U3Games
Lineage II | Desarrollo & Soporte => Desarrollo de Servidores => Implementaciones => Mensaje iniciado por: Swarlog en Ago 14, 2022, 01:17 AM
CitarSOLUCIÓN:
diff --git a/L2J_Server_BETA/dist/login/config/LoginServer.properties b/L2J_Server_BETA/dist/login/config/LoginServer.properties
index 20f96e8..5e0e33c 100644
--- a/L2J_Server_BETA/dist/login/config/LoginServer.properties
+++ b/L2J_Server_BETA/dist/login/config/LoginServer.properties
@@ -39,10 +39,6 @@ LoginPort = 9014
# Security
# ---------------------------------------------------------------------------
-# Logs in file the login server events.
-# Default: True
-LogLoginController = True
-
# How many times you can provide an invalid account/pass before the IP gets banned.
# Default: 5
LoginTryBeforeBan = 5
diff --git a/L2J_Server_BETA/java/com/l2jserver/Config.java b/L2J_Server_BETA/java/com/l2jserver/Config.java
index 330e0a3..0135093 100644
--- a/L2J_Server_BETA/java/com/l2jserver/Config.java
+++ b/L2J_Server_BETA/java/com/l2jserver/Config.java
@@ -948,7 +948,6 @@
public static int REQUEST_ID;
public static boolean RESERVE_HOST_ON_LOGIN = false;
public static List<Integer> PROTOCOL_LIST;
- public static boolean LOG_LOGIN_CONTROLLER;
public static boolean LOGIN_SERVER_SCHEDULE_RESTART;
public static long LOGIN_SERVER_SCHEDULE_RESTART_TIME;
@@ -2790,8 +2789,6 @@ else if (Server.serverMode == Server.MODE_LOGINSERVER)
LOGIN_TRY_BEFORE_BAN = ServerSettings.getInt("LoginTryBeforeBan", 5);
LOGIN_BLOCK_AFTER_BAN = ServerSettings.getInt("LoginBlockAfterBan", 900);
- LOG_LOGIN_CONTROLLER = ServerSettings.getBoolean("LogLoginController", true);
-
LOGIN_SERVER_SCHEDULE_RESTART = ServerSettings.getBoolean("LoginRestartSchedule", false);
LOGIN_SERVER_SCHEDULE_RESTART_TIME = ServerSettings.getLong("LoginRestartTime", 24);
diff --git a/L2J_Server_BETA/java/com/l2jserver/gameserver/util/GMAudit.java b/L2J_Server_BETA/java/com/l2jserver/gameserver/util/GMAudit.java
index bac0c6b..6ad5217 100644
--- a/L2J_Server_BETA/java/com/l2jserver/gameserver/util/GMAudit.java
+++ b/L2J_Server_BETA/java/com/l2jserver/gameserver/util/GMAudit.java
@@ -27,14 +27,13 @@
import java.util.logging.Logger;
import com.l2jserver.Config;
-import com.l2jserver.util.lib.Log;
/**
* Audits Game Master's actions.
*/
public class GMAudit
{
- private static final Logger _log = Logger.getLogger(Log.class.getName());
+ private static final Logger _log = Logger.getLogger(GMAudit.class.getName());
static
{
diff --git a/L2J_Server_BETA/java/com/l2jserver/loginserver/LoginController.java b/L2J_Server_BETA/java/com/l2jserver/loginserver/LoginController.java
index 3da9896..3b80a31 100644
--- a/L2J_Server_BETA/java/com/l2jserver/loginserver/LoginController.java
+++ b/L2J_Server_BETA/java/com/l2jserver/loginserver/LoginController.java
@@ -20,6 +20,7 @@
import java.net.InetAddress;
import java.net.UnknownHostException;
+import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
@@ -29,9 +30,9 @@
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.ArrayList;
-import java.util.Arrays;
import java.util.Base64;
import java.util.Collection;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
@@ -44,12 +45,12 @@
import com.l2jserver.Config;
import com.l2jserver.L2DatabaseFactory;
import com.l2jserver.loginserver.GameServerTable.GameServerInfo;
+import com.l2jserver.loginserver.model.data.AccountInfo;
import com.l2jserver.loginserver.network.L2LoginClient;
import com.l2jserver.loginserver.network.gameserverpackets.ServerStatus;
import com.l2jserver.loginserver.network.serverpackets.LoginFail.LoginFailReason;
import com.l2jserver.util.Rnd;
import com.l2jserver.util.crypt.ScrambledKeyPair;
-import com.l2jserver.util.lib.Log;
/**
* This class ...
