diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/AdvancedProtectHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/AdvancedProtectHandler.java index 3db8ce57..3312e6cb 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/AdvancedProtectHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/AdvancedProtectHandler.java @@ -3,7 +3,6 @@ import pro.gravit.launcher.events.request.GetSecureLevelInfoRequestEvent; import pro.gravit.launcher.events.request.HardwareReportRequestEvent; import pro.gravit.launcher.events.request.VerifySecureLevelKeyRequestEvent; -import pro.gravit.launcher.request.secure.HardwareReportRequest; import pro.gravit.launchserver.Reconfigurable; import pro.gravit.launchserver.auth.protect.hwid.HWIDException; import pro.gravit.launchserver.auth.protect.hwid.HWIDProvider; @@ -51,12 +50,17 @@ public void onHardwareReport(HardwareReportResponse response, Client client) { return; } try { + if(!client.isAuth || client.trustLevel == null || client.trustLevel.publicKey == null) + { + response.sendError("Access denied"); + return; + } provider.normalizeHardwareInfo(response.hardware); LogHelper.debug("[HardwareInfo] HardwareInfo received"); - boolean needCreate = !provider.addPublicKeyToHardwareInfo(response.hardware, client.trustLevel.publicKey); + boolean needCreate = !provider.addPublicKeyToHardwareInfo(response.hardware, client.trustLevel.publicKey, client); LogHelper.debug("[HardwareInfo] HardwareInfo needCreate: %s", needCreate ? "true" : "false"); if(needCreate) - provider.createHardwareInfo(response.hardware, client.trustLevel.publicKey); + provider.createHardwareInfo(response.hardware, client.trustLevel.publicKey, client); client.trustLevel.hardwareInfo = response.hardware; } catch (HWIDException e) { throw new SecurityException(e.getMessage()); @@ -75,7 +79,7 @@ public VerifySecureLevelKeyRequestEvent onSuccessVerify(Client client) { else { try { - client.trustLevel.hardwareInfo = provider.findHardwareInfoByPublicKey(client.trustLevel.publicKey); + client.trustLevel.hardwareInfo = provider.findHardwareInfoByPublicKey(client.trustLevel.publicKey, client); if(client.trustLevel.hardwareInfo == null) //HWID not found? return new VerifySecureLevelKeyRequestEvent(true); } catch (HWIDException e) { diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/HWIDProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/HWIDProvider.java index d9ce4f95..1c46f734 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/HWIDProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/HWIDProvider.java @@ -1,8 +1,8 @@ package pro.gravit.launchserver.auth.protect.hwid; import pro.gravit.launcher.request.secure.HardwareReportRequest; -import pro.gravit.launchserver.auth.handler.AuthHandler; import pro.gravit.launchserver.helper.DamerauHelper; +import pro.gravit.launchserver.socket.Client; import pro.gravit.utils.ProviderMap; import pro.gravit.utils.helper.LogHelper; import pro.gravit.utils.helper.SecurityHelper; @@ -20,9 +20,9 @@ public static void registerProviders() { registredProv = true; } } - public abstract HardwareReportRequest.HardwareInfo findHardwareInfoByPublicKey(byte[] publicKey) throws HWIDException; - public abstract void createHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey) throws HWIDException; - public abstract boolean addPublicKeyToHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey) throws HWIDException; + public abstract HardwareReportRequest.HardwareInfo findHardwareInfoByPublicKey(byte[] publicKey, Client client) throws HWIDException; + public abstract void createHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey, Client client) throws HWIDException; + public abstract boolean addPublicKeyToHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey, Client client) throws HWIDException; public void normalizeHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo) { diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/MemoryHWIDProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/MemoryHWIDProvider.java index e87b536c..9ec34510 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/MemoryHWIDProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/MemoryHWIDProvider.java @@ -2,6 +2,7 @@ import pro.gravit.launcher.request.secure.HardwareReportRequest; import pro.gravit.launchserver.Reconfigurable; +import pro.gravit.launchserver.socket.Client; import pro.gravit.utils.command.Command; import pro.gravit.utils.command.SubCommand; import pro.gravit.utils.helper.LogHelper; @@ -65,7 +66,7 @@ public MemoryHWIDEntity(HardwareReportRequest.HardwareInfo hardware, byte[] publ public Set db = ConcurrentHashMap.newKeySet(); @Override - public HardwareReportRequest.HardwareInfo findHardwareInfoByPublicKey(byte[] publicKey) throws HWIDException { + public HardwareReportRequest.HardwareInfo findHardwareInfoByPublicKey(byte[] publicKey, Client client) throws HWIDException { for(MemoryHWIDEntity e : db) { if(Arrays.equals(e.publicKey, publicKey)) { @@ -77,12 +78,12 @@ public HardwareReportRequest.HardwareInfo findHardwareInfoByPublicKey(byte[] pub } @Override - public void createHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey) throws HWIDException { + public void createHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey, Client client) throws HWIDException { db.add(new MemoryHWIDEntity(hardwareInfo, publicKey)); } @Override - public boolean addPublicKeyToHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey) throws HWIDException { + public boolean addPublicKeyToHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey, Client client) throws HWIDException { boolean isAlreadyWarning = false; for(MemoryHWIDEntity e : db) { HardwareInfoCompareResult result = compareHardwareInfo(e.hardware, hardwareInfo); diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/MysqlHWIDProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/MysqlHWIDProvider.java index ceea81ee..623593b0 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/MysqlHWIDProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/hwid/MysqlHWIDProvider.java @@ -2,6 +2,7 @@ import pro.gravit.launcher.request.secure.HardwareReportRequest; import pro.gravit.launchserver.auth.MySQLSourceConfig; +import pro.gravit.launchserver.socket.Client; import pro.gravit.utils.helper.IOHelper; import pro.gravit.utils.helper.LogHelper; @@ -14,24 +15,47 @@ public class MysqlHWIDProvider extends HWIDProvider { public double warningSpoofingLevel = -1.0; public double criticalCompareLevel = 1.0; + public String tableHWID = "hwids"; + public String tableHWIDLog = "hwidLog"; + public String tableUsers; + public String usersNameColumn; + public String usersHWIDColumn; + + private String sqlFindByPublicKey; + private String sqlFindByHardware; + private String sqlCreateHardware; + private String sqlCreateHWIDLog; + private String sqlUpdateHardware; + private String sqlUpdateUsers; + @Override public void init() { - + sqlFindByPublicKey = String.format("SELECT hwDiskId, baseboardSerialNumber, displayId, bitness, totalMemory, logicalProcessors, physicalProcessors, processorMaxFreq, battery, id, banned FROM %s WHERE `publicKey` = ?", tableHWID); + sqlFindByHardware = String.format("SELECT hwDiskId, baseboardSerialNumber, displayId, bitness, totalMemory, logicalProcessors, physicalProcessors, processorMaxFreq, battery, id, banned FROM %s", tableHWID); + sqlCreateHardware = String.format("INSERT INTO `%s` (`publickey`, `hwDiskId`, `baseboardSerialNumber`, `displayId`, `bitness`, `totalMemory`, `logicalProcessors`, `physicalProcessors`, `processorMaxFreq`, `battery`, `banned`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '0')", tableHWID); + sqlCreateHWIDLog = String.format("INSERT INTO %s (`hwidId`, `newPublicKey`) VALUES (?, ?)", tableHWIDLog); + sqlUpdateHardware = String.format("UPDATE %s SET `publicKey` = ? WHERE `id` = ?", tableHWID); + if(tableUsers != null && usersHWIDColumn != null && usersNameColumn != null) + { + sqlUpdateUsers = String.format("UPDATE %s SET `%s` = ? WHERE `%s` = ?", tableUsers, usersHWIDColumn, usersNameColumn); + } } @Override - public HardwareReportRequest.HardwareInfo findHardwareInfoByPublicKey(byte[] publicKey) throws HWIDException { + public HardwareReportRequest.HardwareInfo findHardwareInfoByPublicKey(byte[] publicKey, Client client) throws HWIDException { try(Connection connection = mySQLHolder.getConnection()) { - PreparedStatement s = connection.prepareStatement("SELECT hwDiskId, baseboardSerialNumber, displayId, bitness, totalMemory, logicalProcessors, physicalProcessors, processorMaxFreq, battery, banned FROM hwids WHERE `publicKey` = ?"); + PreparedStatement s = connection.prepareStatement(sqlFindByPublicKey); s.setBlob(1, new ByteArrayInputStream(publicKey)); ResultSet set = s.executeQuery(); if(set.next()) { - if(set.getBoolean(10)) //isBanned + if(set.getBoolean(11)) //isBanned { throw new SecurityException("You HWID banned"); } + long id = set.getLong(10); + setUserHardwareId(connection, client.username, id); return fetchHardwareInfo(set); } else @@ -59,10 +83,10 @@ private HardwareReportRequest.HardwareInfo fetchHardwareInfo(ResultSet set) thro } @Override - public void createHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey) throws HWIDException { + public void createHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey, Client client) throws HWIDException { try(Connection connection = mySQLHolder.getConnection()) { - PreparedStatement s = connection.prepareStatement("INSERT INTO `hwids` (`publickey`, `hwDiskId`, `baseboardSerialNumber`, `displayId`, `bitness`, `totalMemory`, `logicalProcessors`, `physicalProcessors`, `processorMaxFreq`, `battery`, `banned`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '0');", Statement.RETURN_GENERATED_KEYS); + PreparedStatement s = connection.prepareStatement(sqlCreateHardware, Statement.RETURN_GENERATED_KEYS); s.setBlob(1, new ByteArrayInputStream(publicKey)); s.setString(2, hardwareInfo.hwDiskId); s.setString(3, hardwareInfo.baseboardSerialNumber); @@ -77,6 +101,7 @@ public void createHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, try (ResultSet generatedKeys = s.getGeneratedKeys()) { if (generatedKeys.next()) { writeHwidLog(connection, generatedKeys.getLong(1), publicKey); + setUserHardwareId(connection, client.username, generatedKeys.getLong(1)); } } } catch (SQLException throwables) { @@ -86,10 +111,10 @@ public void createHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, } @Override - public boolean addPublicKeyToHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey) throws HWIDException { + public boolean addPublicKeyToHardwareInfo(HardwareReportRequest.HardwareInfo hardwareInfo, byte[] publicKey, Client client) throws HWIDException { try(Connection connection = mySQLHolder.getConnection()) { - PreparedStatement s = connection.prepareStatement("SELECT hwDiskId, baseboardSerialNumber, displayId, bitness, totalMemory, logicalProcessors, physicalProcessors, processorMaxFreq, battery, id, banned FROM hwids"); + PreparedStatement s = connection.prepareStatement(sqlFindByHardware); ResultSet set = s.executeQuery(); while(set.next()) { @@ -104,6 +129,7 @@ public boolean addPublicKeyToHardwareInfo(HardwareReportRequest.HardwareInfo har } writeHwidLog(connection, id, publicKey); changePublicKey(connection, id, publicKey); + setUserHardwareId(connection, client.username, id); return true; } } @@ -115,17 +141,24 @@ public boolean addPublicKeyToHardwareInfo(HardwareReportRequest.HardwareInfo har return false; } private void changePublicKey(Connection connection, long id, byte[] publicKey) throws SQLException { - PreparedStatement s = connection.prepareStatement("UPDATE hwids SET `publicKey` = ? WHERE `id` = ?"); + PreparedStatement s = connection.prepareStatement(sqlUpdateHardware); s.setBlob(1, new ByteArrayInputStream(publicKey)); s.setLong(2, id); s.executeUpdate(); } private void writeHwidLog(Connection connection, long hwidId, byte[] newPublicKey) throws SQLException { - PreparedStatement s = connection.prepareStatement("INSERT INTO hwidLog (`hwidId`, `newPublicKey`) VALUES (?, ?)"); + PreparedStatement s = connection.prepareStatement(sqlCreateHWIDLog); s.setLong(1, hwidId); s.setBlob(2, new ByteArrayInputStream(newPublicKey)); s.executeUpdate(); } + private void setUserHardwareId(Connection connection, String username, long hwidId) throws SQLException { + if(sqlUpdateUsers == null || username == null) return; + PreparedStatement s = connection.prepareStatement(sqlUpdateUsers); + s.setLong(1, hwidId); + s.setString(2, username); + s.executeUpdate(); + } @Override public void close() {