From 9a5a19e7c7b0d4364f32540b012bce970807f9b6 Mon Sep 17 00:00:00 2001
From: NoxNebula <patrick.kl@live.de>
Date: Wed, 2 Jun 2010 04:42:17 +0200
Subject: Admin-Kick-Protection

Add IsAuthed(int ClientID); function.
Add kickprotection for admins (Remote Console logged in players)
Add Anti-Self-Kick (minor)
---
 src/engine/server/server.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/engine/server/server.cpp')

diff --git a/src/engine/server/server.cpp b/src/engine/server/server.cpp
index 05e56a74..b5a01a99 100644
--- a/src/engine/server/server.cpp
+++ b/src/engine/server/server.cpp
@@ -293,6 +293,13 @@ int CServer::Init()
 	return 0;
 }
 
+bool CServer::IsAuthed(int ClientID)
+{
+	if(m_aClients[ClientID].m_Authed)
+		return true;
+	return false;
+}
+
 int CServer::GetClientInfo(int ClientID, CClientInfo *pInfo)
 {
 	dbg_assert(ClientID >= 0 && ClientID < MAX_CLIENTS, "client_id is not valid");
-- 
cgit 1.4.1


From 5988b9d38801f0987f38c99fb944e1a861d07ef3 Mon Sep 17 00:00:00 2001
From: oy <Tom_Adams@web.de>
Date: Thu, 3 Jun 2010 14:48:32 +0200
Subject: - show connecting players with rcon status command - make it possible
 to limit the number of clients with the same ip that can connect to the
 server

---
 src/engine/server/server.cpp         | 23 +++++++++++++++++-----
 src/engine/server/server.h           |  1 +
 src/engine/shared/config_variables.h |  1 +
 src/engine/shared/network.h          |  6 +++++-
 src/engine/shared/network_server.cpp | 37 +++++++++++++++++++++++++++++++++++-
 src/tools/fake_server.cpp            |  2 +-
 6 files changed, 62 insertions(+), 8 deletions(-)

(limited to 'src/engine/server/server.cpp')

diff --git a/src/engine/server/server.cpp b/src/engine/server/server.cpp
index b5a01a99..2545103b 100644
--- a/src/engine/server/server.cpp
+++ b/src/engine/server/server.cpp
@@ -1018,7 +1018,7 @@ int CServer::Run()
 	}
 	
 	
-	if(!m_NetServer.Open(BindAddr, g_Config.m_SvMaxClients, 0))
+	if(!m_NetServer.Open(BindAddr, g_Config.m_SvMaxClients, g_Config.m_SvMaxClientsPerIP, 0))
 	{
 		dbg_msg("server", "couldn't open socket. port might already be in use");
 		return -1;
@@ -1250,12 +1250,16 @@ void CServer::ConStatus(IConsole::IResult *pResult, void *pUser)
 
 	for(i = 0; i < MAX_CLIENTS; i++)
 	{
-		if(pServer->m_aClients[i].m_State == CClient::STATE_INGAME)
+		if(pServer->m_aClients[i].m_State != CClient::STATE_EMPTY)
 		{
 			Addr = pServer->m_NetServer.ClientAddr(i);
-			str_format(aBuf, sizeof(aBuf), "id=%d addr=%d.%d.%d.%d:%d name='%s' score=%d",
-				i, Addr.ip[0], Addr.ip[1], Addr.ip[2], Addr.ip[3], Addr.port,
-				pServer->m_aClients[i].m_aName, pServer->m_aClients[i].m_Score);
+			if(pServer->m_aClients[i].m_State == CClient::STATE_INGAME)
+				str_format(aBuf, sizeof(aBuf), "id=%d addr=%d.%d.%d.%d:%d name='%s' score=%d",
+					i, Addr.ip[0], Addr.ip[1], Addr.ip[2], Addr.ip[3], Addr.port,
+					pServer->m_aClients[i].m_aName, pServer->m_aClients[i].m_Score);
+			else
+				str_format(aBuf, sizeof(aBuf), "id=%d addr=%d.%d.%d.%d:%d connecting",
+					i, Addr.ip[0], Addr.ip[1], Addr.ip[2], Addr.ip[3], Addr.port);
 			pServer->Console()->Print(aBuf);
 			dbg_msg("server", "%s", aBuf);
 		}
@@ -1291,6 +1295,13 @@ void CServer::ConchainSpecialInfoupdate(IConsole::IResult *pResult, void *pUserD
 		((CServer *)pUserData)->UpdateServerInfo();
 }
 
