edg-l/ddnet
1
0
Fork 0
mirror of https://github.com/ddnet/ddnet.git synced 2024-09-20 09:34:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #225 from heinrich5991/pr_password

Browse source 
Randomly generate rcon passwords on startup, if none is set.
This commit is contained in:
Dennis Felsing 2015-06-21 21:28:51 +02:00
parent 7c665a7b97 a6b105ac08
commit 6f89a8bde7
6 changed files with 51 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
autoexec.cfg
View file

@ -2,5 +2,4 @@ sv_name "Testserver with DDraceNetwork Features"
sv_port 8303 sv_port 8303
sv_map "gravity" sv_map "gravity"
sv_test_cmds 1 # set to 0 for DDraceNetwork game type sv_test_cmds 1 # set to 0 for DDraceNetwork game type
sv_rcon_password "rcon"
sv_register 1 sv_register 1

2
src/base/system.c
View file

@ -2434,7 +2434,7 @@ int secure_random_init()
#endif #endif
} }
void secure_random_fill(unsigned char *bytes, size_t length) void secure_random_fill(void *bytes, size_t length)
{ {
if(!secure_random_data.initialized) if(!secure_random_data.initialized)
{ {

2
src/base/system.h
View file

@ -1367,7 +1367,7 @@ int secure_random_init();
buffer - Pointer to the start of the buffer. buffer - Pointer to the start of the buffer.
length - Length of the buffer. length - Length of the buffer.
*/ */
void secure_random_fill(unsigned char *bytes, size_t length); void secure_random_fill(void *bytes, size_t length);
#ifdef __cplusplus #ifdef __cplusplus
} }

45
src/engine/server/server.cpp
View file

@ -314,6 +314,7 @@ CServer::CServer()
m_RconAuthLevel = AUTHED_ADMIN; m_RconAuthLevel = AUTHED_ADMIN;
m_RconRestrict = -1; m_RconRestrict = -1;
m_GeneratedRconPassword = 0;
Init(); Init();
} }
@ -532,6 +533,36 @@ int CServer::MaxClients() const
return m_NetServer.MaxClients(); return m_NetServer.MaxClients();
} }
void CServer::InitRconPasswordIfEmpty()
{
if(g_Config.m_SvRconPassword[0])
{
return;
}
static const char VALUES[] = "ABCDEFGHKLMNPRSTUVWXYZabcdefghjkmnopqt23456789";
static const size_t NUM_VALUES = sizeof(VALUES) - 1; // Disregard the '\0'.
static const size_t PASSWORD_LENGTH = 6;
dbg_assert(NUM_VALUES * NUM_VALUES >= 2048, "need at least 2048 possibilities for 2-character sequences");
// With 6 characters, we get a password entropy of log(2048) * 6/2 = 33bit.
dbg_assert(PASSWORD_LENGTH % 2 == 0, "need an even password length");
unsigned short aRandom[PASSWORD_LENGTH / 2];
char aRandomPassword[PASSWORD_LENGTH+1];
aRandomPassword[PASSWORD_LENGTH] = 0;
secure_random_fill(aRandom, sizeof(aRandom));
for(size_t i = 0; i < PASSWORD_LENGTH / 2; i++)
{
unsigned short RandomNumber = aRandom[i] % 2048;
aRandomPassword[2 * i + 0] = VALUES[RandomNumber / NUM_VALUES];
aRandomPassword[2 * i + 1] = VALUES[RandomNumber % NUM_VALUES];
}
str_copy(g_Config.m_SvRconPassword, aRandomPassword, sizeof(g_Config.m_SvRconPassword));
m_GeneratedRconPassword = 1;
}
int CServer::SendMsg(CMsgPacker *pMsg, int Flags, int ClientID) int CServer::SendMsg(CMsgPacker *pMsg, int Flags, int ClientID)
{ {
return SendMsgEx(pMsg, Flags, ClientID, false); return SendMsgEx(pMsg, Flags, ClientID, false);
@ -1527,6 +1558,13 @@ int CServer::Run()
// process pending commands // process pending commands
m_pConsole->StoreCommands(false); m_pConsole->StoreCommands(false);
if(m_GeneratedRconPassword)
{
dbg_msg("server", "+-------------------------+");
dbg_msg("server", "| rcon password: '%s' |", g_Config.m_SvRconPassword);
dbg_msg("server", "+-------------------------+");
}
// start game // start game
{ {
bool NonActive = false; bool NonActive = false;
@ -2028,6 +2066,12 @@ int main(int argc, const char **argv) // ignore_convention
} }
#endif #endif
if(secure_random_init() != 0)
{
dbg_msg("secure", "could not initialize secure RNG");
return -1;
}
CServer *pServer = CreateServer(); CServer *pServer = CreateServer();
IKernel *pKernel = IKernel::Create(); IKernel *pKernel = IKernel::Create();
@ -2086,6 +2130,7 @@ int main(int argc, const char **argv) // ignore_convention
#if defined(CONF_FAMILY_UNIX) #if defined(CONF_FAMILY_UNIX)
FifoConsole *fifoConsole = new FifoConsole(pConsole, g_Config.m_SvInputFifo, CFGFLAG_SERVER); FifoConsole *fifoConsole = new FifoConsole(pConsole, g_Config.m_SvInputFifo, CFGFLAG_SERVER);
#endif #endif
pServer->InitRconPasswordIfEmpty();
// run the server // run the server
dbg_msg("server", "starting..."); dbg_msg("server", "starting...");

4
src/engine/server/server.h
View file

@ -174,6 +174,8 @@ public:
unsigned char *m_pCurrentMapData; unsigned char *m_pCurrentMapData;
unsigned int m_CurrentMapSize; unsigned int m_CurrentMapSize;
int m_GeneratedRconPassword;
CDemoRecorder m_aDemoRecorder[MAX_CLIENTS+1]; CDemoRecorder m_aDemoRecorder[MAX_CLIENTS+1];
CRegister m_Register; CRegister m_Register;
CMapChecker m_MapChecker; CMapChecker m_MapChecker;
@ -200,6 +202,8 @@ public:
int Init(); int Init();
void InitRconPasswordIfEmpty();
void SetRconCID(int ClientID); void SetRconCID(int ClientID);
bool IsAuthed(int ClientID); bool IsAuthed(int ClientID);
int GetClientInfo(int ClientID, CClientInfo *pInfo); int GetClientInfo(int ClientID, CClientInfo *pInfo);

6
src/engine/shared/network_server.cpp
View file

@ -30,12 +30,6 @@ bool CNetServer::Open(NETADDR BindAddr, CNetBan *pNetBan, int MaxClients, int Ma
m_MaxClientsPerIP = MaxClientsPerIP; m_MaxClientsPerIP = MaxClientsPerIP;
if(secure_random_init() != 0)
{
dbg_msg("secure", "could not initialize secure RNG");
return false;
}
secure_random_fill(m_SecurityTokenSeed, sizeof(m_SecurityTokenSeed)); secure_random_fill(m_SecurityTokenSeed, sizeof(m_SecurityTokenSeed));
for(int i = 0; i < NET_MAX_CLIENTS; i++) for(int i = 0; i < NET_MAX_CLIENTS; i++)