void Auth_ChangePassword_f()
{
int uid;
if(Cmd_Argc()!=4) {
Com_Printf("Usage: %s <username> <oldPassword> <newPassword>\n",Cmd_Argv(0));
return;
}
uid = Auth_GetUID(Cmd_Argv(1));
if(uid < 0) {
Com_Printf("Admin %s not found.\n",Cmd_Argv(1));
return;
}
Auth_ChangeAdminPassword(uid,Cmd_Argv(2),Cmd_Argv(3));
}
tcpclientstate_t HL2Rcon_SourceRconAuth(netadr_t *from, msg_t *msg, int *connectionId){
int packetlen;
int packettype;
int packetid;
char* loginstring;
char* username;
char* password;
byte msgbuf[32];
msg_t sendmsg;
rconUser_t* user;
int i;
char buf[MAX_STRING_CHARS];
char stringlinebuf[MAX_STRING_CHARS];
MSG_BeginReading(msg);
packetlen = MSG_ReadLong(msg);
if(packetlen != msg->cursize - 4){//Not a source rcon packet
Com_Printf("Not a source rcon packet: len %d size %d\n", packetlen, msg->cursize);
return TCP_AUTHNOTME;
}
packetid = MSG_ReadLong(msg);
packettype = MSG_ReadLong(msg);
if(packettype != SERVERDATA_AUTH)//Not a source rcon auth-packet
return TCP_AUTHNOTME;
if(SV_PlayerBannedByip(from, buf, sizeof(buf))){
return TCP_AUTHBAD;
}
MSG_Init(&sendmsg, msgbuf, sizeof(msgbuf));
MSG_WriteLong(&sendmsg, 10);
MSG_WriteLong(&sendmsg, 0);
MSG_WriteLong(&sendmsg, SERVERDATA_RESPONSE_VALUE);
MSG_WriteShort(&sendmsg, 0);
if(NET_SendData(from->sock, &sendmsg) < 1)
{
return TCP_AUTHBAD;
}
MSG_Init(&sendmsg, msgbuf, sizeof(msgbuf));
MSG_WriteLong(&sendmsg, 10);
loginstring = MSG_ReadStringLine(msg, stringlinebuf, sizeof(stringlinebuf));
Cmd_TokenizeString(loginstring);
if(Cmd_Argc() != 2){
goto badrcon;
}
username = Cmd_Argv(0);
password = Cmd_Argv(1);
if(strlen(password) < 6){
goto badrcon;
}
if(Auth_Authorize(username, password) < 0)
{
goto badrcon;
}
Com_Printf("Rcon login from: %s Name: %s\n", NET_AdrToString (from), username);
Cmd_EndTokenizedString();
for(i = 0, user = sourceRcon.activeRconUsers; i < MAX_RCONUSERS; i++, user++){
if(user->remote.type == NA_BAD)
break;
}
if(i == MAX_RCONUSERS){
return TCP_AUTHBAD; //Close connection
}
user->remote = *from;
user->uid = Auth_GetUID(username);
// user->rconPower = login->power;
Q_strncpyz(user->rconUsername, username, sizeof(user->rconUsername));
user->streamchat = 0;
user->streamlog = 0;
user->lastpacketid = packetid;
*connectionId = i;
MSG_WriteLong(&sendmsg, user->lastpacketid);
MSG_WriteLong(&sendmsg, SERVERDATA_AUTH_RESPONSE);
MSG_WriteShort(&sendmsg, 0);
if(NET_SendData(from->sock, &sendmsg) < 1)
{
return TCP_AUTHBAD;
}
return TCP_AUTHSUCCESSFULL;
badrcon:
Cmd_EndTokenizedString();
Com_Printf ("Bad rcon from %s (TCP)\n", NET_AdrToString (from) );
//Don't allow another attempt for 20 seconds
SV_PlayerAddBanByip(from, "Bad rcon", 0, NULL, 0, Com_GetRealtime() + 20);
MSG_Init(&sendmsg, msgbuf, sizeof(msgbuf));
MSG_WriteLong(&sendmsg, 10);
MSG_WriteLong(&sendmsg, -1);
MSG_WriteLong(&sendmsg, SERVERDATA_AUTH_RESPONSE);
MSG_WriteShort(&sendmsg, 0);
NET_SendData(from->sock, &sendmsg);
return TCP_AUTHBAD;
}
