Mirroristas/rathena
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Configs for account names, character names, and passwords minimum length (#8448)

Browse Source
This commit is contained in:
Daegaladh 2024-06-21 20:36:21 +02:00 committed by GitHub
parent 5123704795
commit a0bec6a404
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 39 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
conf/char_athena.conf
View File

@ -144,6 +144,10 @@ unknown_char_name: Unknown
// To log the character server? // To log the character server?
log_char: yes log_char: yes
// Minimum length for a character name.
// Must be set to '4' unless your client uses the 'Remove 4/6 letter Character Name limit' diff patch.
char_name_min_length: 4
// Allow or not identical name for characters but with a different case (upper/lower): // Allow or not identical name for characters but with a different case (upper/lower):
// example: Test-test-TEST-TesT; Value: 0 not allowed (default), 1 allowed // example: Test-test-TEST-TesT; Value: 0 not allowed (default), 1 allowed
name_ignoring_case: no name_ignoring_case: no

12
conf/login_athena.conf
View File

@ -55,9 +55,15 @@ console: off
// Note: This only works if client side password encryption is not enabled. // Note: This only works if client side password encryption is not enabled.
new_account: no new_account: no
//If new_account is enabled, minimum length to userid and passwords should be 4? // If new_account is enabled, changes the minimum length for the account name.
//Must be 'Yes' unless your client uses both 'Disable 4 LetterUserID/Password' Diffs // By default is set to '4' or '6' (depending on the new login UI).
new_acc_length_limit: yes // Don't change it unless your client uses the 'Remove 4/6 letter User Name limit' diff patch.
//acc_name_min_length: 6
// If new_account is enabled, changes the minimum length for the password.
// By default is set to '4' or '6' (depending on the new login UI).
// Don't change it unless your client uses the 'Remove 4/6 letter Password limit' diff patch.
//password_min_length: 6
// Account registration flood protection system // Account registration flood protection system
// allowed_regs is the number of registrations allowed in time_allowed (in seconds) // allowed_regs is the number of registrations allowed in time_allowed (in seconds)