+void CServer::ConchainMaxclientsperipUpdate(IConsole::IResult *pResult, void *pUserData, IConsole::FCommandCallback pfnCallback, void *pCallbackUserData)
+{
+	pfnCallback(pResult, pCallbackUserData);
+	if(pResult->NumArguments())
+		((CServer *)pUserData)->m_NetServer.SetMaxClientsPerIP(pResult->GetInteger(0));
+}
+
 void CServer::RegisterCommands()
 {
 	m_pConsole = Kernel()->RequestInterface<IConsole>();
@@ -1309,6 +1320,8 @@ void CServer::RegisterCommands()
 
 	Console()->Chain("sv_name", ConchainSpecialInfoupdate, this);
 	Console()->Chain("password", ConchainSpecialInfoupdate, this);
+
+	Console()->Chain("sv_max_clients_per_ip", ConchainMaxclientsperipUpdate, this);
 }	
 
 
diff --git a/src/engine/server/server.h b/src/engine/server/server.h
index 895a4bd1..70c8899c 100644
--- a/src/engine/server/server.h
+++ b/src/engine/server/server.h
@@ -185,6 +185,7 @@ public:
 	static void ConStopRecord(IConsole::IResult *pResult, void *pUser);
 	static void ConMapReload(IConsole::IResult *pResult, void *pUser);
 	static void ConchainSpecialInfoupdate(IConsole::IResult *pResult, void *pUserData, IConsole::FCommandCallback pfnCallback, void *pCallbackUserData);
+	static void ConchainMaxclientsperipUpdate(IConsole::IResult *pResult, void *pUserData, IConsole::FCommandCallback pfnCallback, void *pCallbackUserData);
 
 	void RegisterCommands();
 	
diff --git a/src/engine/shared/config_variables.h b/src/engine/shared/config_variables.h
index cc36b932..e11eab6d 100644
--- a/src/engine/shared/config_variables.h
+++ b/src/engine/shared/config_variables.h
@@ -64,6 +64,7 @@ MACRO_CONFIG_INT(SvPort, sv_port, 8303, 0, 0, CFGFLAG_SERVER, "Port to use for t
 MACRO_CONFIG_INT(SvExternalPort, sv_external_port, 0, 0, 0, CFGFLAG_SERVER, "External port to report to the master servers")
 MACRO_CONFIG_STR(SvMap, sv_map, 128, "dm1", CFGFLAG_SERVER, "Map to use on the server")
 MACRO_CONFIG_INT(SvMaxClients, sv_max_clients, 8, 1, MAX_CLIENTS, CFGFLAG_SERVER, "Maximum number of clients that are allowed on a server")
+MACRO_CONFIG_INT(SvMaxClientsPerIP, sv_max_clients_per_ip, 8, 1, MAX_CLIENTS, CFGFLAG_SERVER, "Maximum number of clients with the same IP that can connect to the server")
 MACRO_CONFIG_INT(SvHighBandwidth, sv_high_bandwidth, 0, 0, 1, CFGFLAG_SERVER, "Use high bandwidth mode. Doubles the bandwidth required for the server. LAN use only")
 MACRO_CONFIG_INT(SvRegister, sv_register, 1, 0, 1, CFGFLAG_SERVER, "Register server with master server for public listing")
 MACRO_CONFIG_STR(SvRconPassword, sv_rcon_password, 32, "", CFGFLAG_SERVER, "Remote console password")
diff --git a/src/engine/shared/network.h b/src/engine/shared/network.h
index 11a1b70d..7de534a4 100644
--- a/src/engine/shared/network.h
+++ b/src/engine/shared/network.h
@@ -244,6 +244,7 @@ private:
 	NETSOCKET m_Socket;
 	CSlot m_aSlots[NET_MAX_CLIENTS];
 	int m_MaxClients;
+	int m_MaxClientsPerIP;
 
 	CBan *m_aBans[256];
 	CBan m_BanPool[NET_SERVER_MAXBANS];
@@ -262,7 +263,7 @@ public:
 	int SetCallbacks(NETFUNC_NEWCLIENT pfnNewClient, NETFUNC_DELCLIENT pfnDelClient, void *pUser);
 
