public void HandleAuthLogonChallenge(RealmClass session, PacketReader data)
{
Log.Message(LogType.NORMAL, "AuthLogonChallenge");
data.Skip(10);
ushort ClientBuild = data.ReadUInt16();
data.Skip(8);
account.Language = data.ReadStringFromBytes(4);
data.Skip(4);
account.IP = data.ReadIPAddress();
account.Name = data.ReadAccountName();
SQLResult result = DB.Realms.Select("SELECT id, name, password, expansion, gmlevel, securityFlags FROM accounts WHERE name = '{0}'", account.Name);
var res = result.Read("id", "name", "password", "expansion", "securityFlags");
PacketWriter logonChallenge = new PacketWriter();
logonChallenge.WriteUInt8((byte)ClientLink.CMD_AUTH_LOGON_CHALLENGE);
logonChallenge.WriteUInt8(0);
if (result.Count != 0)
{
account.Id = result.Read<Int32>("id");
account.Expansion = result.Read<Byte>("expansion");
account.SecurityFlags = result.Read<Byte>("securityFlags");
DB.Realms.Execute("UPDATE accounts SET ip = '{0}', language = '{1}' WHERE id = {2}", account.IP, account.Language, account.Id);
byte[] username = Encoding.UTF8.GetBytes(result.Read<String>("name").ToUpper());
byte[] password = Encoding.UTF8.GetBytes(result.Read<String>("password").ToUpper());
// WoW 5.1.0.16309 (5.1.0)
if (ClientBuild == 16309)
{
session.SecureRemotePassword.CalculateX(username, password);
byte[] buf = new byte[0x10];
SRP6.RAND_bytes(buf, 0x10);
logonChallenge.WriteUInt8((byte)AuthResults.WOW_SUCCESS);
logonChallenge.WriteBytes(session.SecureRemotePassword.B);
logonChallenge.WriteUInt8(1);
logonChallenge.WriteUInt8(session.SecureRemotePassword.g[0]);
logonChallenge.WriteUInt8(0x20);
logonChallenge.WriteBytes(session.SecureRemotePassword.N);
logonChallenge.WriteBytes(session.SecureRemotePassword.salt);
logonChallenge.WriteBytes(buf);
// Security flags
logonChallenge.WriteUInt8(account.SecurityFlags);
// Enable authenticator
if ((account.SecurityFlags & 4) != 0)
logonChallenge.WriteUInt8(1);
}
}
else
logonChallenge.WriteUInt8((byte)AuthResults.WOW_FAIL_UNKNOWN_ACCOUNT);
session.Send(logonChallenge);
}
public void HandleAuthLogonChallenge(PacketReader data)
{
Log.Message(LogType.NORMAL, "AuthLogonChallenge");
data.Skip(10);
ushort ClientBuild = data.Read<ushort>();
data.Skip(8);
account.Language = data.ReadStringFromBytes(4);
data.Skip(4);
account.IP = data.ReadIPAddress();
account.Name = data.ReadAccountName();
SQLResult result = DB.Realms.Select("SELECT id, name, password, expansion, gmlevel, securityFlags, online FROM accounts WHERE name = ?", account.Name);
using (var logonChallenge = new PacketWriter())
{
logonChallenge.WriteUInt8((byte)ClientLink.CMD_AUTH_LOGON_CHALLENGE);
logonChallenge.WriteUInt8(0);
if (result.Count != 0)
{
if (result.Read<bool>(0, "online"))
{
logonChallenge.WriteUInt8((byte)AuthResults.WOW_FAIL_ALREADY_ONLINE);
Send(logonChallenge);
return;
}
account.Id = result.Read<Int32>(0, "id");
account.Expansion = result.Read<Byte>(0, "expansion");
account.SecurityFlags = result.Read<Byte>(0, "securityFlags");
DB.Realms.Execute("UPDATE accounts SET ip = ?, language = ? WHERE id = ?", account.IP, account.Language, account.Id);
var username = result.Read<String>(0, "name").ToUpperInvariant();
var password = result.Read<String>(0, "password").ToUpperInvariant();
// WoW 5.2.0.16826
if (ClientBuild == 16826)
{
SecureRemotePassword.CalculateX(username, password);
var randBytes = new byte[0x10];
var random = RNGCryptoServiceProvider.Create();
random.GetBytes(randBytes);
logonChallenge.WriteUInt8((byte)AuthResults.WOW_SUCCESS);
logonChallenge.WriteBytes(SecureRemotePassword.B);
logonChallenge.WriteUInt8(1);
logonChallenge.WriteUInt8(SecureRemotePassword.g.ToByteArray()[0]);
logonChallenge.WriteUInt8(0x20);
logonChallenge.WriteBytes(SecureRemotePassword.N);
logonChallenge.WriteBytes(SecureRemotePassword.Salt);
logonChallenge.WriteBytes(randBytes);
// Security flags
logonChallenge.WriteUInt8(account.SecurityFlags);
// Enable authenticator
if ((account.SecurityFlags & 4) != 0)
logonChallenge.WriteUInt8(1);
}
}
else
logonChallenge.WriteUInt8((byte)AuthResults.WOW_FAIL_UNKNOWN_ACCOUNT);
Send(logonChallenge);
}
}