AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
{
if(utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
if(GetId(username))
{
return AOR_NAME_ALREDY_EXIST; // username does already exist
}
if(!LoginDatabase.PExecute("INSERT INTO account(username,sha_pass_hash,joindate) VALUES('%s','%s',NOW())", username.c_str(), CalculateShaPassHash(username, password).c_str()))
return AOR_DB_INTERNAL_ERROR; // unexpected error
LoginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM realmlist,account LEFT JOIN realmcharacters ON acctid=account.id WHERE acctid IS NULL");
if(sWorld.getConfig(CONFIG_BOOL_PLAINTEXT_PASSWORDS))
{
// FG: to keep consistency with old realm db fields also
if(!LoginDatabase.PExecute("UPDATE account SET password='******' WHERE username='******'", password.c_str(),username.c_str()))
return AOR_DB_INTERNAL_ERROR; // unexpected error
}
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
if (GetId(username))
{
return AOR_NAME_ALREDY_EXIST; // username does already exist
}
LoginDatabase.PExecute("INSERT INTO account(username,sha_pass_hash,joindate) VALUES('%s','%s',NOW())", username.c_str(), CalculateShaPassHash(username, password).c_str());
LoginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM realmlist,account LEFT JOIN realmcharacters ON acctid=account.id WHERE acctid IS NULL");
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
LoginDatabase.EscapeString(username);
LoginDatabase.EscapeString(password);
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE username = '******'", username.c_str());
if (result)
return AOR_NAME_ALREDY_EXIST; // username does already exist
if (!LoginDatabase.PExecute("INSERT INTO account(username, sha_pass_hash, joindate) VALUES('%s', Sha1(CONCAT('%s', ':', '%s')), NOW())", username.c_str(), username.c_str(), password.c_str()))
return AOR_DB_INTERNAL_ERROR; // unexpected error
LoginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM realmlist, account LEFT JOIN realmcharacters ON acctid=account.id WHERE acctid IS NULL");
return AOR_OK; // everything's fine
}
// Launch the auth server
extern int main(int argc, char **argv)
{
// Command line parsing
char const* cfg_file = _DARMIX_REALM_CONFIG;
#ifdef _WIN32
char const *options = ":c:s:";
#else
char const *options = ":c:";
#endif
ACE_Get_Opt cmd_opts(argc, argv, options);
cmd_opts.long_option("version", 'v');
int option;
while ((option = cmd_opts()) != EOF)
{
switch (option)
{
case 'c':
cfg_file = cmd_opts.opt_arg();
break;
case 'v':
printf("%s\n", _FULLVERSION);
return 0;
#ifdef _WIN32
case 's':
{
const char *mode = cmd_opts.opt_arg();
if (!strcmp(mode, "install"))
{
if (WinServiceInstall())
sLog.outString("Installing service");
return 1;
}
else if (!strcmp(mode, "uninstall"))
{
if (WinServiceUninstall())
sLog.outString("Uninstalling service");
return 1;
}
else if (!strcmp(mode, "run"))
WinServiceRun();
else
{
sLog.outError("Runtime-Error: -%c unsupported argument %s", cmd_opts.opt_opt(), mode);
usage(argv[0]);
return 1;
}
break;
}
#endif
case ':':
sLog.outError("Runtime-Error: -%c option requires an input argument", cmd_opts.opt_opt());
usage(argv[0]);
return 1;
default:
sLog.outError("Runtime-Error: bad format of commandline arguments");
usage(argv[0]);
return 1;
}
}
if (!sConfig.SetSource(cfg_file))
{
sLog.outError("Invalid or missing configuration file : %s", cfg_file);
sLog.outError("Verify that the file exists and has \'[realm-server]\' written in the top of the file!");
return 1;
}
sLog.Initialize();
sLog.outString("*************************************************************************");
sLog.outString(" %s(realm) Rev: %s Hash: %s ", _PACKAGENAME, _REVISION, _HASH);
sLog.outString("*************************************************************************");
sLog.outString("<Ctrl-C> to stop.");
sLog.outString(" ");
// Check the version of the configuration file
uint32 confVersion = sConfig.GetIntDefault("ConfVersion", 0);
if (confVersion != _DARMIX_REALM_CONFVER)
{
sLog.outError(" WARNING:");
sLog.outError(" Your %s file is out of date.", cfg_file);
sLog.outError(" Please, check for updates.");
sleep(5);
}
sLog.outDetail("Using ACE: %s", ACE_VERSION);
#if defined (ACE_HAS_EVENT_POLL) || defined (ACE_HAS_DEV_POLL)
ACE_Reactor::instance(new ACE_Reactor(new ACE_Dev_Poll_Reactor(ACE::max_handles(), 1), 1), true);
#else
ACE_Reactor::instance(new ACE_Reactor(new ACE_TP_Reactor(), true), true);
#endif
sLog.outBasic("Max allowed open files is %d", ACE::max_handles());
// RealmServer PID file creation
std::string pidfile = sConfig.GetStringDefault("PidFile", "");
if (!pidfile.empty())
{
uint32 pid = CreatePIDFile(pidfile);
if (!pid)
{
sLog.outError( "Cannot create PID file %s.\n", pidfile.c_str() );
return 1;
}
sLog.outString( "Daemon PID: %u\n", pid );
}
// Initialize the database connection
if (!StartDB())
return 1;
// Get the list of realms for the server
sRealmList->Initialize(sConfig.GetIntDefault("RealmsStateUpdateDelay", 20));
if (sRealmList->size() == 0)
{
sLog.outError("No valid realms specified.");
sleep(5);
return 1;
}
// cleanup query
// delete expired bans
LoginDatabase.Execute("DELETE FROM account_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
// Launch the listening network socket
ACE_Acceptor<AuthSocket, ACE_SOCK_Acceptor> acceptor;
uint16 rmport = sConfig.GetIntDefault("AuthServerPort", DEFAULT_AUTHSERVER_PORT);
std::string bind_ip = sConfig.GetStringDefault("BindIP", "0.0.0.0");
ACE_INET_Addr bind_addr(rmport, bind_ip.c_str());
if (acceptor.open(bind_addr, ACE_Reactor::instance(), ACE_NONBLOCK) == -1)
{
sLog.outError("Realm-Server can not bind to %s:%d", bind_ip.c_str(), rmport);
return 1;
}
// Catch termination signals
HookSignals();
sLog.outString("Realm-Server started");
// Handle affinity for multiple processors and process priority on Windows
#ifdef _WIN32
{
HANDLE hProcess = GetCurrentProcess();
uint32 Aff = sConfig.GetIntDefault("UseProcessors", 0);
if (Aff > 0)
{
ULONG_PTR appAff;
ULONG_PTR sysAff;
if (GetProcessAffinityMask(hProcess,&appAff,&sysAff))
{
ULONG_PTR curAff = Aff & appAff; // remove non accessible processors
if (!curAff )
{
sLog.outError("Processors marked in UseProcessors bitmask (hex) %x not accessible for authserver. Accessible processors bitmask (hex): %x",Aff,appAff);
}
else
{
if (SetProcessAffinityMask(hProcess,curAff))
sLog.outString("Using processors (bitmask, hex): %x", curAff);
else
sLog.outError("Can't set used processors (hex): %x", curAff);
}
}
sLog.outString();
}
bool Prio = sConfig.GetBoolDefault("ProcessPriority", false);
if (Prio)
{
if (SetPriorityClass(hProcess,HIGH_PRIORITY_CLASS))
sLog.outString("Realm-Server process priority class set to HIGH");
else
sLog.outError("ERROR: Can't set AuthServer process priority class.");
sLog.outString();
}
}
#endif
// maximum counter for next ping
uint32 numLoops = (sConfig.GetIntDefault( "MaxPingTime", 30 ) * (MINUTE * 1000000 / 100000));
uint32 loopCounter = 0;
// Wait for termination signal
while (!stopEvent)
{
// dont move this outside the loop, the reactor will modify it
ACE_Time_Value interval(0, 100000);
if (ACE_Reactor::instance()->run_reactor_event_loop(interval) == -1)
break;
if ( (++loopCounter) == numLoops )
{
loopCounter = 0;
sLog.outDetail("Ping MySQL to keep connection alive");
LoginDatabase.Query("SELECT 1 FROM realmlist LIMIT 1");
}
#ifdef _WIN32
if (m_ServiceStatus == 0) stopEvent = true;
while (m_ServiceStatus == 2) Sleep(1000);
#endif
}
// Wait for the delay thread to exit
LoginDatabase.HaltDelayThread();
// Remove signal handling before leaving
UnhookSignals();
sLog.outString( "Halting process..." );
return 0;
}
/// Logon Challenge command handler
bool AuthSocket::_HandleLogonChallenge()
{
DEBUG_LOG("Entering _HandleLogonChallenge");
if (ibuf.GetLength() < sizeof(sAuthLogonChallenge_C))
return false;
///- Read the first 4 bytes (header) to get the length of the remaining of the packet
std::vector<uint8> buf;
buf.resize(4);
ibuf.Read((char *)&buf[0], 4);
EndianConvert(*((uint16*)(buf[0])));
uint16 remaining = ((sAuthLogonChallenge_C *)&buf[0])->size;
DEBUG_LOG("[AuthChallenge] got header, body is %#04x bytes", remaining);
if ((remaining < sizeof(sAuthLogonChallenge_C) - buf.size()) || (ibuf.GetLength() < remaining))
return false;
//No big fear of memory outage (size is int16, i.e. < 65536)
buf.resize(remaining + buf.size() + 1);
buf[buf.size() - 1] = 0;
sAuthLogonChallenge_C *ch = (sAuthLogonChallenge_C*)&buf[0];
// BigEndian code, nop in little endian case
// size already converted
EndianConvert(*((uint32*)(&ch->gamename[0])));
EndianConvert(ch->build);
EndianConvert(*((uint32*)(&ch->platform[0])));
EndianConvert(*((uint32*)(&ch->os[0])));
