From b44ee3d9755ff35a6df1358dcfe85ce681bbe081 Mon Sep 17 00:00:00 2001 From: oy Date: Thu, 29 Dec 2011 23:36:53 +0100 Subject: reworked ban system --- src/engine/server/server.cpp | 331 +++++++++++++++---------------------------- src/engine/server/server.h | 33 +++-- 2 files changed, 137 insertions(+), 227 deletions(-) (limited to 'src/engine/server') diff --git a/src/engine/server/server.cpp b/src/engine/server/server.cpp index 09891ba7..9587b94c 100644 --- a/src/engine/server/server.cpp +++ b/src/engine/server/server.cpp @@ -19,6 +19,7 @@ #include #include #include +#include #include #include #include @@ -77,17 +78,6 @@ static void StrUTF8Rtrim(char *pStr) } -static int StrAllnum(const char *pStr) -{ - while(*pStr) - { - if(!(*pStr >= '0' && *pStr <= '9')) - return 0; - pStr++; - } - return 1; -} - CSnapIDPool::CSnapIDPool() { Reset(); @@ -176,6 +166,101 @@ void CSnapIDPool::FreeID(int ID) } } + +void CServerBan::Init(IConsole *pConsole, IStorage *pStorage, CServer* pServer) +{ + CNetBan::Init(pConsole, pStorage); + + m_pServer = pServer; + + // overwrites base command, todo: improve this + Console()->Register("ban", "s?ir", CFGFLAG_SERVER|CFGFLAG_STORE, ConBanExt, this, "Ban player with ip/client id for x minutes for any reason"); +} + +template +int CServerBan::BanExt(T *pBanPool, const typename T::CDataType *pData, int Seconds, const char *pReason) +{ + // validate address + if(Server()->m_RconClientID >= 0 && Server()->m_RconClientID < MAX_CLIENTS && + Server()->m_aClients[Server()->m_RconClientID].m_State != CServer::CClient::STATE_EMPTY) + { + if(NetMatch(pData, Server()->m_NetServer.ClientAddr(Server()->m_RconClientID))) + { + Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "net_ban", "ban error (you can't ban yourself)"); + return -1; + } + + for(int i = 0; i < MAX_CLIENTS; ++i) + { + if(i == Server()->m_RconClientID || Server()->m_aClients[i].m_State == CServer::CClient::STATE_EMPTY) + continue; + + if(Server()->m_aClients[i].m_Authed >= Server()->m_RconAuthLevel && NetMatch(pData, Server()->m_NetServer.ClientAddr(i))) + { + Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "net_ban", "ban error (command denied)"); + return -1; + } + } + } + + int Result = Ban(pBanPool, pData, Seconds, pReason); + if(Result != 0) + return Result; + + // drop banned clients + T::CDataType Data = *pData; + for(int i = 0; i < MAX_CLIENTS; ++i) + { + if(Server()->m_aClients[i].m_State == CServer::CClient::STATE_EMPTY) + continue; + + if(NetMatch(&Data, Server()->m_NetServer.ClientAddr(i))) + { + CNetHash NetHash(&Data); + char aBuf[256]; + MakeBanInfo(pBanPool->Find(&Data, &NetHash), aBuf, sizeof(aBuf), MSGTYPE_PLAYER); + Server()->m_NetServer.Drop(i, aBuf); + } + } + + return Result; +} + +int CServerBan::BanAddr(const NETADDR *pAddr, int Seconds, const char *pReason) +{ + return BanExt(&m_BanAddrPool, pAddr, Seconds, pReason); +} + +int CServerBan::BanRange(const CNetRange *pRange, int Seconds, const char *pReason) +{ + if(pRange->IsValid()) + return BanExt(&m_BanRangePool, pRange, Seconds, pReason); + + Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "net_ban", "ban failed (invalid range)"); + return -1; +} + +void CServerBan::ConBanExt(IConsole::IResult *pResult, void *pUser) +{ + CServerBan *pThis = static_cast(pUser); + + const char *pStr = pResult->GetString(0); + int Minutes = pResult->NumArguments()>1 ? clamp(pResult->GetInteger(1), 0, 44640) : 30; + const char *pReason = pResult->NumArguments()>2 ? pResult->GetString(2) : "No reason given"; + + if(StrAllnum(pStr)) + { + int ClientID = str_toint(pStr); + if(ClientID < 0 || ClientID >= MAX_CLIENTS || pThis->Server()->m_aClients[ClientID].m_State == CServer::CClient::STATE_EMPTY) + pThis->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "net_ban", "ban