12
src/char/char.cpp
View File

@ -25,6 +25,7 @@
#include <common/strlib.hpp> #include <common/strlib.hpp>
#include <common/timer.hpp> #include <common/timer.hpp>
#include <common/utilities.hpp> #include <common/utilities.hpp>
#include <common/utils.hpp>
#include "char_clif.hpp" #include "char_clif.hpp"
#include "char_cnslif.hpp" #include "char_cnslif.hpp"
@ -1357,10 +1358,12 @@ int char_check_char_name(char * name, char * esc_name)
if( name[0] == '\0' ) if( name[0] == '\0' )
return -2; // empty character name return -2; // empty character name
/** /**
* The client does not allow you to create names with less than 4 characters, however, * By default the client does not allow you to create names with less than 4 characters,
* the use of WPE can bypass this, and this fixes the exploit. * however the use of WPE can bypass this, and this fixes the exploit.
* It can also be changed in the configuration file in conjunction with the
* 'Remove 4/6 letter Character Name Limit' client diff patch.
**/ **/
if( strlen( name ) < 4 ) if( strlen( name ) < charserv_config.char_config.char_name_min_length )
return -2; return -2;
// check content of character name // check content of character name
if( remove_control_chars(name) ) if( remove_control_chars(name) )
@ -2762,6 +2765,7 @@ void char_set_defaults(){
charserv_config.char_config.char_name_option = 0; // Option to know which letters/symbols are authorised in the name of a character (0: all, 1: only those in char_name_letters, 2: all EXCEPT those in char_name_letters) by [Yor] charserv_config.char_config.char_name_option = 0; // Option to know which letters/symbols are authorised in the name of a character (0: all, 1: only those in char_name_letters, 2: all EXCEPT those in char_name_letters) by [Yor]
safestrncpy(charserv_config.char_config.unknown_char_name,"Unknown",sizeof(charserv_config.char_config.unknown_char_name)); // Name to use when the requested name cannot be determined safestrncpy(charserv_config.char_config.unknown_char_name,"Unknown",sizeof(charserv_config.char_config.unknown_char_name)); // Name to use when the requested name cannot be determined
safestrncpy(charserv_config.char_config.char_name_letters,"",sizeof(charserv_config.char_config.char_name_letters)); // list of letters/symbols allowed (or not) in a character name. by [Yor] safestrncpy(charserv_config.char_config.char_name_letters,"",sizeof(charserv_config.char_config.char_name_letters)); // list of letters/symbols allowed (or not) in a character name. by [Yor]
charserv_config.char_config.char_name_min_length = 4; // Minimum character name length
charserv_config.save_log = 1; // show loading/saving messages charserv_config.save_log = 1; // show loading/saving messages
charserv_config.log_char = 1; // loggin char or not [devil] charserv_config.log_char = 1; // loggin char or not [devil]
@ -3025,6 +3029,8 @@ bool char_config_read(const char* cfgName, bool normal){
charserv_config.char_config.char_name_option = atoi(w2); charserv_config.char_config.char_name_option = atoi(w2);
} else if (strcmpi(w1, "char_name_letters") == 0) { } else if (strcmpi(w1, "char_name_letters") == 0) {
safestrncpy(charserv_config.char_config.char_name_letters, w2, sizeof(charserv_config.char_config.char_name_letters)); safestrncpy(charserv_config.char_config.char_name_letters, w2, sizeof(charserv_config.char_config.char_name_letters));
} else if (strcmpi(w1, "char_name_min_length") == 0) {
charserv_config.char_config.char_name_min_length = cap_value(atoi(w2), 0, NAME_LENGTH - 1);
} else if (strcmpi(w1, "char_del_level") == 0) { //disable/enable char deletion by its level condition [Lupus] } else if (strcmpi(w1, "char_del_level") == 0) { //disable/enable char deletion by its level condition [Lupus]
charserv_config.char_config.char_del_level = atoi(w2); charserv_config.char_config.char_del_level = atoi(w2);
} else if (strcmpi(w1, "char_del_delay") == 0) { } else if (strcmpi(w1, "char_del_delay") == 0) {

1
src/char/char.hpp
View File

@ -151,6 +151,7 @@ struct Char_Config {
char unknown_char_name[NAME_LENGTH]; // Name to use when the requested name cannot be determined char unknown_char_name[NAME_LENGTH]; // Name to use when the requested name cannot be determined
char char_name_letters[1024]; // list of letters/symbols allowed (or not) in a character name. by [Yor] char char_name_letters[1024]; // list of letters/symbols allowed (or not) in a character name. by [Yor]
int char_name_option; // Option to know which letters/symbols are authorised in the name of a character (0: all, 1: only those in char_name_letters, 2: all EXCEPT those in char_name_letters) by [Yor] int char_name_option; // Option to know which letters/symbols are authorised in the name of a character (0: all, 1: only those in char_name_letters, 2: all EXCEPT those in char_name_letters) by [Yor]
uint8 char_name_min_length; // Minimum character name length (default: 4)
int char_del_option; // Character deletion type, email = 1, birthdate = 2 (default) int char_del_option; // Character deletion type, email = 1, birthdate = 2 (default)
int char_del_restriction; // Character deletion restriction (0: none, 1: if the character is in a party, 2: if the character is in a guild, 3: if the character is in a party or a guild) int char_del_restriction; // Character deletion restriction (0: none, 1: if the character is in a party, 2: if the character is in a guild, 3: if the character is in a party or a guild)
bool char_rename_party; // Character renaming in a party bool char_rename_party; // Character renaming in a party

2
src/common/mmo.hpp
View File

@ -152,7 +152,7 @@ const t_itemid WEDDING_RING_F = 2635;
//For character names, title names, guilds, maps, etc. //For character names, title names, guilds, maps, etc.
//Includes null-terminator as it is the length of the array. //Includes null-terminator as it is the length of the array.
#define NAME_LENGTH (23 + 1) #define NAME_LENGTH (23 + 1)
#define PASSWD_LENGTH (32+1) #define PASSWD_LENGTH (32 + 1)
//NPC names can be longer than it's displayed on client (NAME_LENGTH). //NPC names can be longer than it's displayed on client (NAME_LENGTH).
#define NPC_NAME_LENGTH 50 #define NPC_NAME_LENGTH 50
// <NPC_NAME_LENGTH> for npc name + 2 for a "::" + <NAME_LENGTH> for label + 1 for EOS // <NPC_NAME_LENGTH> for npc name + 2 for a "::" + <NAME_LENGTH> for label + 1 for EOS

