public static void EventSink_GameLogin(GameLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted = false;

                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now);

                // tell other accounts on this IP what's going on
                IPLimiter.Notify(e.State.Address);
                return;
            }

            string un = e.Username;
            string pw = e.Password;

            Account acct = Accounts.GetAccount(un);

            if (acct == null)
            {
                e.Accepted = false;
            }
            else if (IPLimiter.IPStillHot(acct, e.State.Address))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'. IP too hot", e.State, un);
                e.Accepted = false;
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.Accepted = false;
            }
            else if (!acct.CheckPassword(pw))
            {
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                e.Accepted = false;
            }
            else if (acct.Banned)
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.Accepted = false;
            }
            else
            {
                acct.LogAccess(e.State);

                Console.WriteLine("Login: {0}: Account '{1}' at character list", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;
                e.CityInfo      = StartingCities;
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #2
0
        public static bool CanCreate(IPAddress ip)
        {
            if (!IPTable.ContainsKey(ip) || IPLimiter.IsExempt(ip))
            {
                return(true);
            }

            return(IPTable[ip] < MaxAccountsPerIP);
        }
Exemple #3
0
        public static void EventSink_GameLogin(GameLoginEventArgs e)
        {
            string un = e.Username;
            string pw = e.Password;

            Account acct = Accounts.GetAccount(un);

            if (TestCenter.Enabled && AutoAccountCreation && acct == null)
            {
                acct = CreateAccount(e.State, un, pw);
            }

            if (acct == null)
            {
                e.Accepted = false;
            }
            else if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address, acct))
            {
                e.Accepted = false;

                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now);
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.Accepted = false;
            }
            else if (!acct.CheckPassword(pw))
            {
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                e.Accepted = false;
            }
            else if (acct.Banned)
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.Accepted = false;
            }
            else
            {
                acct.LogAccess(e.State);

                Console.WriteLine("Login: {0}: Account '{1}' at character list", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;
                e.CityInfo      = StartingCities;
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #4
0
        public static void EventSink_GameLogin(GameLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted = false;

                log.Warn(String.Format("Login: {0}: Past IP limit threshold", e.State));

                return;
            }

            string un = e.Username;
            string pw = e.Password;

            Account acct = Accounts.GetAccount(un);

            if (acct == null)
            {
                e.Accepted = false;
            }
            else if (!acct.HasAccess(e.State))
            {
                log.Error(String.Format("Login: {0}: Access denied for '{1}'", e.State, un));
                e.Accepted = false;
            }
            else if (!acct.CheckPassword(pw))
            {
                log.Error(String.Format("Login: {0}: Invalid password for '{1}'", e.State, un));
                e.Accepted = false;
            }
            else if (acct.Banned)
            {
                log.Error(String.Format("Login: {0}: Banned account '{1}'", e.State, un));
                e.Accepted = false;
            }
            else
            {
                acct.LogAccess(e.State);

                log.Info(String.Format("Login: {0}: Account '{1}' at character list", e.State, un));
                e.State.Account = acct;
                e.Accepted      = true;
                e.CityInfo      = StartingCities;
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
        public static void EventSink_AccountLogin(AccountLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted     = false;
                e.RejectReason = ALRReason.InUse;

                logger.Information("Login: {0}: Past IP limit threshold", e.State);

                using var op = new StreamWriter("ipLimits.log", true);
                op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, Core.Now);

                return;
            }

            var un = e.Username;
            var pw = e.Password;

            e.Accepted = false;

            if (!(Accounts.GetAccount(un) is Account acct))
            {
                // To prevent someone from making an account of just '' or a bunch of meaningless spaces
                if (AutoAccountCreation && un.Trim().Length > 0)
                {
                    e.State.Account = acct = CreateAccount(e.State, un, pw);
                    e.Accepted      = acct?.CheckAccess(e.State) ?? false;

                    if (!e.Accepted)
                    {
                        e.RejectReason = ALRReason.BadComm;
                    }
                }
                else
                {
                    logger.Information("Login: {0}: Invalid username '{1}'", e.State, un);
                    e.RejectReason = ALRReason.Invalid;
                }
            }
Exemple #6
0
		public static void EventSink_AccountLogin( AccountLoginEventArgs e )
		{
			if ( !IPLimiter.SocketBlock && !IPLimiter.Verify( e.State.Address ) )
			{
				e.Accepted = false;
				e.RejectReason = ALRReason.InUse;

