Core/Authserver: Removal of sha_pass_hash, compatibility fields, and everything that uses them.
Port From (https://github.com/TrinityCore/TrinityCore/commit/e0e3bae82cfb6c70ba810997104054ab6ca77e99)
This commit is contained in:
@@ -27,8 +27,6 @@ namespace BNetServer
|
||||
if (!StartDB())
|
||||
ExitNow();
|
||||
|
||||
FixLegacyAuthHashes();
|
||||
|
||||
string bindIp = ConfigMgr.GetDefaultValue("BindIP", "0.0.0.0");
|
||||
|
||||
var restSocketServer = new SocketManager<RestSession>();
|
||||
@@ -89,47 +87,6 @@ namespace BNetServer
|
||||
Environment.Exit(-1);
|
||||
}
|
||||
|
||||
static void FixLegacyAuthHashes()
|
||||
{
|
||||
Log.outInfo(LogFilter.Server, "Updating password hashes...");
|
||||
uint start = Time.GetMSTime();
|
||||
// the auth update query nulls salt/verifier if they cannot be converted
|
||||
// if they are non-null but s/v have been cleared, that means a legacy tool touched our auth DB (otherwise, the core might've done it itself, it used to use those hacks too)
|
||||
SQLResult result = DB.Login.Query("SELECT id, sha_pass_hash, IF((salt IS null) AND (verifier IS null), 0, 1) AS shouldWarn FROM account WHERE s != DEFAULT(s) OR v != DEFAULT(v) OR salt IS NULL OR verifier IS NULL");
|
||||
if (result.IsEmpty())
|
||||
{
|
||||
Log.outInfo(LogFilter.Server, $"No password hashes to update - this took us {Time.GetMSTimeDiffToNow(start)} ms to realize");
|
||||
return;
|
||||
}
|
||||
|
||||
bool hadWarning = false;
|
||||
uint count = 0;
|
||||
SQLTransaction trans = new();
|
||||
do
|
||||
{
|
||||
uint id = result.Read<uint>(0);
|
||||
(byte[] salt, byte[] verifier) = SRP6.MakeRegistrationDataFromHash(result.Read<string>(1).ToByteArray());
|
||||
|
||||
if (result.Read<long>(2) != 0 && !hadWarning)
|
||||
{
|
||||
hadWarning = true;
|
||||
Log.outWarn(LogFilter.Server, "(!) You appear to be using an outdated external account management tool.\n(!!) This is INSECURE, has been deprecated, and will cease to function entirely in the near future.\n(!) Update your external tool.\n(!!) If no update is available, refer your tool's developer to https://github.com/TrinityCore/TrinityCore/issues/25157.");
|
||||
}
|
||||
|
||||
PreparedStatement stmt = DB.Login.GetPreparedStatement(LoginStatements.UPD_LOGON);
|
||||
stmt.AddValue(0, salt);
|
||||
stmt.AddValue(1, verifier);
|
||||
stmt.AddValue(2, id);
|
||||
trans.Append(stmt);
|
||||
|
||||
++count;
|
||||
} while (result.NextRow());
|
||||
|
||||
DB.Login.CommitTransaction(trans);
|
||||
|
||||
Log.outInfo(LogFilter.Server, $"{count} password hashes updated in {Time.GetMSTimeDiffToNow(start)} ms");
|
||||
}
|
||||
|
||||
static void BanExpiryCheckTimer_Elapsed(object sender, ElapsedEventArgs e)
|
||||
{
|
||||
DB.Login.Execute(DB.Login.GetPreparedStatement(LoginStatements.DelExpiredIpBans));
|
||||
|
||||
Reference in New Issue
Block a user