16
src/login/login.cpp
View File

@ -232,7 +232,7 @@ int login_mmo_auth_new(const char* userid, const char* pass, const char sex, con
return 3; return 3;
} }
if( login_config.new_acc_length_limit && ( strlen(userid) < 4 || strlen(pass) < 4 ) ) if( strlen(userid) < login_config.acc_name_min_length || strlen(pass) < login_config.password_min_length)
return 1; return 1;
// check for invalid inputs // check for invalid inputs
@ -633,8 +633,10 @@ bool login_config_read(const char* cfgName, bool normal) {
login_config.log_login = (bool)config_switch(w2); login_config.log_login = (bool)config_switch(w2);
else if(!strcmpi(w1, "new_account")) else if(!strcmpi(w1, "new_account"))
login_config.new_account_flag = (bool)config_switch(w2); login_config.new_account_flag = (bool)config_switch(w2);
else if(!strcmpi(w1, "new_acc_length_limit")) else if(!strcmpi(w1, "acc_name_min_length"))
login_config.new_acc_length_limit = (bool)config_switch(w2); login_config.acc_name_min_length = cap_value(atoi(w2), 0, NAME_LENGTH - 1);
else if(!strcmpi(w1, "password_min_length"))
login_config.password_min_length = cap_value(atoi(w2), 0, PASSWD_LENGTH - 1);
else if(!strcmpi(w1, "start_limited_time")) else if(!strcmpi(w1, "start_limited_time"))
login_config.start_limited_time = atoi(w2); login_config.start_limited_time = atoi(w2);
else if(!strcmpi(w1, "use_MD5_passwords")) else if(!strcmpi(w1, "use_MD5_passwords"))
@ -751,7 +753,13 @@ void login_set_defaults() {
safestrncpy(login_config.date_format, "%Y-%m-%d %H:%M:%S", sizeof(login_config.date_format)); safestrncpy(login_config.date_format, "%Y-%m-%d %H:%M:%S", sizeof(login_config.date_format));
login_config.console = false; login_config.console = false;
login_config.new_account_flag = true; login_config.new_account_flag = true;
login_config.new_acc_length_limit = true; #if PACKETVER >= 20181114
login_config.acc_name_min_length = 6;
login_config.password_min_length = 6;
#else
login_config.acc_name_min_length = 4;
login_config.password_min_length = 4;
#endif
login_config.use_md5_passwds = false; login_config.use_md5_passwds = false;
login_config.group_id_to_connect = -1; login_config.group_id_to_connect = -1;
login_config.min_group_id_to_connect = -1; login_config.min_group_id_to_connect = -1;

4
src/login/login.hpp
View File

@ -88,7 +88,9 @@ struct Login_Config {
bool log_login; /// whether to log login server actions or not bool log_login; /// whether to log login server actions or not
char date_format[32]; /// date format used in messages char date_format[32]; /// date format used in messages
bool console; /// console input system enabled? bool console; /// console input system enabled?
bool new_account_flag,new_acc_length_limit; /// autoregistration via _M/_F ? / if yes minimum length is 4? bool new_account_flag; /// autoregistration via _M/_F ?
uint8 acc_name_min_length; /// minimum account name length
uint8 password_min_length; /// minimum password length
int start_limited_time; /// new account expiration time (-1: unlimited) int start_limited_time; /// new account expiration time (-1: unlimited)
bool use_md5_passwds; /// work with password hashes instead of plaintext passwords? bool use_md5_passwds; /// work with password hashes instead of plaintext passwords?
int group_id_to_connect; /// required group id to connect int group_id_to_connect; /// required group id to connect