				Console.WriteLine( "Login: {0}: Past IP limit threshold", e.State );

				using ( StreamWriter op = new StreamWriter( "ipLimits.log", true ) )
					op.WriteLine( "{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now );

				return;
			}

			string un = e.Username;
			string pw = e.Password;

			e.Accepted = false;
            Account acct = Accounts.ServerAccounts.GetAccount(un) as Account;

			if ( acct == null )
			{
				if ( AutoAccountCreation && un.Trim().Length > 0 )	//To prevent someone from making an account of just '' or a bunch of meaningless spaces 
				{
					e.State.Account = acct = CreateAccount( e.State, un, pw );
					e.Accepted = acct == null ? false : acct.CheckAccess( e.State );

					if ( !e.Accepted )
						e.RejectReason = ALRReason.BadComm;
				}
				else
				{
					Console.WriteLine( "Login: {0}: Invalid username '{1}'", e.State, un );
					e.RejectReason = ALRReason.Invalid;
				}
			}
			else if ( !acct.HasAccess( e.State ) )
			{
				Console.WriteLine( "Login: {0}: Access denied for '{1}'", e.State, un );
				e.RejectReason = ( m_LockdownLevel > AccessLevel.Player ? ALRReason.BadComm : ALRReason.BadPass );
			}
			else if ( !acct.CheckPassword( pw ) )
			{
				Console.WriteLine( "Login: {0}: Invalid password for '{1}'", e.State, un );
				e.RejectReason = ALRReason.BadPass;
			}
			else if ( acct.Banned )
			{
				Console.WriteLine( "Login: {0}: Banned account '{1}'", e.State, un );
				e.RejectReason = ALRReason.Blocked;
			}
			else
			{
				Console.WriteLine( "Login: {0}: Valid credentials for '{1}'", e.State, un );
				e.State.Account = acct;
				e.Accepted = true;

				acct.LogAccess( e.State );
			}

			if ( !e.Accepted )
				AccountAttackLimiter.RegisterInvalidAccess( e.State );
		}
        public static void EventSink_GameLogin(GameLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted = false;

                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now);

                return;
            }

            string un = e.Username;
            string pw = e.Password;

            Account acct = Accounts.GetAccount(un) as Account;

            if (acct == null)
            {
                e.Accepted = false;
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.Accepted = false;
            }
            else if (!acct.CheckPassword(pw))
            {
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                e.Accepted = false;
                //*****Logging attempt*****
                try
                {
                    Stream       fileStream   = File.Open("Logs/LoginLogout/" + un + ".log", FileMode.Append, FileAccess.Write, FileShare.ReadWrite);
                    StreamWriter writeAdapter = new StreamWriter(fileStream);
                    writeAdapter.WriteLine(String.Format("{0}: Invalid password for {1} on {2}", e.State, un, DateTime.Now));
                    writeAdapter.Close();
                }
                catch
                {
                    Console.WriteLine("Record Error... {0} Login", un);
                }
                //**************************
            }
            else if (acct.Banned)
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.Accepted = false;
                //*****Logging attempt*****
                try
                {
                    Stream       fileStream   = File.Open("Logs/LoginLogout/" + un + ".log", FileMode.Append, FileAccess.Write, FileShare.ReadWrite);
                    StreamWriter writeAdapter = new StreamWriter(fileStream);
                    writeAdapter.WriteLine(String.Format("{0}: Banned account: {1} on {2}", e.State, un, DateTime.Now));
                    writeAdapter.Close();
                }
                catch
                {
                    Console.WriteLine("Record Error... {0} Login", un);
                }
                //**************************
            }
            else
            {
                acct.LogAccess(e.State);

                Console.WriteLine("Login: {0}: Account '{1}' at character list", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;
                e.CityInfo      = StartingCities;
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
        public static void EventSink_AccountLogin(AccountLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted     = false;
                e.RejectReason = ALRReason.InUse;