EndianConvert(*((uint32*)(&ch->country[0])));
EndianConvert(ch->timezone_bias);
EndianConvert(ch->ip);
///- Read the remaining of the packet
ibuf.Read((char *)&buf[4], remaining);
DEBUG_LOG("[AuthChallenge] got full packet, %#04x bytes", ch->size);
DEBUG_LOG("[AuthChallenge] name(%d): '%s'", ch->I_len, ch->I);
ByteBuffer pkt;
_login = (const char*)ch->I;
_build = ch->build;
///- Normalize account name
//utf8ToUpperOnlyLatin(_login); -- client already send account in expected form
//Escape the user login to avoid further SQL injection
//Memory will be freed on AuthSocket object destruction
_safelogin = _login;
loginDatabase.escape_string(_safelogin);
pkt << (uint8) AUTH_LOGON_CHALLENGE;
pkt << (uint8) 0x00;
///- Verify that this IP is not in the ip_banned table
// No SQL injection possible (paste the IP address as passed by the socket)
loginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
std::string address = GetRemoteAddress();
loginDatabase.escape_string(address);
QueryResult *result = loginDatabase.PQuery("SELECT * FROM ip_banned WHERE ip = '%s'",address.c_str());
if(result)
{
pkt << (uint8)REALM_AUTH_ACCOUNT_BANNED;
sLog.outBasic("[AuthChallenge] Banned ip %s tries to login!",GetRemoteAddress().c_str ());
delete result;
}
else
{
///- Get the account details from the account table
// No SQL injection (escaped user name)
result = loginDatabase.PQuery("SELECT sha_pass_hash,id,locked,last_ip,gmlevel,v,s FROM account WHERE username = '******'",_safelogin.c_str ());
if( result )
{
///- If the IP is 'locked', check that the player comes indeed from the correct IP address
bool locked = false;
if((*result)[2].GetUInt8() == 1) // if ip is locked
{
DEBUG_LOG("[AuthChallenge] Account '%s' is locked to IP - '%s'", _login.c_str(), (*result)[3].GetString());
DEBUG_LOG("[AuthChallenge] Player address is '%s'", GetRemoteAddress().c_str());
if ( strcmp((*result)[3].GetString(),GetRemoteAddress().c_str()) )
{
DEBUG_LOG("[AuthChallenge] Account IP differs");
pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
locked=true;
}
else
{
DEBUG_LOG("[AuthChallenge] Account IP matches");
}
}
else
{
DEBUG_LOG("[AuthChallenge] Account '%s' is not locked to ip", _login.c_str());
}
if (!locked)
{
//set expired bans to inactive
loginDatabase.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
///- If the account is banned, reject the logon attempt
QueryResult *banresult = loginDatabase.PQuery("SELECT bandate,unbandate FROM account_banned WHERE id = %u AND active = 1", (*result)[1].GetUInt32());
if(banresult)
{
if((*banresult)[0].GetUInt64() == (*banresult)[1].GetUInt64())
{
pkt << (uint8) REALM_AUTH_ACCOUNT_BANNED;
sLog.outBasic("[AuthChallenge] Banned account %s tries to login!",_login.c_str ());
}
else
{
pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!",_login.c_str ());
}
delete banresult;
}
else
{
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = (*result)[0].GetCppString();
///- Don't calculate (v, s) if there are already some in the database
std::string databaseV = (*result)[5].GetCppString();
std::string databaseS = (*result)[6].GetCppString();
sLog.outDebug("database authentication values: v='%s' s='%s'", databaseV.c_str(), databaseS.c_str());
// multiply with 2, bytes are stored as hexstring
if(databaseV.size() != s_BYTE_SIZE*2 || databaseS.size() != s_BYTE_SIZE*2)
_SetVSFields(rI);
else
{
s.SetHexStr(databaseS.c_str());
v.SetHexStr(databaseV.c_str());
}
b.SetRand(19 * 8);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16 * 8);
///- Fill the response packet with the result
pkt << uint8(REALM_AUTH_SUCCESS);
// B may be calculated < 32B so we force minimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << uint8(1);
pkt.append(g.AsByteArray(), 1);
pkt << uint8(32);
pkt.append(N.AsByteArray(32), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes());// 32 bytes
pkt.append(unk3.AsByteArray(16), 16);
uint8 securityFlags = 0;
pkt << uint8(securityFlags); // security flags (0x0...0x04)
if(securityFlags & 0x01) // PIN input
{
pkt << uint32(0);
pkt << uint64(0) << uint64(0); // 16 bytes hash?
}
if(securityFlags & 0x02) // Matrix input
{
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint64(0);
}
if(securityFlags & 0x04) // Security token input
{
pkt << uint8(1);
}
uint8 secLevel = (*result)[4].GetUInt8();
_accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
_localizationName.resize(4);
for(int i = 0; i < 4; ++i)
_localizationName[i] = ch->country[4-i-1];
sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3], ch->country[2], ch->country[1], ch->country[0], GetLocaleByName(_localizationName));
// user authenticated => turn off autoreg, thus account creating
_autoreg = false;
}
}
delete result;
}
else if(_autoreg) // no account
{
// check username
if(_safelogin.find_first_of(notAllowedChars)!=_safelogin.npos || _safelogin.length()<4)
_autoreg = false;
// check IP
else if(uint32 amountip = sConfig.GetIntDefault("AmountIP", 0))
{
QueryResult *result2 = loginDatabase.PQuery("SELECT COUNT(last_ip) FROM account WHERE last_ip = '%s'", GetRemoteAddress().c_str());
if (result2 && (*result2)[0].GetUInt8() >= amountip)
{
_autoreg = false;
delete result2;
}
}
// still all ok
if(_autoreg)
{
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::transform(_safelogin.begin(), _safelogin.end(), _safelogin.begin(), std::towupper);
Sha1Hash sha;
std::string sI = _safelogin + ":" + _safelogin;
sha.UpdateData(sI);
sha.Finalize();
BigNumber bn;
bn.SetBinary(sha.GetDigest(), sha.GetLength());
uint8 *val = bn.AsByteArray();
std::reverse(val, val+bn.GetNumBytes());
bn.SetBinary(val, bn.GetNumBytes());
const char* rI = bn.AsHexStr();
_SetVSFields(rI);
OPENSSL_free((void*)rI);
b.SetRand(19 * 8);
BigNumber gmod=g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
if (B.GetNumBytes() < 32)
sLog.outDetail("Interesting, calculation of B in realmd is < 32.");
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16*8);
///- Fill the response packet with the result
pkt << (uint8)REALM_AUTH_SUCCESS;
pkt.append(B.AsByteArray(), 32);
pkt << (uint8)1;
pkt.append(g.AsByteArray(), 1);
pkt << (uint8)32;
pkt.append(N.AsByteArray(), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes());
pkt.append(unk3.AsByteArray(), 16);
pkt << (uint8)0; // Added in 1.12.x client branch
}
else
// username and/or IP is bad
pkt << (uint8) REALM_AUTH_NO_MATCH;
}
else
{
// autoreg off in config, account is wrong
pkt << (uint8) REALM_AUTH_NO_MATCH;
}
}
SendBuf((char const*)pkt.contents(), pkt.size());
return true;
}
/// Launch the realm server
extern int main(int argc, char** argv)
{
///- Command line parsing
char const* cfg_file = _REALMD_CONFIG;
char const* options = ":c:s:";
ACE_Get_Opt cmd_opts(argc, argv, options);
cmd_opts.long_option("version", 'v');
char serviceDaemonMode = '\0';
int option;
while ((option = cmd_opts()) != EOF)
{
switch (option)
{
case 'c':
cfg_file = cmd_opts.opt_arg();
break;
case 'v':
printf("%s\n", _FULLVERSION(REVISION_DATE, REVISION_TIME, REVISION_NR, REVISION_ID));
return 0;
case 's':
{
const char* mode = cmd_opts.opt_arg();
if (!strcmp(mode, "run"))
{ serviceDaemonMode = 'r'; }
#ifdef WIN32
else if (!strcmp(mode, "install"))
{ serviceDaemonMode = 'i'; }
else if (!strcmp(mode, "uninstall"))
{ serviceDaemonMode = 'u'; }
#else
else if (!strcmp(mode, "stop"))
{ serviceDaemonMode = 's'; }
#endif
else
{
sLog.outError("Runtime-Error: -%c unsupported argument %s", cmd_opts.opt_opt(), mode);
usage(argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
}
break;
}
case ':':
sLog.outError("Runtime-Error: -%c option requires an input argument", cmd_opts.opt_opt());
usage(argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
default:
sLog.outError("Runtime-Error: bad format of commandline arguments");
usage(argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
}
}
#ifdef WIN32 // windows service command need execute before config read
switch (serviceDaemonMode)
{
case 'i':
if (WinServiceInstall())
{ sLog.outString("Installing service"); }
return 1;
case 'u':
if (WinServiceUninstall())
{ sLog.outString("Uninstalling service"); }
return 1;
case 'r':
WinServiceRun();
break;
}
#endif
if (!sConfig.SetSource(cfg_file))
{
sLog.outError("Could not find configuration file %s.", cfg_file);
Log::WaitBeforeContinueIfNeed();
return 1;
}
#ifndef WIN32 // posix daemon commands need apply after config read
switch (serviceDaemonMode)
{
case 'r':
startDaemon();
break;
case 's':
stopDaemon();
break;
}
#endif
sLog.Initialize();
sLog.outString("%s [realm-daemon]", _FULLVERSION(REVISION_DATE, REVISION_TIME, REVISION_NR, REVISION_ID));
sLog.outString("<Ctrl-C> to stop.\n");
