本文整理汇总了C++中BigNumber::GetNumBytes方法的典型用法代码示例。如果您正苦于以下问题:C++ BigNumber::GetNumBytes方法的具体用法?C++ BigNumber::GetNumBytes怎么用?C++ BigNumber::GetNumBytes使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类BigNumber的用法示例。
在下文中一共展示了BigNumber::GetNumBytes方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: _SetVSFields
/// Make the SRP6 calculation from hash in dB
void AuthSocket::_SetVSFields(const std::string& rI)
{
s.SetRand(s_BYTE_SIZE * 8);
BigNumber I;
I.SetHexStr(rI.c_str());
// In case of leading zeros in the rI hash, restore them
uint8 mDigest[SHA_DIGEST_LENGTH];
memset(mDigest, 0, SHA_DIGEST_LENGTH);
if (I.GetNumBytes() <= SHA_DIGEST_LENGTH)
memcpy(mDigest, I.AsByteArray(), I.GetNumBytes());
std::reverse(mDigest, mDigest + SHA_DIGEST_LENGTH);
Sha1Hash sha;
sha.UpdateData(s.AsByteArray(), s.GetNumBytes());
sha.UpdateData(mDigest, SHA_DIGEST_LENGTH);
sha.Finalize();
BigNumber x;
x.SetBinary(sha.GetDigest(), sha.GetLength());
v = g.ModExp(x, N);
// No SQL injection (username escaped)
const char* v_hex, *s_hex;
v_hex = v.AsHexStr();
s_hex = s.AsHexStr();
LoginDatabase.PExecute("UPDATE account SET v = '%s', s = '%s' WHERE username = '%s'", v_hex, s_hex, _safelogin.c_str());
OPENSSL_free((void*)v_hex);
OPENSSL_free((void*)s_hex);
}示例2: while
void SHA1Hash::UpdateBigNumbers(BigNumber *bn0, ...) {
va_list v;
BigNumber *bn;
va_start(v, bn0);
bn = bn0;
while (bn) {
UpdateData(bn->AsByteArray(), bn->GetNumBytes());
bn = va_arg(v, BigNumber *);
}
va_end(v);
}示例3: _SetVSFields
// Make the SRP6 calculation from hash in dB
void AuthSocket::_SetVSFields(const std::string& rI)
{
s.SetRand(s_BYTE_SIZE * 8);
BigNumber I;
I.SetHexStr(rI.c_str());
// In case of leading zeros in the rI hash, restore them
uint8 mDigest[SHA_DIGEST_LENGTH];
memset(mDigest, 0, SHA_DIGEST_LENGTH);
if (I.GetNumBytes() <= SHA_DIGEST_LENGTH)
{
memcpy(mDigest, I.AsByteArray(), I.GetNumBytes());
}
std::reverse(mDigest, mDigest + SHA_DIGEST_LENGTH);
SHA1Hash sha;
sha.UpdateData(s.AsByteArray(), s.GetNumBytes());
sha.UpdateData(mDigest, SHA_DIGEST_LENGTH);
sha.Finalize();
BigNumber x;
x.SetBinary(sha.GetDigest(), sha.GetLength());
v = g.ModExp(x, N);
// No SQL injection (username escaped)
const char *v_hex, *s_hex;
v_hex = v.AsHexStr();
s_hex = s.AsHexStr();
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS);
stmt->setString(0, v_hex);
stmt->setString(1, s_hex);
stmt->setString(2, _login);
LoginDatabase.Execute(stmt);
OPENSSL_free((void*)v_hex);
OPENSSL_free((void*)s_hex);
}示例4: _SetVSFields
/// Make the SRP6 calculation from hash in dB
void AuthSocket::_SetVSFields(std::string rI)
{
BigNumber I;
I.SetHexStr(rI.c_str());
//In case of leading zeroes in the rI hash, restore them
uint8 mDigest[SHA_DIGEST_LENGTH];
memset(mDigest,0,SHA_DIGEST_LENGTH);
if (I.GetNumBytes() <= SHA_DIGEST_LENGTH)
memcpy(mDigest,I.AsByteArray(),I.GetNumBytes());
std::reverse(mDigest,mDigest+SHA_DIGEST_LENGTH);
Sha1Hash sha;
sha.UpdateData(s.AsByteArray(), s.GetNumBytes());
sha.UpdateData(mDigest, SHA_DIGEST_LENGTH);
sha.Finalize();
BigNumber x;
x.SetBinary(sha.GetDigest(), sha.GetLength());
v = g.ModExp(x, N);
// No SQL injection (username escaped)
dbRealmServer.PExecute("UPDATE `account` SET `v` = '%s', `s` = '%s' WHERE UPPER(`username`)= UPPER('%s')",v.AsHexStr(),s.AsHexStr(), _safelogin.c_str() );
}示例5: LogonChallengeCallback
void AuthSession::LogonChallengeCallback(PreparedQueryResult result)
{
ByteBuffer pkt;
pkt << uint8(AUTH_LOGON_CHALLENGE);
pkt << uint8(0x00);
if (!result)
{
pkt << uint8(WOW_FAIL_UNKNOWN_ACCOUNT);
SendPacket(pkt);
return;
}
Field* fields = result->Fetch();
_accountInfo.LoadResult(fields);
std::string ipAddress = GetRemoteIpAddress().to_string();
uint16 port = GetRemotePort();