error (invalid client id)"); + else + pThis->BanAddr(pThis->Server()->m_NetServer.ClientAddr(ClientID), Minutes*60, pReason); + } + else + ConBan(pResult, pUser); +} + + void CServer::CClient::Reset() { // reset input @@ -368,11 +453,7 @@ int CServer::GetClientInfo(int ClientID, CClientInfo *pInfo) void CServer::GetClientAddr(int ClientID, char *pAddrStr, int Size) { if(ClientID >= 0 && ClientID < MAX_CLIENTS && m_aClients[ClientID].m_State == CClient::STATE_INGAME) - { - NETADDR Addr = m_NetServer.ClientAddr(ClientID); - Addr.port = 0; - net_addr_str(&Addr, pAddrStr, Size); - } + net_addr_str(m_NetServer.ClientAddr(ClientID), pAddrStr, Size, false); } @@ -618,9 +699,8 @@ int CServer::DelClientCallback(int ClientID, const char *pReason, void *pUser) { CServer *pThis = (CServer *)pUser; - NETADDR Addr = pThis->m_NetServer.ClientAddr(ClientID); char aAddrStr[NETADDR_MAXSTRSIZE]; - net_addr_str(&Addr, aAddrStr, sizeof(aAddrStr)); + net_addr_str(pThis->m_NetServer.ClientAddr(ClientID), aAddrStr, sizeof(aAddrStr), true); char aBuf[256]; str_format(aBuf, sizeof(aBuf), "client dropped. cid=%d addr=%s reason='%s'", ClientID, aAddrStr, pReason); pThis->Console()->Print(IConsole::OUTPUT_LEVEL_ADDINFO, "server", aBuf); @@ -714,7 +794,6 @@ void CServer::UpdateClientRconCommands() void CServer::ProcessClientPacket(CNetChunk *pPacket) { int ClientID = pPacket->m_ClientID; - NETADDR Addr; CUnpacker Unpacker; Unpacker.Reset(pPacket->m_pData, pPacket->m_DataSize); @@ -793,9 +872,8 @@ void CServer::ProcessClientPacket(CNetChunk *pPacket) { if(m_aClients[ClientID].m_State == CClient::STATE_CONNECTING) { - Addr = m_NetServer.ClientAddr(ClientID); char aAddrStr[NETADDR_MAXSTRSIZE]; - net_addr_str(&Addr, aAddrStr, sizeof(aAddrStr)); + net_addr_str(m_NetServer.ClientAddr(ClientID), aAddrStr, sizeof(aAddrStr), true); char aBuf[256]; str_format(aBuf, sizeof(aBuf), "player is ready. ClientID=%x addr=%s", ClientID, aAddrStr); @@ -809,9 +887,8 @@ void CServer::ProcessClientPacket(CNetChunk *pPacket) { if(m_aClients[ClientID].m_State == CClient::STATE_READY && GameServer()->IsClientReady(ClientID)) { - Addr = m_NetServer.ClientAddr(ClientID); char aAddrStr[NETADDR_MAXSTRSIZE]; - net_addr_str(&Addr, aAddrStr, sizeof(aAddrStr)); + net_addr_str(m_NetServer.ClientAddr(ClientID), aAddrStr, sizeof(aAddrStr), true); char aBuf[256]; str_format(aBuf, sizeof(aBuf), "player has entered the game. ClientID=%x addr=%s", ClientID, aAddrStr); @@ -945,10 +1022,7 @@ void CServer::ProcessClientPacket(CNetChunk *pPacket) if(!g_Config.m_SvRconBantime) m_NetServer.Drop(ClientID, "Too many remote console authentication tries"); else - { - NETADDR Addr = m_NetServer.ClientAddr(ClientID); - BanAdd(Addr, g_Config.m_SvRconBantime*60, "Too many remote console authentication tries"); - } + m_ServerBan.BanAddr(m_NetServer.ClientAddr(ClientID), g_Config.m_SvRconBantime*60, "Too many remote console authentication tries"); } } else @@ -992,7 +1066,7 @@ void CServer::ProcessClientPacket(CNetChunk *pPacket) } } -void CServer::SendServerInfo(NETADDR *pAddr, int Token) +void CServer::SendServerInfo(const NETADDR *pAddr, int Token) { CNetChunk Packet; CPacker p; @@ -1061,38 +1135,10 @@ void CServer::UpdateServerInfo() for(int i = 0; i < MAX_CLIENTS; ++i) { if(m_aClients[i].m_State != CClient::STATE_EMPTY) - { - NETADDR Addr = m_NetServer.ClientAddr(i); - SendServerInfo(&Addr, -1); - } + SendServerInfo(m_NetServer.ClientAddr(i), -1); } } -int CServer::BanAdd(NETADDR Addr, int Seconds, const char *pReason) -{ - Addr.port = 0; - char aAddrStr[128]; - net_addr_str(&Addr, aAddrStr, sizeof(aAddrStr)); - char aBuf[256]; - if(Seconds) - str_format(aBuf, sizeof(aBuf), "banned %s for %d minutes", aAddrStr, Seconds/60); - else - str_format(aBuf, sizeof(aBuf), "banned %s for