sLog.outString("Using configuration file %s.", cfg_file);
///- Check the version of the configuration file
uint32 confVersion = sConfig.GetIntDefault("ConfVersion", 0);
if (confVersion < _REALMDCONFVERSION)
{
sLog.outError("*****************************************************************************");
sLog.outError(" WARNING: Your realmd.conf version indicates your conf file is out of date!");
sLog.outError(" Please check for updates, as your current default values may cause");
sLog.outError(" strange behavior.");
sLog.outError("*****************************************************************************");
Log::WaitBeforeContinueIfNeed();
}
DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
if (SSLeay() < 0x009080bfL)
{
DETAIL_LOG("WARNING: Outdated version of OpenSSL lib. Logins to server may not work!");
DETAIL_LOG("WARNING: Minimal required version [OpenSSL 0.9.8k]");
}
DETAIL_LOG("Using ACE: %s", ACE_VERSION);
#if defined (ACE_HAS_EVENT_POLL) || defined (ACE_HAS_DEV_POLL)
ACE_Reactor::instance(new ACE_Reactor(new ACE_Dev_Poll_Reactor(ACE::max_handles(), 1), 1), true);
#else
ACE_Reactor::instance(new ACE_Reactor(new ACE_TP_Reactor(), true), true);
#endif
sLog.outBasic("Max allowed open files is %d", ACE::max_handles());
/// realmd PID file creation
std::string pidfile = sConfig.GetStringDefault("PidFile", "");
if (!pidfile.empty())
{
uint32 pid = CreatePIDFile(pidfile);
if (!pid)
{
sLog.outError("Can not create PID file %s.\n", pidfile.c_str());
Log::WaitBeforeContinueIfNeed();
return 1;
}
sLog.outString("Daemon PID: %u\n", pid);
}
///- Initialize the database connection
if (!StartDB())
{
Log::WaitBeforeContinueIfNeed();
return 1;
}
///- Get the list of realms for the server
sRealmList.Initialize(sConfig.GetIntDefault("RealmsStateUpdateDelay", 20));
if (sRealmList.size() == 0)
{
sLog.outError("No valid realms specified.");
Log::WaitBeforeContinueIfNeed();
return 1;
}
// cleanup query
// set expired bans to inactive
LoginDatabase.BeginTransaction();
LoginDatabase.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.CommitTransaction();
///- Launch the listening network socket
ACE_Acceptor<AuthSocket, ACE_SOCK_Acceptor> acceptor;
uint16 rmport = sConfig.GetIntDefault("RealmServerPort", DEFAULT_REALMSERVER_PORT);
std::string bind_ip = sConfig.GetStringDefault("BindIP", "0.0.0.0");
ACE_INET_Addr bind_addr(rmport, bind_ip.c_str());
if (acceptor.open(bind_addr, ACE_Reactor::instance(), ACE_NONBLOCK) == -1)
{
sLog.outError("MaNGOS realmd can not bind to %s:%d", bind_ip.c_str(), rmport);
Log::WaitBeforeContinueIfNeed();
return 1;
}
///- Catch termination signals
HookSignals();
///- Handle affinity for multiple processors and process priority on Windows
#ifdef WIN32
{
HANDLE hProcess = GetCurrentProcess();
uint32 Aff = sConfig.GetIntDefault("UseProcessors", 0);
if (Aff > 0)
{
ULONG_PTR appAff;
ULONG_PTR sysAff;
if (GetProcessAffinityMask(hProcess, &appAff, &sysAff))
{
ULONG_PTR curAff = Aff & appAff; // remove non accessible processors
if (!curAff)
{
sLog.outError("Processors marked in UseProcessors bitmask (hex) %x not accessible for realmd. Accessible processors bitmask (hex): %x", Aff, appAff);
}
else
{
if (SetProcessAffinityMask(hProcess, curAff))
{ sLog.outString("Using processors (bitmask, hex): %x", curAff); }
else
{ sLog.outError("Can't set used processors (hex): %x", curAff); }
}
}
sLog.outString();
}
bool Prio = sConfig.GetBoolDefault("ProcessPriority", false);
if (Prio)
{
if (SetPriorityClass(hProcess, HIGH_PRIORITY_CLASS))
{ sLog.outString("realmd process priority class set to HIGH"); }
else
{ sLog.outError("Can't set realmd process priority class."); }
sLog.outString();
}
}
#endif
// server has started up successfully => enable async DB requests
LoginDatabase.AllowAsyncTransactions();
// maximum counter for next ping
uint32 numLoops = (sConfig.GetIntDefault("MaxPingTime", 30) * (MINUTE * 1000000 / 100000));
uint32 loopCounter = 0;
#ifndef WIN32
detachDaemon();
#endif
///- Wait for termination signal
while (!stopEvent)
{
// dont move this outside the loop, the reactor will modify it
ACE_Time_Value interval(0, 100000);
if (ACE_Reactor::instance()->run_reactor_event_loop(interval) == -1)
{ break; }
if ((++loopCounter) == numLoops)
{
loopCounter = 0;
DETAIL_LOG("Ping MySQL to keep connection alive");
LoginDatabase.Ping();
}
#ifdef WIN32
if (m_ServiceStatus == 0) { stopEvent = true; }
while (m_ServiceStatus == 2) { Sleep(1000); }
#endif
}
///- Wait for the delay thread to exit
LoginDatabase.HaltDelayThread();
///- Remove signal handling before leaving
UnhookSignals();
sLog.outString("Halting process...");
return 0;
}
/// Logon Challenge command handler
bool AuthSocket::_HandleLogonChallenge()
{
DEBUG_LOG("Entering _HandleLogonChallenge");
if (ibuf.GetLength() < sizeof(sAuthLogonChallenge_C))
return false;
///- Read the first 4 bytes (header) to get the length of the remaining of the packet
std::vector<uint8> buf;
buf.resize(4);
ibuf.Read((char *)&buf[0], 4);
EndianConvert(*((uint16*)(buf[0])));
uint16 remaining = ((sAuthLogonChallenge_C *)&buf[0])->size;
DEBUG_LOG("[AuthChallenge] got header, body is %#04x bytes", remaining);
if ((remaining < sizeof(sAuthLogonChallenge_C) - buf.size()) || (ibuf.GetLength() < remaining))
return false;
//No big fear of memory outage (size is int16, i.e. < 65536)
buf.resize(remaining + buf.size() + 1);
buf[buf.size() - 1] = 0;
sAuthLogonChallenge_C *ch = (sAuthLogonChallenge_C*)&buf[0];
// BigEndian code, nop in little endian case
// size already converted
EndianConvert(*((uint32*)(&ch->gamename[0])));
EndianConvert(ch->build);
EndianConvert(*((uint32*)(&ch->platform[0])));
EndianConvert(*((uint32*)(&ch->os[0])));
EndianConvert(*((uint32*)(&ch->country[0])));
EndianConvert(ch->timezone_bias);
EndianConvert(ch->ip);
///- Read the remaining of the packet
ibuf.Read((char *)&buf[4], remaining);
DEBUG_LOG("[AuthChallenge] got full packet, %#04x bytes", ch->size);
DEBUG_LOG("[AuthChallenge] name(%d): '%s'", ch->I_len, ch->I);
ByteBuffer pkt;
_login = (const char*)ch->I;
///- Normalize account name
//utf8ToUpperOnlyLatin(_login); -- client already send account in expected form
//Escape the user login to avoid further SQL injection
//Memory will be freed on AuthSocket object destruction
_safelogin=_login;
dbRealmServer.escape_string(_safelogin);
///- Check if the client has one of the expected version numbers
bool valid_version=false;
int accepted_versions[]=EXPECTED_MANGOS_CLIENT_BUILD;
for(int i=0;accepted_versions[i];i++)
if(ch->build==accepted_versions[i])
{
valid_version=true;
break;
}
/// <ul><li> if this is a valid version
if(valid_version)
{
pkt << (uint8) AUTH_LOGON_CHALLENGE;
pkt << (uint8) 0x00;
///- Verify that this IP is not in the ip_banned table
// No SQL injection possible (paste the IP address as passed by the socket)
dbRealmServer.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
std::string address = GetRemoteAddress();
dbRealmServer.escape_string(address);
QueryResult *result = dbRealmServer.PQuery( "SELECT * FROM ip_banned WHERE ip = '%s'",address.c_str());
if(result)
{
pkt << (uint8)REALM_AUTH_ACCOUNT_BANNED;
sLog.outBasic("[AuthChallenge] Banned ip %s tries to login!",GetRemoteAddress().c_str ());
delete result;
}
else
{
///- Get the account details from the account table
// No SQL injection (escaped user name)
result = dbRealmServer.PQuery("SELECT sha_pass_hash,id,locked,last_ip,gmlevel FROM account WHERE username = '******'",_safelogin.c_str ());
if( result )
{
///- If the IP is 'locked', check that the player comes indeed from the correct IP address
bool locked = false;
if((*result)[2].GetUInt8() == 1) // if ip is locked
{
DEBUG_LOG("[AuthChallenge] Account '%s' is locked to IP - '%s'", _login.c_str(), (*result)[3].GetString());
DEBUG_LOG("[AuthChallenge] Player address is '%s'", GetRemoteAddress().c_str());
if ( strcmp((*result)[3].GetString(),GetRemoteAddress().c_str()) )
{
DEBUG_LOG("[AuthChallenge] Account IP differs");
pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
locked=true;
}
else
{
DEBUG_LOG("[AuthChallenge] Account IP matches");
}
}
else
{
DEBUG_LOG("[AuthChallenge] Account '%s' is not locked to ip", _login.c_str());
}
if (!locked)
{
//set expired bans to inactive
dbRealmServer.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
///- If the account is banned, reject the logon attempt
QueryResult *banresult = dbRealmServer.PQuery("SELECT bandate,unbandate FROM account_banned WHERE id = %u AND active = 1", (*result)[1].GetUInt32());
if(banresult)
{
if((*banresult)[0].GetUInt64() == (*banresult)[1].GetUInt64())
{
pkt << (uint8) REALM_AUTH_ACCOUNT_BANNED;
sLog.outBasic("[AuthChallenge] Banned account %s tries to login!",_login.c_str ());