// If the IP is 'locked', check that the player comes indeed from the correct IP address
if (_accountInfo.IsLockedToIP)
{
TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account '%s' is locked to IP - '%s' is logging in from '%s'", _accountInfo.Login.c_str(), _accountInfo.LastIP.c_str(), ipAddress.c_str());
if (_accountInfo.LastIP != ipAddress)
{
pkt << uint8(WOW_FAIL_LOCKED_ENFORCED);
SendPacket(pkt);
return;
}
}
else
{
TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account '%s' is not locked to ip", _accountInfo.Login.c_str());
if (_accountInfo.LockCountry.empty() || _accountInfo.LockCountry == "00")
TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account '%s' is not locked to country", _accountInfo.Login.c_str());
else if (!_accountInfo.LockCountry.empty() && !_ipCountry.empty())
{
TC_LOG_DEBUG("server.authserver", "[AuthChallenge] Account '%s' is locked to country: '%s' Player country is '%s'", _accountInfo.Login.c_str(), _accountInfo.LockCountry.c_str(), _ipCountry.c_str());
if (_ipCountry != _accountInfo.LockCountry)
{
pkt << uint8(WOW_FAIL_UNLOCKABLE_LOCK);
SendPacket(pkt);
return;
}
}
}
// If the account is banned, reject the logon attempt
if (_accountInfo.IsBanned)
{
if (_accountInfo.IsPermanenetlyBanned)
{
pkt << uint8(WOW_FAIL_BANNED);
SendPacket(pkt);
TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] Banned account %s tried to login!", ipAddress.c_str(), port, _accountInfo.Login.c_str());
return;
}
else
{
pkt << uint8(WOW_FAIL_SUSPENDED);
SendPacket(pkt);
TC_LOG_DEBUG("server.authserver", "'%s:%d' [AuthChallenge] Temporarily banned account %s tried to login!", ipAddress.c_str(), port, _accountInfo.Login.c_str());
return;
}
}
// Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = fields[10].GetString();
// Don't calculate (v, s) if there are already some in the database
std::string databaseV = fields[11].GetString();
std::string databaseS = fields[12].GetString();
TC_LOG_DEBUG("network", "database authentication values: v='%s' s='%s'", databaseV.c_str(), databaseS.c_str());
// multiply with 2 since bytes are stored as hexstring
if (databaseV.size() != size_t(BufferSizes::SRP_6_V) * 2 || databaseS.size() != size_t(BufferSizes::SRP_6_S) * 2)
SetVSFields(rI);
else
{
s.SetHexStr(databaseS.c_str());
v.SetHexStr(databaseV.c_str());
}
b.SetRand(19 * 8);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16 * 8);
// Fill the response packet with the result
if (AuthHelper::IsAcceptedClientBuild(_build))
pkt << uint8(WOW_SUCCESS);
else
pkt << uint8(WOW_FAIL_VERSION_INVALID);
//.........这里部分代码省略.........
示例6: AddAccount
void AccountMgr::AddAccount(Field* field)
{
Account * acct = new Account;
Sha1Hash hash;
string Username = field[1].GetString();
string Password = field[2].GetString();
//string EncryptedPassword = field[3].GetString();
string GMFlags = field[3].GetString();
acct->AccountId = field[0].GetUInt32();
acct->AccountFlags = field[4].GetUInt8();
acct->Banned = field[5].GetUInt32();
if ( (uint32)UNIXTIME > acct->Banned && acct->Banned != 0 && acct->Banned != 1) //1 = perm ban?
{
//Accounts should be unbanned once the date is past their set expiry date.
acct->Banned = 0;
//me go boom :(
//printf("Account %s's ban has expired.\n",acct->UsernamePtr->c_str());
sLogonSQL->Execute("UPDATE accounts SET banned = 0 WHERE acct=%u",acct->AccountId);
}
acct->SetGMFlags(GMFlags.c_str());
acct->Locale[0] = 'e';
acct->Locale[1] = 'n';
acct->Locale[2] = 'U';
acct->Locale[3] = 'S';
if(strcmp(field[6].GetString(), "enUS"))
{
// non-standard language forced
memcpy(acct->Locale, field[6].GetString(), 4);
acct->forcedLocale = true;
}
else
acct->forcedLocale = false;
acct->Muted = field[7].GetUInt32();
if ( (uint32)UNIXTIME > acct->Muted && acct->Muted != 0 && acct->Muted != 1) //1 = perm ban?
