summaryrefslogtreecommitdiff
path: root/src/server
diff options
context:
space:
mode:
Diffstat (limited to 'src/server')
-rw-r--r--src/server/server.h1
-rw-r--r--src/server/sv_client.c53
2 files changed, 33 insertions, 21 deletions
diff --git a/src/server/server.h b/src/server/server.h
index fca29aae..a41dba91 100644
--- a/src/server/server.h
+++ b/src/server/server.h
@@ -216,6 +216,7 @@ typedef struct {
int time; // time the last packet was sent to the autherize server
int pingTime; // time the challenge response was sent to client
int firstTime; // time the adr was first used, for authorize timeout checks
+ qboolean wasrefused;
qboolean connected;
} challenge_t;
diff --git a/src/server/sv_client.c b/src/server/sv_client.c
index 319f865e..92c4d5f1 100644
--- a/src/server/sv_client.c
+++ b/src/server/sv_client.c
@@ -65,7 +65,7 @@ void SV_GetChallenge(netadr_t from)
// see if we already have a challenge for this ip
challenge = &svs.challenges[0];
for (i = 0 ; i < MAX_CHALLENGES ; i++, challenge++) {
- if ( !challenge->connected && NET_CompareAdr( from, challenge->adr ) ) {
+ if (!challenge->connected && NET_CompareAdr( from, challenge->adr ) ) {
break;
}
if ( challenge->time < oldestTime ) {
@@ -78,7 +78,6 @@ void SV_GetChallenge(netadr_t from)
{
// this is the first time this client has asked for a challenge
challenge = &svs.challenges[oldest];
- challenge->challenge = ( (rand() << 16) ^ rand() ) ^ svs.time;
challenge->clientChallenge = 0;
challenge->adr = from;
challenge->firstTime = svs.time;
@@ -86,9 +85,9 @@ void SV_GetChallenge(netadr_t from)
challenge->connected = qfalse;
}
- // send the challengeResponse
- challenge->pingTime = svs.time;
- NET_OutOfBandPrint( NS_SERVER, from, "challengeResponse %i", challenge->challenge );
+ // always generate a new challenge number, so the client cannot circumvent sv_maxping
+ challenge->challenge = ( (rand() << 16) ^ rand() ) ^ svs.time;
+ challenge->wasrefused = qfalse;
challenge->pingTime = svs.time;
NET_OutOfBandPrint( NS_SERVER, challenge->adr, "challengeResponse %i %s", challenge->challenge, clientChallenge);
@@ -162,41 +161,53 @@ void SV_DirectConnect( netadr_t from ) {
Info_SetValueForKey( userinfo, "ip", ip );
// see if the challenge is valid (LAN clients don't need to challenge)
- if ( !NET_IsLocalAddress (from) ) {
- int ping;
+ if (!NET_IsLocalAddress(from))
+ {
+ int ping;
+ challenge_t *challengeptr;
- for (i=0 ; i<MAX_CHALLENGES ; i++) {
- if (NET_CompareAdr(from, svs.challenges[i].adr)) {
- if ( challenge == svs.challenges[i].challenge )
+ for (i=0; i<MAX_CHALLENGES; i++)
+ {
+ if (NET_CompareAdr(from, svs.challenges[i].adr))
+ {
+ if(challenge == svs.challenges[i].challenge)
break;
}
}
- if (i == MAX_CHALLENGES) {
- NET_OutOfBandPrint( NS_SERVER, from, "print\nNo or bad challenge for address\n" );
+ if (i == MAX_CHALLENGES)
+ {
+ NET_OutOfBandPrint( NS_SERVER, from, "print\nNo or bad challenge for your address.\n" );
+ return;
+ }
+
+ challengeptr = &svs.challenges[i];
+
+ if(challengeptr->wasrefused)
+ {
+ // Return silently, so that error messages written by the server keep being displayed.
return;
}
- ping = svs.time - svs.challenges[i].pingTime;
- Com_Printf( "Client %i connecting with %i challenge ping\n", i, ping );
- svs.challenges[i].connected = qtrue;
+ ping = svs.time - challengeptr->pingTime;
// never reject a LAN client based on ping
if ( !Sys_IsLANAddress( from ) ) {
if ( sv_minPing->value && ping < sv_minPing->value ) {
- // don't let them keep trying until they get a big delay
NET_OutOfBandPrint( NS_SERVER, from, "print\nServer is for high pings only\n" );
Com_DPrintf ("Client %i rejected on a too low ping\n", i);
- // reset the address otherwise their ping will keep increasing
- // with each connect message and they'd eventually be able to connect
- svs.challenges[i].adr.port = 0;
+ challengeptr->wasrefused = qtrue;
return;
}
if ( sv_maxPing->value && ping > sv_maxPing->value ) {
NET_OutOfBandPrint( NS_SERVER, from, "print\nServer is for low pings only\n" );
Com_DPrintf ("Client %i rejected on a too high ping\n", i);
+ challengeptr->wasrefused = qtrue;
return;
}
}
+
+ Com_Printf("Client %i connecting with %i challenge ping\n", i, ping);
+ challengeptr->connected = qtrue;
}
newcl = &temp;
@@ -1197,7 +1208,7 @@ void SV_UpdateVoipIgnore(client_t *cl, const char *idstr, qboolean ignore)
/*
==================
-SV_UpdateUserinfo_f
+SV_Voip_f
==================
*/
static void SV_Voip_f( client_t *cl ) {
@@ -1390,7 +1401,7 @@ static void SV_UserMove( client_t *cl, msg_t *msg, qboolean delta ) {
// also use the message acknowledge
key ^= cl->messageAcknowledge;
// also use the last acknowledged server command in the key
- key ^= Com_HashKey(cl->reliableCommands[ cl->reliableAcknowledge & (MAX_RELIABLE_COMMANDS-1) ], 32);
+ key ^= MSG_HashKey(cl->reliableCommands[ cl->reliableAcknowledge & (MAX_RELIABLE_COMMANDS-1) ], 32);
Com_Memset( &nullcmd, 0, sizeof(nullcmd) );
oldcmd = &nullcmd;