                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now);

                return;
            }

            string un = e.Username;
            string pw = e.Password;

            e.Accepted = false;
            Account acct = Accounts.GetAccount(un) as Account;

            if (acct == null)
            {
                if (AutoAccountCreation && un.Trim().Length > 0)                        //To prevent someone from making an account of just '' or a bunch of meaningless spaces
                {
                    e.State.Account = acct = CreateAccount(e.State, un, pw);
                    e.Accepted      = acct == null ? false : acct.CheckAccess(e.State);

                    if (!e.Accepted)
                    {
                        e.RejectReason = ALRReason.BadComm;
                    }
                }
                else
                {
                    Console.WriteLine("Login: {0}: Invalid username '{1}'", e.State, un);
                    e.RejectReason = ALRReason.Invalid;
                }
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.RejectReason = (m_LockdownLevel > AccessLevel.Player ? ALRReason.BadComm : ALRReason.BadPass);
            }
            else if (!acct.CheckPassword(pw))
            {
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                e.RejectReason = ALRReason.BadPass;
                //*****Logging attempt*****
                try
                {
                    Stream       fileStream   = File.Open("Logs/LoginLogout/" + un + ".log", FileMode.Append, FileAccess.Write, FileShare.ReadWrite);
                    StreamWriter writeAdapter = new StreamWriter(fileStream);
                    writeAdapter.WriteLine(String.Format("{0}: Invalid password for {1} on {2}", e.State, un, DateTime.Now));
                    writeAdapter.Close();
                }
                catch
                {
                    Console.WriteLine("Record Error... {0} Login", un);
                }
                //**************************
            }
            else if (acct.Banned)
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.RejectReason = ALRReason.Blocked;
                //*****Logging attempt*****
                try
                {
                    Stream       fileStream   = File.Open("Logs/LoginLogout/" + un + ".log", FileMode.Append, FileAccess.Write, FileShare.ReadWrite);
                    StreamWriter writeAdapter = new StreamWriter(fileStream);
                    writeAdapter.WriteLine(String.Format("{0}: Banned account: {1} on {2}", e.State, un, DateTime.Now));
                    writeAdapter.Close();
                }
                catch
                {
                    Console.WriteLine("Record Error... {0} Login", un);
                }
                //**************************
            }
            else
            {
                Console.WriteLine("Login: {0}: Valid credentials for '{1}'", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;

                acct.LogAccess(e.State);
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #9
0
        public static void EventSink_GameLogin(GameLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted = false;

                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now);

                // tell other accounts on this IP what's going on
                IPLimiter.Notify(e.State.Address);
                return;
            }

            // before a new logon to this shard, make sure to read in all queued password changes from all shards
            Account.ReadAllPasswords();

            string un = e.Username;
            string pw = e.Password;

            Account acct = Accounts.GetAccount(un);


            //PIX: Note - this won't work where the login server lives (in our case, AI), but it will work for
            // servers not the login server.  That's because the IPs get logged on those after this check.
            // On login servers, we'd have to move this code before the account access was logged.
            // Note also that we only check the last IP logged in from.  So if Person A has account a1 and
            // Person B has account b1, they can both play from IP address I1.  However, both won't be able
            // to access any other accounts.  If Person B then logs in from IP I2, another account can then
            // be accessed from IP I1, but then account b1 won't be able to log in from IP I1.
            // The idea of this is that we only ever let two accounts at a time log in from a single IP
            // address.  If one (or more) accounts move to a different IP, then another account can login
            // from the old IP.  This effectively stops any more than 2 accounts having a single IP as their
            // last accessed.
            #region IPBinderEnabled
            if (!Core.LoginServer && CoreAI.IsDynamicFeatureSet(CoreAI.FeatureBits.IPBinderEnabled))                    //Adam: disable via IPBinderEnabled for now until we can better understand the logon problems people are having
            {
                AccessLevel    aal      = AccessLevel.Player;
                List <Account> acctList = new List <Account>();
                int            countIP  = CountOfLastIPsEqualing(e.State.Address, out aal, out acctList);
                bool           boot     = false;

