock, &sendmsg) < 1) { return TCP_AUTHBAD; } MSG_Init(&sendmsg, msgbuf, sizeof(msgbuf)); MSG_WriteLong(&sendmsg, 10); loginstring = MSG_ReadStringLine(msg, stringlinebuf, sizeof(stringlinebuf)); Cmd_TokenizeString(loginstring); if(Cmd_Argc() != 2){ goto badrcon; } username = Cmd_Argv(0); password = Cmd_Argv(1); if(strlen(password) < 6){ goto badrcon; } if(Auth_Authorize(username, password) < 0) { goto badrcon; } Com_Printf("Rcon login from: %s Name: %s\n", NET_AdrToString (from), username); Cmd_EndTokenizedString(); for(i = 0, user = sourceRcon.activeRconUsers; i < MAX_RCONUSERS; i++, user++){ if(user->remote.type == NA_BAD) break; } if(i == MAX_RCONUSERS){ return TCP_AUTHBAD; //Close connection } user->remote = *from; user->uid = Auth_GetUID(username); // user->rconPower = login->power; Q_strncpyz(user->rconUsername, username, sizeof(user->rconUsername)); user->streamchat = 0; user->streamlog = 0; user->lastpacketid = packetid; *connectionId = i; MSG_WriteLong(&sendmsg, user->lastpacketid); MSG_WriteLong(&sendmsg, SERVERDATA_AUTH_RESPONSE); MSG_WriteShort(&sendmsg, 0); if(NET_SendData(from->sock, &sendmsg) < 1) { return TCP_AUTHBAD; } return TCP_AUTHSUCCESSFULL; badrcon: Cmd_EndTokenizedString(); Com_Printf ("Bad rcon from %s (TCP)\n", NET_AdrToString (from) ); //Don't allow another attempt for 20 seconds SV_PlayerAddBanByip(from, "Bad rcon", 0, NULL, 0, Com_GetRealtime() + 20); MSG_Init(&sendmsg, msgbuf, sizeof(msgbuf)); MSG_WriteLong(&sendmsg, 10); MSG_WriteLong(&sendmsg, -1); MSG_WriteLong(&sendmsg, SERVERDATA_AUTH_RESPONSE); MSG_WriteShort(&sendmsg, 0); NET_SendData(from->sock, &sendmsg); return TCP_AUTHBAD; }