Commit graph

588 commits

Author SHA1 Message Date
Dennis Felsing 1d67e29c74 Merge pull request #663 from heinrich5991/pr_ddnet_fix_default_pws
Fix handling of default passwords
2017-03-10 12:45:01 +01:00
heinrich5991 87596c30ac Fix handling of default passwords
It was horribly broken before. :) Only the first password set via
`sv_rcon*_password` worked, and that only due to a bug in `AddHashKey`
-- `AddHashKey` incorrectly assumed that only key slots greater than 0
are valid, but 0 is valid too.

Fix default passwords on password removal, fix no admin password being
generated if you only had `sv_rcon_mod_password` or
`sv_rcon_helper_password` set. Add an assert that would have caught our
mistake.
2017-03-10 12:33:34 +01:00
heinrich5991 72f2eb32ee Fix wording in scripts/hash_passwords.py, fix brace in other file 2017-03-09 13:37:54 +01:00
heinrich5991 6302e4d7e0 Fix some style issues and a > to >= 2017-03-06 20:11:23 +01:00
heinrich5991 c1e826e853 Fix key slot indices after removing a key 2017-03-06 18:02:19 +01:00
Learath2 8c79f28802 Fix a crash on malformed input 2017-03-06 15:18:52 +01:00
Learath2 b49c13e617 KeySlots are 0 indexed... 2017-03-06 14:14:45 +01:00
Learath2 71fb030443 Fix a comparison. Hate backwards compatibility... 2017-03-06 13:46:02 +01:00
Learath2 4d0f036b4f Forgot to negate the comparisons 2017-03-06 13:22:17 +01:00
Learath2 9800360340 Check the return from str_hex_decode. Remove comment 2017-03-06 12:59:47 +01:00
Learath2 c5a12e3eba Fix the status command for logged out people 2017-03-06 12:35:37 +01:00
Learath2 6f1f348715 Fix c&p fail 2017-03-06 12:35:09 +01:00
Learath2 95bb9894a7 Get rid of pw generation in CServer, Err out in CAuthManager instead 2017-03-04 23:16:02 +03:00
Learath2 3a22a4b62d Fix some issues 2017-03-04 23:06:22 +03:00
Learath2 cf9f3e3d38 Forgot one block 2017-03-04 10:58:02 +03:00
Learath2 d475eddb88 Add key ident to status command 2017-03-02 19:02:57 +03:00
Learath2 b7cbaedea0 New auth system for rcon 2017-03-02 18:16:29 +03:00
east 0acad1a28b dnsbl fix: HostLookup check result properly 2017-02-01 12:13:50 +01:00
heinrich5991 b510db9ee9 Add the VITAL flag to fastdownload packets
This lets 0.6.4 clients connect to DDNet servers again. Instead of doing
our own resend logic, just always send `sv_map_window` packets ahead and
let the Teeworlds network deal with possible resends.
2016-11-18 15:12:48 +01:00
heinrich5991 cd3b0ae855 Implement the confusable algorithm from Unicode more closely
See UTS#39 "Unicode Security Mechanisms":
http://www.unicode.org/reports/tr39/

This means that characters with accents or other things around them are
now considered the confusable with the base character.

Fixes #557. Fixes #575.
2016-10-30 13:45:55 +01:00
heinrich5991 e950351346 Put the password generation into base 2016-10-01 23:04:16 +02:00
def 3ed6692ad7 SQL string cleanup 2016-09-25 10:41:34 +02:00
east c6efc85a80 dnsbl_status added 2016-09-05 14:05:07 +02:00
east 678a69bf5b basic DNSBL implementation 2016-09-05 11:38:11 +02:00
def 0688229f0d Forbid names starting with /, as they can be abused to make people write chat commands 2016-07-08 16:38:05 +02:00
def e518a701a3 Clean up sql dbg_msg calls 2016-06-15 11:52:40 +02:00
HMH c4843868c4 do not log the sql-passwords 2016-05-16 15:41:52 +02:00
HMH a073d22509 set timeout for sql-reads/writes 2016-05-16 15:37:51 +02:00
H-M-H 3b6baaa8d3 made CSqlData const for threadfunctions and added a class for sqlstrings
CSqlData is const for threadfunctions now to avoid modification from
within the threadfunctions as these might be called several times.
Previously this was a problem as ClearString could possibily be applied
multiple times to the same string.

To solve this the class CSqlString has been added. This class takes a
const char* and copies it. Additionally a clearstring is created from
the given const char*. This enables access to the original as well as
the cleared string safe for sql-statements.

sql_string_helpers got an own source file now.