                if (acct != null &&
                    acctList.Contains(acct)
                    )
                {
                    //if we've got a valid account and the account's last ip is the current ip, allow login
                }
                else
                {
                    //Here then we're in the case where it's either a new account
                    // or the accout has a different last-game-login-ip, so make sure that
                    // that IP doesn't already have 2+ accounts
                    if (countIP >= 2 && aal <= AccessLevel.Player)
                    {
                        boot = true;                         //allow only 2 for Players
                    }
                    else if (countIP >= 3 && aal < AccessLevel.Administrator)
                    {
                        boot = true;                         //allow 3 for staff
                    }
                    else if (countIP >= 3)
                    {
                        //allow unlimited for Admins or greater
                        Console.WriteLine("Allowing unlimited IP access for {0} from {1}", e.Username, e.State);
                    }
                }

                if (boot)
                {
                    e.Accepted = false;

                    string strAccts = "";
                    foreach (Account a1 in acctList)
                    {
                        strAccts += ("[" + a1.Username + "]");
                    }

                    Console.WriteLine("Login: {0}({1}): Past OFFLINE IP limit threshold.  Accts: {2} ", e.Username, e.State, strAccts);
                    using (StreamWriter sw1 = new StreamWriter("offlineIPLimits.log", true))
                    {
                        sw1.WriteLine("{0}:{1}\tPast OFFLINE IP limit threshold\t{2}\tAccounts:{3}", e.Username, e.State, DateTime.Now, strAccts);

                        for (int i = 0; i < NetState.Instances.Count; ++i)
                        {
                            NetState compState = NetState.Instances[i];
                            if (e.State.Address.Equals(compState.Address) && compState.Mobile != null)
                            {
                                compState.Mobile.SendMessage(0x35, "You have exceeded the number of accounts authorized to connect from this address.");
                            }
                        }
                    }

                    return;
                }
            }
            #endregion

            //if we have a valid account on a non-primary shard, create it (assuming AutoAccountCreation is on)
            if (acct == null && !Core.LoginServer)
            {
                // there are NO STAFF accounts with this username and either you have NO accounts, or you have a matching account name and password for another shard.
                if (AutoAccountCreation && !Account.CheckAllStaff(null, un, false) && (!Account.CheckAllAccounts(un) || (Account.CheckAllAccounts(un) && Account.CheckAllPasswords(un, pw))))
                {
                    acct = CreateAccount(e.State, un, pw);
                }
                else
                {
                    if (Account.CheckAllStaff(null, un, false))
                    {
                        Console.WriteLine("Login: {0}: Invalid password for staff account '{1}'", e.State, un);
                    }
                    else if (Account.CheckAllAccounts(un))
                    {
                        Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                    }
                    else
                    {
                        Console.WriteLine("Login: {0}: Invalid username '{1}'", e.State, un);
                    }
                }
            }

            if (acct == null)
            {
                e.Accepted = false;
            }
            else if (IPLimiter.IPStillHot(acct, e.State.Address))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'. IP too hot", e.State, un);
                e.Accepted = false;
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.Accepted = false;
            }
            // You succeed login when your password matches some shard and no shards have a user with the same name with greater access
            else if (!(Account.CheckAllPasswords(un, pw) && !Account.CheckAllStaff(acct, un, true)))
            {
                if (Account.CheckAllStaff(acct, un, true))
                {
                    Console.WriteLine("Login: {0}: Invalid password or access level for staff account '{1}'", e.State, un);
                }
                else
                {
                    Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                }
                e.Accepted = false;
            }
            else if (acct.Banned)
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.Accepted = false;
            }
            else
            {
                acct.LogAccess(e.State);
                acct.LogGAMELogin(e.State);