void Webadmin_BuildMessage(msg_t* msg, const char* username, qboolean invalidloginattempt, const char* banmsg, const char* url, httpPostVals_t* values)
{
xml_t xmlbase;
xml_t* xmlobj = &xmlbase;
char actionval[64];
char colorbuf[2048];
const char *postval;
char netadrstr[128];
int uid;
XML_Init(xmlobj, (char*)msg->data, msg->maxsize, "ISO-8859-1");
XO("html");
XO("head");
XO("title");
XA("CoD4X Web Server");
XC;
XO2("link","href","/files/webadmin.css","rel","stylesheet");XC;
XC;
XO("body");
XO1("div","class","container");
XO1("div","class","page-header");
XO("h1");
#ifdef COD4X17A
XA("CoD4 X v1.7a");
#else
XA("CoD4 X v1.8");
#endif
XO("small");
XA(" Web Server");
XC;
XC;
XO("h3");
XA(Webadmin_ConvertToHTMLColor(sv_hostname->string, colorbuf, sizeof(colorbuf)));
XA(" ");
XA(sv_mapname->string);
XC;
XC;
if(!Q_strncmp(url, "/webadmin", 9))
{
if(username == NULL || username[0] == '\0')
{
Webadmin_BuildLoginForm(xmlobj, invalidloginattempt, banmsg);
}else {
if(!Q_strncmp(url +9, "/listadmins", 11))
{
uid = Auth_GetUID(username);
Webadmin_BuildAdminList(xmlobj, uid);
}else {
uid = Auth_GetUID(username);
XO1("div","class","loginusername");
XO1("span","class","label label-primary");
XA("Logged in as: ");XA(username);XA(". ");
XO2("a","href","/webadmin/?action=logout","style","color: #fff");
XA("Log Out");
XC;
XC;
XC;
XO1("div", "class", "col-lg-6 right_line");
XO("h3");XA("Server Status");XC;
XO("hr");XC;
Webadmin_BuildServerStatus(xmlobj, qtrue);
XC;
XO1("div", "class", "col-lg-6 left_line");
XO("h3");XA("Command Console");XC;
XO("hr");XC;
if(Webadmin_GetUrlVal( url, "action", actionval, sizeof(actionval)))//nnjpls
{
if(strcmp(actionval, "sendcmd") == 0)
{
postval = Webadmin_GetPostVal(values, "consolecommand");
if(postval){
XO1("div","class","well");
Webadmin_ConsoleCommand(xmlobj, postval, uid);
XC;
}
}else if (strcmp(actionval, "logout") == 0) {
Auth_WipeSessionId(username);
}else if(strcmp(actionval, "banclient") == 0){
Webadmin_BanClient(xmlobj, values, uid);
}else if(strcmp(actionval, "kickclient") == 0){
Webadmin_KickClient(xmlobj, values, uid);
}
}
XO5("form", "name", "input", "action", "webadmin?action=sendcmd", "method", "post", "class","form-control","id","con_form");
XA("<label for=\"consolecommand\">Send Command</label> <input type=\"text\" name=\"consolecommand\" id=\"consolecommand\">");
XA("<button class=\"givesomespace btn btn-primary btn-xs\" type=\"submit\">Send Command</button>");
XC;
XC;
}
}
}else if(!Q_strncmp(url, "/status", 7)){
XO("h3");XA("Server Status");XC;
XO("hr");XC;
Webadmin_BuildServerStatus(xmlobj,qfalse);
}else {
XO1("h3","align","center");
XA("Where do you want to go?");
XC;
XO1("div","align","center");
XA("<a href=\"/webadmin\" class=\"btn btn-primary givesomespace\">Web Admin</a>");
XA("<a href=\"/status\" class=\"btn btn-primary givesomespace\">Server Status</a>");
XC;
}
XO("p");
XA("Net: ");
XA(NET_GetHostAddress(netadrstr, sizeof(netadrstr)));
XC;
XC;
XC;
XC;
msg->cursize = xmlobj->bufposition;
}