@@ -67,9 +68,8 @@
/** Authed Clients on LoginServer */
protected FastMap<String, L2LoginClient> _loginServerClients = new FastMap<String, L2LoginClient>().shared();
- private final Map<String, BanInfo> _bannedIps = new FastMap<String, BanInfo>().shared();
-
- private final Map<InetAddress, FailedLoginAttempt> _hackProtection;
+ private final Map<InetAddress, Integer> _failedLoginAttemps = new HashMap<>();
+ private final Map<InetAddress, Long> _bannedIps = new FastMap<InetAddress, Long>().shared();
protected ScrambledKeyPair[] _keyPairs;
@@ -79,7 +79,7 @@
private static final int BLOWFISH_KEYS = 20;
// SQL Queries
- private static final String USER_INFO_SELECT = "SELECT password, IF(? > value OR value IS NULL, accessLevel, -1) AS accessLevel, lastServer FROM accounts LEFT JOIN (account_data) ON (account_data.account_name=accounts.login AND account_data.var=\"ban_temp\") WHERE login=?";
+ private static final String USER_INFO_SELECT = "SELECT login, password, IF(? > value OR value IS NULL, accessLevel, -1) AS accessLevel, lastServer FROM accounts LEFT JOIN (account_data) ON (account_data.account_name=accounts.login AND account_data.var=\"ban_temp\") WHERE login=?";
private static final String AUTOCREATE_ACCOUNTS_INSERT = "INSERT INTO accounts (login, password, lastactive, accessLevel, lastIP) values (?, ?, ?, ?, ?)";
private static final String ACCOUNT_INFO_UPDATE = "UPDATE accounts SET lastactive = ?, lastIP = ? WHERE login = ?";
private static final String ACCOUNT_LAST_SERVER_UPDATE = "UPDATE accounts SET lastServer = ? WHERE login = ?";
@@ -87,32 +87,10 @@
private static final String ACCOUNT_IPS_UPDATE = "UPDATE accounts SET pcIp = ?, hop1 = ?, hop2 = ?, hop3 = ?, hop4 = ? WHERE login = ?";
private static final String ACCOUNT_IPAUTH_SELECT = "SELECT * FROM accounts_ipauth WHERE login = ?";
- public static void load() throws GeneralSecurityException
- {
- synchronized (LoginController.class)
- {
- if (_instance == null)
- {
- _instance = new LoginController();
- }
- else
- {
- throw new IllegalStateException("LoginController can only be loaded a single time.");
- }
- }
- }
-
- public static LoginController getInstance()
- {
- return _instance;
- }
-
private LoginController() throws GeneralSecurityException
{
_log.info("Loading LoginController...");
- _hackProtection = new FastMap<>();
-
_keyPairs = new ScrambledKeyPair[10];
KeyPairGenerator keygen = null;
@@ -196,57 +174,154 @@ public L2LoginClient getAuthedClient(String account)
return _loginServerClients.get(account);
}
- public static enum AuthLoginResult
+ public AccountInfo retriveAccountInfo(InetAddress clientAddr, String login, String password)
{
- INVALID_PASSWORD,
- ACCOUNT_BANNED,
- ALREADY_ON_LS,
- ALREADY_ON_GS,
- AUTH_SUCCESS
+ return retriveAccountInfo(clientAddr, login, password, true);
}
- public AuthLoginResult tryAuthLogin(String account, String password, L2LoginClient client)
+ private void recordFailedLoginAttemp(InetAddress addr)
{
+ // We need to synchronize this!
+ // When multiple connections from the same address fail to login at the
+ // same time, unexpected behavior can happen.
