Module: Lich::Common::EAccess

Defined in:

documented/common/eaccess.rb

Overview

Handles EAccess related operations

This module provides methods for downloading and verifying PEM files, as well as authenticating users.

Examples:

Authenticating a user

Lich::Common::EAccess.auth(password: "password", account: "account_name")

Constant Summary

PEM =

The path to the PEM file used for SSL connections.

File.join(DATA_DIR, "simu.pem")

PACKET_SIZE =

pp PEM The size of packets to read from the connection.

8192

Class Method Summary

• .auth(password:, account:, character: nil, game_code: nil, legacy: false) ⇒ String, Array<Hash>

  Authenticates a user with the given credentials.

• .download_pem(hostname = "eaccess.play.net", port = 7910) ⇒ void

  Downloads the PEM file from the specified hostname and port.

• .pem_exist? ⇒ Boolean

  Checks if the PEM file exists.

• .read(conn) ⇒ String

  Reads data from the connection.

• .socket(hostname = "eaccess.play.net", port = 7910) ⇒ OpenSSL::SSL::SSLSocket

  Establishes a secure socket connection to the specified hostname and port.

• .verify_pem(conn) ⇒ Boolean

  Verifies the PEM certificate against the stored PEM file.

Class Method Details

.auth(password:, account:, character: nil, game_code: nil, legacy: false) ⇒ String, Array<Hash>

Authenticates a user with the given credentials

Examples:

Authenticating a user

login_info = Lich::Common::EAccess.auth(password: "password", account: "account_name")

Parameters:

• password (String) —

  The user’s password

• account (String) —

  The user’s account name

• character (String, nil) (defaults to: nil) —

  The character name (optional)

• game_code (String, nil) (defaults to: nil) —

  The game code (optional)

• legacy (Boolean) (defaults to: false) —

  Whether to use legacy authentication (default: false)

Returns:

• (String, Array<Hash>) —

  An error message or an array of login information

Raises:

• (StandardError) —

  if authentication fails

# File 'documented/common/eaccess.rb', line 100

def self.auth(password:, account:, character: nil, game_code: nil, legacy: false)
  Account.name = account
  Account.game_code = game_code
  Account.character = character
  conn = EAccess.socket()
  # it is vitally important to verify self-signed certs
  # because there is no chain-of-trust for them
  EAccess.verify_pem(conn)
  conn.puts "K\n"
  hashkey = EAccess.read(conn)
  # pp "hash=%s" % hashkey
  password = password.split('').map { |c| c.getbyte(0) }
  hashkey = hashkey.split('').map { |c| c.getbyte(0) }
  password.each_index { |i| password[i] = ((password[i] - 32) ^ hashkey[i]) + 32 }
  password = password.map { |c| c.chr }.join
  conn.puts "A\t#{account}\t#{password}\n"
  response = EAccess.read(conn)
  unless /KEY\t(?<key>.*)\t/.match(response)
    eaccess_error = "Error(%s)" % response.split(/\s+/).last
    return eaccess_error
  end
  # pp "A:response=%s" % response
  conn.puts "M\n"
  response = EAccess.read(conn)
  fail StandardError, response unless response =~ /^M\t/
  # pp "M:response=%s" % response

  unless legacy
    conn.puts "F\t#{game_code}\n"
    response = EAccess.read(conn)
    fail StandardError, response unless response =~ /NORMAL|PREMIUM|TRIAL|INTERNAL|FREE/
    Account.subscription = response
    # pp "F:response=%s" % response
    conn.puts "G\t#{game_code}\n"
    EAccess.read(conn)
    # pp "G:response=%s" % response
    conn.puts "P\t#{game_code}\n"
    EAccess.read(conn)
    # pp "P:response=%s" % response
    conn.puts "C\n"
    response = EAccess.read(conn)
    # pp "C:response=%s" % response
    Account.members = response
    char_code = response.sub(/^C\t[0-9]+\t[0-9]+\t[0-9]+\t[0-9]+[\t\n]/, '')
                        .scan(/[^\t]+\t[^\t^\n]+/)
                        .find { |c| c.split("\t")[1] == character }
                        .split("\t")[0]
    conn.puts "L\t#{char_code}\tSTORM\n"
    response = EAccess.read(conn)
    fail StandardError, response unless response =~ /^L\t/
    # pp "L:response=%s" % response
    conn.close unless conn.closed?
    login_info = Hash[response.sub(/^L\tOK\t/, '')
                              .split("\t")
                              .map { |kv|
                        k, v = kv.split("=")
                        [k.downcase, v]
                      }]
  else
    login_info = Array.new
    for game in response.sub(/^M\t/, '').scan(/[^\t]+\t[^\t^\n]+/)
      game_code, game_name = game.split("\t")
      # pp "M:response = %s" % response
      conn.puts "N\t#{game_code}\n"
      response = EAccess.read(conn)
      if response =~ /STORM/
        conn.puts "F\t#{game_code}\n"
        response = EAccess.read(conn)
        if response =~ /NORMAL|PREMIUM|TRIAL|INTERNAL|FREE/
          Account.subscription = response
          conn.puts "G\t#{game_code}\n"
          EAccess.read(conn)
          conn.puts "P\t#{game_code}\n"
          EAccess.read(conn)
          conn.puts "C\n"
          response = EAccess.read(conn)
          Account.members = response
          for code_name in response.sub(/^C\t[0-9]+\t[0-9]+\t[0-9]+\t[0-9]+[\t\n]/, '').scan(/[^\t]+\t[^\t^\n]+/)
            char_code, char_name = code_name.split("\t")
            hash = { :game_code => "#{game_code}", :game_name => "#{game_name}",
                    :char_code => "#{char_code}", :char_name => "#{char_name}" }
            login_info.push(hash)
          end
        end
      end
    end
  end
  conn.close unless conn.closed?
  return login_info
end

