BOOL LLTemplateMessageReader::validateMessage(const U8* buffer,
S32 buffer_size,
const LLHost& sender,
bool trusted)
{
mReceiveSize = buffer_size;
BOOL valid = decodeTemplate(buffer, buffer_size, &mCurrentRMessageTemplate );
if(valid)
{
mCurrentRMessageTemplate->mReceiveCount++;
//lldebugs << "MessageRecvd:"
// << mCurrentRMessageTemplate->mName
// << " from " << sender << llendl;
}
if (valid && isBanned(trusted))
{
LL_WARNS("Messaging") << "LLMessageSystem::checkMessages "
<< "received banned message "
<< getMessageName()
<< " from "
<< ((trusted) ? "trusted " : "untrusted ")
<< sender << llendl;
valid = FALSE;
}
if(valid && isUdpBanned())
{
llwarns << "Received UDP black listed message "
<< getMessageName()
<< " from " << sender << llendl;
valid = FALSE;
}
return valid;
}
Http::Response AbstractWebApplication::processRequest(const Http::Request &request, const Http::Environment &env)
{
session_ = 0;
request_ = request;
env_ = env;
// clear response
clear();
// avoid clickjacking attacks
header(Http::HEADER_X_FRAME_OPTIONS, "SAMEORIGIN");
header(Http::HEADER_X_XSS_PROTECTION, "1; mode=block");
header(Http::HEADER_X_CONTENT_TYPE_OPTIONS, "nosniff");
header(Http::HEADER_CONTENT_SECURITY_POLICY, "default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; object-src 'none';");
// block cross-site requests
if (isCrossSiteRequest(request_)) {
status(401, "Unauthorized");
return response();
}
sessionInitialize();
if (!sessionActive() && !isAuthNeeded())
sessionStart();
if (isBanned()) {
status(403, "Forbidden");
print(QObject::tr("Your IP address has been banned after too many failed authentication attempts."), Http::CONTENT_TYPE_TXT);
}
else {
doProcessRequest();
}
return response();
}
HttpResponse AbstractRequestHandler::run()
{
response_ = HttpResponse();
if (isBanned())
{
status(403, "Forbidden");
print(QObject::tr("Your IP address has been banned after too many failed authentication attempts."), CONTENT_TYPE_TXT);
}
else
{
processRequest();
}
return response_;
}
Http::Response AbstractWebApplication::processRequest(const Http::Request &request, const Http::Environment &env)
{
session_ = 0;
request_ = request;
env_ = env;
clear(); // clear response
sessionInitialize();
if (!sessionActive() && !isAuthNeeded())
sessionStart();
if (isBanned()) {
status(403, "Forbidden");
print(QObject::tr("Your IP address has been banned after too many failed authentication attempts."), Http::CONTENT_TYPE_TXT);
}
else {
processRequest();
}
return response();
}
void CityRegionImplementation::cleanupCitizens() {
Locker slocker(&structureListMutex);
SortedVector<uint64> ownerIds;
ownerIds.setNoDuplicateInsertPlan();
for (int i = 0; i < completeStructureList.size(); ++i) {
uint64 oid = completeStructureList.get(i);
ManagedReference<BuildingObject*> building = Core::getObjectBroker()->lookUp(oid).castTo<BuildingObject*>();
if (building != NULL) {
if (building->isResidence()) {
uint64 owner = building->getOwnerObjectID();