}
else
{
pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!",_login.c_str ());
}
delete banresult;
}
else
{
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = (*result)[0].GetCppString();
_SetVSFields(rI);
b.SetRand(19 * 8);
BigNumber gmod=g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16*8);
///- Fill the response packet with the result
pkt << (uint8)REALM_AUTH_SUCCESS;
// B may be calculated < 32B so we force minnimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << (uint8)1;
pkt.append(g.AsByteArray(), 1);
pkt << (uint8)32;
pkt.append(N.AsByteArray(), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes()); // 32 bytes
pkt.append(unk3.AsByteArray(), 16);
pkt << (uint8)0; // Added in 1.12.x client branch
uint8 secLevel = (*result)[4].GetUInt8();
_accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
std::string localeName;
localeName.resize(4);
for(int i = 0; i <4; ++i)
localeName[i] = ch->country[4-i-1];
_localization = GetLocaleByName(localeName);
sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3],ch->country[2],ch->country[1],ch->country[0], _localization);
}
}
delete result;
}
else //no account
{
pkt<< (uint8) REALM_AUTH_NO_MATCH;
}
}
} //valid version
else
///<li> else
{
///- Check if we have the apropriate patch on the disk
char tmp[64];
// No buffer overflow (fixed length of arguments)
sprintf(tmp,"./patches/%d%c%c%c%c.mpq",ch->build,ch->country[3],
ch->country[2],ch->country[1],ch->country[0]);
// This will be closed at the destruction of the AuthSocket (client deconnection)
FILE *pFile=fopen(tmp,"rb");
if(!pFile)
{
pkt << (uint8) AUTH_LOGON_CHALLENGE;
pkt << (uint8) 0x00;
pkt << (uint8) REALM_AUTH_WRONG_BUILD_NUMBER;
DEBUG_LOG("[AuthChallenge] %u is not a valid client version!", ch->build);
DEBUG_LOG("[AuthChallenge] Patch %s not found",tmp);
}else
{ //have patch
pPatch=pFile;
XFER_INIT xferh;
///- Get the MD5 hash of the patch file (get it from preloaded Patcher cache or calculate it)
if(PatchesCache.GetHash(tmp,(uint8*)&xferh.md5))
{
DEBUG_LOG("\n[AuthChallenge] Found precached patch info for patch %s",tmp);
}
else
{ //calculate patch md5
printf("\n[AuthChallenge] Patch info for %s was not cached.",tmp);
PatchesCache.LoadPatchMD5(tmp);
PatchesCache.GetHash(tmp,(uint8*)&xferh.md5);
}
///- Send a packet to the client with the file length and MD5 hash
uint8 data[2]={AUTH_LOGON_PROOF,REALM_AUTH_UPDATE_CLIENT};
SendBuf((const char*)data,sizeof(data));
memcpy(&xferh,"0\x05Patch",7);
xferh.cmd=XFER_INITIATE;
fseek(pPatch,0,SEEK_END);
xferh.file_size=ftell(pPatch);
SendBuf((const char*)&xferh,sizeof(xferh));
return true;
}
}
/// </ul>
SendBuf((char const*)pkt.contents(), pkt.size());
return true;
}
/// Logon Challenge command handler
bool AuthSocket::_HandleLogonChallenge()
{
DEBUG_LOG("Entering _HandleLogonChallenge");
if (ibuf.GetLength() < sizeof(sAuthLogonChallenge_C))
return false;
///- Read the first 4 bytes (header) to get the length of the remaining of the packet
std::vector<uint8> buf;
buf.resize(4);
ibuf.Read((char *)&buf[0], 4);
EndianConvert(*((uint16*)(buf[0])));
uint16 remaining = ((sAuthLogonChallenge_C *)&buf[0])->size;
DEBUG_LOG("[AuthChallenge] got header, body is %#04x bytes", remaining);
if ((remaining < sizeof(sAuthLogonChallenge_C) - buf.size()) || (ibuf.GetLength() < remaining))
return false;
//No big fear of memory outage (size is int16, i.e. < 65536)
buf.resize(remaining + buf.size() + 1);
buf[buf.size() - 1] = 0;
sAuthLogonChallenge_C *ch = (sAuthLogonChallenge_C*)&buf[0];
// BigEndian code, nop in little endian case
// size already converted
EndianConvert(*((uint32*)(&ch->gamename[0])));
EndianConvert(ch->build);
EndianConvert(*((uint32*)(&ch->platform[0])));
EndianConvert(*((uint32*)(&ch->os[0])));
EndianConvert(*((uint32*)(&ch->country[0])));
EndianConvert(ch->timezone_bias);
EndianConvert(ch->ip);
///- Read the remaining of the packet
ibuf.Read((char *)&buf[4], remaining);
DEBUG_LOG("[AuthChallenge] got full packet, %#04x bytes", ch->size);
DEBUG_LOG("[AuthChallenge] name(%d): '%s'", ch->I_len, ch->I);
ByteBuffer pkt;
_login = (const char*)ch->I;
_build = ch->build;
///- Normalize account name
//utf8ToUpperOnlyLatin(_login); -- client already send account in expected form
//Escape the user login to avoid further SQL injection
//Memory will be freed on AuthSocket object destruction
_safelogin=_login;
dbRealmServer.escape_string(_safelogin);
pkt << (uint8) AUTH_LOGON_CHALLENGE;
pkt << (uint8) 0x00;
///- Verify that this IP is not in the ip_banned table
// No SQL injection possible (paste the IP address as passed by the socket)
dbRealmServer.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
std::string address = GetRemoteAddress();
dbRealmServer.escape_string(address);
QueryResult *result = dbRealmServer.PQuery( "SELECT * FROM ip_banned WHERE ip = '%s'",address.c_str());
if(result)
{
pkt << (uint8)REALM_AUTH_ACCOUNT_BANNED;
sLog.outBasic("[AuthChallenge] Banned ip %s tries to login!",GetRemoteAddress().c_str ());
delete result;
}
else
{
///- Get the account details from the account table
// No SQL injection (escaped user name)
result = dbRealmServer.PQuery("SELECT sha_pass_hash,id,locked,last_ip,gmlevel FROM account WHERE username = '******'",_safelogin.c_str ());
if( result )
{
///- If the IP is 'locked', check that the player comes indeed from the correct IP address
bool locked = false;
if((*result)[2].GetUInt8() == 1) // if ip is locked
{
DEBUG_LOG("[AuthChallenge] Account '%s' is locked to IP - '%s'", _login.c_str(), (*result)[3].GetString());
DEBUG_LOG("[AuthChallenge] Player address is '%s'", GetRemoteAddress().c_str());
if ( strcmp((*result)[3].GetString(),GetRemoteAddress().c_str()) )
{
DEBUG_LOG("[AuthChallenge] Account IP differs");
pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
locked=true;
}
else
{
DEBUG_LOG("[AuthChallenge] Account IP matches");
}
}
else
{
DEBUG_LOG("[AuthChallenge] Account '%s' is not locked to ip", _login.c_str());
}
if (!locked)
{
//set expired bans to inactive
dbRealmServer.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
///- If the account is banned, reject the logon attempt
QueryResult *banresult = dbRealmServer.PQuery("SELECT bandate,unbandate FROM account_banned WHERE id = %u AND active = 1", (*result)[1].GetUInt32());
if(banresult)
{
if((*banresult)[0].GetUInt64() == (*banresult)[1].GetUInt64())
{
pkt << (uint8) REALM_AUTH_ACCOUNT_BANNED;
sLog.outBasic("[AuthChallenge] Banned account %s tries to login!",_login.c_str ());
}
else
{
pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!",_login.c_str ());
}
delete banresult;
}
else
{
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = (*result)[0].GetCppString();
_SetVSFields(rI);
b.SetRand(19 * 8);
BigNumber gmod=g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16*8);
///- Fill the response packet with the result
pkt << (uint8)REALM_AUTH_SUCCESS;
// B may be calculated < 32B so we force minnimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << (uint8)1;
pkt.append(g.AsByteArray(), 1);
pkt << (uint8)32;
pkt.append(N.AsByteArray(), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes()); // 32 bytes
pkt.append(unk3.AsByteArray(), 16);
pkt << (uint8)0; // Added in 1.12.x client branch
uint8 secLevel = (*result)[4].GetUInt8();
_accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
_localizationName.resize(4);
for(int i = 0; i <4; ++i)
_localizationName[i] = ch->country[4-i-1];
sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3],ch->country[2],ch->country[1],ch->country[0], GetLocaleByName(_localizationName));
}
}
delete result;
}
else //no account
{
pkt<< (uint8) REALM_AUTH_NO_MATCH;
}
}
SendBuf((char const*)pkt.contents(), pkt.size());
return true;
}
/// Launch the realm server
extern int main(int argc, char** argv)
{
///- Command line parsing
std::string cfg_file;
std::string serviceDaemonMode;
boost::program_options::options_description description("Allowed options");
description.add_options()
("version,v", "print version and exit")
("help,h", "print commandline help and exit")
("config,c", boost::program_options::value<std::string>(&cfg_file)->default_value(_REALMD_CONFIG), "use as configuration file")
#ifdef WIN32
("service,s", boost::program_options::value<std::string>(&serviceDaemonMode), "running as service, arg functions: run, install, uninstall")
#else
("service,s", boost::program_options::value<std::string>(&serviceDaemonMode), "running as daemon, arg functions: run, stop")
#endif
;
// parse option
boost::program_options::variables_map vm;
try
{
boost::program_options::store(boost::program_options::command_line_parser(argc, argv).
