BOOL LLTemplateMessageReader::validateMessage(const U8* buffer, S32 buffer_size, const LLHost& sender, bool trusted) { mReceiveSize = buffer_size; BOOL valid = decodeTemplate(buffer, buffer_size, &mCurrentRMessageTemplate ); if(valid) { mCurrentRMessageTemplate->mReceiveCount++; //lldebugs << "MessageRecvd:" // << mCurrentRMessageTemplate->mName // << " from " << sender << llendl; } if (valid && isBanned(trusted)) { LL_WARNS("Messaging") << "LLMessageSystem::checkMessages " << "received banned message " << getMessageName() << " from " << ((trusted) ? "trusted " : "untrusted ") << sender << llendl; valid = FALSE; } if(valid && isUdpBanned()) { llwarns << "Received UDP black listed message " << getMessageName() << " from " << sender << llendl; valid = FALSE; } return valid; }
Http::Response AbstractWebApplication::processRequest(const Http::Request &request, const Http::Environment &env) { session_ = 0; request_ = request; env_ = env; // clear response clear(); // avoid clickjacking attacks header(Http::HEADER_X_FRAME_OPTIONS, "SAMEORIGIN"); header(Http::HEADER_X_XSS_PROTECTION, "1; mode=block"); header(Http::HEADER_X_CONTENT_TYPE_OPTIONS, "nosniff"); header(Http::HEADER_CONTENT_SECURITY_POLICY, "default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; object-src 'none';"); // block cross-site requests if (isCrossSiteRequest(request_)) { status(401, "Unauthorized"); return response(); } sessionInitialize(); if (!sessionActive() && !isAuthNeeded()) sessionStart(); if (isBanned()) { status(403, "Forbidden"); print(QObject::tr("Your IP address has been banned after too many failed authentication attempts."), Http::CONTENT_TYPE_TXT); } else { doProcessRequest(); } return response(); }
HttpResponse AbstractRequestHandler::run() { response_ = HttpResponse(); if (isBanned()) { status(403, "Forbidden"); print(QObject::tr("Your IP address has been banned after too many failed authentication attempts."), CONTENT_TYPE_TXT); } else { processRequest(); } return response_; }
Http::Response AbstractWebApplication::processRequest(const Http::Request &request, const Http::Environment &env) { session_ = 0; request_ = request; env_ = env; clear(); // clear response sessionInitialize(); if (!sessionActive() && !isAuthNeeded()) sessionStart(); if (isBanned()) { status(403, "Forbidden"); print(QObject::tr("Your IP address has been banned after too many failed authentication attempts."), Http::CONTENT_TYPE_TXT); } else { processRequest(); } return response(); }
void CityRegionImplementation::cleanupCitizens() { Locker slocker(&structureListMutex); SortedVector<uint64> ownerIds; ownerIds.setNoDuplicateInsertPlan(); for (int i = 0; i < completeStructureList.size(); ++i) { uint64 oid = completeStructureList.get(i); ManagedReference<BuildingObject*> building = Core::getObjectBroker()->lookUp(oid).castTo<BuildingObject*>(); if (building != NULL) { if (building->isResidence()) { uint64 owner = building->getOwnerObjectID(); ownerIds.put(owner); } } } SortedVector<uint64> removeIds; removeIds.setNoDuplicateInsertPlan(); for (int i = 0; i < citizenList.size(); ++i) { uint64 id = citizenList.get(i); if (!ownerIds.contains(id)) removeIds.put(id); else if (isBanned(id)) removeBannedPlayer(id); } for (int i = 0; i < removeIds.size(); ++i) { removeCitizen(removeIds.get(i)); } if(getMayorID() != 0 && !isCitizen(getMayorID())) addCitizen(getMayorID()); }
