public override void Read(hsStream s) { fTransID = s.ReadUInt(); fResult = (ENetError)s.ReadInt(); fAcctGuid = pnHelpers.ReadUuid(s); fPermissions = s.ReadInt(); fAvatars = new pnVaultAvatarInfo[s.ReadInt()]; for (int i = 0; i < fAvatars.Length; i++) { fAvatars[i] = new pnVaultAvatarInfo(); fAvatars[i].Read(s); } }
private void IAcctLogin() { pnCli2Vault_AcctLoginRequest req = new pnCli2Vault_AcctLoginRequest(); req.Read(fStream); pnVault2Cli_AcctLoginReply reply = new pnVault2Cli_AcctLoginReply(); reply.fTransID = req.fTransID; reply.fResult = ENetError.kNetSuccess; try { pnSqlSelectStatement acct = new pnSqlSelectStatement(); acct.AddColumn("Idx"); acct.AddColumn("Password"); acct.AddColumn("Permissions"); acct.AddColumn("Guid"); acct.AddWhere("Username", req.fAccount); acct.Limit = 1; acct.Table = "Accounts"; IDataReader r = acct.Execute(fDb); uint? acctID = new uint?(); if (r.Read()) { // eap has made this password thing difficult for us... // Usernames that are email addresses do some strange SHA-0 stuff, // but normal usernames are just a SHA-1 hash. Lawd help us. byte[] gPass = pnHelpers.GetBytes(r["Password"].ToString()); if (req.fAccount.Contains('@')) gPass = pnHelpers.HashLogin(gPass, req.fCliChg, req.fSrvChg); // ... Nice, Microsoft. Neither the == operator nor the Equals method // actually tests the values >.< if (gPass.SequenceEqual(req.fHash)) { acctID = (uint)r["Idx"]; reply.fAcctGuid = new Guid(r["Guid"].ToString()); reply.fPermissions = (int)r["Permissions"]; if (reply.fPermissions == (int)pnAcctPerms.Banned) reply.fResult = ENetError.kNetErrAccountBanned; } else reply.fResult = ENetError.kNetErrAuthenticationFailed; } else // I realize there is an "Account Not Found" Error, but that's // kind of a security hole. reply.fResult = ENetError.kNetErrAuthenticationFailed; r.Close(); // Now grab the avatars if (acctID.HasValue) { pnSqlSelectStatement avatars = new pnSqlSelectStatement(); avatars.AddColumn("Model"); avatars.AddColumn("Name"); avatars.AddColumn("PlayerIdx"); avatars.AddWhere("AcctIdx", acctID.Value.ToString()); avatars.Limit = 5; avatars.Table = "Players"; r = avatars.Execute(fDb); List<pnVaultAvatarInfo> players = new List<pnVaultAvatarInfo>(); while (r.Read()) { pnVaultAvatarInfo info = new pnVaultAvatarInfo(); info.fModel = r["Model"].ToString(); info.fPlayerID = (uint)r["PlayerIdx"]; info.fPlayerName = r["Name"].ToString(); players.Add(info); } reply.fAvatars = players.ToArray(); r.Close(); } } catch (pnDbException e) { Error(e, "Database Error on Login"); reply.fResult = ENetError.kNetErrInternalError; } reply.Send(fStream); }
private void IOnAcctLoggedIn(ENetError result, Guid guid, int perms, pnVaultAvatarInfo[] avatars, object param) { if (result == ENetError.kNetSuccess) { fAcctGuid = guid; fPermissions = (pnAcctPerms)perms; } List<plNetStruct> toSend = new List<plNetStruct>(6); if (avatars != null) { foreach (pnVaultAvatarInfo info in avatars) { pnAuth2Cli_AcctPlayerInfo player = new pnAuth2Cli_AcctPlayerInfo(); player.fExplorer = 1; // HACK--always a "paying customer" player.fModel = info.fModel; player.fPlayerID = info.fPlayerID; player.fPlayerName = info.fPlayerName; player.fTransID = (uint)param; toSend.Add(player); } } pnAuth2Cli_AcctLoginReply reply = new pnAuth2Cli_AcctLoginReply(); reply.fAcctGuid = guid; reply.fBillingType = 1; // HACK--always a "paying customer" reply.fDroidKey = null; // FIXME reply.fResult = result; reply.fTransID = Convert.ToUInt32(param); toSend.Add(reply); // Only acquire this lock once :) lock (fStream) foreach (plNetStruct ns in toSend) ns.Send(fStream); }