+ Integer failedLoginAttemps;
+ synchronized (_failedLoginAttemps)
+ {
+ failedLoginAttemps = _failedLoginAttemps.get(addr);
+ if (failedLoginAttemps == null)
+ {
+ failedLoginAttemps = 1;
+ }
+ else
+ {
+ ++failedLoginAttemps;
+ }
+
+ _failedLoginAttemps.put(addr, failedLoginAttemps);
+ }
+
+ if (failedLoginAttemps >= Config.LOGIN_TRY_BEFORE_BAN)
+ {
+ addBanForAddress(addr, Config.LOGIN_BLOCK_AFTER_BAN * 1000);
+ // we need to clear the failed login attemps here, so after the ip ban is over the client has another 5 attemps
+ clearFailedLoginAttemps(addr);
+ _log.warning("Added banned address " + addr.getHostAddress() + "! Too many login attemps.");
+ }
+ }
+
+ private void clearFailedLoginAttemps(InetAddress addr)
+ {
+ synchronized (_failedLoginAttemps)
+ {
+ _failedLoginAttemps.remove(addr);
+ }
+ }
+
+ private AccountInfo retriveAccountInfo(InetAddress addr, String login, String password, boolean autoCreateIfEnabled)
+ {
+ try
+ {
+ MessageDigest md = MessageDigest.getInstance("SHA");
+ byte[] raw = password.getBytes(StandardCharsets.UTF_8);
+ String hashBase64 = Base64.getEncoder().encodeToString(md.digest(raw));
+
+ try (Connection con = L2DatabaseFactory.getInstance().getConnection();
+ PreparedStatement ps = con.prepareStatement(USER_INFO_SELECT))
+ {
+ ps.setString(1, Long.toString(System.currentTimeMillis()));
+ ps.setString(2, login);
+ try (ResultSet rset = ps.executeQuery())
+ {
+ if (rset.next())
+ {
+ if (Config.DEBUG)
+ {
+ _log.fine("Account '" + login + "' exists.");
+ }
+
+ AccountInfo info = new AccountInfo(rset.getString("login"), rset.getString("password"), rset.getInt("accessLevel"), rset.getInt("lastServer"));
+ if (!info.checkPassHash(hashBase64))
+ {
+ // wrong password
+ recordFailedLoginAttemp(addr);
+ return null;
+ }
+
+ clearFailedLoginAttemps(addr);
+ return info;
+ }
+ }
+ }
+
+ if (!autoCreateIfEnabled || !Config.AUTO_CREATE_ACCOUNTS)
+ {
+ // account does not exist and auto create accoutn is not desired
+ recordFailedLoginAttemp(addr);
+ return null;
+ }
+
+ try (Connection con = L2DatabaseFactory.getInstance().getConnection();
+ PreparedStatement ps = con.prepareStatement(AUTOCREATE_ACCOUNTS_INSERT))
+ {
+ ps.setString(1, login);
+ ps.setString(2, hashBase64);
+ ps.setLong(3, System.currentTimeMillis());
+ ps.setInt(4, 0);
+ ps.setString(5, addr.getHostAddress());
+ ps.execute();
+ }
+ catch (Exception e)
+ {
+ _log.log(Level.WARNING, "Exception while auto creating account for '" + login + "'!", e);
+ return null;
+ }
+
+ _log.info("Auto created account '" + login + "'.");
+ return retriveAccountInfo(addr, login, password, false);
+ }
+ catch (Exception e)
+ {
+ _log.log(Level.WARNING, "Exception while retriving account info for '" + login + "'!", e);
+ return null;
+ }
+ }
+
+ public AuthLoginResult tryCheckinAccount(L2LoginClient client, InetAddress address, AccountInfo info)
+ {
+ if (info.getAccessLevel() < 0)
+ {
+ return AuthLoginResult.ACCOUNT_BANNED;
+ }
+
AuthLoginResult ret = AuthLoginResult.INVALID_PASSWORD;
// check auth
- if (loginValid(account, password, client))
+ if (canCheckin(client, address, info))
{
// login was successful, verify presence on Gameservers
ret = AuthLoginResult.ALREADY_ON_GS;
- if (!isAccountInAnyGameServer(account))
+ if (!isAccountInAnyGameServer(info.getLogin()))
{
// account isnt on any GS verify LS itself
ret = AuthLoginResult.ALREADY_ON_LS;
- if (_loginServerClients.putIfAbsent(account, client) == null)
+ if (_loginServerClients.putIfAbsent(info.getLogin(), client) == null)
{
ret = AuthLoginResult.AUTH_SUCCESS;
}
}
}
- else
- {
- if (client.getAccessLevel() < 0)
- {
- ret = AuthLoginResult.ACCOUNT_BANNED;
- }
- }
return ret;
}
/**
- * Adds the address to the ban list of the login server, with the given duration.