options(description).run(), vm);
boost::program_options::notify(vm);
}
catch (boost::program_options::unknown_option const& ex)
{
sLog.outError("Runtime-Error: unknown option %s", ex.get_option_name().c_str());
usage(description, argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
}
catch (boost::program_options::invalid_command_line_syntax const& ex)
{
sLog.outError("Runtime-Error: invalid syntax for option %s", ex.get_option_name().c_str());
usage(description, argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
}
if (vm.count("version"))
{
printf("%s\n", _FULLVERSION(REVISION_DATE, REVISION_TIME, REVISION_NR, REVISION_ID));
return 0;
}
if (vm.count("help"))
{
usage(description, argv[0]);
return 0;
}
if (!serviceDaemonMode.empty())
{
#ifdef WIN32
char const* const serviceModes[] = { "run", "install", "uninstall", NULL };
#else
char const* const serviceModes[] = { "run", "stop", NULL };
#endif
char const* const* mode_ptr = &serviceModes[0];
for(; *mode_ptr != NULL; ++mode_ptr)
if (*mode_ptr == serviceDaemonMode)
break;
if (!*mode_ptr)
{
sLog.outError("Runtime-Error: -s unsupported argument %s", serviceDaemonMode.c_str());
usage(description, argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
}
}
#ifdef WIN32 // windows service command need execute before config read
switch (serviceDaemonMode[0])
{
case 'i':
if (WinServiceInstall())
sLog.outString("Installing service");
return 1;
case 'u':
if (WinServiceUninstall())
sLog.outString("Uninstalling service");
return 1;
case 'r':
WinServiceRun();
break;
}
#endif
if (!sConfig.SetSource(cfg_file, "RealmdConf"))
{
sLog.outError("Could not find configuration file %s.", cfg_file.c_str());
Log::WaitBeforeContinueIfNeed();
return 1;
}
#ifndef WIN32 // posix daemon commands need apply after config read
switch (serviceDaemonMode[0])
{
case 'r':
startDaemon();
break;
case 's':
stopDaemon();
break;
}
#endif
sLog.Initialize();
sLog.outString("%s [realm-daemon]", _FULLVERSION(REVISION_DATE, REVISION_TIME, REVISION_NR, REVISION_ID));
sLog.outString("<Ctrl-C> to stop.\n");
sLog.outString("Using configuration file %s.", cfg_file.c_str());
///- Check the version of the configuration file
uint32 confVersion = sConfig.GetIntDefault("ConfVersion", 0);
if (confVersion < _REALMDCONFVERSION)
{
sLog.outError("*****************************************************************************");
sLog.outError(" WARNING: Your realmd.conf version indicates your conf file is out of date!");
sLog.outError(" Please check for updates, as your current default values may cause");
sLog.outError(" strange behavior.");
sLog.outError("*****************************************************************************");
Log::WaitBeforeContinueIfNeed();
}
DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
if (SSLeay() < 0x009080bfL)
{
DETAIL_LOG("WARNING: Outdated version of OpenSSL lib. Logins to server may not work!");
DETAIL_LOG("WARNING: Minimal required version [OpenSSL 0.9.8k]");
}
DETAIL_LOG("Using ACE: %s", ACE_VERSION);
DETAIL_LOG("Using BOOST: %i.%i.%i", BOOST_VERSION / 100000, BOOST_VERSION / 100 % 1000, BOOST_VERSION % 100);
sLog.outBasic("Max allowed open files is %d", boost::asio::socket_base::max_connections);
/// realmd PID file creation
std::string pidfile = sConfig.GetStringDefault("PidFile", "");
if (!pidfile.empty())
{
uint32 pid = CreatePIDFile(pidfile);
if (!pid)
{
sLog.outError("Cannot create PID file %s.\n", pidfile.c_str());
Log::WaitBeforeContinueIfNeed();
return 1;
}
sLog.outString("Daemon PID: %u\n", pid);
}
///- Initialize the database connection
if (!StartDB())
{
Log::WaitBeforeContinueIfNeed();
return 1;
}
///- Get the list of realms for the server
sRealmList.Initialize(sConfig.GetIntDefault("RealmsStateUpdateDelay", 20));
if (sRealmList.size() == 0)
{
sLog.outError("No valid realms specified.");
Log::WaitBeforeContinueIfNeed();
return 1;
}
// cleanup query
// set expired bans to inactive
LoginDatabase.BeginTransaction();
LoginDatabase.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.CommitTransaction();
///- Launch the listening network socket
uint16 rmport = sConfig.GetIntDefault("RealmServerPort", DEFAULT_REALMSERVER_PORT);
std::string bind_ip = sConfig.GetStringDefault("BindIP", "0.0.0.0");
std::auto_ptr< SessionManager > manager(new SessionManager());
if (!manager->StartNetwork(rmport, bind_ip))
{
sLog.outError("MaNGOS realmd can not bind to %s:%d", bind_ip.c_str(), rmport);
Log::WaitBeforeContinueIfNeed();
return 1;
}
///- Catch termination signals
HookSignals();
///- Handle affinity for multiple processors and process priority on Windows
#ifdef WIN32
{
HANDLE hProcess = GetCurrentProcess();
uint32 Aff = sConfig.GetIntDefault("UseProcessors", 0);
if (Aff > 0)
{
ULONG_PTR appAff;
ULONG_PTR sysAff;
if (GetProcessAffinityMask(hProcess, &appAff, &sysAff))
{
ULONG_PTR curAff = Aff & appAff; // remove non accessible processors
if (!curAff)
{
sLog.outError("Processors marked in UseProcessors bitmask (hex) %x not accessible for realmd. Accessible processors bitmask (hex): %x", Aff, appAff);
}
else
{
if (SetProcessAffinityMask(hProcess, curAff))
sLog.outString("Using processors (bitmask, hex): %x", curAff);
else
sLog.outError("Can't set used processors (hex): %x", curAff);
}
}
sLog.outString();
}
bool Prio = sConfig.GetBoolDefault("ProcessPriority", false);
if (Prio)
{
if (SetPriorityClass(hProcess, HIGH_PRIORITY_CLASS))
sLog.outString("realmd process priority class set to HIGH");
else
sLog.outError("Can't set realmd process priority class.");
sLog.outString();
}
}
#endif
// server has started up successfully => enable async DB requests
LoginDatabase.AllowAsyncTransactions();
// maximum counter for next ping
uint32 numLoops = (sConfig.GetIntDefault("MaxPingTime", 30) * (MINUTE * 1000000 / 100000));
uint32 loopCounter = 0;
#ifndef WIN32
detachDaemon();
#endif
///- Wait for termination signal
while (!stopEvent)
{
// dont move this outside the loop, the reactor will modify it
boost::this_thread::sleep(boost::posix_time::milliseconds(10));
if ((++loopCounter) == numLoops)
{
loopCounter = 0;
DETAIL_LOG("Ping MySQL to keep connection alive");
LoginDatabase.Ping();
}
#ifdef WIN32
if (m_ServiceStatus == 0) stopEvent = true;
while (m_ServiceStatus == 2) Sleep(1000);
#endif
}
manager->StopNetwork();
manager.reset();
///- Wait for the delay thread to exit
LoginDatabase.HaltDelayThread();
///- Remove signal handling before leaving
UnhookSignals();
sLog.outString("Halting process...");
return 0;
}
/// Launch the realm server
int main(int argc, char* argv[])
{
std::string configFile, serviceParameter;
boost::program_options::options_description desc("Allowed options");
desc.add_options()
("config,c", boost::program_options::value<std::string>(&configFile)->default_value(_REALMD_CONFIG), "configuration file")
("version,v", "print version and exit")
#ifdef _WIN32
("s", boost::program_options::value<std::string>(&serviceParameter), "<run, install, uninstall> service");
#else
("s", boost::program_options::value<std::string>(&serviceParameter), "<run, stop> service");
#endif
boost::program_options::variables_map vm;
try
{
boost::program_options::store(boost::program_options::parse_command_line(argc, argv, desc), vm);
boost::program_options::notify(vm);
}
catch (boost::program_options::error const& e)
{
std::cerr << "ERROR: " << e.what() << std::endl << std::endl;
std::cerr << desc << std::endl;
return 1;
}
#ifdef _WIN32 // windows service command need execute before config read
if (vm.count("s"))
{
switch (::tolower(serviceParameter[0]))
{
case 'i':
if (WinServiceInstall())
sLog.outString("Installing service");
return 1;
case 'u':
if (WinServiceUninstall())
sLog.outString("Uninstalling service");
return 1;
case 'r':
WinServiceRun();
break;
}
}
#endif
if (!sConfig.SetSource(configFile))
{
sLog.outError("Could not find configuration file %s.", configFile.c_str());
Log::WaitBeforeContinueIfNeed();
return 1;
}
#ifndef _WIN32 // posix daemon commands need apply after config read
if (vm.count("s"))
{
switch (::tolower(serviceParameter[0]))
{
case 'r':
startDaemon();
break;
case 's':
stopDaemon();
break;
}
}
#endif
sLog.Initialize();
sLog.outString("%s [realm-daemon]", _FULLVERSION(REVISION_DATE, REVISION_ID));
sLog.outString("<Ctrl-C> to stop.\n");
sLog.outString("Using configuration file %s.", configFile.c_str());
///- Check the version of the configuration file
uint32 confVersion = sConfig.GetIntDefault("ConfVersion", 0);
if (confVersion < _REALMDCONFVERSION)
{
sLog.outError("*****************************************************************************");
sLog.outError(" WARNING: Your realmd.conf version indicates your conf file is out of date!");
sLog.outError(" Please check for updates, as your current default values may cause");
sLog.outError(" strange behavior.");
sLog.outError("*****************************************************************************");
Log::WaitBeforeContinueIfNeed();
}
DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
if (SSLeay() < 0x009080bfL)
{
DETAIL_LOG("WARNING: Outdated version of OpenSSL lib. Logins to server may not work!");
DETAIL_LOG("WARNING: Minimal required version [OpenSSL 0.9.8k]");
}
/// realmd PID file creation
std::string pidfile = sConfig.GetStringDefault("PidFile");
if (!pidfile.empty())
{
uint32 pid = CreatePIDFile(pidfile);
if (!pid)
{
sLog.outError("Cannot create PID file %s.\n", pidfile.c_str());
Log::WaitBeforeContinueIfNeed();
return 1;
}
sLog.outString("Daemon PID: %u\n", pid);
}
///- Initialize the database connection
if (!StartDB())
{
Log::WaitBeforeContinueIfNeed();
return 1;
}
///- Get the list of realms for the server
sRealmList.Initialize(sConfig.GetIntDefault("RealmsStateUpdateDelay", 20));
if (sRealmList.size() == 0)
{
sLog.outError("No valid realms specified.");
Log::WaitBeforeContinueIfNeed();
return 1;
}
// cleanup query
// set expired bans to inactive
LoginDatabase.BeginTransaction();
LoginDatabase.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.CommitTransaction();
// FIXME - more intelligent selection of thread count is needed here. config option?