 	//
-	bool Open(NETADDR BindAddr, int MaxClients, int Flags);
+	bool Open(NETADDR BindAddr, int MaxClients, int MaxClientsPerIP, int Flags);
 	int Close();
 	
 	//
@@ -283,6 +284,9 @@ public:
 	NETADDR ClientAddr(int ClientID) const { return m_aSlots[ClientID].m_Connection.PeerAddress(); }
 	NETSOCKET Socket() const { return m_Socket; }
 	int MaxClients() const { return m_MaxClients; }
+
+	//
+	void SetMaxClientsPerIP(int Max);
 };
 
 
diff --git a/src/engine/shared/network_server.cpp b/src/engine/shared/network_server.cpp
index 32b08bf6..2d30a7d1 100644
--- a/src/engine/shared/network_server.cpp
+++ b/src/engine/shared/network_server.cpp
@@ -24,7 +24,7 @@
 #define MACRO_LIST_FIND(Start, Next, Expression) \
 	{ while(Start && !(Expression)) Start = Start->Next; }
 
-bool CNetServer::Open(NETADDR BindAddr, int MaxClients, int Flags)
+bool CNetServer::Open(NETADDR BindAddr, int MaxClients, int MaxClientsPerIP, int Flags)
 {
 	// zero out the whole structure
 	mem_zero(this, sizeof(*this));
@@ -40,6 +40,8 @@ bool CNetServer::Open(NETADDR BindAddr, int MaxClients, int Flags)
 		m_MaxClients = NET_MAX_CLIENTS;
 	if(m_MaxClients < 1)
 		m_MaxClients = 1;
+
+	m_MaxClientsPerIP = MaxClientsPerIP;
 	
 	for(int i = 0; i < NET_MAX_CLIENTS; i++)
 		m_aSlots[i].m_Connection.Init(m_Socket);
@@ -335,6 +337,29 @@ int CNetServer::Recv(CNetChunk *pChunk)
 					// client that wants to connect
 					if(!Found)
 					{
+						// only allow a specific number of players with the same ip
+						NETADDR ThisAddr = Addr, OtherAddr;
+						int FoundAddr = 1;
+						ThisAddr.port = 0;
+						for(int i = 0; i < MaxClients(); ++i)
+						{
+							if(m_aSlots[i].m_Connection.State() == NET_CONNSTATE_OFFLINE)
+								continue;
+
+							OtherAddr = m_aSlots[i].m_Connection.PeerAddress();
+							OtherAddr.port = 0;
+							if(!net_addr_comp(&ThisAddr, &OtherAddr))
+							{
+								if(FoundAddr++ >= m_MaxClientsPerIP)
+								{
+									char aBuf[128];
+									str_format(aBuf, sizeof(aBuf), "only %i players with same ip allowed", m_MaxClientsPerIP);
+									CNetBase::SendControlMsg(m_Socket, &Addr, 0, NET_CTRLMSG_CLOSE, aBuf, sizeof(aBuf));
+									return 0;
+								}
+							}
+						}
+
 						for(int i = 0; i < MaxClients(); i++)
 						{
 							if(m_aSlots[i].m_Connection.State() == NET_CONNSTATE_OFFLINE)
@@ -411,3 +436,13 @@ int CNetServer::Send(CNetChunk *pChunk)
 	return 0;
 }
 
+void CNetServer::SetMaxClientsPerIP(int Max)
+{
+	// clamp
+	if(Max < 1)
+		Max = 1;
+	else if(Max > NET_MAX_CLIENTS)
+		Max = NET_MAX_CLIENTS;
+
+	m_MaxClientsPerIP = Max;
+}
diff --git a/src/tools/fake_server.cpp b/src/tools/fake_server.cpp
index b833c1b1..9442c7ba 100644
--- a/src/tools/fake_server.cpp
+++ b/src/tools/fake_server.cpp
@@ -111,7 +111,7 @@ static int Run()
 	int64 NextHeartBeat = 0;
 	NETADDR BindAddr = {NETTYPE_IPV4, {0},0};
 	
-	if(!pNet->Open(BindAddr, 0, 0))
+	if(!pNet->Open(BindAddr, 0, 0, 0))
 		return 0;
 	
 	while(1)
-- 
cgit 1.4.1