+ * Adds the address to the ban list of the login server, with the given end tiem in millis.
* @param address The Address to be banned.
* @param expiration Timestamp in miliseconds when this ban expires
* @throws UnknownHostException if the address is invalid.
*/
public void addBanForAddress(String address, long expiration) throws UnknownHostException
{
- InetAddress netAddress = InetAddress.getByName(address);
- if (!_bannedIps.containsKey(netAddress.getHostAddress()))
- {
- _bannedIps.put(netAddress.getHostAddress(), new BanInfo(netAddress, expiration));
- }
+ _bannedIps.putIfAbsent(InetAddress.getByName(address), expiration);
}
/**
@@ -256,16 +331,13 @@ public void addBanForAddress(String address, long expiration) throws UnknownHost
*/
public void addBanForAddress(InetAddress address, long duration)
{
- if (!_bannedIps.containsKey(address.getHostAddress()))
- {
- _bannedIps.put(address.getHostAddress(), new BanInfo(address, System.currentTimeMillis() + duration));
- }
+ _bannedIps.putIfAbsent(address, System.currentTimeMillis() + duration);
}
public boolean isBannedAddress(InetAddress address)
{
String[] parts = address.getHostAddress().split("\\.");
- BanInfo bi = _bannedIps.get(address.getHostAddress());
+ Long bi = _bannedIps.get(address);
if (bi == null)
{
bi = _bannedIps.get(parts[0] + "." + parts[1] + "." + parts[2] + ".0");
@@ -280,9 +352,10 @@ public boolean isBannedAddress(InetAddress address)
}
if (bi != null)
{
- if (bi.hasExpired())
+ if ((bi > 0) && (bi < System.currentTimeMillis()))
{
- _bannedIps.remove(address.getHostAddress());
+ _bannedIps.remove(address);
+ _log.info("Removed expired ip address ban " + address.getHostAddress() + ".");
return false;
}
return true;
@@ -290,7 +363,7 @@ public boolean isBannedAddress(InetAddress address)
return false;
}
- public Map<String, BanInfo> getBannedIps()
+ public Map<InetAddress, Long> getBannedIps()
{
return _bannedIps;
}
@@ -470,61 +543,21 @@ public ScrambledKeyPair getScrambledRSAKeyPair()
}
/**
- * User name is not case sensitive any more.