MaNGOS::Listener<AuthSocket> listener(sConfig.GetStringDefault("BindIP", "0.0.0.0"), sConfig.GetIntDefault("RealmServerPort", DEFAULT_REALMSERVER_PORT), 1);
///- Catch termination signals
HookSignals();
///- Handle affinity for multiple processors and process priority on Windows
#ifdef _WIN32
{
HANDLE hProcess = GetCurrentProcess();
uint32 Aff = sConfig.GetIntDefault("UseProcessors", 0);
if (Aff > 0)
{
ULONG_PTR appAff;
ULONG_PTR sysAff;
if (GetProcessAffinityMask(hProcess, &appAff, &sysAff))
{
ULONG_PTR curAff = Aff & appAff; // remove non accessible processors
if (!curAff)
{
sLog.outError("Processors marked in UseProcessors bitmask (hex) %x not accessible for realmd. Accessible processors bitmask (hex): %x", Aff, appAff);
}
else
{
if (SetProcessAffinityMask(hProcess, curAff))
sLog.outString("Using processors (bitmask, hex): %x", curAff);
else
sLog.outError("Can't set used processors (hex): %x", curAff);
}
}
sLog.outString();
}
bool Prio = sConfig.GetBoolDefault("ProcessPriority", false);
if (Prio)
{
if (SetPriorityClass(hProcess, HIGH_PRIORITY_CLASS))
sLog.outString("realmd process priority class set to HIGH");
else
sLog.outError("Can't set realmd process priority class.");
sLog.outString();
}
}
#endif
// server has started up successfully => enable async DB requests
LoginDatabase.AllowAsyncTransactions();
// maximum counter for next ping
auto const numLoops = sConfig.GetIntDefault("MaxPingTime", 30) * MINUTE * 10;
uint32 loopCounter = 0;
#ifndef _WIN32
detachDaemon();
#endif
///- Wait for termination signal
while (!stopEvent)
{
if ((++loopCounter) == numLoops)
{
loopCounter = 0;
DETAIL_LOG("Ping MySQL to keep connection alive");
LoginDatabase.Ping();
}
std::this_thread::sleep_for(std::chrono::milliseconds(100));
#ifdef _WIN32
if (m_ServiceStatus == 0) stopEvent = true;
while (m_ServiceStatus == 2) Sleep(1000);
#endif
}
///- Wait for the delay thread to exit
LoginDatabase.HaltDelayThread();
///- Remove signal handling before leaving
UnhookSignals();
sLog.outString("Halting process...");
return 0;
}
/// Logon Challenge command handler
bool AuthSocket::_HandleLogonChallenge()
{
DEBUG_LOG("Entering _HandleLogonChallenge");
if (socket().recv_len() < sizeof(sAuthLogonChallenge_C))
return false;
///- Read the first 4 bytes (header) to get the length of the remaining of the packet
std::vector<uint8> buf;
buf.resize(4);
socket().recv((char *)&buf[0], 4);
EndianConvert(*((uint16*)(buf[0])));
uint16 remaining = ((sAuthLogonChallenge_C *)&buf[0])->size;
DEBUG_LOG("[AuthChallenge] got header, body is %#04x bytes", remaining);
if ((remaining < sizeof(sAuthLogonChallenge_C) - buf.size()) || (socket().recv_len() < remaining))
return false;
//No big fear of memory outage (size is int16, i.e. < 65536)
buf.resize(remaining + buf.size() + 1);
buf[buf.size() - 1] = 0;
sAuthLogonChallenge_C *ch = (sAuthLogonChallenge_C*)&buf[0];
///- Read the remaining of the packet
socket().recv((char *)&buf[4], remaining);
DEBUG_LOG("[AuthChallenge] got full packet, %#04x bytes", ch->size);
DEBUG_LOG("[AuthChallenge] name(%d): '%s'", ch->I_len, ch->I);
// BigEndian code, nop in little endian case
// size already converted
EndianConvert(*((uint32*)(&ch->gamename[0])));
EndianConvert(ch->build);
EndianConvert(*((uint32*)(&ch->platform[0])));
EndianConvert(*((uint32*)(&ch->os[0])));
EndianConvert(*((uint32*)(&ch->country[0])));
EndianConvert(ch->timezone_bias);
EndianConvert(ch->ip);
ByteBuffer pkt;
_login = (const char*)ch->I;
_build = ch->build;
_expversion = (AuthHelper::IsPostBCAcceptedClientBuild(_build) ? POST_BC_EXP_FLAG : NO_VALID_EXP_FLAG) + (AuthHelper::IsPreBCAcceptedClientBuild(_build) ? PRE_BC_EXP_FLAG : NO_VALID_EXP_FLAG);
///- Normalize account name
//utf8ToUpperOnlyLatin(_login); -- client already send account in expected form
//Escape the user login to avoid further SQL injection
//Memory will be freed on AuthSocket object destruction
_safelogin = _login;
LoginDatabase.escape_string(_safelogin);
_build = ch->build;
pkt << (uint8) AUTH_LOGON_CHALLENGE;
pkt << (uint8) 0x00;
///- Verify that this IP is not in the ip_banned table
// No SQL injection possible (paste the IP address as passed by the socket)
LoginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
std::string address(socket().get_remote_address().c_str());
LoginDatabase.escape_string(address);
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT * FROM ip_banned WHERE ip = '%s'",address.c_str());
if (result)
{
pkt << (uint8)WOW_FAIL_BANNED;
sLog.outBasic("[AuthChallenge] Banned ip %s tries to login!", address.c_str ());
}
else
{
///- Get the account details from the account table
// No SQL injection (escaped user name)
result = LoginDatabase.PQuery("SELECT a.sha_pass_hash,a.id,a.locked,a.last_ip,aa.gmlevel,a.v,a.s "
"FROM account a "
"LEFT JOIN account_access aa "
"ON (a.id = aa.id) "
"WHERE a.username = '******'",_safelogin.c_str ());
if (result)
{
///- If the IP is 'locked', check that the player comes indeed from the correct IP address
bool locked = false;
if ((*result)[2].GetUInt8() == 1) // if ip is locked
{
DEBUG_LOG("[AuthChallenge] Account '%s' is locked to IP - '%s'", _login.c_str(), (*result)[3].GetString());
DEBUG_LOG("[AuthChallenge] Player address is '%s'", socket().get_remote_address().c_str());
if (strcmp((*result)[3].GetString(),socket().get_remote_address().c_str()))
{
DEBUG_LOG("[AuthChallenge] Account IP differs");
pkt << (uint8) WOW_FAIL_SUSPENDED;
locked=true;
}
else
DEBUG_LOG("[AuthChallenge] Account IP matches");
}
else
DEBUG_LOG("[AuthChallenge] Account '%s' is not locked to ip", _login.c_str());
if (!locked)
{
//set expired bans to inactive
LoginDatabase.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
///- If the account is banned, reject the logon attempt
QueryResult_AutoPtr banresult = LoginDatabase.PQuery("SELECT bandate,unbandate FROM account_banned WHERE id = %u AND active = 1", (*result)[1].GetUInt32());
if (banresult)
{
if ((*banresult)[0].GetUInt64() == (*banresult)[1].GetUInt64())
{
pkt << (uint8) WOW_FAIL_BANNED;
sLog.outBasic("[AuthChallenge] Banned account %s tries to login!",_login.c_str ());
}
else
{
pkt << (uint8) WOW_FAIL_SUSPENDED;
sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!",_login.c_str ());
}
}
else
{
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = (*result)[0].GetCppString();
///- Don't calculate (v, s) if there are already some in the database
std::string databaseV = (*result)[5].GetCppString();
std::string databaseS = (*result)[6].GetCppString();
sLog.outDebug("database authentication values: v='%s' s='%s'", databaseV.c_str(), databaseS.c_str());
// multiply with 2, bytes are stored as hexstring
if (databaseV.size() != s_BYTE_SIZE*2 || databaseS.size() != s_BYTE_SIZE*2)
_SetVSFields(rI);
else
{
s.SetHexStr(databaseS.c_str());
v.SetHexStr(databaseV.c_str());
}
b.SetRand(19 * 8);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16 * 8);
///- Fill the response packet with the result
pkt << uint8(WOW_SUCCESS);
// B may be calculated < 32B so we force minimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << uint8(1);
pkt.append(g.AsByteArray(), 1);
pkt << uint8(32);
pkt.append(N.AsByteArray(32), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes()); // 32 bytes
pkt.append(unk3.AsByteArray(16), 16);
uint8 securityFlags = 0;
pkt << uint8(securityFlags); // security flags (0x0...0x04)
if (securityFlags & 0x01) // PIN input
{
pkt << uint32(0);
pkt << uint64(0) << uint64(0); // 16 bytes hash?
}
if (securityFlags & 0x02) // Matrix input
{
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint64(0);
}
if (securityFlags & 0x04) // Security token input
pkt << uint8(1);
uint8 secLevel = (*result)[4].GetUInt8();
_accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
_localizationName.resize(4);
for (int i = 0; i < 4; ++i)
_localizationName[i] = ch->country[4-i-1];
sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3], ch->country[2], ch->country[1], ch->country[0], GetLocaleByName(_localizationName));
}
}
}
else //no account
{
pkt<< (uint8) WOW_FAIL_UNKNOWN_ACCOUNT;
}
}
socket().send((char const*)pkt.contents(), pkt.size());
return true;
}
/// Launch the realm server
extern int main(int argc, char **argv)
{
///- Command line parsing
char const* cfg_file = _REALMD_CONFIG;
#ifdef WIN32
char const *options = ":c:s:";
#else
char const *options = ":c:";
#endif
ACE_Get_Opt cmd_opts(argc, argv, options);
cmd_opts.long_option("version", 'v');
int option;
while ((option = cmd_opts()) != EOF)
{
switch (option)
{
case 'c':
cfg_file = cmd_opts.opt_arg();
break;
case 'v':
printf("%s\n", _FULLVERSION(REVISION_DATE,REVISION_TIME,REVISION_NR,REVISION_ID));
return 0;
#ifdef WIN32
case 's':
{
const char *mode = cmd_opts.opt_arg();
if (!strcmp(mode, "install"))
{
if (WinServiceInstall())
sLog.outString("Installing service");
return 1;
}
else if (!strcmp(mode, "uninstall"))
{
if (WinServiceUninstall())
sLog.outString("Uninstalling service");
return 1;
}
else if (!strcmp(mode, "run"))
WinServiceRun();
else
{
sLog.outError("Runtime-Error: -%c unsupported argument %s", cmd_opts.opt_opt(), mode);
usage(argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
}
break;
}
#endif
case ':':
sLog.outError("Runtime-Error: -%c option requires an input argument", cmd_opts.opt_opt());
usage(argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
default:
sLog.outError("Runtime-Error: bad format of commandline arguments");
usage(argv[0]);
Log::WaitBeforeContinueIfNeed();
return 1;
}
}
if (!sConfig.SetSource(cfg_file))
{
sLog.outError("Could not find configuration file %s.", cfg_file);
Log::WaitBeforeContinueIfNeed();
return 1;
}