                Console.WriteLine("Login: {0}: Account '{1}' at character list", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;
                e.CityInfo      = StartingCities;
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #10
0
        public static void EventSink_AccountLogin(AccountLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address, e.State.Account as Account))
            {
                e.Accepted     = false;
                e.RejectReason = ALRReason.InUse;

                log.Info("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter(Path.Combine(Core.Config.LogDirectory, "ipLimits.log"), true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.UtcNow);

                return;
            }

            string un = e.Username;
            string pw = e.Password;

            e.Accepted = false;
            Account acct = Accounts.GetAccount(un);

            if (acct == null)
            {
                if (AutoAccountCreation)
                {
                    e.State.Account = acct = CreateAccount(e.State, un, pw);
                    e.Accepted      = acct == null ? false : acct.CheckAccess(e.State);

                    if (!e.Accepted)
                    {
                        e.RejectReason = ALRReason.BadComm;
                    }
                }
                else
                {
                    log.Info("Login: {0}: Invalid username '{1}'", e.State, un);
                    e.RejectReason = ALRReason.Invalid;
                }
            }
            else if (!acct.HasAccess(e.State))
            {
                log.Info("Login: {0}: Access denied for '{1}'", e.State, un);
                e.RejectReason = (m_LockdownLevel > AccessLevel.Player ? ALRReason.BadComm : ALRReason.Invalid);
            }
            else if (!acct.CheckPassword(pw))
            {
                log.Info("Login: {0}: Invalid password for '{1}'", e.State, un);
                e.RejectReason = ALRReason.Invalid;
            }
            else if (acct.Banned)
            {
                log.Info("Login: {0}: Banned account '{1}'", e.State, un);
                e.RejectReason = ALRReason.Blocked;
            }
            else
            {
                log.Info("Login: {0}: Valid credentials for '{1}'", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;

                acct.LogAccess(e.State);
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
        public static void EventSink_AccountLogin(AccountLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted     = false;
                e.RejectReason = ALRReason.InUse;

                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now);

                // tell other accounts on this IP what's going on
                IPLimiter.Notify(e.State.Address);
                return;
            }

            string un = e.Username;
            string pw = e.Password;

            e.Accepted = false;
            Account acct = Accounts.GetAccount(un);

            if (acct == null)
            {
                if (AutoAccountCreation)
                {
                    e.State.Account = acct = CreateAccount(e.State, un, pw);
                    e.Accepted      = acct == null ? false : acct.CheckAccess(e.State);

                    if (!e.Accepted)
                    {
                        e.RejectReason = ALRReason.BadComm;
                    }
                }
                else
                {
                    Console.WriteLine("Login: {0}: Invalid username '{1}'", e.State, un);
                    e.RejectReason = ALRReason.Invalid;
                }
            }
            else if (IPLimiter.IPStillHot(acct, e.State.Address))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'. IP too hot", e.State, un);
                e.RejectReason = ALRReason.InUse;
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.RejectReason = (m_LockdownLevel > AccessLevel.Player ? ALRReason.BadComm : ALRReason.BadPass);
            }
            else if (!acct.CheckPassword(pw))
            {
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                e.RejectReason = ALRReason.BadPass;
            }
            else if (acct.Banned)
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.RejectReason = ALRReason.Blocked;
            }
            else
            {
                Console.WriteLine("Login: {0}: Valid credentials for '{1}'", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;

                acct.LogAccess(e.State);
                acct.LastLogin = DateTime.Now;
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #12
0
        public static void EventSink_AccountLogin(AccountLoginEventArgs e)
        {
            string un = e.Username;
            string pw = e.Password;

            e.Accepted = false;
            Account acct = Accounts.GetAccount(un) as Account;

            if ((acct == null || acct.AccessLevel == AccessLevel.Player) && !IPLimiter.SocketBlock &&
                !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted     = false;
                e.RejectReason = ALRReason.InUse;
                return;
            }

            if (acct == null)
            {
                if (AutoAccountCreation && un.Trim().Length > 0)
                //To prevent someone from making an account of just '' or a bunch of meaningless spaces
                {
                    e.State.Account = acct = CreateAccount(e.State, un, pw);
                    e.Accepted      = acct != null && acct.CheckAccess(e.State);

                    if (!e.Accepted)
                    {
                        e.RejectReason = ALRReason.BadComm;
                    }
                }
                else
                {
                    Console.WriteLine("Login: {0}: Invalid username '{1}'", e.State, un);
                    e.RejectReason = ALRReason.Invalid;
                }
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.RejectReason = (m_LockdownLevel > AccessLevel.Player ? ALRReason.BadComm : ALRReason.BadPass);
            }
            else if (!acct.CheckPassword(pw))
            {
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                e.RejectReason = ALRReason.BadPass;
            }
            else if (acct.Banned)
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.RejectReason = ALRReason.Blocked;
            }
            else
            {
                Console.WriteLine("Login: {0}: Valid credentials for '{1}'", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;