- * @param user
- * @param password
- * @param client
- * @return
+ * @param client the client
+ * @param address client host address
+ * @param info the account info to checkin
+ * @return true when ok to checkin, false otherwise
*/
- public boolean loginValid(String user, String password, L2LoginClient client)// throws HackingException
+ public boolean canCheckin(L2LoginClient client, InetAddress address, AccountInfo info)
{
- boolean ok = false;
- InetAddress address = client.getConnection().getInetAddress();
-
- // player disconnected meanwhile
- if ((address == null) || (user == null))
- {
- return false;
- }
-
try
{
- MessageDigest md = MessageDigest.getInstance("SHA");
- byte[] raw = password.getBytes("UTF-8");
- byte[] hash = md.digest(raw);
-
- byte[] expected = null;
- int access = 0;
- int lastServer = 1;
List<InetAddress> ipWhiteList = new ArrayList<>();
List<InetAddress> ipBlackList = new ArrayList<>();
try (Connection con = L2DatabaseFactory.getInstance().getConnection();
- PreparedStatement ps = con.prepareStatement(USER_INFO_SELECT))
- {
- ps.setString(1, Long.toString(System.currentTimeMillis()));
- ps.setString(2, user);
- try (ResultSet rset = ps.executeQuery())
- {
- if (rset.next())
- {
- expected = Base64.getDecoder().decode(rset.getString("password"));
- access = rset.getInt("accessLevel");
- lastServer = rset.getInt("lastServer");
- if (lastServer <= 0)
- {
- lastServer = 1; // minServerId is 1 in Interlude
- }
- if (Config.DEBUG)
- {
- _log.fine("account exists");
- }
- }
- }
- }
- try (Connection con = L2DatabaseFactory.getInstance().getConnection();
PreparedStatement ps = con.prepareStatement(ACCOUNT_IPAUTH_SELECT))
{
- ps.setString(1, user);
+ ps.setString(1, info.getLogin());
try (ResultSet rset = ps.executeQuery())
{
String ip, type;
@@ -549,162 +582,40 @@ else if (type.equals("deny"))
}
}
- // if account doesn't exists
- if (expected == null)
- {
- if (Config.AUTO_CREATE_ACCOUNTS)
- {
- if ((user.length() >= 2) && (user.length() <= 14))
- {
- try (Connection con = L2DatabaseFactory.getInstance().getConnection();
- PreparedStatement ps = con.prepareStatement(AUTOCREATE_ACCOUNTS_INSERT))
- {
- ps.setString(1, user);
- ps.setString(2, Base64.getEncoder().encodeToString(hash));
- ps.setLong(3, System.currentTimeMillis());
- ps.setInt(4, 0);
- ps.setString(5, address.getHostAddress());
- ps.execute();
- }
-
- if (Config.LOG_LOGIN_CONTROLLER)
- {
- Log.add("'" + user + "' " + address.getHostAddress() + " - OK : AccountCreate", "loginlog");
- }
-
- _log.info("Created new account for " + user);
- return true;
-
- }
- if (Config.LOG_LOGIN_CONTROLLER)
- {
- Log.add("'" + user + "' " + address.getHostAddress() + " - ERR : ErrCreatingACC", "loginlog");
- }
-
- _log.warning("Invalid username creation/use attempt: " + user);
- }
- else
- {
- if (Config.LOG_LOGIN_CONTROLLER)
- {
- Log.add("'" + user + "' " + address.getHostAddress() + " - ERR : AccountMissing", "loginlog");
- }
-
- _log.warning("Account missing for user " + user);
- FailedLoginAttempt failedAttempt = _hackProtection.get(address);
- int failedCount;
- if (failedAttempt == null)
- {
- _hackProtection.put(address, new FailedLoginAttempt(address, password));
- failedCount = 1;
- }
- else
- {
- failedAttempt.increaseCounter();
- failedCount = failedAttempt.getCount();
- }
-
- if (failedCount >= Config.LOGIN_TRY_BEFORE_BAN)
- {
- _log.info("Banning '" + address.getHostAddress() + "' for " + Config.LOGIN_BLOCK_AFTER_BAN + " seconds due to " + failedCount + " invalid user name attempts");
- this.addBanForAddress(address, Config.LOGIN_BLOCK_AFTER_BAN * 1000);
- }
- }
- return false;
- }
-
- // is this account banned?
