Authenticate world admin prior to checking against a world short name [skip ci]

2026-02-16 21:12:26 +00:00 · 2019-07-09 17:39:06 -05:00 · 2019-07-09 17:39:06 -05:00 · 32e8a0fa45
commit 32e8a0fa45
parent 193dbe5938
3 changed files with 48 additions and 14 deletions
--- a/loginserver/database.cpp
+++ b/loginserver/database.cpp
@ -320,14 +320,12 @@ void Database::UpdateLoginHash(

 /**
 * @param short_name
- * @param remote_ip
- * @param local_ip
+ * @param login_world_server_admin_id
 * @return
 */
 Database::DbWorldRegistration Database::GetWorldRegistration(
 	const std::string &short_name,
-	const std::string &remote_ip,
-	const std::string &local_ip
+	uint32 login_world_server_admin_id
 )
 {
 	auto query = fmt::format(
@ -342,8 +340,9 @@ Database::DbWorldRegistration Database::GetWorldRegistration(
 		"  login_world_servers AS WSR\n"
 		"  JOIN login_server_list_types AS SLT ON WSR.login_server_list_type_id = SLT.id\n"
 		"WHERE\n"
-		"  WSR.short_name = '{0}' LIMIT 1",
-		EscapeString(short_name)
+		"  WSR.short_name = '{0}' WSR.login_server_admin_id = {1} AND LIMIT 1",
+		EscapeString(short_name),
+		login_world_server_admin_id
 	);

 	Database::DbWorldRegistration world_registration{};
--- a/loginserver/database.h
+++ b/loginserver/database.h
@ -154,14 +154,12 @@ public:
 	 * Returns true if the record was found, false otherwise
 	 *
 	 * @param short_name
-	 * @param remote_ip
-	 * @param local_ip
+	 * @param login_world_server_admin_id
 	 * @return
 	 */
 	Database::DbWorldRegistration GetWorldRegistration(
 		const std::string &short_name,
-		const std::string &remote_ip,
-		const std::string &local_ip
+		uint32 login_world_server_admin_id
 	);

 	/**
--- a/loginserver/world_server.cpp
+++ b/loginserver/world_server.cpp
@ -505,11 +505,49 @@ void WorldServer::Handle_NewLSInfo(ServerNewLSInfo_Struct *new_world_server_info
 		}
 	}

+	uint32 world_server_admin_id = 0;
+
+	/**
+	 * If our world is trying to authenticate, let's try and pull the owner first to try associating
+	 * with a world short_name
+	 */
+	if (!GetAccountName().empty() && !GetAccountPassword().empty()) {
+		Database::DbLoginServerAdmin
+			login_server_admin = server.db->GetLoginServerAdmin(GetAccountName());
+
+		if (login_server_admin.loaded) {
+			LogDebug(
+				"WorldServer::Handle_NewLSInfo | Attempting to authenticate world admin... [{0}] ({1}) against worldserver [{2}]",
+				GetAccountName(),
+				login_server_admin.id,
+				GetServerShortName()
+			);
+
+			/**
+			 * Validate password hash
+			 */
+			auto mode = server.options.GetEncryptionMode();
+			if (eqcrypt_verify_hash(
+				GetAccountName(),
+				GetAccountPassword(),
+				login_server_admin.account_password,
+				mode
+			)) {
+				LogDebug(
+					"WorldServer::Handle_NewLSInfo | Authenticating world admin... [{0}] ({1}) success! World ({2})",
+					GetAccountName(),
+					login_server_admin.id,
+					GetServerShortName()
+				);
+				world_server_admin_id = login_server_admin.id;
+			}
+		}
+	}
+
 	Database::DbWorldRegistration
 		world_registration = server.db->GetWorldRegistration(
 		GetServerShortName(),
-		GetRemoteIp(),
-		GetLocalIp()
+		world_server_admin_id
 	);

 	if (!server.options.IsUnregisteredAllowed()) {
@ -876,10 +914,9 @@ bool WorldServer::HandleNewLoginserverInfoUnregisteredAllowed(
 		}

 		Database::DbLoginServerAdmin login_server_admin =
-			server.db->GetLoginServerAdmin(GetAccountName());
+										 server.db->GetLoginServerAdmin(GetAccountName());

 		uint32 server_admin_id = 0;
-
 		if (login_server_admin.loaded) {
 			auto mode = server.options.GetEncryptionMode();
 			if (eqcrypt_verify_hash(