gptbot/0ad
1
0
Fork 0
forked from mirrors/0ad
Code Pull Requests Activity

Netcode: Identify controller client via a secret key

Browse Source 
The 'controller' of an MP game (the host in general, though dedicated
servers would change that) is currently whoever first tells the server
that it is. This can be abused since it relies on trusting the clients.

This changes that logic: the server defines a 'controller secret', and
the first client to sent the correct controller secret is the
controller. This is safe assuming the secret is unknowable enough (the
current solution wouldn't pass strict cryptography tests, but it's
likely good enough).

Reverts 1a3fb29ff3, which introduced the 'trust the clients' mechanic,
as a change over 'the first local IP is controller'.

Necessary step towards dedicated server, if we want to use the regular
gamesetup (Refs #3556)

Differential Revision: https://code.wildfiregames.com/D3075
This was SVN commit r24952.
This commit is contained in:
wraitii
2021-02-27 17:44:59 +00:00
parent 32c3f4fb90
commit 113fefeeb7
14 changed files with 110 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files
source/network/NetClient.cpp
+10 -4
View File
@@ -71,12 +71,11 @@ private:
CNetClient& m_Client;
};
CNetClient::CNetClient(CGame* game, bool isLocalClient) :
CNetClient::CNetClient(CGame* game) :
m_Session(NULL),
m_UserName(L"anonymous"),
m_HostID((u32)-1), m_ClientTurnManager(NULL), m_Game(game),
m_GameAttributes(game->GetSimulation2()->GetScriptInterface().GetGeneralJSContext()),
m_IsLocalClient(isLocalClient),
m_LastConnectionCheck(0),
m_ServerAddress(),
m_ServerPort(0),
@@ -180,10 +179,16 @@ void CNetClient::SetGamePassword(const CStr& hashedPassword)
m_Password = hashedPassword;
}
void CNetClient::SetControllerSecret(const std::string& secret)
{
m_ControllerSecret = secret;
}
bool CNetClient::SetupConnection(ENetHost* enetClient)
{
CNetClientSession* session = new CNetClientSession(*this);
bool ok = session->Connect(m_ServerAddress, m_ServerPort, m_IsLocalClient, enetClient);
bool ok = session->Connect(m_ServerAddress, m_ServerPort, enetClient);
SetAndOwnSession(session);
m_PollingThread = std::thread(Threading::HandleExceptions<CNetClientSession::RunNetLoop>::Wrapper, m_Session);
return ok;
@@ -576,7 +581,7 @@ void CNetClient::SendAuthenticateMessage()
CAuthenticateMessage authenticate;
authenticate.m_Name = m_UserName;
authenticate.m_Password = m_Password;
authenticate.m_IsLocalClient = m_IsLocalClient;
authenticate.m_ControllerSecret = m_ControllerSecret;
SendMessage(&authenticate);
}
@@ -657,6 +662,7 @@ bool CNetClient::OnAuthenticate(void* context, CFsmEvent* event)
client->m_HostID = message->m_HostID;
client->m_Rejoin = message->m_Code == ARC_OK_REJOINING;
client->m_IsController = message->m_IsController;
client->PushGuiMessage(
"type", "netstatus",