A crashbug from CSqlServer has been fixed (pointer has not been set
back to 0)
2016-05-09 23:35:23 +02:00
H-M-H 931d99e4c2 also destroy locks created by CSqlServer 2016-05-04 23:39:16 +02:00
H-M-H 5dc47ede58 put sql_string_helpers into an own namespace 2016-05-04 16:51:18 +02:00
H-M-H a7c0cd58ee fixed birthdaycheck and the format of sql-inserts for the failure-file 2016-05-04 16:47:53 +02:00
H-M-H cd41220a44 wait for score-threads on shutdown 2016-05-04 15:32:24 +02:00
H-M-H 13688bbb2a fixed indentation 2016-05-04 00:27:03 +02:00
H-M-H e351080dd3 removed double semicolons 2016-05-04 00:24:54 +02:00
H-M-H c9e65c7931 Merge branch 'master' into sqlmasters 2016-05-03 23:07:24 +02:00
def 21ac41bfae Clean up fifo console 2016-05-02 23:36:21 +02:00
def c473689be7 Remove VITAL flag in fastdownload map packets (as suggested by heinrich5991) 2016-04-27 19:54:43 +02:00
Dennis Felsing 8e69f9ac90 Merge pull request #338 from east/mapvital
Added vital flag for mapdata (includes fast download)
2016-04-27 15:57:14 +02:00
def 91df0a2af0 Remove hacky security against rcon spoofing because we have a better one now 2016-02-22 19:54:45 +01:00
H-M-H 53a004fa74 reset preferred sql-server to the first specified
on map load
2016-02-20 15:33:35 +01:00
H-M-H 2bd6d0c381 do not always try to connect to unreachable sqlservers
but instead remember the last reachable server
- some cleanup
- added timeout of 10 seconds to sql-connections
2016-02-20 15:33:35 +01:00
H-M-H 783c2161f1 sql_score init is threaded now 2016-02-20 15:33:35 +01:00
H-M-H f6be7e20fb updated sql-command usage 2016-02-20 15:33:35 +01:00
H-M-H e35de5a371 whether to setup a db can be configured for each server now 2016-02-20 15:33:35 +01:00
H-M-H 1e302aeb70 'r' and 'w' instead of 0 and 1 for sql read/write servers 2016-02-20 15:33:35 +01:00
H-M-H 88ed7391da handle exceptions from sql properly
- write failed sqlinserts to a file
- improved structure
2016-02-20 15:33:35 +01:00
H-M-H 1314085928 restructured sqlconnection
reading from and writing to several different servers is now possible
TODO:
-handle Exceptions properly (try another sqlserver)
-if everything fails while writing write the insert to a file
2016-02-20 15:33:35 +01:00
H-M-H 7199ae3f22 ConAddSqlMaster will not block the main thread anymore 2016-02-20 15:33:35 +01:00
H-M-H 15f2e07c48 moved sqlserver stuff into CServer-class
as sqlconnections should not last only
until next mapreload
2016-02-20 15:33:35 +01:00
heinrich5991 a1923b154b Only ignore messages on invalid UTF-8, don't kick players 2016-01-27 01:48:19 +01:00
heinrich5991 d4eefefa26 Kick people using overlong UTF-8 sequences
This works around the bug in older clients (including vanilla) that
interpret those sequences incorrectly.
2016-01-27 01:24:02 +01:00
def b77e95090e Reset m_ServerInfoFirstRequest on map change 2016-01-22 17:53:46 +01:00
heinrich5991 96f0eddbb8 Add sv_max_server_info_per_second
This controls how many complete server info responses are sent per
second.
2016-01-22 16:42:54 +01:00
heinrich5991 b29a733c4f Add DoS protection to server info requests
Only allow 10 requests per second before falling back to smaller server
info responses.
2016-01-22 16:42:46 +01:00
def 8636e6004a Print client ID as decimal number, not hexadecimal 2016-01-20 16:33:02 +01:00
H-M-H 8e24ef8020 commanddescription can now be placed directly in
the commandparamsstring: "s[file]"
2015-12-28 16:19:52 +01:00
H-M-H 927c9d1999 forgot to adjust one usage 2015-12-23 14:51:55 +01:00
H-M-H 11a426c18b added (console-)command usage 2015-12-23 14:29:31 +01:00
H-M-H 80531130e5 made it beautiful ^^ 2015-12-18 13:17:45 +01:00
H-M-H 830726f392 prevent serverlogspam 2015-12-17 16:27:35 +01:00
H-M-H bd0c496837 FIRST trim the name and THEN compare it to others ! 2015-12-16 20:15:43 +01:00
H-M-H 019fb0ea07 Merge pull request #359 from Schwertspize/patch-1
Fix vulnerability, see official teeworlds news
2015-11-21 15:40:28 +01:00
timgame 2874e18ce0 dont restore empty config values at start 2015-11-16 20:31:56 +01:00
Schwertspize bc0578f786 Fix vulnerability, see official teeworlds news 2015-11-02 15:04:59 +01:00
Tim Schumacher d99660f20e Merge pull request #356 from H-M-H/helper_pw
Implemented Helper accesslevel
2015-10-27 02:18:00 +01:00
H-M-H 4ffbd60347 fixed two lines I forgot 2015-10-27 02:00:15 +01:00
H-M-H cd6c297cb0 removed some code duplication and updated autoexec_server.cfg 2015-10-27 00:46:28 +01:00
H-M-H 0e532adb67 Implemented Helper accesslevel
basically just copied everything from moderator-accesslevel implementation