ownerIds.put(owner);
}
}
}
SortedVector<uint64> removeIds;
removeIds.setNoDuplicateInsertPlan();
for (int i = 0; i < citizenList.size(); ++i) {
uint64 id = citizenList.get(i);
if (!ownerIds.contains(id))
removeIds.put(id);
else if (isBanned(id))
removeBannedPlayer(id);
}
for (int i = 0; i < removeIds.size(); ++i) {
removeCitizen(removeIds.get(i));
}
if(getMayorID() != 0 && !isCitizen(getMayorID()))
addCitizen(getMayorID());
}
void CityRegionImplementation::applySpecializationModifiers(CreatureObject* creature) {
if (getZone() == NULL)
return;
CityManager* cityManager = getZone()->getZoneServer()->getCityManager();
CitySpecialization* cityspec = cityManager->getCitySpecialization(citySpecialization);
if (cityspec == NULL)
return;
if (isBanned(creature->getObjectID())) {
return;
}
Reference<CreatureObject*> creatureReference = creature;
Reference<CityRegion*> city = _this.getReferenceUnsafeStaticCast();
typedef VectorMap<String, int> SkillMods;
typedef VectorMapEntry<String, int> SkillModsEntry;
EXECUTE_ORDERED_TASK_3(creature, creatureReference, cityspec, city, {
Locker locker(creatureReference_p);
//Remove all current city skillmods
creatureReference_p->removeAllSkillModsOfType(SkillModManager::CITY);
SkillMods* mods = cityspec_p->getSkillMods();
for (int i = 0; i < mods->size(); ++i) {
SkillModsEntry& entry = mods->elementAt(i);
if (entry.getKey() == "private_defense" && !city_p->isMilitiaMember(creatureReference_p->getObjectID()))
continue;
creatureReference_p->addSkillMod(SkillModManager::CITY, entry.getKey(), entry.getValue());
}
});
void CUser::SelectCharacter(Packet & pkt)
{
Packet result(WIZ_SEL_CHAR);
uint8 bResult, bInit;
if (isBanned())
{
Disconnect();
return;
}
pkt >> bResult >> bInit;
result << bResult;
if (bResult == 0 || !GetZoneID())
goto fail_return;
m_pMap = g_pMain->GetZoneByID(GetZoneID());
if (GetMap() == nullptr)
goto fail_return;
if (g_pMain->m_nServerNo != GetMap()->m_nServerNo)
{
_ZONE_SERVERINFO *pInfo = g_pMain->m_ServerArray.GetData(GetMap()->m_nServerNo);
if (pInfo == nullptr)
goto fail_return;
SendServerChange(pInfo->strServerIP, bInit);
return;
}
if (!g_pMain->isWarOpen() && GetFame() == COMMAND_CAPTAIN)
m_bFame = CHIEF;
// Disallow players from relogging in the opposite nation's home zone when an invasion's not running.
if (((GetZoneID() != GetNation() && GetZoneID() <= ZONE_ELMORAD && !g_pMain->m_byBattleOpen)
// also disallow players from logging back into war zones that aren't currently active...
|| (GetMap()->isWarZone() && !g_pMain->m_byBattleOpen)
// Chaos, bdw and juraid montuain
|| isInTempleEventZone()
// Ronark Land, Ardream, RLB, Bifrost, Krowaz Dominion.
|| (g_pMain->m_byBattleOpen && (GetZoneID() == ZONE_RONARK_LAND
|| GetZoneID() == ZONE_ARDREAM
|| GetZoneID() == ZONE_RONARK_LAND_BASE
|| GetZoneID() == ZONE_BIFROST
|| GetZoneID() == ZONE_KROWAZ_DOMINION))) && !isGM())
{
NativeZoneReturn();
Disconnect();
return;
}
SetLogInInfoToDB(bInit);