{
//Accounts should be unbanned once the date is past their set expiry date.
acct->Muted= 0;
DEBUG_LOG("AccountMgr","Account %s's mute has expired.", Username.c_str());
sLogonSQL->Execute("UPDATE accounts SET muted = 0 WHERE acct=%u",acct->AccountId);
}
// Convert username/password to uppercase. this is needed ;)
HEARTHSTONE_TOUPPER(Username);
HEARTHSTONE_TOUPPER(Password);
if( m_encryptedPasswords )
{
// prefer encrypted passwords over nonencrypted
BigNumber bn;
bn.SetHexStr( Password.c_str() );
if( bn.GetNumBytes() != 20 )
{
// Someone probably has non-encrypted passwords in a server that's set to encrypted pws.
hash.UpdateData((Username + ":" + Password));
hash.Finalize();
memcpy(acct->SrpHash, hash.GetDigest(), 20);
// Make sure this doesn't happen again.
BigNumber cnSave;
cnSave.SetBinary( acct->SrpHash, 20);
string hash = cnSave.AsHexStr();
DEBUG_LOG("AccountMgr", "Found account %s [%u] with invalid password format. Converting to encrypted password.", Username.c_str(), acct->AccountId);
sLogonSQL->Execute("UPDATE accounts SET password = SHA1(CONCAT(UPPER(login), ':', UPPER(password))) WHERE acct = %u", acct->AccountId);
}
else
{
if ( Password.size() == 40 )
{
if( bn.GetNumBytes() < 20 )
{
memcpy(acct->SrpHash, bn.AsByteArray(), bn.GetNumBytes());
for (int n=bn.GetNumBytes(); n<=19; n++)
acct->SrpHash[n] = (uint8)0;
reverse_array(acct->SrpHash, 20);
}
else
{
memcpy(acct->SrpHash, bn.AsByteArray(), 20);
reverse_array(acct->SrpHash, 20);
}
}
}
}
else
{
// Prehash the I value.
hash.UpdateData((Username + ":" + Password));
hash.Finalize();
memcpy(acct->SrpHash, hash.GetDigest(), 20);
}
AccountDatabase[Username] = acct;
}示例7: HandleChallenge
void AuthSocket::HandleChallenge()
{
// No header
if(GetReadBufferSize() < 4)
return;
// Check the rest of the packet is complete.
uint8 * ReceiveBuffer = this->GetReadBuffer(0);
uint16 full_size = *(uint16*)&ReceiveBuffer[2];
sLog.outDetail("[AuthChallenge] got header, body is 0x%02X bytes", full_size);
if(GetReadBufferSize() < uint32(full_size+4))
return;
// Copy the data into our cached challenge structure
if(full_size > sizeof(sAuthLogonChallenge_C))
{
Disconnect();
return;
}
sLog.outDebug("[AuthChallenge] got full packet.");
memcpy(&m_challenge, ReceiveBuffer, full_size + 4);
RemoveReadBufferBytes(full_size + 4, true);
// Check client build.
if(m_challenge.build > LogonServer::getSingleton().max_build ||
m_challenge.build < LogonServer::getSingleton().min_build)
{
SendChallengeError(CE_WRONG_BUILD_NUMBER);
return;
}
// Check for a possible IP ban on this client.
BAN_STATUS ipb = IPBanner::getSingleton().CalculateBanStatus(GetRemoteAddress());
switch(ipb)
{
case BAN_STATUS_PERMANANT_BAN:
SendChallengeError(CE_ACCOUNT_CLOSED);
return;
case BAN_STATUS_TIME_LEFT_ON_BAN:
SendChallengeError(CE_ACCOUNT_FREEZED);
return;
}
// Null-terminate the account string
m_challenge.I[m_challenge.I_len] = 0;
// Look up the account information
string AccountName = (char*)&m_challenge.I;
sLog.outDebug("[AuthChallenge] Account Name: \"%s\"", AccountName.c_str());
m_account = AccountMgr::getSingleton().GetAccount(AccountName);
if(m_account == 0)
{
sLog.outDebug("[AuthChallenge] Invalid account.");
// Non-existant account
SendChallengeError(CE_NO_ACCOUNT);
return;
}
sLog.outDebug("[AuthChallenge] Account banned state = %u", m_account->Banned);
// Check that the account isn't banned.
