/* ================= SV_UserinfoChanged Pull specific info from a newly changed userinfo string into a more C friendly form. ================= */ void SV_UserinfoChanged( client_t *cl ) { const char *val; int i; // name for C code Q_strncpyz( cl->name, Info_ValueForKey( cl->userinfo, "name" ), sizeof( cl->name ) ); // rate command // if the client is on the same subnet as the server and we aren't running an // Internet server, assume that they don't need a rate choke if ( Sys_IsLANAddress( cl->netchan.remoteAddress ) && SV_Private(ServerPrivate::LanOnly) && sv_lanForceRate->integer == 1 ) { cl->rate = 99999; // lans should not rate limit } else { val = Info_ValueForKey( cl->userinfo, "rate" ); if ( strlen( val ) ) { i = atoi( val ); cl->rate = i; if ( cl->rate < 1000 ) { cl->rate = 1000; } else if ( cl->rate > 90000 ) { cl->rate = 90000; } } else { cl->rate = 5000; } } // snaps command val = Info_ValueForKey( cl->userinfo, "snaps" ); if ( strlen( val ) ) { i = atoi( val ); if ( i < 1 ) { i = 1; } else if ( i > sv_fps->integer ) { i = sv_fps->integer; } cl->snapshotMsec = 1000 / i; } else { cl->snapshotMsec = 50; } // TTimo // maintain the IP information // this is set in SV_DirectConnect (directly on the server, not transmitted), may be lost when client updates its userinfo // the banning code relies on this being consistently present // zinx - modified to always keep this consistent, instead of only // when "ip" is 0-length, so users can't supply their own IP address //Log::Debug("Maintain IP address in userinfo for '%s'", cl->name); if ( !NET_IsLocalAddress( cl->netchan.remoteAddress ) ) { Info_SetValueForKey( cl->userinfo, "ip", NET_AdrToString( cl->netchan.remoteAddress ), false ); #ifdef HAVE_GEOIP Info_SetValueForKey( cl->userinfo, "geoip", NET_GeoIP_Country( &cl->netchan.remoteAddress ), false ); #endif } else { // force the "ip" info key to "loopback" for local clients Info_SetValueForKey( cl->userinfo, "ip", "loopback", false ); #ifdef HAVE_GEOIP Info_SetValueForKey( cl->userinfo, "geoip", nullptr, false ); #endif } }
/* ================== SV_DirectConnect A "connect" OOB command has been received ================== */ void SV_DirectConnect( netadr_t from, const Cmd::Args& args ) { if ( args.Argc() < 2 ) { return; } Log::Debug( "SVC_DirectConnect ()" ); InfoMap userinfo = InfoStringToMap(args.Argv(1)); // DHM - Nerve :: Update Server allows any protocol to connect // NOTE TTimo: but we might need to store the protocol around for potential non http/ftp clients int version = atoi( userinfo["protocol"].c_str() ); if ( version != PROTOCOL_VERSION ) { Net::OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\nServer uses protocol version %i (yours is %i).", PROTOCOL_VERSION, version ); Log::Debug( " rejected connect from version %i", version ); return; } int qport = atoi( userinfo["qport"].c_str() ); auto clients_begin = svs.clients; auto clients_end = clients_begin + sv_maxclients->integer; client_t* reconnecting = std::find_if(clients_begin, clients_end, [&from, qport](const client_t& client) { return NET_CompareBaseAdr( from, client.netchan.remoteAddress ) && ( client.netchan.qport == qport || from.port == client.netchan.remoteAddress.port ); } ); if ( reconnecting != clients_end && svs.time - reconnecting->lastConnectTime < sv_reconnectlimit->integer * 1000 ) { Log::Debug( "%s: reconnect rejected: too soon", NET_AdrToString( from ) ); return; } if ( NET_IsLocalAddress( from ) ) { userinfo["ip"] = "loopback"; } else { // see if the challenge is valid (local clients don't need to challenge) Challenge::Duration ping_duration; if ( !ChallengeManager::MatchString( from, userinfo["challenge"], &ping_duration ) ) { Net::OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\n[err_dialog]No or bad challenge for address." ); return; } userinfo["ip"] = NET_AdrToString( from ); } client_t *new_client = nullptr; // if there is already a slot for this IP address, reuse it if ( reconnecting != clients_end ) { Log::Notice( "%s:reconnect\n", NET_AdrToString( from ) ); new_client = reconnecting; } else { // find a client slot // if "sv_privateClients" is set > 0, then that number // of client slots will be reserved for connections that // have "password" set to the value of "sv_privatePassword" // Info requests will report the maxclients as if the private // slots didn't exist, to prevent people from trying to connect // to a full server. // This is to allow us to reserve a couple slots here on our // servers so we can play without having to kick people. // check for privateClient password int startIndex = 0; if ( userinfo["password"] != sv_privatePassword->string ) { // skip past the reserved slots startIndex = sv_privateClients->integer; } new_client = std::find_if(clients_begin, clients_end, [](const client_t& client) { return client.state == clientState_t::CS_FREE; }); if ( new_client == clients_end ) { if ( NET_IsLocalAddress( from ) ) { int count = std::count_if(clients_begin+startIndex, clients_end, [](const client_t& client) { return SV_IsBot(&client); } ); // if they're all bots if ( count >= sv_maxclients->integer - startIndex ) { SV_DropClient( &svs.clients[ sv_maxclients->integer - 1 ], "only bots on server" ); new_client = &svs.clients[ sv_maxclients->integer - 1 ]; } else { Com_Error( errorParm_t::ERR_FATAL, "server is full on local connect" ); } } else { Net::OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\n%s", sv_fullmsg->string ); Log::Debug( "Rejected a connection." ); return; } } } // build a new connection // accept the new client // this is the only place a client_t is ever initialized memset( new_client, 0, sizeof( client_t ) ); int clientNum = new_client - svs.clients; #ifdef HAVE_GEOIP const char * country = NET_GeoIP_Country( &from ); if ( country ) { Log::Notice( "Client %i connecting from %s\n", clientNum, country ); userinfo["geoip"] = country; } else { Log::Notice( "Client %i connecting from somewhere unknown\n", clientNum ); } #else Log::Notice( "Client %i connecting\n", clientNum ); #endif new_client->gentity = SV_GentityNum( clientNum ); new_client->gentity->r.svFlags = 0; // save the address Netchan_Setup( netsrc_t::NS_SERVER, &new_client->netchan, from, qport ); // init the netchan queue // Save the pubkey Q_strncpyz( new_client->pubkey, userinfo["pubkey"].c_str(), sizeof( new_client->pubkey ) ); userinfo.erase("pubkey"); // save the userinfo Q_strncpyz( new_client->userinfo, InfoMapToString(userinfo).c_str(), sizeof( new_client->userinfo ) ); // get the game a chance to reject this connection or modify the userinfo char reason[ MAX_STRING_CHARS ]; if ( gvm.GameClientConnect( reason, sizeof( reason ), clientNum, true, false ) ) { Net::OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\n[err_dialog]%s", reason ); Log::Debug( "Game rejected a connection: %s.", reason ); return; } SV_UserinfoChanged( new_client ); // send the connect packet to the client Net::OutOfBandPrint( netsrc_t::NS_SERVER, from, "connectResponse" ); Log::Debug( "Going from CS_FREE to CS_CONNECTED for %s", new_client->name ); new_client->state = clientState_t::CS_CONNECTED; new_client->nextSnapshotTime = svs.time; new_client->lastPacketTime = svs.time; new_client->lastConnectTime = svs.time; // when we receive the first packet from the client, we will // notice that it is from a different serverid and that the // gamestate message was not just sent, forcing a retransmit new_client->gamestateMessageNum = -1; // if this was the first client on the server, or the last client // the server can hold, send a heartbeat to the master. int count = std::count_if(clients_begin, clients_end, [](const client_t& client) { return client.state >= clientState_t::CS_CONNECTED; }); if ( count == 1 || count == sv_maxclients->integer ) { SV_Heartbeat_f(); } }