result << GetZoneID() << GetSPosX() << GetSPosZ() << GetSPosY() << g_pMain->m_byOldVictory;
m_bSelectedCharacter = true;
Send(&result);
SetUserAbility(false);
if (GetLevel() > MAX_LEVEL)
{
Disconnect();
return;
}
m_iMaxExp = g_pMain->GetExpByLevel(GetLevel());
SetRegion(GetNewRegionX(), GetNewRegionZ());
if (GetClanID() == -1)
{
SetClanID(0);
m_bFame = 0;
return;
}
else if (GetClanID() != 0
&& GetZoneID() > 2)
{
result.Initialize(WIZ_KNIGHTS_PROCESS);
result << uint8(KNIGHTS_LIST_REQ) << GetClanID();
g_pMain->AddDatabaseRequest(result, this);
}
return;
fail_return:
Send(&result);
}
// Server is started, lets run our loop :D
void CWorldServer::ServerLoop( )
{
fd_set fds;
int activity;
maxfd = 0;
sockaddr_in ClientInfo;
SOCKET NewSocket;
timeval timeout;
maxfd = sock;
OnServerStep();
//LMA BEGIN
//MySQL Ping (every hour)
//20070623, 221000
UINT time_last_ping=clock();
UINT delay_ping=3600000;
//LMA END
do
{
//LMA BEGIN
//MySQL Ping
//20070623, 221000
UINT etime = (UINT)round((clock( ) - time_last_ping));
if(etime>=delay_ping)
{
time_last_ping=clock();
Ping();
}
//LMA END
timeout.tv_sec = 0;
timeout.tv_usec = 1000;
NewSocket = INVALID_SOCKET;
FD_ZERO( &fds );
pthread_mutex_lock( &PlayerMutex );
if(!Config.usethreads)
FillFDS( &fds );
FD_SET( sock, &fds );
activity = select( maxfd+1, &fds, NULL, NULL, &timeout );
if ( activity == 0 )
{
pthread_mutex_unlock( &PlayerMutex );
#ifdef _WIN32
Sleep(1);
#else
usleep(1);
#endif
continue;
}
if ( activity < 0 && errno != EINTR )
{
#ifdef _WIN32
Log( MSG_ERROR, "Select command failed. Error #%i", WSAGetLastError() );
#else
Log( MSG_ERROR, "Select command failed. Error #%i", errno );
#endif
isActive = false;
}
if ( FD_ISSET( sock, &fds ) && ConnectedClients < 1024 )
{
int clientinfolen = sizeof( sockaddr_in );
#ifdef _WIN32
NewSocket = accept( sock, (sockaddr*)&ClientInfo, (int*)&clientinfolen );
#else
NewSocket = accept( sock, (sockaddr*)&ClientInfo, (socklen_t*)&clientinfolen );
#endif
// TODO: check if server is full
if (NewSocket != INVALID_SOCKET)
{
if(!isBanned(&ClientInfo))
AddUser( NewSocket, &ClientInfo );
else
{
Log( MSG_WARNING, "Banned client tried to connect: %s", inet_ntoa( ClientInfo.sin_addr ) );
close( NewSocket );
}
}
else
{
#ifdef _WIN32
Log( MSG_ERROR, "Error accepting socket: %i", WSAGetLastError() );
#else
Log( MSG_ERROR, "Error accepting socket: %i", errno );
#endif
}
}
if(!Config.usethreads)
HandleClients( &fds );
pthread_mutex_unlock( &PlayerMutex );
#ifdef _WIN32
Sleep(1);
#else
usleep(1);
#endif
} while( isActive );
}
void CUser::SelectCharacter(Packet & pkt)
{
Packet result(WIZ_SEL_CHAR);
uint8 bResult, bInit;
if (isBanned())
{
Disconnect();
return;
}
pkt >> bResult >> bInit;
result << bResult;
if (bResult == 0 || !GetZoneID())
goto fail_return;
m_pMap = g_pMain->GetZoneByID(GetZoneID());
if (GetMap() == NULL)
goto fail_return;
// Temporarily convert the old quest storage format to the new one.
// This won't be necessary when Aujard's out of the picture.
