Login Server Packets

[swanyboy2]

I plan to create an implementation of the Login Server in a different language than C++, however, I am not sure as to all of the packet contents. There are certain things I do know, like for example, after the first packet has been received from the game (containing the username, client IP, client language, ect.), the server might then send a packet with contents of [0x00, 0x00, 0x0C] which is determined by [CMD_AUTH_LOGIN_CHALLENGE(0x00), Unknown(0x00), WOW_FAIL_SUSPENDED(0x0C)] in an instance where the account is suspended. If the client receives such a packet, it knows to display the appropriate message of "your account has been suspended..."

That was an overly elaborate example of what I want to know. So could someone please explain to me what packets need to be sent after the first is received in an instance where it was successful (WOW_SUCCESS).

[Patman128]

Why not just set it to debug logging (LogLevel = 3) and read the output of a login?

[swanyboy2]

I have looked at the code and have found that the debug output is not detailed enough to help me. It does not actually specify what the packets contain nor what each part actually means.

[TOM_RUS]

Code is detailed enough to figure out how it works and what it does. You probably should read about SRP first.

[swanyboy2]

Yeah. That is exactly what I am looking for. See, I understand how it works primarily, but when it takes into account SHA encryption, I get lost.

[swanyboy2]

So that has helped me alot. Especially after running the demo at http://srp.stanford.edu/demo/demo.html (requires Firefox). Now I think I am understanding it but I need some verification.

At line 451 in AuthSocket.cpp: BigNumber gmod = g.ModExp(b, N);

I believe it is the same as g^b % N, but I am not sure. Could anyone verify that this is true or false.

[Patman128]

I believe it is the same as g^b % N, but I am not sure.

This is true. Thanks for posting that page, it makes it a lot simpler.

[swanyboy2]

Okay. So I have looked at the code in depth and have come to a confusing problem. It will be hard for me to compile my thoughts to be understood, but here it goes.

I see how all of the pieces fit together, mostly, the only thing I don't understand is the length of the HexStrings and BigNumbers. For example: databaseV is a 64-character hexString, that is taken from the database. You take that string and run v.SetHexStr(databaseV), which basically turns that hexString into a 64-digit BigNumber and makes v equal to it. Now, say you have that value, you then take it, multiply it by 3 add gmod(which is g^b % N) and take that mod N and set that whole value equal to B (B = ((v * 3) + gmod) % N;). So somehow, you take a 64-digit BigNumber and convert it into a 32-element byte array and append it to the packet (pkt.append(B.AsByteArray(32), 32).

This is frustrating to me because I see many ways this could work, and still I believe all of them could be incorrect. Perhaps it takes all the digits as twos and puts them into hex values like consecutive digits of 15 would be turned into the byte 0x15. X_X

Someone shed some light on this. If no one helps me I am going to have to setup a server, compile it with extended output, telling me all the variables at any one time and I still believe that will bring me to alot of dead ends.

[TOM_RUS]

Do you realize that each character in the string is 1 byte, but it represents only half of real value (string FF - 2 bytes, but byte FF is 1 byte). So 64-character string become 32 bytes BigNumber....

[swanyboy2]

Yeah. I am totally aware of how Hexadecimal works, I just didn't understand how it takes a String of consecutive hexadecimal pairs and produces arithmetic through them. I found a SRP ruby library which is simplifying this for me. So far it has proven to replicate the actions done in AuthSocket.cpp.

[swanyboy2]

Okay. So, now all I need to know is what m1, m2, and crc_hash is in the AUTH_LOGON_PROOF_C and AUTH_LOGON_PROOF_S structures/packets. I understand how the rest of the packet fits in yet I get extremely confused when I see if (!memcmp(M.AsByteArray(), lp.M1, 20)) (line 682) be the if line to verify if it is the correct password or not. The reason I am confused is because I thought the S variable was what needed to be compared. Someone please explain.

And on another note, I thought the S variable was also supposed to be 32 bytes long. The m1, m2, and M variables are all 20 bytes long. What is going on?

I think what I mostly need explanation of is how does the SHA1Hash class work entirely. I don't understand how it compounds each array and BigNumber into one value, if that is what it is doing. The sha variable used as arguments in SendProof is a composition based on all of the arrays and BigNumbers used as arguments in UpdateData() or UpdateBigNumbers() methods correct? Does the finalize method change the digest?

[swanyboy2]

In case anyone was wondering, I have completed this project. It works entirely. The only thing left for me to do is clean up the code, comment the code, and integrate it with rails or an alternative database. If anyone wants to see the source code, let me know. I will probably upload the code after those revisions.

[Auntie Mangos]

Why not upload the code to github, and create a public repository? I am sure there will be others interested and willing to contribute

[swanyboy2]

Could anyone explain how the realm server sends patches. I am not familiar with the ACE library.