if(m_account->Banned == 1)
{
SendChallengeError(CE_ACCOUNT_CLOSED);
return;
}
else if(m_account->Banned > 0)
{
SendChallengeError(CE_ACCOUNT_FREEZED);
return;
}
Sha1Hash sha;
//uint32 tc = s.GetNumBytes();
sha.UpdateData( s.AsByteArray(), 32 );
sha.UpdateData( m_account->SrpHash, 20 );
sha.Finalize();
BigNumber x;
x.SetBinary( sha.GetDigest(), sha.GetLength() );
v = g.ModExp(x, N);
b.SetRand(152);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk;
unk.SetRand(128);
uint8 response[200];
uint32 c = 0;
response[c] = 0; c += 1;
//.........这里部分代码省略.........
示例8: _HandleLogonChallenge
//.........这里部分代码省略.........
pkt << (uint8)WOW_FAIL_BANNED;
sLog->outDebug(LOG_FILTER_AUTHSERVER, "'%s:%d' [AuthChallenge] Banned account %s tried to login!", socket().getRemoteAddress().c_str(), socket().getRemotePort(), _login.c_str ());
}
else
{
pkt << (uint8)WOW_FAIL_SUSPENDED;
sLog->outDebug(LOG_FILTER_AUTHSERVER, "'%s:%d' [AuthChallenge] Temporarily banned account %s tried to login!", socket().getRemoteAddress().c_str(), socket().getRemotePort(), _login.c_str ());
}
}
else
{
// Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = fields[0].GetString();
// Don't calculate (v, s) if there are already some in the database
std::string databaseV = fields[5].GetString();
std::string databaseS = fields[6].GetString();
sLog->outDebug(LOG_FILTER_NETWORKIO, "database authentication values: v='%s' s='%s'", databaseV.c_str(), databaseS.c_str());
// multiply with 2 since bytes are stored as hexstring
if (databaseV.size() != s_BYTE_SIZE * 2 || databaseS.size() != s_BYTE_SIZE * 2)
_SetVSFields(rI);
else
{
s.SetHexStr(databaseS.c_str());
v.SetHexStr(databaseV.c_str());
}
b.SetRand(19 * 8);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16 * 8);
// Fill the response packet with the result
// If the client has no valid version
if (!AuthHelper::IsAcceptedClientBuild(_build))
pkt << uint8(WOW_FAIL_VERSION_INVALID);
else
pkt << uint8(WOW_SUCCESS);
// B may be calculated < 32B so we force minimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << uint8(1);
pkt.append(g.AsByteArray(), 1);
pkt << uint8(32);
pkt.append(N.AsByteArray(32), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes()); // 32 bytes
pkt.append(unk3.AsByteArray(16), 16);
uint8 securityFlags = 0;
// Check if token is used
_tokenKey = fields[7].GetString();
if (!_tokenKey.empty())
securityFlags = 4;
pkt << uint8(securityFlags); // security flags (0x0...0x04)
if (securityFlags & 0x01) // PIN input
{
pkt << uint32(0);
pkt << uint64(0) << uint64(0); // 16 bytes hash?示例9: HandleChallenge
//.........这里部分代码省略.........
//AccountName.erase( i );
}
// Look up the account information
LOG_DEBUG("[AuthChallenge] Account Name: \"%s\"", AccountName.c_str());
m_account = AccountMgr::getSingleton().GetAccount(AccountName);
if(m_account == 0)
{
LOG_DEBUG("[AuthChallenge] Invalid account.");
// Non-existant account
SendChallengeError(CE_NO_ACCOUNT);
return;
}
LOG_DEBUG("[AuthChallenge] Account banned state = %u", m_account->Banned);
// Check that the account isn't banned.