                //acct.LogAccess( e.State );
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #13
0
        public static void EventSink_AccountLogin(AccountLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted     = false;
                e.RejectReason = ALRReason.InUse;

                log.Info(String.Format("Login: {0}: Past IP limit threshold", e.State));

                return;
            }

            string un = e.Username;
            string pw = e.Password;

            e.Accepted = false;
            Account acct = Accounts.GetAccount(un);

            if (acct == null)
            {
                if (AutoAccountCreation)
                {
                    e.State.Account = acct = CreateAccount(e.State, un, pw);
                    e.Accepted      = acct == null ? false : acct.CheckAccess(e.State);

                    if (!e.Accepted)
                    {
                        e.RejectReason = ALRReason.BadComm;
                    }
                }
                else
                {
                    log.Warn(String.Format("Login: {0}: Invalid username '{1}'", e.State, un));
                    e.RejectReason = ALRReason.Invalid;
                }
            }
            else if (!acct.HasAccess(e.State))
            {
                log.Error(String.Format("Login: {0}: Access denied for '{1}'", e.State, un));
                e.RejectReason = (m_LockdownLevel > AccessLevel.Player ? ALRReason.BadComm : ALRReason.BadPass);
            }
            else if (!acct.CheckPassword(pw))
            {
                log.Error(String.Format("Login: {0}: Invalid password for '{1}'", e.State, un));
                e.RejectReason = ALRReason.BadPass;
            }
            else if (acct.Banned)
            {
                log.Error(String.Format("Login: {0}: Banned account '{1}'", e.State, un));
                e.RejectReason = ALRReason.Blocked;
            }
            else
            {
                log.Info(String.Format("Login: {0}: Valid credentials for '{1}'", e.State, un));
                e.State.Account = acct;
                e.Accepted      = true;

                acct.LogAccess(e.State);
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #14
0
        public static void EventSink_AccountLogin(AccountLoginEventArgs e)
        {
            // If the login attempt has already been rejected by another event handler
            // then just return
            if (e.Accepted == false)
            {
                return;
            }

            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted     = false;
                e.RejectReason = ALRReason.InUse;

                Utility.PushColor(ConsoleColor.Red);
                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);
                Utility.PopColor();

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.UtcNow);

                return;
            }

            string un = e.Username;
            string pw = e.Password;

            e.Accepted = false;
            Account acct = Accounts.GetAccount(un) as Account;

            if (acct == null)
            {
                if (AutoAccountCreation && un.Trim().Length > 0) // To prevent someone from making an account of just '' or a bunch of meaningless spaces
                {
                    e.State.Account = acct = CreateAccount(e.State, un, pw);
                    e.Accepted      = acct == null ? false : acct.CheckAccess(e.State);

                    if (!e.Accepted)
                    {
                        e.RejectReason = ALRReason.BadComm;
                    }
                }
                else
                {
                    Utility.PushColor(ConsoleColor.Red);
                    Console.WriteLine("Login: {0}: Invalid username '{1}'", e.State, un);
                    Utility.PopColor();
                    e.RejectReason = ALRReason.Invalid;
                }
            }
            else if (!acct.HasAccess(e.State))
            {
                Utility.PushColor(ConsoleColor.Red);
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                Utility.PopColor();
                e.RejectReason = (LockdownLevel > AccessLevel.VIP ? ALRReason.BadComm : ALRReason.BadPass);
            }
            else if (!acct.CheckPassword(pw))
            {
                Utility.PushColor(ConsoleColor.Red);
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                Utility.PopColor();
                e.RejectReason = ALRReason.BadPass;
            }
            else if (acct.Banned)
            {
                Utility.PushColor(ConsoleColor.Red);
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                Utility.PopColor();
                e.RejectReason = ALRReason.Blocked;
            }
            else
            {
                Utility.PushColor(ConsoleColor.Green);
                Console.WriteLine("Login: {0}: Valid credentials for '{1}'", e.State, un);
                Console.WriteLine("Client Type: {0}: {1}", e.State, e.State.IsEnhancedClient ? "Enhanced Client" : "Classic Client");
                Utility.PopColor();
                e.State.Account = acct;
                e.Accepted      = true;