- if (access < 0)
- {
- if (Config.LOG_LOGIN_CONTROLLER)
- {
- Log.add("'" + user + "' " + address.getHostAddress() + " - ERR : AccountBanned", "loginlog");
- }
-
- client.setAccessLevel(access);
- return false;
- }
-
// Check IP
if (!ipWhiteList.isEmpty() || !ipBlackList.isEmpty())
{
if (!ipWhiteList.isEmpty() && !ipWhiteList.contains(address))
{
- if (Config.LOG_LOGIN_CONTROLLER)
- {
- Log.add("'" + user + "' " + address.getHostAddress() + " - ERR : INCORRECT IP", "loginlog");
- }
+ _log.warning("Account checkin attemp from address(" + address.getHostAddress() + ") not present on whitelist for account '" + info.getLogin() + "'.");
return false;
}
if (!ipBlackList.isEmpty() && ipBlackList.contains(address))
{
- if (Config.LOG_LOGIN_CONTROLLER)
- {
- Log.add("'" + user + "' " + address.getHostAddress() + " - ERR : BLACKLISTED IP", "loginlog");
- }
+ _log.warning("Account checkin attemp from address(" + address.getHostAddress() + ") on blacklist for account '" + info.getLogin() + "'.");
return false;
}
}
- // check password hash
- ok = Arrays.equals(hash, expected);
- if (ok)
- {
- client.setAccessLevel(access);
- client.setLastServer(lastServer);
- try (Connection con = L2DatabaseFactory.getInstance().getConnection();
- PreparedStatement ps = con.prepareStatement(ACCOUNT_INFO_UPDATE))
- {
- ps.setLong(1, System.currentTimeMillis());
- ps.setString(2, address.getHostAddress());
- ps.setString(3, user);
- ps.execute();
- }
- }
- }
- catch (Exception e)
- {
- _log.log(Level.WARNING, "Could not check password:" + e.getMessage(), e);
- ok = false;
- }
-
- if (!ok)
- {
- if (Config.LOG_LOGIN_CONTROLLER)
- {
- Log.add("'" + user + "' " + address.getHostAddress() + " - ERR : LoginFailed", "loginlog");
- }
-
- FailedLoginAttempt failedAttempt = _hackProtection.get(address);
- int failedCount;
- if (failedAttempt == null)
- {
- _hackProtection.put(address, new FailedLoginAttempt(address, password));
- failedCount = 1;
- }
- else
+ client.setAccessLevel(info.getAccessLevel());
+ client.setLastServer(info.getLastServer());
+ try (Connection con = L2DatabaseFactory.getInstance().getConnection();
+ PreparedStatement ps = con.prepareStatement(ACCOUNT_INFO_UPDATE))
{
- failedAttempt.increaseCounter(password);
- failedCount = failedAttempt.getCount();
+ ps.setLong(1, System.currentTimeMillis());
+ ps.setString(2, address.getHostAddress());
+ ps.setString(3, info.getLogin());
+ ps.execute();
}
- if (failedCount >= Config.LOGIN_TRY_BEFORE_BAN)
- {
- _log.info("Banning '" + address.getHostAddress() + "' for " + Config.LOGIN_BLOCK_AFTER_BAN + " seconds due to " + failedCount + " invalid user/pass attempts");
- this.addBanForAddress(address, Config.LOGIN_BLOCK_AFTER_BAN * 1000);
- }
+ return true;
}
- else
+ catch (Exception e)
{
- _hackProtection.remove(address);
- if (Config.LOG_LOGIN_CONTROLLER)
- {
- Log.add("'" + user + "' " + address.getHostAddress() + " - OK : LoginOk", "loginlog");
- }
+ _log.log(Level.WARNING, "Could not finish login process!", e);
+ return false;
}
-
- return ok;
}
public boolean isValidIPAddress(String ipAddress)
@@ -726,79 +637,24 @@ public boolean isValidIPAddress(String ipAddress)
return true;
}
- class FailedLoginAttempt
+ public static void load() throws GeneralSecurityException
{
- // private InetAddress _ipAddress;
- private int _count;
- private long _lastAttempTime;
- private String _lastPassword;
-
- public FailedLoginAttempt(InetAddress address, String lastPassword)
- {
- // _ipAddress = address;
- _count = 1;
- _lastAttempTime = System.currentTimeMillis();
- _lastPassword = lastPassword;
- }
-
- public void increaseCounter(String password)
+ synchronized (LoginController.class)
{
- if (!_lastPassword.equals(password))
