/// <summary> /// Client sent a response to our challenge, as well as account name and password. /// </summary> public static void HandleChallengeResponse(NetworkClient Client, ProcessedPacket P) { PacketStream OutPacket; if (P.BufferLength <= 1) { OutPacket = new PacketStream((byte)PacketType.LOGIN_FAILURE, 0); OutPacket.WriteByte(0x03); //Bad challenge response. Client.Send(OutPacket.ToArray()); Logger.LogInfo("Bad challenge response - sent SLoginFailResponse!\r\n"); return; //How does this even happen?! } int Length = P.ReadByte(); byte[] CResponse; if (P.BufferLength >= Length) { CResponse = P.ReadBytes(Length); } else { return; } AESDecryptionArgs DecryptionArgs = Client.ClientEncryptor.GetDecryptionArgsContainer().AESDecryptArgs; if (DecryptionArgs.Challenge.SequenceEqual(CResponse)) { string AccountName = SanitizeAccount(P.ReadString()); Length = P.ReadByte(); byte[] PasswordHash; if (P.BufferLength >= Length) { PasswordHash = P.ReadBytes(Length); } else { return; } // Check whether the accountname is empty or is/contains "username" if (AccountName == string.Empty || AccountName.ToLower().Equals("username") || AccountName.ToLower().Contains("username")) { OutPacket = new PacketStream((byte)PacketType.LOGIN_FAILURE, 0); OutPacket.WriteHeader(); OutPacket.WriteUInt16((ushort)(PacketHeaders.UNENCRYPTED + 1)); OutPacket.WriteByte(0x01); Client.Send(OutPacket.ToArray()); Logger.LogInfo(@"Bad accountname (""" + AccountName + @""") - sent SLoginFailResponse!\r\n"); Client.Disconnect(); return; } using (var db = DataAccess.Get()) { var account = db.Accounts.GetByUsername(AccountName); if (!GlobalSettings.Default.CreateAccountsOnLogin) { Logger.LogInfo("Done reading LoginRequest, checking account...\r\n"); if (account == null) { OutPacket = new PacketStream((byte)PacketType.LOGIN_FAILURE, 0); OutPacket.WriteHeader(); OutPacket.WriteUInt16((ushort)(PacketHeaders.UNENCRYPTED + 1)); OutPacket.WriteByte(0x01); Client.Send(OutPacket.ToArray()); Logger.LogInfo(@"Bad accountname (""" + AccountName + @""") - sent SLoginFailResponse!\r\n"); Client.Disconnect(); return; } } else { if (account == null) { try { if (!AccountName.ToLower().Equals("username") || !AccountName.ToLower().Contains("username")) { db.Accounts.Create(new Account { AccountName = AccountName.ToLower(), Password = Convert.ToBase64String(PasswordHash) }); } } catch (Exception) { OutPacket = new PacketStream((byte)PacketType.LOGIN_FAILURE, 0); OutPacket.WriteHeader(); OutPacket.WriteUInt16((ushort)(PacketHeaders.UNENCRYPTED + 1)); OutPacket.WriteByte(0x01); Client.Send(OutPacket.ToArray()); Logger.LogInfo(@"Bad accountname (""" + AccountName + @""") - sent SLoginFailResponse!\r\n"); Client.Disconnect(); return; } account = db.Accounts.GetByUsername(AccountName); } } if (account.IsCorrectPassword(AccountName, PasswordHash)) { OutPacket = new PacketStream((byte)PacketType.LOGIN_SUCCESS, 0); OutPacket.WriteByte(0x01); Client.ClientEncryptor.Username = AccountName; Client.SendEncrypted((byte)PacketType.LOGIN_SUCCESS, OutPacket.ToArray()); Logger.LogInfo("Sent SLoginSuccessResponse!\r\n"); return; } else { OutPacket = new PacketStream((byte)PacketType.LOGIN_FAILURE, 0); OutPacket.WriteHeader(); OutPacket.WriteUInt16((ushort)(PacketHeaders.UNENCRYPTED + 1)); OutPacket.WriteByte(0x02); Client.Send(OutPacket.ToArray()); Logger.LogInfo("Bad password - sent SLoginFailResponse!\r\n"); Client.Disconnect(); return; } } } OutPacket = new PacketStream((byte)PacketType.LOGIN_FAILURE, 0); OutPacket.WriteHeader(); OutPacket.WriteUInt16((ushort)(PacketHeaders.UNENCRYPTED + 1)); OutPacket.WriteByte(0x03); //Bad challenge response. Client.Send(OutPacket.ToArray()); Logger.LogInfo("Bad challenge response - sent SLoginFailResponse!\r\n"); return; }
/// <summary> /// Client wanted to log in! /// </summary> public static void HandleLoginRequest(NetworkClient Client, ProcessedPacket P) { try { Logger.LogInfo("Received LoginRequest!\r\n"); byte Version1 = (byte)P.ReadByte(); byte Version2 = (byte)P.ReadByte(); byte Version3 = (byte)P.ReadByte(); byte Version4 = (byte)P.ReadByte(); string ClientVersion = Version1.ToString() + "." + Version2.ToString() + "." + Version3.ToString() + "." + Version4.ToString(); if (ClientVersion != GlobalSettings.Default.ClientVersion) { PacketStream OutPacket = new PacketStream((byte)PacketType.INVALID_VERSION, 2); OutPacket.WriteHeader(); OutPacket.WriteByte(0x01); Client.Send(OutPacket.ToArray()); Logger.LogInfo("Bad version - sent SInvalidVersion!\r\n"); Client.Disconnect(); return; } PacketStream EncryptedPacket = new PacketStream((byte)PacketType.LOGIN_NOTIFY, 0); EncryptedPacket.WriteHeader(); AESEncryptor Enc = (AESEncryptor)Client.ClientEncryptor; if (Enc == null) { Enc = new AESEncryptor(""); } Enc.PublicKey = P.ReadBytes((P.ReadByte())); Enc.NOnce = P.ReadBytes((P.ReadByte())); Enc.PrivateKey = NetworkFacade.ServerKey; Client.ClientEncryptor = Enc; MemoryStream StreamToEncrypt = new MemoryStream(); BinaryWriter Writer = new BinaryWriter(StreamToEncrypt); Writer.Write(Enc.Challenge, 0, Enc.Challenge.Length); Writer.Flush(); byte[] EncryptedData = StaticStaticDiffieHellman.Encrypt(NetworkFacade.ServerKey, System.Security.Cryptography.ECDiffieHellmanCngPublicKey.FromByteArray(Enc.PublicKey, System.Security.Cryptography.CngKeyBlobFormat.EccPublicBlob), Enc.NOnce, StreamToEncrypt.ToArray()); EncryptedPacket.WriteUInt16((ushort)(PacketHeaders.UNENCRYPTED + (1 + NetworkFacade.ServerPublicKey.Length) + (1 + EncryptedData.Length))); EncryptedPacket.WriteByte((byte)NetworkFacade.ServerPublicKey.Length); EncryptedPacket.WriteBytes(NetworkFacade.ServerPublicKey); EncryptedPacket.WriteByte((byte)EncryptedData.Length); EncryptedPacket.WriteBytes(EncryptedData); Client.Send(EncryptedPacket.ToArray()); } //This should HOPEFULLY wade off clients sending unreadable (I.E old protocol) packets... catch (Exception E) { Logger.LogDebug("Error while handling login request, disconnecting client: " + E.ToString()); Client.Disconnect(); return; } }