sLog.Initialize();
sLog.outString( "%s [realm-daemon]", _FULLVERSION(REVISION_DATE,REVISION_TIME,REVISION_NR,REVISION_ID) );
sLog.outString( "<Ctrl-C> to stop.\n" );
sLog.outString("Using configuration file %s.", cfg_file);
///- Check the version of the configuration file
uint32 confVersion = sConfig.GetIntDefault("ConfVersion", 0);
if (confVersion < _REALMDCONFVERSION)
{
sLog.outError("*****************************************************************************");
sLog.outError(" WARNING: Your realmd.conf version indicates your conf file is out of date!");
sLog.outError(" Please check for updates, as your current default values may cause");
sLog.outError(" strange behavior.");
sLog.outError("*****************************************************************************");
Log::WaitBeforeContinueIfNeed();
}
DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
if (SSLeay() < 0x009080bfL )
{
DETAIL_LOG("WARNING: Outdated version of OpenSSL lib. Logins to server may not work!");
DETAIL_LOG("WARNING: Minimal required version [OpenSSL 0.9.8k]");
}
DETAIL_LOG("Using ACE: %s", ACE_VERSION);
#if defined (ACE_HAS_EVENT_POLL) || defined (ACE_HAS_DEV_POLL)
ACE_Reactor::instance(new ACE_Reactor(new ACE_Dev_Poll_Reactor(ACE::max_handles(), 1), 1), true);
#else
ACE_Reactor::instance(new ACE_Reactor(new ACE_TP_Reactor(), true), true);
#endif
sLog.outBasic("Max allowed open files is %d", ACE::max_handles());
/// realmd PID file creation
std::string pidfile = sConfig.GetStringDefault("PidFile", "");
if(!pidfile.empty())
{
uint32 pid = CreatePIDFile(pidfile);
if( !pid )
{
sLog.outError( "Cannot create PID file %s.\n", pidfile.c_str() );
Log::WaitBeforeContinueIfNeed();
return 1;
}
sLog.outString( "Daemon PID: %u\n", pid );
}
///- Initialize the database connection
if(!StartDB())
{
Log::WaitBeforeContinueIfNeed();
return 1;
}
///- Get the list of realms for the server
sRealmList.Initialize(sConfig.GetIntDefault("RealmsStateUpdateDelay", 20));
if (sRealmList.size() == 0)
{
sLog.outError("No valid realms specified.");
Log::WaitBeforeContinueIfNeed();
return 1;
}
// cleanup query
// set expired bans to inactive
LoginDatabase.BeginTransaction();
LoginDatabase.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
LoginDatabase.CommitTransaction();
///- Launch the listening network socket
ACE_Acceptor<AuthSocket, ACE_SOCK_Acceptor> acceptor;
uint16 rmport = sConfig.GetIntDefault("RealmServerPort", DEFAULT_REALMSERVER_PORT);
std::string bind_ip = sConfig.GetStringDefault("BindIP", "0.0.0.0");
ACE_INET_Addr bind_addr(rmport, bind_ip.c_str());
if(acceptor.open(bind_addr, ACE_Reactor::instance(), ACE_NONBLOCK) == -1)
{
sLog.outError("MaNGOS realmd can not bind to %s:%d", bind_ip.c_str(), rmport);
Log::WaitBeforeContinueIfNeed();
return 1;
}
// FG: "bad points" system related
uint32 badPointsDropInterval = sConfig.GetIntDefault("BadPoints.DropInterval", HOUR);
uint32 badPointsDropAmount = sConfig.GetIntDefault("BadPoints.DropAmount", 1);
uint32 badPointsDropWaitTime = sConfig.GetIntDefault("BadPoints.WaitTime", WEEK);
IntervalTimer badPointsTimer;
badPointsTimer.SetInterval(badPointsDropInterval * IN_MILLISECONDS);
///- Catch termination signals
HookSignals();
///- Handle affinity for multiple processors and process priority on Windows
#ifdef WIN32
{
HANDLE hProcess = GetCurrentProcess();
uint32 Aff = sConfig.GetIntDefault("UseProcessors", 0);
if(Aff > 0)
{
ULONG_PTR appAff;
ULONG_PTR sysAff;
if(GetProcessAffinityMask(hProcess,&appAff,&sysAff))
{
ULONG_PTR curAff = Aff & appAff; // remove non accessible processors
if(!curAff )
{
sLog.outError("Processors marked in UseProcessors bitmask (hex) %x not accessible for realmd. Accessible processors bitmask (hex): %x",Aff,appAff);
}
else
{
if(SetProcessAffinityMask(hProcess,curAff))
sLog.outString("Using processors (bitmask, hex): %x", curAff);
else
sLog.outError("Can't set used processors (hex): %x", curAff);
}
}
sLog.outString();
}
bool Prio = sConfig.GetBoolDefault("ProcessPriority", false);
if(Prio)
{
if(SetPriorityClass(hProcess,HIGH_PRIORITY_CLASS))
sLog.outString("realmd process priority class set to HIGH");
else
sLog.outError("Can't set realmd process priority class.");
sLog.outString();
}
}
#endif
//server has started up successfully => enable async DB requests
LoginDatabase.AllowAsyncTransactions();
// maximum counter for next ping
uint32 numLoops = (sConfig.GetIntDefault( "MaxPingTime", 30 ) * (MINUTE * 1000000 / 100000));
uint32 loopCounter = 0;
uint32 last_ping_time = 0;
uint32 now = WorldTimer::getMSTime();
uint32 diff;
uint32 lasttime = now;
uint32 last_ipprops_cleanup = 0;
///- Wait for termination signal
while (!stopEvent)
{
// dont move this outside the loop, the reactor will modify it
ACE_Time_Value interval(0, 100000);
if (ACE_Reactor::instance()->run_reactor_event_loop(interval) == -1)
break;
now = WorldTimer::getMSTime();
diff = WorldTimer::getMSTimeDiff(lasttime, now);
lasttime = now;
badPointsTimer.Update(diff);
if( (++loopCounter) == numLoops )
{
// FG: protect against network system overloading
// if that happens, force realmd close (autorestarter ftw!)
if(WorldTimer::getMSTimeDiff(last_ping_time, now) < 10000)
{
sLog.outError("NETWORK SYSTEM OVERLOAD");
raise(SIGSEGV); // force close
abort();
}
last_ping_time = now;
loopCounter = 0;
DETAIL_LOG("Ping MySQL to keep connection alive");
LoginDatabase.Ping();
}
// FG: clear flood protect buffer periodically
if(WorldTimer::getMSTimeDiff(last_ipprops_cleanup, now) > 30000) // flush stored IPs every 30 secs
{
last_ipprops_cleanup = now;
uint32 flushed = 0, blocked = 0, stored = 0;
CleanupIPPropmap(flushed, blocked, stored);
sLog.outDetail("IPProp: Flushed %u total, %u of them blocked, now %u stored", flushed, blocked, stored);
}
// FG: handle "bad points" drop
if(badPointsTimer.Passed())
{
badPointsTimer.Reset();
if(badPointsDropAmount)
{
uint64 goodtime = uint64(time(NULL)) - badPointsDropWaitTime;
LoginDatabase.Execute("UPDATE account_badpoints SET maxpts = curpts WHERE maxpts < curpts");
LoginDatabase.PExecute("UPDATE account_badpoints SET curpts = 0 WHERE curpts <= %u AND lasttime < "UI64FMTD,
badPointsDropAmount, goodtime);
LoginDatabase.PExecute("UPDATE account_badpoints SET curpts = curpts - %u WHERE curpts > %u AND lasttime < "UI64FMTD,
badPointsDropAmount, badPointsDropAmount, goodtime);
}
}
#ifdef WIN32
if (m_ServiceStatus == 0) stopEvent = true;
while (m_ServiceStatus == 2) Sleep(1000);
#endif
}
///- Wait for the delay thread to exit
LoginDatabase.HaltDelayThread();
///- Remove signal handling before leaving
UnhookSignals();
sLog.outString( "Halting process..." );
return 0;
}
/// Launch the realm server
extern int main(int argc, char **argv)
{
///- Command line parsing to get the configuration file name
char const* cfg_file = _REALMD_CONFIG;
int c=1;
while( c < argc )
{
if( strcmp(argv[c],"-c") == 0)
{
if( ++c >= argc )
{
sLog.outError("Runtime-Error: -c option requires an input argument");
usage(argv[0]);
return 1;
}
else
cfg_file = argv[c];
}
if( strcmp(argv[c],"--version") == 0)
{
printf("%s\n", _FULLVERSION(REVISION_DATE,REVISION_TIME,REVISION_NR,REVISION_ID));
return 0;
}
#ifdef WIN32
////////////
//Services//
////////////
if( strcmp(argv[c],"-s") == 0)
{
if( ++c >= argc )
{
sLog.outError("Runtime-Error: -s option requires an input argument");
usage(argv[0]);
return 1;
}
if( strcmp(argv[c],"install") == 0)
{
if (WinServiceInstall())
sLog.outString("Installing service");
return 1;
}
else if( strcmp(argv[c],"uninstall") == 0)
{
if(WinServiceUninstall())
sLog.outString("Uninstalling service");
return 1;
}
else
{
sLog.outError("Runtime-Error: unsupported option %s",argv[c]);
usage(argv[0]);
return 1;
}
}
if( strcmp(argv[c],"--service") == 0)
{
WinServiceRun();
}
////
#endif
++c;
}
if (!sConfig.SetSource(cfg_file))
{
sLog.outError("Could not find configuration file %s.", cfg_file);
return 1;
}
sLog.Initialize();
sLog.outString( "%s [realm-daemon]", _FULLVERSION(REVISION_DATE,REVISION_TIME,REVISION_NR,REVISION_ID) );
sLog.outString( "<Ctrl-C> to stop.\n" );
sLog.outString("Using configuration file %s.", cfg_file);
///- Check the version of the configuration file
uint32 confVersion = sConfig.GetIntDefault("ConfVersion", 0);
if (confVersion < _REALMDCONFVERSION)
{
sLog.outError("*****************************************************************************");
sLog.outError(" WARNING: Your realmd.conf version indicates your conf file is out of date!");
sLog.outError(" Please check for updates, as your current default values may cause");
sLog.outError(" strange behavior.");
sLog.outError("*****************************************************************************");
clock_t pause = 3000 + clock();
while (pause > clock()) {}
}
sLog.outDetail("%s (Library: %s)", OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
if (SSLeay() < 0x009080bfL )
{
sLog.outDetail("WARNING: Outdated version of OpenSSL lib. Logins to server may not work!");
sLog.outDetail("WARNING: Minimal required version [OpenSSL 0.9.8k]");
}
/// realmd PID file creation
std::string pidfile = sConfig.GetStringDefault("PidFile", "");
if(!pidfile.empty())
{
uint32 pid = CreatePIDFile(pidfile);
if( !pid )
{
sLog.outError( "Cannot create PID file %s.\n", pidfile.c_str() );
return 1;
}
sLog.outString( "Daemon PID: %u\n", pid );
}
///- Initialize the database connection
if(!StartDB())
return 1;
///- Get the list of realms for the server
sRealmList.Initialize(sConfig.GetIntDefault("RealmsStateUpdateDelay", 20));
if (sRealmList.size() == 0)
{
sLog.outError("No valid realms specified.");
return 1;
}
///- Launch the listening network socket