+ if (_instance == null)
{
- // check if theres a long time since last wrong try
- if ((System.currentTimeMillis() - _lastAttempTime) < (300 * 1000))
- {
- _count++;
- }
- else
- {
- // restart the status
- _count = 1;
-
- }
- _lastPassword = password;
- _lastAttempTime = System.currentTimeMillis();
+ _instance = new LoginController();
}
else
- // trying the same password is not brute force
{
- _lastAttempTime = System.currentTimeMillis();
+ throw new IllegalStateException("LoginController can only be loaded a single time.");
}
}
-
- public int getCount()
- {
- return _count;
- }
-
- public void increaseCounter()
- {
- _count++;
- }
-
}
- class BanInfo
+ public static LoginController getInstance()
{
- private final InetAddress _ipAddress;
- // Expiration
- private final long _expiration;
-
- public BanInfo(InetAddress ipAddress, long expiration)
- {
- _ipAddress = ipAddress;
- _expiration = expiration;
- }
-
- public InetAddress getAddress()
- {
- return _ipAddress;
- }
-
- public boolean hasExpired()
- {
- return (System.currentTimeMillis() > _expiration) && (_expiration > 0);
- }
+ return _instance;
}
class PurgeThread extends Thread
@@ -836,4 +692,13 @@ public void run()
}
}
}
+
+ public static enum AuthLoginResult
+ {
+ INVALID_PASSWORD,
+ ACCOUNT_BANNED,
+ ALREADY_ON_LS,
+ ALREADY_ON_GS,
+ AUTH_SUCCESS
+ }
}
diff --git a/L2J_Server_BETA/java/com/l2jserver/loginserver/model/data/AccountInfo.java b/L2J_Server_BETA/java/com/l2jserver/loginserver/model/data/AccountInfo.java
new file mode 100644
index 0000000..55f9f2e
--- /dev/null
+++ b/L2J_Server_BETA/java/com/l2jserver/loginserver/model/data/AccountInfo.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright (C) 2004-2014 L2J Server
+ *
+ * This file is part of L2J Server.
+ *
+ * L2J Server is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * L2J Server is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.l2jserver.loginserver.model.data;
+
+/**
+ * @author FBIagent
+ */
+public final class AccountInfo
+{
+ private final String _login;
+ private final String _passHash;
+ private final int _accessLevel;
+ private final int _lastServer;
+
+ public AccountInfo(String login, String passHash, int accessLevel, int lastServer)
+ {
+ if (login == null)
+ {
+ throw new NullPointerException("login");
+ }
+ if (passHash == null)
+ {
+ throw new NullPointerException("passHash");
+ }
+
+ if (login.isEmpty())
+ {
+ throw new IllegalArgumentException("login");
+ }
+ if (passHash.isEmpty())
+ {
+ throw new IllegalArgumentException("passHash");
+ }
+
+ _login = login;
+ _passHash = passHash;
+ _accessLevel = accessLevel;
+ _lastServer = lastServer;
+ }
+
+ public boolean checkPassHash(String passHash)
+ {
+ return _passHash.equals(passHash);
+ }
+
+ public String getLogin()
+ {
+ return _login;
+ }
+
+ public int getAccessLevel()
+ {
+ return _accessLevel;
+ }
+
+ public int getLastServer()
+ {
+ return _lastServer;
+ }
+}
diff --git a/L2J_Server_BETA/java/com/l2jserver/loginserver/network/clientpackets/RequestAuthLogin.java b/L2J_Server_BETA/java/com/l2jserver/loginserver/network/clientpackets/RequestAuthLogin.java
index 79e78c4..46f3fc6 100644
--- a/L2J_Server_BETA/java/com/l2jserver/loginserver/network/clientpackets/RequestAuthLogin.java
+++ b/L2J_Server_BETA/java/com/l2jserver/loginserver/network/clientpackets/RequestAuthLogin.java
@@ -18,6 +18,7 @@
*/
package com.l2jserver.loginserver.network.clientpackets;
+import java.net.InetAddress;
import java.security.GeneralSecurityException;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -28,6 +29,7 @@
import com.l2jserver.loginserver.GameServerTable.GameServerInfo;
import com.l2jserver.loginserver.LoginController;
