diff options
Diffstat (limited to 'src/engine/shared/network.cpp')
| -rw-r--r-- | src/engine/shared/network.cpp | 34 |
1 files changed, 27 insertions, 7 deletions
diff --git a/src/engine/shared/network.cpp b/src/engine/shared/network.cpp index 13d62077..eb1a51dc 100644 --- a/src/engine/shared/network.cpp +++ b/src/engine/shared/network.cpp @@ -58,10 +58,13 @@ int CNetRecvUnpacker::FetchChunk(CNetChunk *pChunk) // handle sequence stuff if(m_pConnection && (Header.m_Flags&NET_CHUNKFLAG_VITAL)) { - if(Header.m_Sequence == (m_pConnection->m_Ack+1)%NET_MAX_SEQUENCE) + // anti spoof: ignore unknown sequence + if(Header.m_Sequence == (m_pConnection->m_Ack+1)%NET_MAX_SEQUENCE || m_pConnection->m_UnknownSeq) { + m_pConnection->m_UnknownSeq = false; + // in sequence - m_pConnection->m_Ack = (m_pConnection->m_Ack+1)%NET_MAX_SEQUENCE; + m_pConnection->m_Ack = Header.m_Sequence; } else { @@ -101,7 +104,7 @@ void CNetBase::SendPacketConnless(NETSOCKET Socket, NETADDR *pAddr, const void * net_udp_send(Socket, pAddr, aBuffer, 6+DataSize); } -void CNetBase::SendPacket(NETSOCKET Socket, NETADDR *pAddr, CNetPacketConstruct *pPacket) +void CNetBase::SendPacket(NETSOCKET Socket, NETADDR *pAddr, CNetPacketConstruct *pPacket, SECURITY_TOKEN SecurityToken) { unsigned char aBuffer[NET_MAX_PACKETSIZE]; int CompressedSize = -1; @@ -117,6 +120,14 @@ void CNetBase::SendPacket(NETSOCKET Socket, NETADDR *pAddr, CNetPacketConstruct io_flush(ms_DataLogSent); } + if (SecurityToken != NET_SECURITY_TOKEN_UNSUPPORTED) + { + // append security token + // if SecurityToken is NET_SECURITY_TOKEN_UNKNOWN we will still append it hoping to negotiate it + mem_copy(&pPacket->m_aChunkData[pPacket->m_DataSize], &SecurityToken, sizeof(SecurityToken)); + pPacket->m_DataSize += sizeof(SecurityToken); + } + // compress CompressedSize = ms_Huffman.Compress(pPacket->m_aChunkData, pPacket->m_DataSize, &aBuffer[3], NET_MAX_PACKETSIZE-4); @@ -161,7 +172,8 @@ int CNetBase::UnpackPacket(unsigned char *pBuffer, int Size, CNetPacketConstruct // check the size if(Size < NET_PACKETHEADERSIZE || Size > NET_MAX_PACKETSIZE) { - dbg_msg("", "packet too small, %d", Size); + if(g_Config.m_Debug) + dbg_msg("", "packet too small, %d", Size); return -1; } @@ -185,7 +197,8 @@ int CNetBase::UnpackPacket(unsigned char *pBuffer, int Size, CNetPacketConstruct { if(Size < 6) { - dbg_msg("", "connection less packet too small, %d", Size); + if(g_Config.m_Debug) + dbg_msg("", "connection less packet too small, %d", Size); return -1; } @@ -198,7 +211,14 @@ int CNetBase::UnpackPacket(unsigned char *pBuffer, int Size, CNetPacketConstruct else { if(pPacket->m_Flags&NET_PACKETFLAG_COMPRESSION) + { + // Don't allow compressed control packets. + if(pPacket->m_Flags&NET_PACKETFLAG_CONTROL) + { + return -1; + } pPacket->m_DataSize = ms_Huffman.Decompress(&pBuffer[3], pPacket->m_DataSize, pPacket->m_aChunkData, sizeof(pPacket->m_aChunkData)); + } else mem_copy(pPacket->m_aChunkData, &pBuffer[3], pPacket->m_DataSize); } @@ -226,7 +246,7 @@ int CNetBase::UnpackPacket(unsigned char *pBuffer, int Size, CNetPacketConstruct } -void CNetBase::SendControlMsg(NETSOCKET Socket, NETADDR *pAddr, int Ack, int ControlMsg, const void *pExtra, int ExtraSize) +void CNetBase::SendControlMsg(NETSOCKET Socket, NETADDR *pAddr, int Ack, int ControlMsg, const void *pExtra, int ExtraSize, SECURITY_TOKEN SecurityToken) { CNetPacketConstruct Construct; Construct.m_Flags = NET_PACKETFLAG_CONTROL; @@ -237,7 +257,7 @@ void CNetBase::SendControlMsg(NETSOCKET Socket, NETADDR *pAddr, int Ack, int Con mem_copy(&Construct.m_aChunkData[1], pExtra, ExtraSize); // send the control message - CNetBase::SendPacket(Socket, pAddr, &Construct); + CNetBase::SendPacket(Socket, pAddr, &Construct, SecurityToken); } |