summaryrefslogtreecommitdiff
path: root/src/server
diff options
context:
space:
mode:
authorThilo Schulz <arny@ats.s.bawue.de>2011-07-12 11:59:48 +0000
committerTim Angus <tim@ngus.net>2013-01-10 22:16:30 +0000
commit3b328b36426e84975e85a572b82f17cd7caf3dc6 (patch)
treea2403aaa9324b934a89b706de3c770fdba298c29 /src/server
parent733365194968c7a0f8e1df074a7d21435c519de9 (diff)
- Implement dual protocol support (#4962) - Fix several UDP spoofing security issues
Diffstat (limited to 'src/server')
-rw-r--r--src/server/sv_client.c22
-rw-r--r--src/server/sv_main.c4
2 files changed, 18 insertions, 8 deletions
diff --git a/src/server/sv_client.c b/src/server/sv_client.c
index 8ff3f0a1..99dca704 100644
--- a/src/server/sv_client.c
+++ b/src/server/sv_client.c
@@ -60,6 +60,19 @@ void SV_GetChallenge(netadr_t from)
int clientChallenge;
challenge_t *challenge;
qboolean wasfound = qfalse;
+ char *gameName;
+
+ gameName = Cmd_Argv(2);
+ if(gameName && *gameName)
+ {
+ // reject client if the heartbeat string sent by the client doesn't match ours
+ if(strcmp(gameName, sv_heartbeat->string))
+ {
+ NET_OutOfBandPrint(NS_SERVER, from, "print\nGame mismatch: This is a %s server\n",
+ sv_heartbeat->string);
+ return;
+ }
+ }
oldest = 0;
oldestClientTime = oldestTime = 0x7fffffff;
@@ -139,8 +152,9 @@ void SV_DirectConnect( netadr_t from ) {
version = atoi( Info_ValueForKey( userinfo, "protocol" ) );
if ( version != PROTOCOL_VERSION ) {
- NET_OutOfBandPrint( NS_SERVER, from, "print\nServer uses protocol version %i\n", PROTOCOL_VERSION );
- Com_DPrintf (" rejected connect from version %i\n", version);
+ NET_OutOfBandPrint(NS_SERVER, from, "print\nServer uses protocol version %i "
+ "(yours is %i).\n", PROTOCOL_VERSION, version);
+ Com_DPrintf(" rejected connect from version %i\n", version);
return;
}
@@ -308,7 +322,7 @@ gotnewcl:
newcl->challenge = challenge;
// save the address
- Netchan_Setup (NS_SERVER, &newcl->netchan , from, qport);
+ Netchan_Setup(NS_SERVER, &newcl->netchan, from, qport, challenge);
// init the netchan queue
newcl->netchan_end_queue = &newcl->netchan_start_queue;
@@ -329,7 +343,7 @@ gotnewcl:
SV_UserinfoChanged( newcl );
// send the connect packet to the client
- NET_OutOfBandPrint( NS_SERVER, from, "connectResponse" );
+ NET_OutOfBandPrint(NS_SERVER, from, "connectResponse %d", challenge);
Com_DPrintf( "Going from CS_FREE to CS_CONNECTED for %s\n", newcl->name );
diff --git a/src/server/sv_main.c b/src/server/sv_main.c
index 014c3a96..f746c180 100644
--- a/src/server/sv_main.c
+++ b/src/server/sv_main.c
@@ -865,10 +865,6 @@ void SV_PacketEvent( netadr_t from, msg_t *msg ) {
}
return;
}
-
- // if we received a sequenced packet from an address we don't recognize,
- // send an out of band disconnect packet to it
- NET_OutOfBandPrint( NS_SERVER, from, "disconnect" );
}