port_t rmport = sConfig.GetIntDefault( "RealmServerPort", DEFAULT_REALMSERVER_PORT );
std::string bind_ip = sConfig.GetStringDefault("BindIP", "0.0.0.0");
SocketHandler h;
ListenSocket<AuthSocket> authListenSocket(h);
if ( authListenSocket.Bind(bind_ip.c_str(),rmport))
{
sLog.outError( "MaNGOS realmd can not bind to %s:%d",bind_ip.c_str(), rmport );
return 1;
}
// cleanup query
//set expired bans to inactive
loginDatabase.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
loginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
h.Add(&authListenSocket);
///- Catch termination signals
HookSignals();
///- Handle affinity for multiple processors and process priority on Windows
#ifdef WIN32
{
HANDLE hProcess = GetCurrentProcess();
uint32 Aff = sConfig.GetIntDefault("UseProcessors", 0);
if(Aff > 0)
{
ULONG_PTR appAff;
ULONG_PTR sysAff;
if(GetProcessAffinityMask(hProcess,&appAff,&sysAff))
{
ULONG_PTR curAff = Aff & appAff; // remove non accessible processors
if(!curAff )
{
sLog.outError("Processors marked in UseProcessors bitmask (hex) %x not accessible for realmd. Accessible processors bitmask (hex): %x",Aff,appAff);
}
else
{
if(SetProcessAffinityMask(hProcess,curAff))
sLog.outString("Using processors (bitmask, hex): %x", curAff);
else
sLog.outError("Can't set used processors (hex): %x", curAff);
}
}
sLog.outString();
}
bool Prio = sConfig.GetBoolDefault("ProcessPriority", false);
if(Prio)
{
if(SetPriorityClass(hProcess,HIGH_PRIORITY_CLASS))
sLog.outString("realmd process priority class set to HIGH");
else
sLog.outError("ERROR: Can't set realmd process priority class.");
sLog.outString();
}
}
#endif
// maximum counter for next ping
uint32 numLoops = (sConfig.GetIntDefault( "MaxPingTime", 30 ) * (MINUTE * 1000000 / 100000));
uint32 loopCounter = 0;
///- Wait for termination signal
while (!stopEvent)
{
h.Select(0, 100000);
if( (++loopCounter) == numLoops )
{
loopCounter = 0;
sLog.outDetail("Ping MySQL to keep connection alive");
delete loginDatabase.Query("SELECT 1 FROM realmlist LIMIT 1");
}
#ifdef WIN32
if (m_ServiceStatus == 0) stopEvent = true;
while (m_ServiceStatus == 2) Sleep(1000);
#endif
}
///- Wait for the delay thread to exit
loginDatabase.HaltDelayThread();
///- Remove signal handling before leaving
UnhookSignals();
sLog.outString( "Halting process..." );
return 0;
}
/// Logon Challenge command handler
bool AuthSocket::_HandleLogonChallenge()
{
DEBUG_LOG("Entering _HandleLogonChallenge");
if (recv_len() < sizeof(sAuthLogonChallenge_C))
return false;
///- Read the first 4 bytes (header) to get the length of the remaining of the packet
std::vector<uint8> buf;
buf.resize(4);
recv((char *)&buf[0], 4);
EndianConvert(*((uint16*)(buf[0])));
uint16 remaining = ((sAuthLogonChallenge_C *)&buf[0])->size;
DEBUG_LOG("[AuthChallenge] got header, body is %#04x bytes", remaining);
if ((remaining < sizeof(sAuthLogonChallenge_C) - buf.size()) || (recv_len() < remaining))
return false;
//No big fear of memory outage (size is int16, i.e. < 65536)
buf.resize(remaining + buf.size() + 1);
buf[buf.size() - 1] = 0;
sAuthLogonChallenge_C *ch = (sAuthLogonChallenge_C*)&buf[0];
///- Read the remaining of the packet
recv((char *)&buf[4], remaining);
DEBUG_LOG("[AuthChallenge] got full packet, %#04x bytes", ch->size);
DEBUG_LOG("[AuthChallenge] name(%d): '%s'", ch->I_len, ch->I);
// BigEndian code, nop in little endian case
// size already converted
EndianConvert(*((uint32*)(&ch->gamename[0])));
EndianConvert(ch->build);
EndianConvert(*((uint32*)(&ch->platform[0])));
EndianConvert(*((uint32*)(&ch->os[0])));
EndianConvert(*((uint32*)(&ch->country[0])));
EndianConvert(ch->timezone_bias);
EndianConvert(*((uint32*)(&ch->ip[0])));
std::stringstream tmpLocalIp;
tmpLocalIp << (uint32)ch->ip[0] << "." << (uint32)ch->ip[1] << "." << (uint32)ch->ip[2] << "." << (uint32)ch->ip[3];
localIp_ = tmpLocalIp.str();
ByteBuffer pkt;
_login = (const char*)ch->I;
_build = ch->build;
operatingSystem_ = (const char*)ch->os;
// Restore string order as its byte order is reversed
std::reverse(operatingSystem_.begin(), operatingSystem_.end());
if (operatingSystem_.size() > 4 || (operatingSystem_ != "Win" && operatingSystem_ != "OSX" && (sRealmList.ChatboxOsName == "" || operatingSystem_ != sRealmList.ChatboxOsName))){
sLog.outLog(LOG_WARDEN, "Client %s got unsupported operating system (%s)", _login.c_str(), operatingSystem_.c_str());
return false;
}
///- Normalize account name
//utf8ToUpperOnlyLatin(_login); -- client already send account in expected form
//Escape the user login to avoid further SQL injection
//Memory will be freed on AuthSocket object destruction
_safelogin = _login;
AccountsDatabase.escape_string(_safelogin);
pkt << (uint8) CMD_AUTH_LOGON_CHALLENGE;
pkt << (uint8) 0x00;
std::string address = get_remote_address();
#ifdef REGEX_NAMESPACE
for (PatternList::const_iterator i = pattern_banned.begin(); i != pattern_banned.end(); ++i)
{
if (REGEX_NAMESPACE::regex_match(address.c_str(), i->first) && REGEX_NAMESPACE::regex_match(localIp_.c_str(), i->second))
{
pkt<< (uint8) WOW_FAIL_UNKNOWN_ACCOUNT;
send((char const*)pkt.contents(), pkt.size());
return true;
}
}
#endif
///- Verify that this IP is not in the ip_banned table
// No SQL injection possible (paste the IP address as passed by the socket)
AccountsDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
AccountsDatabase.escape_string(address);
//Delete ViP
AccountsDatabase.Execute("UPDATE account_permissions SET permission_mask = 1 WHERE unsetdate<=UNIX_TIMESTAMP() AND unsetdate<>setdate");
QueryResultAutoPtr result = AccountsDatabase.PQuery("SELECT * FROM ip_banned WHERE ip = '%s'", address.c_str());
if (result) // ip banned
{
sLog.outBasic("[AuthChallenge] Banned ip %s tries to login!", get_remote_address().c_str());
pkt << uint8(WOW_FAIL_BANNED);
send((char const*)pkt.contents(), pkt.size());
return true;
}
///- Get the account details from the account table
// No SQL injection (escaped user name)
result = AccountsDatabase.PQuery("SELECT pass_hash, account.account_id, account_state_id, last_ip, permission_mask, email "
"FROM account JOIN account_permissions ON account.account_id = account_permissions.account_id "
"WHERE username = '******'", _safelogin.c_str());
if (!result) // account not exists
{
pkt<< uint8(WOW_FAIL_UNKNOWN_ACCOUNT);
send((char const*)pkt.contents(), pkt.size());
return true;
}
Field * fields = result->Fetch();
///- If the IP is 'locked', check that the player comes indeed from the correct IP address
switch (fields[2].GetUInt8())
{
case ACCOUNT_STATE_IP_LOCKED:
{
DEBUG_LOG("[AuthChallenge] Account '%s' is locked to IP - '%s'", _login.c_str(), (*result)[3].GetString());
DEBUG_LOG("[AuthChallenge] Player address is '%s'", get_remote_address().c_str());
if (strcmp(fields[4].GetString(), get_remote_address().c_str()))
{
DEBUG_LOG("[AuthChallenge] Account IP differs");
pkt << (uint8) WOW_FAIL_LOCKED_ENFORCED;
send((char const*)pkt.contents(), pkt.size());
return true;
}
else
{
DEBUG_LOG("[AuthChallenge] Account IP matches");
}
break;
}
case ACCOUNT_STATE_FROZEN:
{
pkt << uint8(WOW_FAIL_SUSPENDED);
send((char const*)pkt.contents(), pkt.size());
return true;
}
default:
DEBUG_LOG("[AuthChallenge] Account '%s' is not locked to ip or frozen", _login.c_str());
break;
}
///- If the account is banned, reject the logon attempt
QueryResultAutoPtr banresult = AccountsDatabase.PQuery("SELECT punishment_date, expiration_date "
"FROM account_punishment "
"WHERE account_id = '%u' AND punishment_type_id = '%u' AND (punishment_date = expiration_date OR expiration_date > UNIX_TIMESTAMP())", (*result)[1].GetUInt32(), PUNISHMENT_BAN);
if (banresult)
{
if((*banresult)[0].GetUInt64() == (*banresult)[1].GetUInt64())
{
pkt << uint8(WOW_FAIL_BANNED);
sLog.outBasic("[AuthChallenge] Banned account %s tries to login!", _login.c_str ());
}
else
{
pkt << uint8(WOW_FAIL_SUSPENDED);
sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!", _login.c_str ());
}
send((char const*)pkt.contents(), pkt.size());
return true;
}
QueryResultAutoPtr emailbanresult = AccountsDatabase.PQuery("SELECT email FROM email_banned WHERE email = '%s'", (*result)[5].GetString());
if (emailbanresult)
{
pkt << uint8(WOW_FAIL_BANNED);
sLog.outBasic("[AuthChallenge] Account %s with banned email %s tries to login!", _login.c_str (), (*emailbanresult)[0].GetString());
send((char const*)pkt.contents(), pkt.size());
return true;
}
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = fields[0].GetCppString();
_SetVSFields(rI);
b.SetRand(19 * 8);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16 * 8);
///- Fill the response packet with the result
pkt << uint8(WOW_SUCCESS);
// B may be calculated < 32B so we force minimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << uint8(1);
pkt.append(g.AsByteArray(), 1);
pkt << uint8(32);
pkt.append(N.AsByteArray(32), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes());// 32 bytes
pkt.append(unk3.AsByteArray(16), 16);
uint8 securityFlags = 0;
pkt << uint8(securityFlags); // security flags (0x0...0x04)
if (securityFlags & 0x01) // PIN input
{
pkt << uint32(0);
pkt << uint64(0) << uint64(0); // 16 bytes hash?
}
if (securityFlags & 0x02) // Matrix input
{
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint64(0);
}
if (securityFlags & 0x04) // Security token input
pkt << uint8(1);
accountPermissionMask_ = fields[4].GetUInt64();
_localizationName.resize(4);
for (int i = 0; i < 4; ++i)
_localizationName[i] = ch->country[4-i-1];
sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3], ch->country[2], ch->country[1], ch->country[0], GetLocaleByName(_localizationName));
send((char const*)pkt.contents(), pkt.size());
return true;
}