if(m_account->Banned == 1)
{
SendChallengeError(CE_ACCOUNT_CLOSED);
return;
}
else if(m_account->Banned > 0)
{
SendChallengeError(CE_ACCOUNT_FREEZED);
return;
}
// update cached locale
if(!m_account->forcedLocale)
{
char temp[4];
temp[0] = m_challenge.country[3];
temp[1] = m_challenge.country[2];
temp[2] = m_challenge.country[1];
temp[3] = m_challenge.country[0];
*(uint32*)&m_account->Locale[0] = *(uint32*)temp;
}
//////////////////////////////////////////////// SRP6 Challenge ////////////////////////////////////////////////
//
//
// First we will generate the Verifier value using the following formulas
//
// x = SHA1(s | SHA1(I | ":" | P))
// v = g^x % N
//
// The SHA1(I | ":" | P) part for x we have in the account database, this is the encrypted password, reversed
// N is a safe prime
// g is the generator
// | means concatenation in this contect
//
//
Sha1Hash sha;
sha.UpdateData(s.AsByteArray(), 32);
sha.UpdateData(m_account->SrpHash, 20);
sha.Finalize();
BigNumber x;
x.SetBinary(sha.GetDigest(), sha.GetLength());
v = g.ModExp(x, N);
// Next we generate b, and B which are the public and private values of the server
//
// b = random()
// B = k*v + g^b % N
//
// in our case the multiplier parameters, k = 3
b.SetRand(152);
uint8 k = 3;
BigNumber gmod = g.ModExp(b, N);
B = ((v * k) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk;
unk.SetRand(128);
// Now we send B, g, N and s to the client as a challenge, asking the client for the proof
sAuthLogonChallenge_S challenge;
challenge.cmd = 0;
challenge.error = 0;
challenge.unk2 = CE_SUCCESS;
memcpy(challenge.B, B.AsByteArray(), 32);
challenge.g_len = 1;
challenge.g = (g.AsByteArray())[ 0 ];
challenge.N_len = 32;
memcpy(challenge.N, N.AsByteArray(), 32);
memcpy(challenge.s, s.AsByteArray(), 32);
memcpy(challenge.unk3, unk.AsByteArray(), 16);
challenge.unk4 = 0;
Send(reinterpret_cast< uint8* >(&challenge), sizeof(sAuthLogonChallenge_S));
}示例10: _HandleLogonChallenge
//.........这里部分代码省略.........
}
else
{
pkt << (uint8) REALM_AUTH_ACCOUNT_FREEZED;
sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!",_login.c_str ());
}
delete banresult;
}
else
{
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = (*result)[0].GetCppString();
///- Don't calculate (v, s) if there are already some in the database
std::string databaseV = (*result)[5].GetCppString();
std::string databaseS = (*result)[6].GetCppString();
sLog.outDebug("database authentication values: v='%s' s='%s'", databaseV.c_str(), databaseS.c_str());
// multiply with 2, bytes are stored as hexstring
if(databaseV.size() != s_BYTE_SIZE*2 || databaseS.size() != s_BYTE_SIZE*2)
_SetVSFields(rI);
else
{
s.SetHexStr(databaseS.c_str());
v.SetHexStr(databaseV.c_str());
}
b.SetRand(19 * 8);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16 * 8);
///- Fill the response packet with the result
pkt << uint8(REALM_AUTH_SUCCESS);
// B may be calculated < 32B so we force minimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << uint8(1);
pkt.append(g.AsByteArray(), 1);
pkt << uint8(32);
pkt.append(N.AsByteArray(32), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes());// 32 bytes
pkt.append(unk3.AsByteArray(16), 16);
uint8 securityFlags = 0;
pkt << uint8(securityFlags); // security flags (0x0...0x04)
if(securityFlags & 0x01) // PIN input
{
pkt << uint32(0);
pkt << uint64(0) << uint64(0); // 16 bytes hash?
}
if(securityFlags & 0x02) // Matrix input
{
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint64(0);
}示例11: UpdateAccount
void AccountMgr::UpdateAccount(Account* acct, Field* field)
{
uint32 id = field[0].GetUInt32();
Sha1Hash hash;
std::string Username = field[1].GetString();
std::string EncryptedPassword = field[2].GetString();
if(id != acct->AccountId)
{
LOG_ERROR(" >> deleting duplicate account %u [%s]...", id, Username.c_str());
sLogonSQL->Execute("DELETE FROM accounts WHERE id = %u", id);
return;
}
acct->AccountId = field[0].GetUInt32();
acct->AccountFlags = field[3].GetUInt8();
acct->Banned = field[4].GetUInt32();
if((uint32)UNIXTIME > acct->Banned && acct->Banned != 0 && acct->Banned != 1) //1 = perm ban?
{
//Accounts should be unbanned once the date is past their set expiry date.
acct->Banned = 0;
LOG_DEBUG("Account %s's ban has expired.", acct->UsernamePtr->c_str());
sLogonSQL->Execute("UPDATE accounts SET banned = 0 WHERE id = %u", acct->AccountId);
}
if(strcmp(field[5].GetString(), "enUS"))
{
// non-standard language forced
memcpy(acct->Locale, field[5].GetString(), 4);
acct->forcedLocale = true;
}
else
acct->forcedLocale = false;
acct->Muted = field[6].GetUInt32();
if((uint32)UNIXTIME > acct->Muted && acct->Muted != 0 && acct->Muted != 1) //1 = perm ban?