void CityRegionImplementation::applySpecializationModifiers(CreatureObject* creature) { if (getZone() == NULL) return; CityManager* cityManager = getZone()->getZoneServer()->getCityManager(); CitySpecialization* cityspec = cityManager->getCitySpecialization(citySpecialization); if (cityspec == NULL) return; if (isBanned(creature->getObjectID())) { return; } Reference<CreatureObject*> creatureReference = creature; Reference<CityRegion*> city = _this.getReferenceUnsafeStaticCast(); typedef VectorMap<String, int> SkillMods; typedef VectorMapEntry<String, int> SkillModsEntry; EXECUTE_ORDERED_TASK_3(creature, creatureReference, cityspec, city, { Locker locker(creatureReference_p); //Remove all current city skillmods creatureReference_p->removeAllSkillModsOfType(SkillModManager::CITY); SkillMods* mods = cityspec_p->getSkillMods(); for (int i = 0; i < mods->size(); ++i) { SkillModsEntry& entry = mods->elementAt(i); if (entry.getKey() == "private_defense" && !city_p->isMilitiaMember(creatureReference_p->getObjectID())) continue; creatureReference_p->addSkillMod(SkillModManager::CITY, entry.getKey(), entry.getValue()); } });
void CUser::SelectCharacter(Packet & pkt) { Packet result(WIZ_SEL_CHAR); uint8 bResult, bInit; if (isBanned()) { Disconnect(); return; } pkt >> bResult >> bInit; result << bResult; if (bResult == 0 || !GetZoneID()) goto fail_return; m_pMap = g_pMain->GetZoneByID(GetZoneID()); if (GetMap() == nullptr) goto fail_return; if (g_pMain->m_nServerNo != GetMap()->m_nServerNo) { _ZONE_SERVERINFO *pInfo = g_pMain->m_ServerArray.GetData(GetMap()->m_nServerNo); if (pInfo == nullptr) goto fail_return; SendServerChange(pInfo->strServerIP, bInit); return; } if (!g_pMain->isWarOpen() && GetFame() == COMMAND_CAPTAIN) m_bFame = CHIEF; // Disallow players from relogging in the opposite nation's home zone when an invasion's not running. if (((GetZoneID() != GetNation() && GetZoneID() <= ZONE_ELMORAD && !g_pMain->m_byBattleOpen) // also disallow players from logging back into war zones that aren't currently active... || (GetMap()->isWarZone() && !g_pMain->m_byBattleOpen) // Chaos, bdw and juraid montuain || isInTempleEventZone() // Ronark Land, Ardream, RLB, Bifrost, Krowaz Dominion. || (g_pMain->m_byBattleOpen && (GetZoneID() == ZONE_RONARK_LAND || GetZoneID() == ZONE_ARDREAM || GetZoneID() == ZONE_RONARK_LAND_BASE || GetZoneID() == ZONE_BIFROST || GetZoneID() == ZONE_KROWAZ_DOMINION))) && !isGM()) { NativeZoneReturn(); Disconnect(); return; } SetLogInInfoToDB(bInit); result << GetZoneID() << GetSPosX() << GetSPosZ() << GetSPosY() << g_pMain->m_byOldVictory; m_bSelectedCharacter = true; Send(&result); SetUserAbility(false); if (GetLevel() > MAX_LEVEL) { Disconnect(); return; } m_iMaxExp = g_pMain->GetExpByLevel(GetLevel()); SetRegion(GetNewRegionX(), GetNewRegionZ()); if (GetClanID() == -1) { SetClanID(0); m_bFame = 0; return; } else if (GetClanID() != 0 && GetZoneID() > 2) { result.Initialize(WIZ_KNIGHTS_PROCESS); result << uint8(KNIGHTS_LIST_REQ) << GetClanID(); g_pMain->AddDatabaseRequest(result, this); } return; fail_return: Send(&result); }
