From 48d30d6ab4657e00c0c861d67285256daeff1142 Mon Sep 17 00:00:00 2001 From: "madmaxoft@gmail.com" Date: Wed, 1 Feb 2012 22:38:03 +0000 Subject: Rewritten cAuthenticator to make use of the new cIsThread architecture - now authentication runs in a single separate thread for all clients; Global player-kicking function (cServer, cRoot); More char * -> AString conversion git-svn-id: http://mc-server.googlecode.com/svn/trunk@221 0a769ca7-a7f5-676a-18bf-c427514a06d6 --- source/cAuthenticator.cpp | 261 ++++++++++++++++++++++++++++------------------ 1 file changed, 157 insertions(+), 104 deletions(-) (limited to 'source/cAuthenticator.cpp') diff --git a/source/cAuthenticator.cpp b/source/cAuthenticator.cpp index 83b2695a4..1f7e5b35c 100644 --- a/source/cAuthenticator.cpp +++ b/source/cAuthenticator.cpp @@ -3,6 +3,8 @@ #include "cAuthenticator.h" #include "cBlockingTCPLink.h" +#include "cRoot.h" +#include "cServer.h" #include "../iniFile/iniFile.h" @@ -12,116 +14,174 @@ -extern void ReplaceString( std::string & a_HayStack, const std::string & a_Needle, const std::string & a_ReplaceWith ); +#define DEFAULT_AUTH_SERVER "session.minecraft.net" +#define DEFAULT_AUTH_ADDRESS "/game/checkserver.jsp?user=%USERNAME%&serverId=%SERVERID%" +#define MAX_REDIRECTS 10 -cAuthenticator::cAuthenticator() +cAuthenticator::cAuthenticator(void) : + super("cAuthenticator"), + mServer(DEFAULT_AUTH_SERVER), + mAddress(DEFAULT_AUTH_ADDRESS), + mShouldAuthenticate(true) { + ReadINI(); } -cAuthenticator::~cAuthenticator() + + + + +/// Read custom values from INI +void cAuthenticator::ReadINI(void) { + cIniFile IniFile("settings.ini"); + if (!IniFile.ReadFile()) + { + return; + } + + mServer = IniFile.GetValue("Authentication", "Server"); + mAddress = IniFile.GetValue("Authentication", "Address"); + mShouldAuthenticate = IniFile.GetValueB("Authentication", "Authenticate", true); + bool bSave = false; + + if (mServer.length() == 0) + { + mServer = DEFAULT_AUTH_SERVER; + IniFile.SetValue("Authentication", "Server", mServer); + bSave = true; + } + if (mAddress.length() == 0) + { + mAddress = DEFAULT_AUTH_ADDRESS; + IniFile.SetValue("Authentication", "Address", mAddress); + bSave = true; + } + + if (bSave) + { + IniFile.SetValueB("Authentication", "Authenticate", mShouldAuthenticate); + IniFile.WriteFile(); + } } -bool cAuthenticator::Authenticate( const char* a_PlayerName, const char* a_ServerID ) + + + + +/// Queues a request for authenticating a user. If the auth fails, the user is kicked +void cAuthenticator::Authenticate(const AString & iUserName, const AString & iServerID) { - // Default values - std::string Server = "session.minecraft.net"; - std::string Address = "/game/checkserver.jsp?user=%USERNAME%&serverId=%SERVERID%"; - bool bAuthenticate = true; + if (!mShouldAuthenticate) + { + cRoot::Get()->AuthenticateUser(iUserName); + return; + } - // Read custom values from INI - cIniFile IniFile("settings.ini"); - if( IniFile.ReadFile() ) + cCSLock Lock(mCS); + mQueue.push_back(cUser(iUserName, iServerID)); + mQueueNonempty.Set(); +} + + + + + +void cAuthenticator::Execute(void) +{ + while (true) { - std::string tServer = IniFile.GetValue("Authentication", "Server"); - std::string tAddress = IniFile.GetValue("Authentication", "Address"); - bAuthenticate = IniFile.GetValueB("Authentication", "Authenticate", true); - bool bSave = false; - if( tServer.length() == 0 ) + cCSLock Lock(mCS); + while (!mShouldTerminate && (mQueue.size() == 0)) { - IniFile.SetValue("Authentication", "Server", Server, true ); - bSave = true; + cCSUnlock Unlock(Lock); + mQueueNonempty.Wait(); } - else - Server = tServer; - if( tAddress.length() == 0 ) + if (mShouldTerminate) + { + return; + } + assert(mQueue.size() > 0); + + AString UserName = mQueue.front().mName; + AString ActualAddress = mAddress; + ReplaceString(ActualAddress, "%USERNAME%", UserName); + ReplaceString(ActualAddress, "%SERVERID%", cRoot::Get()->GetServer()->GetServerID()); + mQueue.pop_front(); + Lock.Unlock(); + + if (!AuthFromAddress(mServer, ActualAddress, UserName)) { - IniFile.SetValue("Authentication", "Address", Address, true ); - bSave = true; + cRoot::Get()->KickUser(UserName, "auth failed"); } else - Address = tAddress; - - if( bSave ) { - IniFile.SetValueB("Authentication", "Authenticate", bAuthenticate, true ); - IniFile.WriteFile(); + cRoot::Get()->AuthenticateUser(UserName); } } +} - if( !bAuthenticate ) // If we don't want to authenticate.. just return true - { - return true; - } - ReplaceString( Address, "%USERNAME%", a_PlayerName ); - ReplaceString( Address, "%SERVERID%", a_ServerID ); - cBlockingTCPLink TCPLink; - if( TCPLink.Connect( Server.c_str(), 80 ) ) - { - //TCPLink.SendMessage( std::string( "GET /game/checkserver.jsp?user=" + std::string(a_PlayerName) + "&serverId=" + std::string(a_ServerID) + " HTTP/1.0\r\n\r\n" ).c_str() ); - TCPLink.SendMessage( std::string( "GET " + Address + " HTTP/1.0\r\n\r\n" ).c_str() ); - //LOGINFO("Successfully connected to mc.net"); - std::string Received = TCPLink.ReceiveData(); - //LOGINFO("Received data: %s", Received.c_str() ); - return ParseReceived( Received.c_str(), &TCPLink ); - } - else + +bool cAuthenticator::AuthFromAddress(const AString & iServer, const AString & iAddress, const AString & iUserName, int iLevel) +{ + // Returns true if the user authenticated okay, false on error; iLevel is the recursion deptht (bails out if too deep) + + cBlockingTCPLink Link; + if (!Link.Connect(iServer.c_str(), 80)) { - LOGERROR("Could not connect to %s to verify player name! (%s)", Server.c_str(), a_PlayerName ); + LOGERROR("cAuthenticator: cannot connect to auth server \"%s\", kicking user \"%s\"", iServer.c_str(), iUserName.c_str()); return false; } -} + + Link.SendMessage( AString( "GET " + iAddress + " HTTP/1.0\r\n\r\n" ).c_str()); + AString DataRecvd; + Link.ReceiveData(DataRecvd); + Link.CloseSocket(); -bool cAuthenticator::ParseReceived( const char* a_Data, cBlockingTCPLink* a_TCPLink ) -{ - std::stringstream ss(a_Data); + std::stringstream ss(DataRecvd); + // Parse the data received: std::string temp; ss >> temp; - //LOGINFO("tmp: %s", temp.c_str() ); - bool bRedirect = false; bool bOK = false; - - if( temp.compare("HTTP/1.1") == 0 || temp.compare("HTTP/1.0") == 0 ) + if ((temp.compare("HTTP/1.1") == 0) || (temp.compare("HTTP/1.0") == 0)) { int code; ss >> code; - if( code == 302 ) + if (code == 302) { // redirect blabla LOGINFO("Need to redirect!"); + if (iLevel > MAX_REDIRECTS) + { + LOGERROR("cAuthenticator: received too many levels of redirection from auth server \"%s\" for user \"%s\", bailing out and kicking the user", iServer.c_str(), iUserName.c_str()); + return false; + } bRedirect = true; } - else if( code == 200 ) + else if (code == 200) { LOGINFO("Got 200 OK :D"); bOK = true; } } else + { + LOGERROR("cAuthenticator: cannot parse auth reply from server \"%s\" for user \"%s\", kicking