/// <summary>
/// Validates the auth-info sent by the client.
/// Called within the IO-Queue's Context
/// </summary>
/// <returns>The session key or null if authentication failed</returns>
private static bool ValidateAuthentication(IRealmClient client, string accountName)
{
var authInfo = RealmServer.Instance.GetAuthenticationInfo(accountName);
if (authInfo == null)
{
RealmServer.Instance.Error(client, Resources.FailedToRetrieveAccount, accountName);
LoginHandler.SendAuthSessionErrorReply(client, LoginErrorCode.AUTH_FAILED);
}
else
{
try
{
client.SessionKey = authInfo.SessionKey;
client.Info = ClientInformation.Deserialize(authInfo.SystemInformation);
var srp = new SecureRemotePassword(accountName, authInfo.Verifier, authInfo.Salt);
BigInteger clientVerifier = srp.Hash(srp.Username, new byte[4], client.ClientSeed, RealmServer.Instance.AuthSeed, client.SessionKey);
if (clientVerifier != client.ClientDigest)
{
LoginHandler.SendAuthSessionErrorReply(client, LoginErrorCode.AUTH_FAILED);
}
else
{
return(true);
}
}
catch (Exception e)
{
LogUtil.ErrorException(e, false, "Failed to validate authentication of Account " + accountName);
LoginHandler.SendAuthSessionErrorReply(client, LoginErrorCode.AUTH_FAILED);
}
}
return(false);
}