Secondary authentication edit

[cheatax21]

If you want to receive support we need this info to help you properly.
» Find Revision
L2J Revision Number:6086
L2JDP Revision Number:9838



I would like to ask, where are the secondary authentication (in char selection screen) settings, and how to edit them so the user can put any number he wants, cause now it rejects most of combinations with reason they follow patterns.

[NosBit]

There is a client side filter you cant do that.

[UnAfraid]

Ofc u can.
Check this com.l2jserver.gameserver.security.SecondaryPasswordAuth.validatePassword(String)

[cheatax21]

thanks unafraid will check it tommorow, atm i go sleep:) gn everyone!

[cheatax21]

Hmm, i found it, though im not so sure what to edit.
Anyone can help out on this?
My issue is that this secondary authentication has too high restriction regarding the pattern.
I mean it rejects pins like 1414562 / 654265 etc..
If sm1 can understand it better than me, to tell me what to edit to remove such restriction
thanks in adv

[NosBit]

Ofc u can.
Check this com.l2jserver.gameserver.security.SecondaryPasswordAuth.validatePassword(String)

As i said there is a client side filter he cant do that but it seems that server checks for more combinations than client does.

Hmm, i found it, though im not so sure what to edit.
Anyone can help out on this?
My issue is that this secondary authentication has too high restriction regarding the pattern.
I mean it rejects pins like 1414562 / 654265 etc..
If sm1 can understand it better than me, to tell me what to edit to remove such restriction
thanks in adv

You can use this patch it makes server to check only for passwords forbidden by client.

[cheatax21]

Thank you Nos, very handy patch, solved my issue. I suggest this patch to be commited, since otherwise, its a pain in the *** to manage to make a PIN pwd..

[Zoey76]

@Nos I think lenght and characters type should be validated server side, otherwise a bot may send a malformed packet, for example.

[NosBit]

@Nos I think lenght and characters type should be validated server side, otherwise a bot may send a malformed packet, for example.

oh... I removed function to test if client filter really works and forgot to add checks after.

Patch on my post updated now its ok.

[cheatax21]

Could you tell me if what i write is correct, so i wont do smth stupid ;p

old patch

Code: Select all

@@ -34,7 +36,6 @@ import com.l2jserver.gameserver.network.serverpackets.Ex2ndPasswordAck; import com.l2jserver.gameserver.network.serverpackets.Ex2ndPasswordCheck; import com.l2jserver.gameserver.network.serverpackets.Ex2ndPasswordVerify;-import com.l2jserver.gameserver.util.Util; import com.l2jserver.util.Base64;

In the new there isnt this part of code, this means i put back that lane again ?

Code: Select all

-       for (int i = 0; i < (password.length() - 1); i++)+       if (forbiddenPasswords.contains(password))        {-           char curCh = password.charAt(i);-           char nxtCh = password.charAt(i + 1);-           -           if ((curCh + 1) == nxtCh)-           {-               return false;-           }-           else if ((curCh - 1) == nxtCh)-           {-               return false;-           }-           else if (curCh == nxtCh)-           {-               return false;-           }+           return false;        }

These are the changes yes?
1) i put back the import com.l2jserver.gameserver.util.Util;
2) if (forbiddenPasswords.contains(password))
return false;

[NosBit]

You can find the file in Eclipse and right click on it then go Team->Revert this will reset the file to its original state then reapply the patch and you will be done.

[cheatax21]

uh, thank you for this, didnt know it!!

[lucan]

Interesting system but i cant register my code, i get critical errors all times, client system problem?

[cheatax21]

First post here your revs, and what errors you get,

also, maybe it needs h5 part 5 client , im not sure about that friend.

[NosBit]

Interesting system but i cant register my code, i get critical errors all times, client system problem?

it should work in high five part 1 and 2 client in part 3+ i think its broken.