import com.l2jserver.loginserver.LoginController.AuthLoginResult;
+import com.l2jserver.loginserver.model.data.AccountInfo;
import com.l2jserver.loginserver.network.L2LoginClient;
import com.l2jserver.loginserver.network.L2LoginClient.LoginClientState;
import com.l2jserver.loginserver.network.serverpackets.AccountKicked;
@@ -118,15 +120,25 @@ public void run()
return;
}
+ InetAddress clientAddr = getClient().getConnection().getInetAddress();
+
final LoginController lc = LoginController.getInstance();
- AuthLoginResult result = lc.tryAuthLogin(_user, _password, client);
+ AccountInfo info = lc.retriveAccountInfo(clientAddr, _user, _password);
+ if (info == null)
+ {
+ // user or pass wrong
+ client.close(LoginFailReason.REASON_USER_OR_PASS_WRONG);
+ return;
+ }
+
+ AuthLoginResult result = lc.tryCheckinAccount(client, clientAddr, info);
switch (result)
{
case AUTH_SUCCESS:
- client.setAccount(_user);
+ client.setAccount(info.getLogin());
client.setState(LoginClientState.AUTHED_LOGIN);
- client.setSessionKey(lc.assignSessionKeyToClient(_user, client));
- lc.getCharactersOnAccount(_user);
+ client.setSessionKey(lc.assignSessionKeyToClient(info.getLogin(), client));
+ lc.getCharactersOnAccount(info.getLogin());
if (Config.SHOW_LICENCE)
{
client.sendPacket(new LoginOk(getClient().getSessionKey()));
@@ -141,28 +153,28 @@ public void run()
break;
case ACCOUNT_BANNED:
client.close(new AccountKicked(AccountKickedReason.REASON_PERMANENTLY_BANNED));
- break;
+ return;
case ALREADY_ON_LS:
L2LoginClient oldClient;
- if ((oldClient = lc.getAuthedClient(_user)) != null)
+ if ((oldClient = lc.getAuthedClient(info.getLogin())) != null)
{
// kick the other client
oldClient.close(LoginFailReason.REASON_ACCOUNT_IN_USE);
- lc.removeAuthedLoginClient(_user);
+ lc.removeAuthedLoginClient(info.getLogin());
}
// kick also current client
client.close(LoginFailReason.REASON_ACCOUNT_IN_USE);
break;
case ALREADY_ON_GS:
GameServerInfo gsi;
- if ((gsi = lc.getAccountOnGameServer(_user)) != null)
+ if ((gsi = lc.getAccountOnGameServer(info.getLogin())) != null)
{
client.close(LoginFailReason.REASON_ACCOUNT_IN_USE);
// kick from there
if (gsi.isAuthed())
{
- gsi.getGameServerThread().kickPlayer(_user);
+ gsi.getGameServerThread().kickPlayer(info.getLogin());
}
}
break;
diff --git a/L2J_Server_BETA/java/com/l2jserver/util/lib/Log.java b/L2J_Server_BETA/java/com/l2jserver/util/lib/Log.java
deleted file mode 100644
index ddfdac6..0000000
--- a/L2J_Server_BETA/java/com/l2jserver/util/lib/Log.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (C) 2004-2014 L2J Server
- *
- * This file is part of L2J Server.
- *
- * L2J Server is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * L2J Server is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-package com.l2jserver.util.lib;
-
-import java.io.File;
-import java.io.FileWriter;
-import java.io.IOException;
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import com.l2jserver.Config;
-
-/**
- * @version 0.1, 2005-06-06
- * @author Balancer
- */
-public class Log
-{
- private static final Logger _log = Logger.getLogger(Log.class.getName());
-
- public static final void add(String text, String cat)
- {
- String date = (new SimpleDateFormat("yy.MM.dd H:mm:ss")).format(new Date());
- String curr = (new SimpleDateFormat("yyyy-MM-dd-")).format(new Date());
- new File("log/game").mkdirs();
-
- final File file = new File("log/game/" + (curr != null ? curr : "") + (cat != null ? cat : "unk") + ".txt");
- try (FileWriter save = new FileWriter(file, true))
- {
- save.write("[" + date + "] " + text + Config.EOL);
- }
- catch (IOException e)
- {
- _log.log(Level.WARNING, "Error saving logfile: ", e);
- }
- }
-}