L2J Server

Posted: **Fri Jun 28, 2013 5:34 pm**

If you want to receive support we need this info to help you properly.
» Find Revision
L2J Revision Number:6086
L2JDP Revision Number:9838

I would like to ask, where are the secondary authentication (in char selection screen) settings, and how to edit them so the user can put any number he wants, cause now it rejects most of combinations with reason they follow patterns.

Posted: **Fri Jun 28, 2013 8:51 pm**

There is a client side filter you cant do that.

Posted: **Fri Jun 28, 2013 9:24 pm**

Ofc u can.
Check this com.l2jserver.gameserver.security.SecondaryPasswordAuth.validatePassword(String)

Posted: **Fri Jun 28, 2013 11:20 pm**

thanks unafraid will check it tommorow, atm i go sleep:) gn everyone!

Posted: **Sat Jun 29, 2013 12:09 pm**

Hmm, i found it, though im not so sure what to edit.
Anyone can help out on this?
My issue is that this secondary authentication has too high restriction regarding the pattern.
I mean it rejects pins like 1414562 / 654265 etc..
If sm1 can understand it better than me, to tell me what to edit to remove such restriction

thanks in adv

Posted: **Sat Jun 29, 2013 1:36 pm**

UnAfraid wrote:Ofc u can.
Check this com.l2jserver.gameserver.security.SecondaryPasswordAuth.validatePassword(String)

As i said there is a client side filter he cant do that but it seems that server checks for more combinations than client does.

cheatax21 wrote:Hmm, i found it, though im not so sure what to edit.
Anyone can help out on this?
My issue is that this secondary authentication has too high restriction regarding the pattern.
I mean it rejects pins like 1414562 / 654265 etc..
If sm1 can understand it better than me, to tell me what to edit to remove such restriction
thanks in adv

You can use this patch it makes server to check only for passwords forbidden by client.

Posted: **Sat Jun 29, 2013 5:15 pm**

Thank you Nos, very handy patch, solved my issue. I suggest this patch to be commited, since otherwise, its a pain in the *** to manage to make a PIN pwd..

Posted: **Sun Jun 30, 2013 2:12 am**

@Nos I think lenght and characters type should be validated server side, otherwise a bot may send a malformed packet, for example.

Posted: **Sun Jun 30, 2013 2:58 am**

Zoey76 wrote:@Nos I think lenght and characters type should be validated server side, otherwise a bot may send a malformed packet, for example.

oh... I removed function to test if client filter really works and forgot to add checks after.

Patch on my post updated now its ok.

Posted: **Sun Jun 30, 2013 9:58 am**

Could you tell me if what i write is correct, so i wont do smth stupid ;p

old patch

Code: Select all

@@ -34,7 +36,6 @@ import com.l2jserver.gameserver.network.serverpackets.Ex2ndPasswordAck; import com.l2jserver.gameserver.network.serverpackets.Ex2ndPasswordCheck; import com.l2jserver.gameserver.network.serverpackets.Ex2ndPasswordVerify;-import com.l2jserver.gameserver.util.Util; import com.l2jserver.util.Base64;

In the new there isnt this part of code, this means i put back that lane again ?

Code: Select all

-       for (int i = 0; i < (password.length() - 1); i++)+       if (forbiddenPasswords.contains(password))        {-           char curCh = password.charAt(i);-           char nxtCh = password.charAt(i + 1);-           -           if ((curCh + 1) == nxtCh)-           {-               return false;-           }-           else if ((curCh - 1) == nxtCh)-           {-               return false;-           }-           else if (curCh == nxtCh)-           {-               return false;-           }+           return false;        }

These are the changes yes?
1) i put back the import com.l2jserver.gameserver.util.Util;
2) if (forbiddenPasswords.contains(password))
return false;

Posted: **Sun Jun 30, 2013 10:30 am**

You can find the file in Eclipse and right click on it then go Team->Revert this will reset the file to its original state then reapply the patch and you will be done.

Posted: **Sun Jun 30, 2013 12:04 pm**

uh, thank you for this, didnt know it!!

Posted: **Sun Jun 30, 2013 9:29 pm**

Interesting system but i cant register my code, i get critical errors all times, client system problem?

Posted: **Sun Jun 30, 2013 10:33 pm**

First post here your revs, and what errors you get,

also, maybe it needs h5 part 5 client , im not sure about that friend.

Posted: **Sun Jun 30, 2013 10:42 pm**

lucan wrote:Interesting system but i cant register my code, i get critical errors all times, client system problem?

it should work in high five part 1 and 2 client in part 3+ i think its broken.

L2J Server

Secondary authentication edit

Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit

Re: Secondary authentication edit