.download_pem(hostname = "eaccess.play.net", port = 7910) ⇒ void

This method returns an undefined value.

Downloads the PEM file from the specified hostname and port

Examples:

Downloading the PEM file

Lich::Common::EAccess.download_pem

Parameters:

• hostname (String) (defaults to: "eaccess.play.net") —

  The hostname to connect to (default: “eaccess.play.net”)

• port (Integer) (defaults to: 7910) —

  The port to connect to (default: 7910)

Raises:

• (StandardError) —

  if the connection fails

# File 'documented/common/eaccess.rb', line 39

def self.download_pem(hostname = "eaccess.play.net", port = 7910)
  # Create an OpenSSL context
  ctx = OpenSSL::SSL::SSLContext.new
  # Get remote TCP socket
  sock = TCPSocket.new(hostname, port)
  # pass that socket to OpenSSL
  ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
  # establish connection, if possible
  ssl.connect
  # write the .pem to disk
  File.write(EAccess::PEM, ssl.peer_cert)
end

.pem_exist? ⇒ Boolean

Checks if the PEM file exists

Examples:

Checking for PEM existence

exists = Lich::Common::EAccess.pem_exist?

Returns:

• (Boolean) —

  true if the PEM file exists, false otherwise

# File 'documented/common/eaccess.rb', line 28

def self.pem_exist?
  File.exist? PEM
end

.read(conn) ⇒ String

Reads data from the connection

Examples:

Reading data from a connection

data = Lich::Common::EAccess.read(conn)

Parameters:

• conn (TCPSocket) —

  The connection to read from

Returns:

• (String) —

  The data read from the connection

# File 'documented/common/eaccess.rb', line 196

def self.read(conn)
  conn.sysread(PACKET_SIZE)
end

.socket(hostname = "eaccess.play.net", port = 7910) ⇒ OpenSSL::SSL::SSLSocket

Establishes a secure socket connection to the specified hostname and port

Examples:

Creating a secure socket

ssl_socket = Lich::Common::EAccess.socket

Parameters:

• hostname (String) (defaults to: "eaccess.play.net") —

  The hostname to connect to (default: “eaccess.play.net”)

• port (Integer) (defaults to: 7910) —

  The port to connect to (default: 7910)

Returns:

• (OpenSSL::SSL::SSLSocket) —

  The established SSL socket

Raises:

• (StandardError) —

  if the PEM verification fails

# File 'documented/common/eaccess.rb', line 76

def self.socket(hostname = "eaccess.play.net", port = 7910)
  download_pem unless pem_exist?
  socket = TCPSocket.open(hostname, port)
  cert_store              = OpenSSL::X509::Store.new
  ssl_context             = OpenSSL::SSL::SSLContext.new
  ssl_context.cert_store  = cert_store
  ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
  cert_store.add_file(EAccess::PEM) if pem_exist?
  ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
  ssl_socket.sync_close = true
  EAccess.verify_pem(ssl_socket.connect)
  return ssl_socket
end

.verify_pem(conn) ⇒ Boolean

Verifies the PEM certificate against the stored PEM file

Examples:

Verifying a PEM certificate

Lich::Common::EAccess.verify_pem(conn)

Parameters:

• conn (OpenSSL::SSL::SSLSocket) —

  The SSL connection to verify

Returns:

• (Boolean) —

  true if the certificate matches, false otherwise

Raises:

• (StandardError) —

  if the certificate does not match and download fails

# File 'documented/common/eaccess.rb', line 58

def self.verify_pem(conn)
  # return if conn.peer_cert.to_s = File.read(EAccess::PEM)
  if !(conn.peer_cert.to_s == File.read(EAccess::PEM))
    Lich.log "Exception, \nssl peer certificate did not match #{EAccess::PEM}\nwas:\n#{conn.peer_cert}"
    download_pem
  else
    return true
  end
  #     fail Exception, "\nssl peer certificate did not match #{EAccess::PEM}\nwas:\n#{conn.peer_cert}"
end