m_questMap.clear();
for (int i = 0, index = 0; i < m_pUserData->m_sQuestCount; i++)
{
uint16 sQuestID = GetShort(m_pUserData->m_bstrQuest, index);
uint8 bQuestState = GetByte(m_pUserData->m_bstrQuest, index);
m_questMap.insert(std::make_pair(sQuestID, bQuestState));
}
if (g_pMain->m_nServerNo != GetMap()->m_nServerNo)
{
_ZONE_SERVERINFO *pInfo = g_pMain->m_ServerArray.GetData(GetMap()->m_nServerNo);
if (pInfo == NULL)
goto fail_return;
SendServerChange(pInfo->strServerIP, bInit);
return;
}
if (g_pMain->m_byBattleOpen == NO_BATTLE && getFame() == COMMAND_CAPTAIN)
m_pUserData->m_bFame = CHIEF;
if ((GetZoneID() != GetNation() && GetZoneID() < 3 && !g_pMain->m_byBattleOpen)
|| (GetZoneID() == ZONE_BATTLE && (g_pMain->m_byBattleOpen != NATION_BATTLE))
|| (GetZoneID() == ZONE_SNOW_BATTLE && (g_pMain->m_byBattleOpen != SNOW_BATTLE))
|| (GetZoneID() == ZONE_FRONTIER && g_pMain->m_byBattleOpen))
{
NativeZoneReturn();
Disconnect();
return;
}
SetLogInInfoToDB(bInit);
result << GetZoneID() << GetSPosX() << GetSPosZ() << GetSPosY() << g_pMain->m_byOldVictory;
m_bSelectedCharacter = true;
Send(&result);
SetSlotItemValue();
SetUserAbility(false);
if (GetLevel() > MAX_LEVEL)
{
Disconnect();
return;
}
m_iMaxExp = g_pMain->GetExpByLevel(GetLevel());
SetRegion(GetNewRegionX(), GetNewRegionZ());
if (GetClanID() == -1)
{
SetClanID(0);
m_pUserData->m_bFame = 0;
return;
}
else if (GetClanID() != 0)
{
CKnights* pKnights = g_pMain->GetClanPtr( GetClanID() );
if (pKnights != NULL)
{
g_pMain->m_KnightsManager.SetKnightsUser( GetClanID(), m_pUserData->m_id );
}
else if (GetZoneID() > 2)
{
result.Initialize(WIZ_KNIGHTS_PROCESS);
result << uint8(KNIGHTS_LIST_REQ) << GetClanID();
g_pMain->m_LoggerSendQueue.PutData(&result, GetSocketID());
}
}
return;
fail_return:
Send(&result);
}
void CUser::SelectCharacter(Packet & pkt)
{
Packet result(WIZ_SEL_CHAR);
uint8 bResult, bInit;
if (isBanned())
{
Disconnect();
return;
}
pkt >> bResult >> bInit;
result << bResult;
if (bResult == 0 || !GetZoneID())
goto fail_return;
m_pMap = g_pMain->GetZoneByID(GetZoneID());
if (GetMap() == nullptr)
goto fail_return;
if (g_pMain->m_nServerNo != GetMap()->m_nServerNo)
{
_ZONE_SERVERINFO *pInfo = g_pMain->m_ServerArray.GetData(GetMap()->m_nServerNo);
if (pInfo == nullptr)
goto fail_return;
SendServerChange(pInfo->strServerIP, bInit);
return;
}
if (g_pMain->m_byBattleOpen == NO_BATTLE && GetFame() == COMMAND_CAPTAIN)
m_bFame = CHIEF;
if ((GetZoneID() != GetNation() && GetZoneID() < 3 && !g_pMain->m_byBattleOpen)
|| (GetZoneID() == ZONE_BATTLE && (g_pMain->m_byBattleOpen != NATION_BATTLE))
|| (GetZoneID() == ZONE_SNOW_BATTLE && (g_pMain->m_byBattleOpen != SNOW_BATTLE))
|| (GetZoneID() == ZONE_RONARK_LAND && g_pMain->m_byBattleOpen))
{
NativeZoneReturn();
Disconnect();
return;
}
SetLogInInfoToDB(bInit);
result << GetZoneID() << GetSPosX() << GetSPosZ() << GetSPosY() << g_pMain->m_byOldVictory;
m_bSelectedCharacter = true;
Send(&result);
SetSlotItemValue();
SetUserAbility(false);
if (GetLevel() > MAX_LEVEL)
{
Disconnect();
return;
}
m_iMaxExp = g_pMain->GetExpByLevel(GetLevel());
SetRegion(GetNewRegionX(), GetNewRegionZ());
if (GetClanID() == -1)
{
SetClanID(0);
m_bFame = 0;
return;
}
else if (GetClanID() != 0
&& GetZoneID() > 2)
{
result.Initialize(WIZ_KNIGHTS_PROCESS);
result << uint8(KNIGHTS_LIST_REQ) << GetClanID();
g_pMain->AddDatabaseRequest(result, this);
}
return;
fail_return:
Send(&result);
}