                acct.LogAccess(e.State);
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #15
0
        public static void EventSink_AccountLogin(AccountLoginEventArgs e)
        {
            //Disallow direct logins to other servers if we are not a developer
            if (!Core.LoginServer && !Core.Developer)
            {
                Console.WriteLine("Login: You cannot login directly to this server without the -developer commandline switch");
                e.Accepted     = false;
                e.RejectReason = ALRReason.Blocked;
                return;
            }

            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted     = false;
                e.RejectReason = ALRReason.InUse;

                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now);

                // tell other accounts on this IP what's going on
                IPLimiter.Notify(e.State.Address);
                return;
            }

            // before a new logon to this shard, make sure to read in all queued password changes from all shards
            Account.ReadAllPasswords();

            string un = e.Username;
            string pw = e.Password;

            e.Accepted = false;
            Account acct = Accounts.GetAccount(un);

            if (acct == null)
            {                   // there are NO STAFF accounts with this username and either you have NO accounts, or you have a matching account name and password for another shard.
                if (AutoAccountCreation && !Account.CheckAllStaff(null, un, false) && (!Account.CheckAllAccounts(un) || (Account.CheckAllAccounts(un) && Account.CheckAllPasswords(un, pw))))
                {
                    e.State.Account = acct = CreateAccount(e.State, un, pw);
                    e.Accepted      = acct == null ? false : acct.CheckAccess(e.State);

                    if (!e.Accepted)
                    {
                        e.RejectReason = ALRReason.BadComm;
                    }
                }
                else
                {
                    if (Account.CheckAllStaff(null, un, false))
                    {
                        Console.WriteLine("Login: {0}: Invalid password for staff account '{1}'", e.State, un);
                        e.RejectReason = ALRReason.BadPass;
                    }
                    else if (Account.CheckAllAccounts(un))
                    {
                        Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                        e.RejectReason = ALRReason.BadPass;
                    }
                    else
                    {
                        Console.WriteLine("Login: {0}: Invalid username '{1}'", e.State, un);
                        e.RejectReason = ALRReason.Invalid;
                    }
                }
            }
            else if (IPLimiter.IPStillHot(acct, e.State.Address))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'. IP too hot", e.State, un);
                e.RejectReason = ALRReason.InUse;
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.RejectReason = (m_LockdownLevel > AccessLevel.Player ? ALRReason.BadComm : ALRReason.BadPass);
            }
            // You succeed login when your password matches some shard and no shards have a user with the same name with greater access
            else if (!(Account.CheckAllPasswords(un, pw) && !Account.CheckAllStaff(acct, un, true)))
            {
                if (Account.CheckAllStaff(acct, un, true))
                {
                    Console.WriteLine("Login: {0}: Invalid password or access level for staff account '{1}'", e.State, un);
                }
                else
                {
                    Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                }
                e.RejectReason = ALRReason.BadPass;
            }
            else if (acct.CheckBanned())
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.RejectReason = ALRReason.Blocked;
            }
            else
            {
                Console.WriteLine("Login: {0}: Valid credentials for '{1}'", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;

                acct.LogAccess(e.State);
                acct.LastLogin = DateTime.Now;
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #16
0
        public static void EventSink_GameLogin(GameLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted = false;

                Utility.PushColor(ConsoleColor.Red);
                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);
                Utility.PopColor();

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.UtcNow);

                return;
            }

            string un = e.Username;
            string pw = e.Password;

