Properly authenticate users

2023-04-30 12:59:52 +02:00 · 2023-04-30 12:59:52 +02:00 · 928695ea93
commit 928695ea93
parent d1fdab9902
3 changed files with 23 additions and 9 deletions
--- a/src/client/component/auth.cpp
+++ b/src/client/component/auth.cpp
@ -109,7 +109,9 @@ namespace auth
 		{
 			utils::byte_buffer buffer{};
 			buffer.write_string(get_key().serialize(PK_PUBLIC));
-			buffer.write_string(utils::cryptography::ecc::sign_message(get_key(), "hello"));
+
+			const std::string challenge(reinterpret_cast<const char*>(0x15A8A7F10_g), 32);
+			buffer.write_string(utils::cryptography::ecc::sign_message(get_key(), challenge));

 			profile_infos::get_profile_info().value_or(profile_infos::profile_info{}).serialize(buffer);

@ -219,7 +221,14 @@ namespace auth
 			utils::cryptography::ecc::key key{};
 			key.deserialize(buffer.read_string());

-			if (!utils::cryptography::ecc::verify_message(key, "hello", buffer.read_string()))
+			std::string challenge{};
+			challenge.resize(32);
+
+			const auto get_challenge = reinterpret_cast<void(*)(const game::netadr_t*, void*, size_t)>(game::select(
+				0x1412E15E0, 0x14016DDC0));
+			get_challenge(&target, challenge.data(), challenge.size());
+
+			if (!utils::cryptography::ecc::verify_message(key, challenge, buffer.read_string()))
 			{
 				network::send(target, "error", "Bad signature");
 				return;
--- a/src/client/component/network.cpp
+++ b/src/client/component/network.cpp
@ -304,28 +304,33 @@ namespace network
 		{
 			scheduler::loop(game::fragment_handler::clean, scheduler::async, 5s);

-			utils::hook::nop(game::select(0x1423322B6, 0x140596DF6), 4);
 			// don't increment data pointer to optionally skip socket byte
-			utils::hook::call(game::select(0x142332283, 0x140596DC3), read_socket_byte_stub);
+			utils::hook::nop(game::select(0x1423322B6, 0x140596DF6), 4);
+
 			// optionally read socket byte
-			utils::hook::call(game::select(0x1423322C1, 0x140596E01), verify_checksum_stub);
+			utils::hook::call(game::select(0x142332283, 0x140596DC3), read_socket_byte_stub);
+
 			// skip checksum verification
-			utils::hook::set<uint8_t>(game::select(0x14233249E, 0x140596F2E), 0); // don't add checksum to packet
+			utils::hook::call(game::select(0x1423322C1, 0x140596E01), verify_checksum_stub);
+
+			// don't add checksum to packet
+			utils::hook::set<uint8_t>(game::select(0x14233249E, 0x140596F2E), 0);

 			// Recreate NET_SendPacket to increase max packet size
 			//utils::hook::jump(game::select(0x1423323B0, 0x140596E40), net_sendpacket_stub);

-			utils::hook::set<uint32_t>(game::select(0x14134C6E0, 0x14018E574), 5);
 			// set initial connection state to challenging
+			utils::hook::set<uint32_t>(game::select(0x14134C6E0, 0x14018E574), 4);

 			// intercept command handling
 			utils::hook::call(game::select(0x14134D146, 0x14018EED0), utils::hook::assemble(handle_command_stub));

-			utils::hook::set<uint8_t>(game::select(0x14224DEAD, 0x1405315F9), 0xEB);
 			// don't kick clients without dw handle
+			utils::hook::set<uint8_t>(game::select(0x14224DEAD, 0x1405315F9), 0xEB);

 			// Skip DW stuff in NetAdr_ToString
 			utils::hook::set<uint8_t>(game::select(0x142172EF2, 0x140515881), 0xEB);
+
 			// NA_IP -> NA_RAWIP in NetAdr_ToString
 			utils::hook::set<uint8_t>(game::select(0x142172ED4, 0x140515864), game::NA_RAWIP);

--- a/src/client/game/structs.hpp
+++ b/src/client/game/structs.hpp
@ -1,6 +1,6 @@
 #pragma once

-#define PROTOCOL 5
+#define PROTOCOL 6
 #define SUB_PROTOCOL 1

 #ifdef __cplusplus