note however that mod_command changed to access_level
2015-10-23 04:21:07 +02:00
timgame 74d3855bf1 change brace styling 2015-10-22 17:51:02 +02:00
timgame 7fafd2db2f added sv_reload_when_empty 2015-10-22 17:27:30 +02:00
east 6affc4e1ef added vital flag for mapdata (includes fast download) 2015-09-17 09:55:09 +02:00
oy e91d26b8ac force vital check on essential cl/srv messages and added additional sequence checking 2015-09-01 13:50:45 +02:00
def f20a6a4934 Print name on name change 2015-08-28 21:44:36 +02:00
heinrich5991 a3246ed099 Save the config into the map when the server loads the map 2015-08-27 12:51:24 +02:00
east cf9e1373d7 correctly reset client 2015-08-23 17:51:28 +02:00
east c47697bdef session rejoin 2015-08-23 17:01:01 +02:00
east d82b75f760 log/info for security token protocol 2015-08-14 18:39:13 +02:00
east d1382349f5 vanilla token handshake implemented 2015-08-14 18:30:49 +02:00
def a58ad6aef7 Always check that player names are not equal 2015-08-14 00:11:25 +02:00
def 8f532aad9f Use autoexec_client/server.cfg by default, fall back to autoexec.cfg for both 2015-08-12 13:49:16 +02:00
heinrich5991 ec85951736 Finish the renaming of sv_allow_rescue to sv_rescue 2015-08-10 13:34:56 +02:00
def 6e8ada1ac8 Fix whitespaces a bit 2015-07-09 02:12:35 +02:00
def ce465b584c Add sv_rescue_delay and rename sv_allow_rescue to sv_rescue 2015-06-30 18:46:36 +02:00
heinrich5991 71548fc0d6 If no rcon password is set, generate one
After the generation (using the OS random number generator), the password is
displayed to the user on stdout.
2015-06-21 19:56:35 +02:00
def a77cd039a6 Get rid of all Clang warnings 2015-04-18 22:29:28 +02:00
def cea6fef24f Hack to disallow admins to enable /r after server was started 2015-04-17 11:24:28 +02:00
def 62a1a36fa2 Cleanup 2015-02-12 15:04:45 +01:00
def 0df35a990c Remove spoof protection, interacts badly with HTTP download 2015-01-27 23:13:47 +01:00
def 63a25fc1d4 Make server sleep for the proper time when no player is connected (fixes master server registration on Windows) 2014-12-26 12:12:28 +01:00
def 47842eeac6 Revert "Try only to make performant server on non-Windows"
This reverts commit d9e207816e.
2014-12-26 02:25:19 +01:00
def d9e207816e Try only to make performant server on non-Windows 2014-12-26 00:53:03 +01:00
def 023f926e89 Fix Compilation 2014-12-20 16:35:47 +01:00
def 6ecd02d410 No threaded debug output with fuzzing 2014-12-06 19:45:52 +01:00
def 9ea846033b Optimization for faster server side demo recording 2014-12-02 15:44:54 +01:00
Dennis Felsing b525de33b5 Merge pull request #112 from trml/prediction_weapons
Prediction weapons
2014-12-02 11:24:52 +01:00
nuborn 13f56be3a1 fix recording of projectiles in server too 2014-12-02 02:32:07 +01:00
def 2acdf5ea17 Code cleanup 2014-11-25 20:29:31 +01:00
def 18315e8c79 Improve ping on empty server (serverbrowser) 2014-11-24 22:31:13 +01:00
def a08ed87cc4 Initial work on confusable utf8 name detection 2014-11-24 16:22:00 +01:00