// Server is started, lets run our loop :D void CWorldServer::ServerLoop( ) { fd_set fds; int activity; maxfd = 0; sockaddr_in ClientInfo; SOCKET NewSocket; timeval timeout; maxfd = sock; OnServerStep(); //LMA BEGIN //MySQL Ping (every hour) //20070623, 221000 UINT time_last_ping=clock(); UINT delay_ping=3600000; //LMA END do { //LMA BEGIN //MySQL Ping //20070623, 221000 UINT etime = (UINT)round((clock( ) - time_last_ping)); if(etime>=delay_ping) { time_last_ping=clock(); Ping(); } //LMA END timeout.tv_sec = 0; timeout.tv_usec = 1000; NewSocket = INVALID_SOCKET; FD_ZERO( &fds ); pthread_mutex_lock( &PlayerMutex ); if(!Config.usethreads) FillFDS( &fds ); FD_SET( sock, &fds ); activity = select( maxfd+1, &fds, NULL, NULL, &timeout ); if ( activity == 0 ) { pthread_mutex_unlock( &PlayerMutex ); #ifdef _WIN32 Sleep(1); #else usleep(1); #endif continue; } if ( activity < 0 && errno != EINTR ) { #ifdef _WIN32 Log( MSG_ERROR, "Select command failed. Error #%i", WSAGetLastError() ); #else Log( MSG_ERROR, "Select command failed. Error #%i", errno ); #endif isActive = false; } if ( FD_ISSET( sock, &fds ) && ConnectedClients < 1024 ) { int clientinfolen = sizeof( sockaddr_in ); #ifdef _WIN32 NewSocket = accept( sock, (sockaddr*)&ClientInfo, (int*)&clientinfolen ); #else NewSocket = accept( sock, (sockaddr*)&ClientInfo, (socklen_t*)&clientinfolen ); #endif // TODO: check if server is full if (NewSocket != INVALID_SOCKET) { if(!isBanned(&ClientInfo)) AddUser( NewSocket, &ClientInfo ); else { Log( MSG_WARNING, "Banned client tried to connect: %s", inet_ntoa( ClientInfo.sin_addr ) ); close( NewSocket ); } } else { #ifdef _WIN32 Log( MSG_ERROR, "Error accepting socket: %i", WSAGetLastError() ); #else Log( MSG_ERROR, "Error accepting socket: %i", errno ); #endif } } if(!Config.usethreads) HandleClients( &fds ); pthread_mutex_unlock( &PlayerMutex ); #ifdef _WIN32 Sleep(1); #else usleep(1); #endif } while( isActive ); }
void CUser::SelectCharacter(Packet & pkt) { Packet result(WIZ_SEL_CHAR); uint8 bResult, bInit; if (isBanned()) { Disconnect(); return; } pkt >> bResult >> bInit; result << bResult; if (bResult == 0 || !GetZoneID()) goto fail_return; m_pMap = g_pMain->GetZoneByID(GetZoneID()); if (GetMap() == NULL) goto fail_return; // Temporarily convert the old quest storage format to the new one. // This won't be necessary when Aujard's out of the picture. m_questMap.clear(); for (int i = 0, index = 0; i < m_pUserData->m_sQuestCount; i++) { uint16 sQuestID = GetShort(m_pUserData->m_bstrQuest, index); uint8 bQuestState = GetByte(m_pUserData->m_bstrQuest, index); m_questMap.insert(std::make_pair(sQuestID, bQuestState)); } if (g_pMain->m_nServerNo != GetMap()->m_nServerNo) { _ZONE_SERVERINFO *pInfo = g_pMain->m_ServerArray.GetData(GetMap()->m_nServerNo); if (pInfo == NULL) goto fail_return; SendServerChange(pInfo->strServerIP, bInit); return; } if (g_pMain->m_byBattleOpen == NO_BATTLE && getFame() == COMMAND_CAPTAIN) m_pUserData->m_bFame = CHIEF; if ((GetZoneID() != GetNation() && GetZoneID() < 3 && !g_pMain->m_byBattleOpen) || (GetZoneID() == ZONE_BATTLE && (g_pMain->m_byBattleOpen != NATION_BATTLE)) || (GetZoneID() == ZONE_SNOW_BATTLE && (g_pMain->m_byBattleOpen != SNOW_BATTLE)) || (GetZoneID() == ZONE_FRONTIER && g_pMain->m_byBattleOpen)) { NativeZoneReturn(); Disconnect(); return; } SetLogInInfoToDB(bInit); result << GetZoneID() << GetSPosX() << GetSPosZ() << GetSPosY() << g_pMain->m_byOldVictory; m_bSelectedCharacter = true; Send(&result); SetSlotItemValue(); SetUserAbility(false); if (GetLevel() > MAX_LEVEL) { Disconnect(); return; } m_iMaxExp = g_pMain->GetExpByLevel(GetLevel()); SetRegion(GetNewRegionX(), GetNewRegionZ()); if (GetClanID() == -1) { SetClanID(0); m_pUserData->m_bFame = 0; return; } else if (GetClanID() != 0) { CKnights* pKnights = g_pMain->GetClanPtr( GetClanID() ); if (pKnights != NULL) { g_pMain->m_KnightsManager.SetKnightsUser( GetClanID(), m_pUserData->m_id ); } else if (GetZoneID() > 2) { result.Initialize(WIZ_KNIGHTS_PROCESS); result << uint8(KNIGHTS_LIST_REQ) << GetClanID(); g_pMain->m_LoggerSendQueue.PutData(&result, GetSocketID()); } } return; fail_return: Send(&result); }
void CUser::SelectCharacter(Packet & pkt) { Packet result(WIZ_SEL_CHAR); uint8 bResult, bInit; if (isBanned()) { Disconnect(); return; } pkt >> bResult >> bInit; result << bResult; if (bResult == 0 || !GetZoneID()) goto fail_return; m_pMap = g_pMain->GetZoneByID(GetZoneID()); if (GetMap() == nullptr) goto fail_return; if (g_pMain->m_nServerNo != GetMap()->m_nServerNo) { _ZONE_SERVERINFO *pInfo = g_pMain->m_ServerArray.GetData(GetMap()->m_nServerNo); if (pInfo == nullptr) goto fail_return; SendServerChange(pInfo->strServerIP, bInit); return; } if (g_pMain->m_byBattleOpen == NO_BATTLE && GetFame() == COMMAND_CAPTAIN) m_bFame = CHIEF; if ((GetZoneID() != GetNation() && GetZoneID() < 3 && !g_pMain->m_byBattleOpen) || (GetZoneID() == ZONE_BATTLE && (g_pMain->m_byBattleOpen != NATION_BATTLE)) || (GetZoneID() == ZONE_SNOW_BATTLE && (g_pMain->m_byBattleOpen != SNOW_BATTLE)) || (GetZoneID() == ZONE_RONARK_LAND && g_pMain->m_byBattleOpen)) { NativeZoneReturn(); Disconnect(); return; } SetLogInInfoToDB(bInit); result << GetZoneID() << GetSPosX() << GetSPosZ() << GetSPosY() << g_pMain->m_byOldVictory; m_bSelectedCharacter = true; Send(&result); SetSlotItemValue(); SetUserAbility(false); if (GetLevel() > MAX_LEVEL) { Disconnect(); return; } m_iMaxExp = g_pMain->GetExpByLevel(GetLevel()); SetRegion(GetNewRegionX(), GetNewRegionZ()); if (GetClanID() == -1) { SetClanID(0); m_bFame = 0; return; } else if (GetClanID() != 0 && GetZoneID() > 2) { result.Initialize(WIZ_KNIGHTS_PROCESS); result << uint8(KNIGHTS_LIST_REQ) << GetClanID(); g_pMain->AddDatabaseRequest(result, this); } return; fail_return: Send(&result); }