{
//Accounts should be unbanned once the date is past their set expiry date.
acct->Muted = 0;
LOG_DEBUG("Account %s's mute has expired.", acct->UsernamePtr->c_str());
sLogonSQL->Execute("UPDATE accounts SET muted = 0 WHERE id = %u", acct->AccountId);
}
// Convert username to uppercase. this is needed ;)
Util::StringToUpperCase(Username);
// prefer encrypted passwords over nonencrypted
if(EncryptedPassword.size() > 0)
{
if(EncryptedPassword.size() == 40)
{
BigNumber bn;
bn.SetHexStr(EncryptedPassword.c_str());
if(bn.GetNumBytes() < 20)
{
// Hacky fix
memcpy(acct->SrpHash, bn.AsByteArray(), bn.GetNumBytes());
for(int n = bn.GetNumBytes(); n <= 19; n++)
acct->SrpHash[n] = (uint8)0;
reverse_array(acct->SrpHash, 20);
}
else
{
memcpy(acct->SrpHash, bn.AsByteArray(), 20);
reverse_array(acct->SrpHash, 20);
}
}
else
{
LOG_ERROR("Account `%s` has incorrect number of bytes in encrypted password! Disabling.", Username.c_str());
memset(acct->SrpHash, 0, 20);
}
}
else
{
// This should never happen...
LOG_ERROR("Account `%s` has no encrypted password!", Username.c_str());
}
}示例12: HandleChallenge
//.........这里部分代码省略.........
//AccountName.erase( i );
}
// Look up the account information
LOG_DEBUG("[AuthChallenge] Account Name: \"%s\"", AccountName.c_str());
m_account = AccountMgr::getSingleton().GetAccount(AccountName);
if(m_account == 0)
{
LOG_DEBUG("[AuthChallenge] Invalid account.");
// Non-existant account
SendChallengeError(CE_NO_ACCOUNT);
return;
}
LOG_DEBUG("[AuthChallenge] Account banned state = %u", m_account->Banned);
// Check that the account isn't banned.
if(m_account->Banned == 1)
{
SendChallengeError(CE_ACCOUNT_CLOSED);
return;
}
else if(m_account->Banned > 0)
{
SendChallengeError(CE_ACCOUNT_FREEZED);
return;
}
// update cached locale
if(!m_account->forcedLocale)
{
char temp[4];
temp[0] = m_challenge.country[3];
temp[1] = m_challenge.country[2];
temp[2] = m_challenge.country[1];
temp[3] = m_challenge.country[0];
*(uint32*)&m_account->Locale[0] = *(uint32*)temp;
}
//////////////////////////////////////////////// SRP6 Challenge ////////////////////////////////////////////////
//
//
// First we will generate the Verifier value using the following formulas
//
// x = SHA1(s | SHA1(I | ":" | P))
// v = g^x % N
//
// The SHA1(I | ":" | P) part for x we have in the account database, this is the encrypted password, reversed
// N is a safe prime
// g is the generator
// | means concatenation in this contect
//
//
Sha1Hash sha;
sha.UpdateData( s.AsByteArray(), 32 );
sha.UpdateData( m_account->SrpHash, 20 );
sha.Finalize();
BigNumber x;
x.SetBinary( sha.GetDigest(), sha.GetLength() );
v = g.ModExp(x, N);
// Next we generate b, and B which are the public and private values of the server
//
// b = random()
// B = k*v + g^b % N
//
// in our case the multiplier parameters, k = 3
b.SetRand(152);
uint8 k = 3;
BigNumber gmod = g.ModExp(b, N);
B = ( ( v * k ) + gmod ) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk;
unk.SetRand(128);
// Now we send B, g, N and s to the client as a challenge, asking the client for the proof
sAuthLogonChallenge_S challenge;
challenge.cmd = 0;
challenge.error = 0;
challenge.unk2 = CE_SUCCESS;
memcpy( challenge.B, B.AsByteArray(), 32 );
challenge.g_len = 1;
challenge.g = ( g.AsByteArray() )[ 0 ];
challenge.N_len = 32;
memcpy( challenge.N, N.AsByteArray(), 32 );
memcpy( challenge.s, s.AsByteArray(), 32 );
memcpy( challenge.unk3, unk.AsByteArray(), 16 );
challenge.unk4 = 0;
Send( reinterpret_cast< uint8* >( &challenge ), sizeof( sAuthLogonChallenge_S ) );
}示例13: _HandleLogonChallenge
//.........这里部分代码省略.........