            Account acct = Accounts.GetAccount(un) as Account;

            if (acct == null)
            {
                e.Accepted = false;
            }
            else if (!acct.HasAccess(e.State))
            {
                Utility.PushColor(ConsoleColor.Red);
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                Utility.PopColor();
                e.Accepted = false;
            }
            else if (!acct.CheckPassword(pw))
            {
                Utility.PushColor(ConsoleColor.Red);
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                Utility.PopColor();
                e.Accepted = false;
            }
            else if (acct.Banned)
            {
                Utility.PushColor(ConsoleColor.Red);
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                Utility.PopColor();
                e.Accepted = false;
            }
            else
            {
                acct.LogAccess(e.State);

                Utility.PushColor(ConsoleColor.Yellow);
                Console.WriteLine("Login: {0}: Account '{1}' at character list", e.State, un);
                Utility.PopColor();
                e.State.Account = acct;
                e.Accepted      = true;

                if (Siege.SiegeShard)
                {
                    e.CityInfo = SiegeStartingCities;
                }
                else if (!Core.UOR)
                {
                    e.CityInfo = StartingCitiesT2A;
                }
                else if (!Core.SA)
                {
                    e.CityInfo = StartingCities;
                }
                else
                {
                    e.CityInfo = StartingCitiesSA;
                }
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }
Exemple #17
0
        public static void EventSink_GameLogin(GameLoginEventArgs e)
        {
            if (!IPLimiter.SocketBlock && !IPLimiter.Verify(e.State.Address))
            {
                e.Accepted = false;

                Console.WriteLine("Login: {0}: Past IP limit threshold", e.State);

                using (StreamWriter op = new StreamWriter("ipLimits.log", true))
                    op.WriteLine("{0}\tPast IP limit threshold\t{1}", e.State, DateTime.Now);

                return;
            }

            string un = e.Username;
            string pw = e.Password;

            //Account acct = Accounts.GetAccount( un ) as Account;

/*** BEGIN ADDED CODE ***/

            SyncDB.PullAccount(un);

            Account acct = Accounts.GetAccount(un) as Account;

/*
 *                      if (acct == null) {
 * Console.WriteLine("pulling {0}", un);
 *                              System.Reflection.Assembly[] assemblies = System.AppDomain.CurrentDomain.GetAssemblies();
 *                              foreach (System.Reflection.Assembly assembly in assemblies) {
 *                                      try {
 *                                              Type syncdb = assembly.GetType("Server.Accounting.SyncDB");
 *                                              if (syncdb != null) {
 * Console.WriteLine("found type SyncDB {0} in {1}", syncdb, assembly);
 *                                                      syncdb.InvokeMember("PullAccount",
 *                                                                                              System.Reflection.BindingFlags.InvokeMethod | System.Reflection.BindingFlags.Static | System.Reflection.BindingFlags.Public,
 *                                                                                              null,
 *                                                                                              null,
 *                                                                                              new Object[]{ un });
 * Console.WriteLine("after PullAccount");
 *                                                      break;
 *                                              }
 *                                      } catch (Exception ex) {
 * Console.WriteLine("during PullAccount: {0}", ex);
 *                                      }
 *                              }
 *
 *                              acct = Accounts.GetAccount( un ) as Account;
 *                      }
 */
/*** END ADDED CODE ***/


            if (acct == null)
            {
                e.Accepted = false;
            }
            else if (!acct.HasAccess(e.State))
            {
                Console.WriteLine("Login: {0}: Access denied for '{1}'", e.State, un);
                e.Accepted = false;
            }
            else if (!acct.CheckPassword(pw))
            {
                Console.WriteLine("Login: {0}: Invalid password for '{1}'", e.State, un);
                e.Accepted = false;
            }
            else if (acct.Banned)
            {
                Console.WriteLine("Login: {0}: Banned account '{1}'", e.State, un);
                e.Accepted = false;
            }
            else
            {
                acct.LogAccess(e.State);

                Console.WriteLine("Login: {0}: Account '{1}' at character list", e.State, un);
                e.State.Account = acct;
                e.Accepted      = true;
                e.CityInfo      = StartingCities;
            }

            if (!e.Accepted)
            {
                AccountAttackLimiter.RegisterInvalidAccess(e.State);
            }
        }