the user.", iServer.c_str(), iUserName.c_str()); return false; + } if( bRedirect ) { - std::string Location; + AString Location; // Search for "Location:" bool bFoundLocation = false; while( !bFoundLocation && ss.good() ) @@ -131,70 +191,63 @@ bool cAuthenticator::ParseReceived( const char* a_Data, cBlockingTCPLink* a_TCPL { ss.get( c ); } - std::string Name; + AString Name; ss >> Name; - if( Name.compare("Location:") == 0 ) + if (Name.compare("Location:") == 0) { bFoundLocation = true; ss >> Location; } } - if( !bFoundLocation ) + if (!bFoundLocation) { - LOGERROR("Could not find location"); + LOGERROR("cAuthenticator: received invalid redirection from auth server \"%s\" for user \"%s\", kicking user.", iServer.c_str(), iUserName.c_str()); return false; } - Location = Location.substr( strlen("http://"), std::string::npos ); // Strip http:// + Location = Location.substr(strlen("http://"), std::string::npos); // Strip http:// std::string Server = Location.substr( 0, Location.find( "/" ) ); // Only leave server address - Location = Location.substr( Server.length(), std::string::npos ); - //LOGINFO("Got location: (%s)", Location.c_str() ); - //LOGINFO("Got server addr: (%s)", Server.c_str() ); - a_TCPLink->CloseSocket(); - if( a_TCPLink->Connect( Server.c_str(), 80 ) ) - { - LOGINFO("Successfully connected to %s", Server.c_str() ); - a_TCPLink->SendMessage( ( std::string("GET ") + Location + " HTTP/1.0\r\n\r\n").c_str() ); - std::string Received = a_TCPLink->ReceiveData(); - //LOGINFO("Received data: %s", Received.c_str() ); - return ParseReceived( Received.c_str(), a_TCPLink ); - } - else - { - LOGERROR("Could not connect to %s to verify player name!", Server.c_str() ); - } + Location = Location.substr( Server.length(), std::string::npos); + return AuthFromAddress(Server, Location, iUserName, iLevel + 1); } - else if( bOK ) + + if (!bOK) { - // Header says OK, so receive the rest. + LOGERROR("cAuthenticator: received an error from auth server \"%s\" for user \"%s\", kicking user.", iServer.c_str(), iUserName.c_str()); + return false; + } - // Go past header, double \n means end of headers - char c = 0; - while( ss.good() ) + // Header says OK, so receive the rest. + // Go past header, double \n means end of headers + char c = 0; + while (ss.good()) + { + while (c != '\n') { - while( c != '\n' ) - { - ss.get( c ); - } - ss.get( c ); - if( c == '\n' || c == '\r' || ss.peek() == '\r' || ss.peek() == '\n' ) - break; + ss.get(c); } - if( !ss.good() ) return false; + ss.get(c); + if( c == '\n' || c == '\r' || ss.peek() == '\r' || ss.peek() == '\n' ) + break; + } + if (!ss.good()) + { + LOGERROR("cAuthenticator: error while parsing response body from auth server \"%s\" for user \"%s\", kicking user.", iServer.c_str(), iUserName.c_str()); + return false; + } - std::string Result; - ss >> Result; - LOGINFO("Got result: %s", Result.c_str() ); - if( Result.compare("YES") == 0 ) - { - LOGINFO("Result was \"YES\", so player is authenticated!"); - return true; - } - else - { - LOGINFO("Result was \"%s\", so player is NOT authenticated!", Result.c_str() ); - return false; - } + std::string Result; + ss >> Result; + LOGINFO("Got result: %s", Result.c_str()); + if (Result.compare("YES") == 0) + { + LOGINFO("Result was \"YES\", so player is authenticated!"); + return true; } + LOGINFO("Result was \"%s\", so player is NOT authenticated!", Result.c_str()); return false; } + + + + -- cgit v1.2.3