case ACCOUNT_STATE_FROZEN:
{
pkt << uint8(WOW_FAIL_SUSPENDED);
send((char const*)pkt.contents(), pkt.size());
return true;
}
default:
DEBUG_LOG("[AuthChallenge] Account '%s' is not locked to ip or frozen", _login.c_str());
break;
}
///- If the account is banned, reject the logon attempt
QueryResultAutoPtr banresult = AccountsDatabase.PQuery("SELECT punishment_date, expiration_date "
"FROM account_punishment "
"WHERE account_id = '%u' AND punishment_type_id = '%u' AND (punishment_date = expiration_date OR expiration_date > UNIX_TIMESTAMP())", (*result)[1].GetUInt32(), PUNISHMENT_BAN);
if (banresult)
{
if((*banresult)[0].GetUInt64() == (*banresult)[1].GetUInt64())
{
pkt << uint8(WOW_FAIL_BANNED);
sLog.outBasic("[AuthChallenge] Banned account %s tries to login!", _login.c_str ());
}
else
{
pkt << uint8(WOW_FAIL_SUSPENDED);
sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!", _login.c_str ());
}
send((char const*)pkt.contents(), pkt.size());
return true;
}
QueryResultAutoPtr emailbanresult = AccountsDatabase.PQuery("SELECT email FROM email_banned WHERE email = '%s'", (*result)[5].GetString());
if (emailbanresult)
{
pkt << uint8(WOW_FAIL_BANNED);
sLog.outBasic("[AuthChallenge] Account %s with banned email %s tries to login!", _login.c_str (), (*emailbanresult)[0].GetString());
send((char const*)pkt.contents(), pkt.size());
return true;
}
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = fields[0].GetCppString();
_SetVSFields(rI);
b.SetRand(19 * 8);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16 * 8);
///- Fill the response packet with the result
pkt << uint8(WOW_SUCCESS);
// B may be calculated < 32B so we force minimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << uint8(1);
pkt.append(g.AsByteArray(), 1);
pkt << uint8(32);
pkt.append(N.AsByteArray(32), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes());// 32 bytes
pkt.append(unk3.AsByteArray(16), 16);
uint8 securityFlags = 0;
pkt << uint8(securityFlags); // security flags (0x0...0x04)
if (securityFlags & 0x01) // PIN input
{
pkt << uint32(0);
pkt << uint64(0) << uint64(0); // 16 bytes hash?
}
if (securityFlags & 0x02) // Matrix input
{
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint64(0);
}
if (securityFlags & 0x04) // Security token input
pkt << uint8(1);
accountPermissionMask_ = fields[4].GetUInt64();
_localizationName.resize(4);
for (int i = 0; i < 4; ++i)
_localizationName[i] = ch->country[4-i-1];
sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3], ch->country[2], ch->country[1], ch->country[0], GetLocaleByName(_localizationName));
send((char const*)pkt.contents(), pkt.size());
return true;
}示例14: _HandleLogonChallenge
//.........这里部分代码省略.........
);
///- If the account is banned, reject the logon attempt
stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_ACCBANNED);
stmt->setUInt32(0, res2->GetUInt32(1));
PreparedQueryResult banresult = LoginDatabase.Query(stmt);
if (banresult)
{
if (banresult->GetUInt64(0) == banresult->GetUInt64(1))
{
pkt << (uint8) WOW_FAIL_BANNED;
sLog.outBasic("[AuthChallenge] Banned account %s tries to login!", _login.c_str());
}
else
{
pkt << (uint8) WOW_FAIL_SUSPENDED;
sLog.outBasic("[AuthChallenge] Temporarily banned account %s tries to login!", _login.c_str());
}
}
else
{
///- Get the password from the account table, upper it, and make the SRP6 calculation
std::string rI = res2->GetString(0);
///- Don't calculate (v, s) if there are already some in the database
std::string databaseV = res2->GetString(5);
std::string databaseS = res2->GetString(6);
sLog.outDebug("database authentication values: v='%s' s='%s'", databaseV.c_str(), databaseS.c_str());
// multiply with 2, bytes are stored as hexstring
if (databaseV.size() != s_BYTE_SIZE*2 || databaseS.size() != s_BYTE_SIZE*2)
_SetVSFields(rI);
else
{
s.SetHexStr(databaseS.c_str());
v.SetHexStr(databaseV.c_str());
}
b.SetRand(19 * 8);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk3;
unk3.SetRand(16 * 8);
///- Fill the response packet with the result
pkt << uint8(WOW_SUCCESS);
// B may be calculated < 32B so we force minimal length to 32B
pkt.append(B.AsByteArray(32), 32); // 32 bytes
pkt << uint8(1);
pkt.append(g.AsByteArray(), 1);
pkt << uint8(32);
pkt.append(N.AsByteArray(32), 32);
pkt.append(s.AsByteArray(), s.GetNumBytes()); // 32 bytes
pkt.append(unk3.AsByteArray(16), 16);
uint8 securityFlags = 0;
pkt << uint8(securityFlags); // security flags (0x0...0x04)
if (securityFlags & 0x01) // PIN input
{
pkt << uint32(0);
pkt << uint64(0) << uint64(0); // 16 bytes hash?