/* ================== SV_DirectConnect A "connect" OOB command has been received ================== */ void SV_DirectConnect( netadr_t from, const Cmd::Args& args ) { char userinfo[ MAX_INFO_STRING ]; int i; client_t *cl, *newcl; client_t temp; sharedEntity_t *ent; int clientNum; int version; int qport; int challenge; const char *password; int startIndex; bool denied; char reason[ MAX_STRING_CHARS ]; int count; const char *ip; #ifdef HAVE_GEOIP const char *country = nullptr; #endif if ( args.Argc() < 2 ) { return; } Log::Debug( "SVC_DirectConnect ()" ); Q_strncpyz( userinfo, args.Argv(1).c_str(), sizeof( userinfo ) ); // DHM - Nerve :: Update Server allows any protocol to connect // NOTE TTimo: but we might need to store the protocol around for potential non http/ftp clients version = atoi( Info_ValueForKey( userinfo, "protocol" ) ); if ( version != PROTOCOL_VERSION ) { NET_OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\nServer uses protocol version %i (yours is %i).", PROTOCOL_VERSION, version ); Log::Debug( " rejected connect from version %i", version ); return; } challenge = atoi( Info_ValueForKey( userinfo, "challenge" ) ); qport = atoi( Info_ValueForKey( userinfo, "qport" ) ); // quick reject for ( i = 0, cl = svs.clients; i < sv_maxclients->integer; i++, cl++ ) { // DHM - Nerve :: This check was allowing clients to reconnect after zombietime(2 secs) //if ( cl->state == CS_FREE ) { //continue; //} if ( NET_CompareBaseAdr( from, cl->netchan.remoteAddress ) && ( cl->netchan.qport == qport || from.port == cl->netchan.remoteAddress.port ) ) { if ( ( svs.time - cl->lastConnectTime ) < ( sv_reconnectlimit->integer * 1000 ) ) { Log::Debug( "%s: reconnect rejected: too soon", NET_AdrToString( from ) ); return; } break; } } if ( NET_IsLocalAddress( from ) ) { ip = "localhost"; } else { ip = NET_AdrToString( from ); } if ( ( strlen( ip ) + strlen( userinfo ) + 4 ) >= MAX_INFO_STRING ) { NET_OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\nUserinfo string length exceeded. " "Try removing setu cvars from your config." ); return; } Info_SetValueForKey( userinfo, "ip", ip, false ); // see if the challenge is valid (local clients don't need to challenge) if ( !NET_IsLocalAddress( from ) ) { int ping; for ( i = 0; i < MAX_CHALLENGES; i++ ) { if ( NET_CompareAdr( from, svs.challenges[ i ].adr ) ) { if ( challenge == svs.challenges[ i ].challenge ) { break; // good } } } if ( i == MAX_CHALLENGES ) { NET_OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\n[err_dialog]No or bad challenge for address." ); return; } // force the IP address key/value pair, so the game can filter based on it Info_SetValueForKey( userinfo, "ip", NET_AdrToString( from ), false ); if ( svs.challenges[ i ].firstPing == 0 ) { ping = svs.time - svs.challenges[ i ].pingTime; svs.challenges[ i ].firstPing = ping; } else { ping = svs.challenges[ i ].firstPing; } #ifdef HAVE_GEOIP country = NET_GeoIP_Country( &from ); if ( country ) { Log::Notice( "Client %i connecting from %s with %i challenge ping\n", i, country, ping ); } else { Log::Notice( "Client %i connecting from somewhere unknown with %i challenge ping\n", i, ping ); } #else Log::Notice( "Client %i connecting with %i challenge ping\n", i, ping ); #endif svs.challenges[ i ].connected = true; // never reject a LAN client based on ping if ( !Sys_IsLANAddress( from ) ) { if ( sv_minPing->value && ping < sv_minPing->value ) { NET_OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\n[err_dialog]Server is for high pings only" ); Log::Debug( "Client %i rejected on a too low ping", i ); return; } if ( sv_maxPing->value && ping > sv_maxPing->value ) { NET_OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\n[err_dialog]Server is for low pings only" ); Log::Debug( "Client %i rejected on a too high ping: %i", i, ping ); return; } } } else { // force the "ip" info key to "localhost" Info_SetValueForKey( userinfo, "ip", "localhost", false ); } newcl = &temp; memset( newcl, 0, sizeof( client_t ) ); // if there is already a slot for this IP address, reuse it for ( i = 0, cl = svs.clients; i < sv_maxclients->integer; i++, cl++ ) { if ( cl->state == clientState_t::CS_FREE ) { continue; } if ( NET_CompareBaseAdr( from, cl->netchan.remoteAddress ) && ( cl->netchan.qport == qport || from.port == cl->netchan.remoteAddress.port ) ) { Log::Notice( "%s:reconnect\n", NET_AdrToString( from ) ); newcl = cl; // this doesn't work because it nukes the players userinfo // // disconnect the client from the game first so any flags the // // player might have are dropped // VM_Call( gvm, GAME_CLIENT_DISCONNECT, newcl - svs.clients ); // goto gotnewcl; } } // find a client slot // if "sv_privateClients" is set > 0, then that number // of client slots will be reserved for connections that // have "password" set to the value of "sv_privatePassword" // Info requests will report the maxclients as if the private // slots didn't exist, to prevent people from trying to connect // to a full server. // This is to allow us to reserve a couple slots here on our // servers so we can play without having to kick people. // check for privateClient password password = Info_ValueForKey( userinfo, "password" ); if ( !strcmp( password, sv_privatePassword->string ) ) { startIndex = 0; } else { // skip past the reserved slots startIndex = sv_privateClients->integer; } newcl = nullptr; for ( i = startIndex; i < sv_maxclients->integer; i++ ) { cl = &svs.clients[ i ]; if ( cl->state == clientState_t::CS_FREE ) { newcl = cl; break; } } if ( !newcl ) { if ( NET_IsLocalAddress( from ) ) { count = 0; for ( i = startIndex; i < sv_maxclients->integer; i++ ) { cl = &svs.clients[ i ]; if ( SV_IsBot(cl) ) { count++; } } // if they're all bots if ( count >= sv_maxclients->integer - startIndex ) { SV_DropClient( &svs.clients[ sv_maxclients->integer - 1 ], "only bots on server" ); newcl = &svs.clients[ sv_maxclients->integer - 1 ]; } else { Com_Error( errorParm_t::ERR_FATAL, "server is full on local connect" ); } } else { NET_OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\n%s", sv_fullmsg->string ); Log::Debug( "Rejected a connection." ); return; } } // we got a newcl, so reset the reliableSequence and reliableAcknowledge cl->reliableAcknowledge = 0; cl->reliableSequence = 0; gotnewcl: // build a new connection // accept the new client // this is the only place a client_t is ever initialized *newcl = std::move(temp); clientNum = newcl - svs.clients; ent = SV_GentityNum( clientNum ); newcl->gentity = ent; ent->r.svFlags = 0; #ifdef HAVE_GEOIP if ( country ) { Info_SetValueForKey( userinfo, "geoip", country, false ); } #endif // save the challenge newcl->challenge = challenge; // save the address Netchan_Setup( netsrc_t::NS_SERVER, &newcl->netchan, from, qport ); // init the netchan queue // Save the pubkey Q_strncpyz( newcl->pubkey, Info_ValueForKey( userinfo, "pubkey" ), sizeof( newcl->pubkey ) ); Info_RemoveKey( userinfo, "pubkey", false ); // save the userinfo Q_strncpyz( newcl->userinfo, userinfo, sizeof( newcl->userinfo ) ); // get the game a chance to reject this connection or modify the userinfo denied = gvm.GameClientConnect( reason, sizeof( reason ), clientNum, true, false ); // firstTime = true if ( denied ) { NET_OutOfBandPrint( netsrc_t::NS_SERVER, from, "print\n[err_dialog]%s", reason ); Log::Debug( "Game rejected a connection: %s.", reason ); return; } SV_UserinfoChanged( newcl ); // DHM - Nerve :: Clear out firstPing now that client is connected svs.challenges[ i ].firstPing = 0; // send the connect packet to the client NET_OutOfBandPrint( netsrc_t::NS_SERVER, from, "connectResponse" ); Log::Debug( "Going from CS_FREE to CS_CONNECTED for %s", newcl->name ); newcl->state = clientState_t::CS_CONNECTED; newcl->nextSnapshotTime = svs.time; newcl->lastPacketTime = svs.time; newcl->lastConnectTime = svs.time; // when we receive the first packet from the client, we will // notice that it is from a different serverid and that the // gamestate message was not just sent, forcing a retransmit newcl->gamestateMessageNum = -1; // if this was the first client on the server, or the last client // the server can hold, send a heartbeat to the master. count = 0; for ( i = 0, cl = svs.clients; i < sv_maxclients->integer; i++, cl++ ) { if ( svs.clients[ i ].state >= clientState_t::CS_CONNECTED ) { count++; } } if ( count == 1 || count == sv_maxclients->integer ) { SV_Heartbeat_f(); } }