/// <summary>
/// Client passed login challenge and can be logged in
/// </summary>
/// <param name="client"></param>
private static void LoginClient(IAuthClient client)
{
var acc = client.Account;
if (acc == null)
{
// Pass and username are identical so an Account can be auto-created
// the corresponding check happened before
s_log.Debug(Resources.AutocreatingAccount, client.AccountName);
if (AccountMgr.DoesAccountExist(client.AccountName))
{
// account was already created
SendAuthProofErrorReply(client, AccountStatus.Failure);
return;
}
acc = AutoCreateAccount(client);
}
var authInfo = new AuthenticationInfo
{
SessionKey = client.Authenticator.SRP.SessionKey.GetBytes(40),
Salt = client.Authenticator.SRP.Salt.GetBytes(32),
Verifier = client.Authenticator.SRP.Verifier.GetBytes(),
SystemInformation = ClientInformation.Serialize(client.Info)
};
client.Server.StoreAuthenticationInfo(client.AccountName, authInfo);
acc.OnLogin(client);
SendAuthProofSuccessReply(client);
}
public AuthenticationRecord(string accName, AuthenticationInfo srp)
{
AccName = accName;
AuthInfo = srp;
}
private static void AutocreateAccountCallback(IAuthClient client, Account acct)
{
if (acct == null)
{
OnLoginError(client, AccountStatus.InvalidInformation);
return;
}
var authInfo = new AuthenticationInfo {
SessionKey = client.Authenticator.SRP.SessionKey.GetBytes(40),
Salt = client.Authenticator.SRP.Salt.GetBytes(32),
Verifier = client.Authenticator.SRP.Verifier.GetBytes(),
SystemInformation = ClientInformation.Serialize(client.ClientInfo)
};
client.Server.StoreAuthenticationInfo(client.CurrentUser, authInfo);
SendAuthProofSuccessReply(client);
}
public bool IsReconnectProofValid(PacketIn packet, AuthenticationInfo authInfo)
{
//md5 hash of account name and secure random
byte[] md5Hash = packet.ReadBytes(16);
//byte[20] sha1 hash of accountname, md5 from above, reconnectProof, byte[40] sessionkey
byte[] shaHash1 = packet.ReadBytes(20);
//byte[20] sha1 hash of md5 from above and byte[20] (all zero)
byte[] shaHash2 = packet.ReadBytes(20);
byte[] username = Encoding.ASCII.GetBytes(m_srp.Username);
var sha = new SHA1Managed();
sha.TransformBlock(username, 0, username.Length, username, 0);
sha.TransformBlock(md5Hash, 0, md5Hash.Length, md5Hash, 0);
sha.TransformBlock(ReconnectProof, 0, ReconnectProof.Length, ReconnectProof, 0);
sha.TransformBlock(authInfo.SessionKey, 0, authInfo.SessionKey.Length, authInfo.SessionKey, 0);
byte[] hash = sha.TransformFinalBlock(new byte[0], 0, 0);
for (int i = 0; i < 20; i++)
{
if (shaHash1[i] != hash[i])
return false;
}
return true;
}
public static void AuthProofRequest(IAuthClient client, AuthPacketIn packet)
{
if (client.Authenticator == null)
{
client.Server.DisconnectClient(client);
}
else
{
if (client.Authenticator.IsClientProofValid(packet))
{
if (client.IsAutocreated)
{
// Their stuff matched, which means they gave us the same password
// as their username, which is what must occur to autocreate. Create
// the account for them before proceeding.
s_log.Debug(Resources.AutocreatingAccount, client.CurrentUser);
string role;
if (IPAddress.IsLoopback(client.ClientAddress))
{
// local users get the highest role
role = RoleGroupInfo.HighestRole.Name;
}
else
{
// remote users get default role
role = AuthServerConfiguration.DefaultRole;
}
var acctCreateQuery = QueryFactory.CreateResultQuery(
() => AccountMgr.Instance.CreateAccount(
client.CurrentUser,
client.Authenticator.SRP.Credentials.GetBytes(20),
null,
role,
ClientId.Wotlk
),
AutocreateAccountCallback,
client
);
client.Server.EnqueueTask(acctCreateQuery);
}
else
{
// The following was sent twice
var authInfo = new AuthenticationInfo {
SessionKey = client.Authenticator.SRP.SessionKey.GetBytes(40),
Salt = client.Authenticator.SRP.Salt.GetBytes(32),
Verifier = client.Authenticator.SRP.Verifier.GetBytes(),
SystemInformation = ClientInformation.Serialize(client.ClientInfo)
};
client.Server.StoreAuthenticationInfo(client.CurrentUser, authInfo);
SendAuthProofSuccessReply(client);
}
}
else
{
s_log.Debug(Resources.InvalidClientProof, client.CurrentUser);
OnLoginError(client, AccountStatus.InvalidInformation);
}
}
}