}
if (securityFlags & 0x02) // Matrix input
{
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint8(0);
pkt << uint64(0);
}
if (securityFlags & 0x04) // Security token input
pkt << uint8(1);
uint8 secLevel = res2->GetUInt8(4);
_accountSecurityLevel = secLevel <= SEC_ADMINISTRATOR ? AccountTypes(secLevel) : SEC_ADMINISTRATOR;
_localizationName.resize(4);
for (int i = 0; i < 4; ++i)
_localizationName[i] = ch->country[4-i-1];
sLog.outBasic("[AuthChallenge] account %s is using '%c%c%c%c' locale (%u)", _login.c_str (), ch->country[3], ch->country[2], ch->country[1], ch->country[0], GetLocaleByName(_localizationName));
}
}
}
else //no account
{
pkt<< (uint8) WOW_FAIL_UNKNOWN_ACCOUNT;
}
}
socket().send((char const*)pkt.contents(), pkt.size());
return true;
}示例15: HandleChallenge
//.........这里部分代码省略.........
BAN_STATUS ipb = IPBanner::getSingleton().CalculateBanStatus(GetRemoteAddress());
switch(ipb)
{
case BAN_STATUS_PERMANENT_BAN:
SendChallengeError(CE_ACCOUNT_CLOSED);
return;
case BAN_STATUS_TIME_LEFT_ON_BAN:
SendChallengeError(CE_ACCOUNT_FREEZED);
return;
default:
break;
}
// Null-terminate the account string
if(m_challenge.I_len >= 0x50) { Disconnect(); return; }
m_challenge.I[m_challenge.I_len] = 0;
AccountName = (char*)&m_challenge.I;
string::size_type i = AccountName.rfind("#");
if( i != string::npos )
{
printf("# ACCOUNTNAME!\n");
return;
}
// Look up the account information
m_account = AccountMgr::getSingleton().GetAccount(AccountName);
if(m_account == 0)
{
DEBUG_LOG("AuthChallenge","Account Name: \"%s\" - Account state: INVALID", AccountName.c_str());
// Non-existant account
SendChallengeError(CE_NO_ACCOUNT);
return;
}
// Check that the account isn't banned.
if(m_account->Banned == 1)
{
SendChallengeError(CE_ACCOUNT_CLOSED);
Log.Notice("AuthChallenge","Account Name: \"%s\" - Account state: CLOSED", AccountName.c_str());
return;
}
else if(m_account->Banned > 0)
{
SendChallengeError(CE_ACCOUNT_FREEZED);
Log.Notice("AuthChallenge","Account Name: \"%s\" - Account state: FROZEN (%u)", AccountName.c_str(), m_account->Banned);
return;
}
else
Log.Notice("AuthChallenge","Account Name: \"%s\" - Account state: OK", AccountName.c_str());
// update cached locale
if(!m_account->forcedLocale)
{
char temp[4];
temp[0] = m_challenge.country[3];
temp[1] = m_challenge.country[2];
temp[2] = m_challenge.country[1];
temp[3] = m_challenge.country[0];
*(uint32*)&m_account->Locale[0] = *(uint32*)temp;
}
Sha1Hash sha;
//uint32 tc = s.GetNumBytes();
sha.UpdateData( s.AsByteArray(), 32 );
sha.UpdateData( m_account->SrpHash, 20 );
sha.Finalize();
BigNumber x;
x.SetBinary( sha.GetDigest(), sha.GetLength() );
v = g.ModExp(x, N);
b.SetRand(152);
BigNumber gmod = g.ModExp(b, N);
B = ((v * 3) + gmod) % N;
ASSERT(gmod.GetNumBytes() <= 32);
BigNumber unk;
unk.SetRand(128);
uint8 response[200];
uint32 c = 0;
response[c] = 0; c += 1;
response[c] = 0; c += 1;
response[c] = CE_SUCCESS; c += 1;
memcpy(&response[c], B.AsByteArray(), 32); c += 32;
response[c] = 1; c += 1;
response[c] = g.AsByteArray()[0]; c += 1;
response[c] = 32; c += 1;
memcpy(&response[c], N.AsByteArray(), 32); c += 32;
memcpy(&response[c], s.AsByteArray(), s.GetNumBytes()); c += s.GetNumBytes();
memcpy(&response[c], unk.AsByteArray(), 16); c += 16;
response[c] = 0; c += 1;
Send(response, c);
DEBUG_LOG("AuthSocket","Sending Success Response");
}