life", aAddrStr); - Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", aBuf); - - return m_NetServer.BanAdd(Addr, Seconds, pReason); -} - -int CServer::BanRemove(NETADDR Addr) -{ - return m_NetServer.BanRemove(Addr); -} - -int CServer::BanRemoveAll() -{ - return m_NetServer.BanRemoveAll(); -} - void CServer::PumpNetwork() { @@ -1119,6 +1165,7 @@ void CServer::PumpNetwork() ProcessClientPacket(&Packet); } + m_ServerBan.Update(); m_Econ.Update(); } @@ -1217,7 +1264,7 @@ int CServer::Run() BindAddr.port = g_Config.m_SvPort; } - if(!m_NetServer.Open(BindAddr, g_Config.m_SvMaxClients, g_Config.m_SvMaxClientsPerIP, 0)) + if(!m_NetServer.Open(BindAddr, &m_ServerBan, g_Config.m_SvMaxClients, g_Config.m_SvMaxClientsPerIP, 0)) { dbg_msg("server", "couldn't open socket. port might already be in use"); return -1; @@ -1225,7 +1272,8 @@ int CServer::Run() m_NetServer.SetCallbacks(NewClientCallback, DelClientCallback, this); - m_Econ.Init(Console()); + m_ServerBan.Init(Console(), Storage(), this); + m_Econ.Init(Console(), &m_ServerBan); char aBuf[256]; str_format(aBuf, sizeof(aBuf), "server name is '%s'", g_Config.m_SvName); @@ -1388,170 +1436,23 @@ void CServer::ConKick(IConsole::IResult *pResult, void *pUser) ((CServer *)pUser)->Kick(pResult->GetInteger(0), "Kicked by console"); } -void CServer::ConBan(IConsole::IResult *pResult, void *pUser) -{ - NETADDR Addr; - CServer *pServer = (CServer *)pUser; - const char *pStr = pResult->GetString(0); - int Minutes = 30; - const char *pReason = "No reason given"; - - if(pResult->NumArguments() > 1) - Minutes = max(0, pResult->GetInteger(1)); - - if(pResult->NumArguments() > 2) - pReason = pResult->GetString(2); - - if(net_addr_from_str(&Addr, pStr) == 0) - { - if(pServer->m_RconClientID >= 0 && pServer->m_RconClientID < MAX_CLIENTS && pServer->m_aClients[pServer->m_RconClientID].m_State != CClient::STATE_EMPTY) - { - NETADDR AddrCheck = pServer->m_NetServer.ClientAddr(pServer->m_RconClientID); - Addr.port = AddrCheck.port = 0; - if(net_addr_comp(&Addr, &AddrCheck) == 0) - { - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "you can't ban yourself"); - return; - } - - for(int i = 0; i < MAX_CLIENTS; ++i) - { - if(i == pServer->m_RconClientID) - continue; - - AddrCheck = pServer->m_NetServer.ClientAddr(i); - AddrCheck.port = 0; - if(net_addr_comp(&Addr, &AddrCheck) == 0 && pServer->m_aClients[i].m_Authed > pServer->m_RconAuthLevel) - { - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "ban command denied"); - return; - } - } - } - pServer->BanAdd(Addr, Minutes*60, pReason); - } - else if(StrAllnum(pStr)) - { - int ClientID = str_toint(pStr); - - if(ClientID < 0 || ClientID >= MAX_CLIENTS || pServer->m_aClients[ClientID].m_State == CClient::STATE_EMPTY) - { - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "invalid client id"); - return; - } - else if(pServer->m_RconClientID == ClientID) - { - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "you can't ban yourself"); - return; - } - else if(pServer->m_aClients[ClientID].m_Authed > pServer->m_RconAuthLevel) - { - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "ban command denied"); - return; - } - - Addr = pServer->m_NetServer.ClientAddr(ClientID); - pServer->BanAdd(Addr, Minutes*60, pReason); - } - else - { - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "invalid network address to ban"); - return; - } -} - -void CServer::ConUnban(IConsole::IResult *pResult, void *pUser) -{ - NETADDR Addr; - CServer *pServer = (CServer *)pUser; - const char *pStr = pResult->GetString(0); - - if(net_addr_from_str(&Addr, pStr) == 0 && !pServer->BanRemove(Addr)) - { - char aAddrStr[NETADDR_MAXSTRSIZE]; - net_addr_str(&Addr, aAddrStr, sizeof(aAddrStr)); - - char aBuf[256]; - str_format(aBuf, sizeof(aBuf), "unbanned %s", aAddrStr); - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", aBuf); - } - else if(StrAllnum(pStr)) - { - int BanIndex = str_toint(pStr); - CNetServer::CBanInfo Info; - if(BanIndex < 0 || !pServer->m_NetServer.BanGet(BanIndex, &Info)) - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "invalid ban index"); - else if(!pServer->BanRemove(Info.m_Addr)) - { - char aAddrStr[NETADDR_MAXSTRSIZE]; - net_addr_str(&Info.m_Addr, aAddrStr, sizeof(aAddrStr)); - - char aBuf[256]; - str_format(aBuf, sizeof(aBuf), "unbanned %s", aAddrStr); - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", aBuf); - } - } - else - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "invalid network address"); -} - -void CServer::ConUnbanAll(IConsole::IResult *pResult, void *pUser) -{ - CServer *pServer = (CServer *)pUser; - if(!pServer->BanRemoveAll()) - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "server", "unbanned all"); -} - -void CServer::ConBans(IConsole::IResult *pResult, void *pUser) -{ - unsigned Now = time_timestamp(); - char aBuf[1024]; - char aAddrStr[NETADDR_MAXSTRSIZE]; - CServer* pServer = (CServer *)pUser; - - int Num = pServer->m_NetServer.BanNum(); - for(int i = 0; i < Num; i++) - { - CNetServer::CBanInfo Info; - pServer->m_NetServer.BanGet(i, &Info); - NETADDR Addr = Info.m_Addr; - net_addr_str(&Addr, aAddrStr, sizeof(aAddrStr)); - - if(Info.m_Expires == -1) - { - str_format(aBuf, sizeof(aBuf), "#%i %s for life", i, aAddrStr); - } - else - { - unsigned t = Info.m_Expires - Now; - str_format(aBuf, sizeof(aBuf), "#%i %s for %d minutes and %d seconds", i, aAddrStr, t/60, t%60); - } - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "Server", aBuf); - } - str_format(aBuf, sizeof(aBuf), "%d ban(s)", Num); - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "Server", aBuf); -} - void CServer::ConStatus(IConsole::IResult *pResult, void *pUser) { - int i; - NETADDR Addr; char aBuf[1024]; char aAddrStr[NETADDR_MAXSTRSIZE]; - CServer* pServer = (CServer *)pUser; + CServer* pThis = static_cast(pUser); - for(i = 0; i < MAX_CLIENTS; i++) + for(int i = 0; i < MAX_CLIENTS; i++) { - if(pServer->m_aClients[i].m_State != CClient::STATE_EMPTY) + if(pThis->m_aClients[i].m_State != CClient::STATE_EMPTY) { - Addr = pServer->m_NetServer.ClientAddr(i); - net_addr_str(&Addr, aAddrStr, sizeof(aAddrStr)); - if(pServer->m_aClients[i].m_State == CClient::STATE_INGAME) + net_addr_str(pThis->m_NetServer.ClientAddr(i), aAddrStr, sizeof(aAddrStr), true); + if(pThis->m_aClients[i].m_State == CClient::STATE_INGAME) str_format(aBuf, sizeof(aBuf), "id=%d addr=%s name='%s' score=%d", i, aAddrStr, - pServer->m_aClients[i].m_aName, pServer->m_aClients[i].m_Score); + pThis->m_aClients[i].m_aName, pThis->m_aClients[i].m_Score); else str_format(aBuf, sizeof(aBuf), "id=%d addr=%s connecting", i, aAddrStr); - pServer->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "Server", aBuf); + pThis->Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "Server", aBuf); } } } @@ -1664,10 +1565,6 @@ void CServer::RegisterCommands() m_pConsole = Kernel()->RequestInterface(); Console()->Register("kick", "i?r", CFGFLAG_SERVER, ConKick, this, "Kick player with specified id for any reason"); - Console()->Register("ban", "s?ir", CFGFLAG_SERVER|CFGFLAG_STORE, ConBan, this, "Ban player with ip/id for x minutes for any reason"); - Console()->Register("unban", "s", CFGFLAG_SERVER|CFGFLAG_STORE, ConUnban, this, "Unban ip"); - Console()->Register("unban_all", "", CFGFLAG_SERVER|CFGFLAG_STORE, ConUnbanAll, this, "Clear all bans"); - Console()->Register("bans", "", CFGFLAG_SERVER|CFGFLAG_STORE, ConBans, this, "Show banlist"); Console()->Register("status", "", CFGFLAG_SERVER, ConStatus, this, "List players"); Console()->Register("shutdown", "", CFGFLAG_SERVER, ConShutdown, this, "Shut down"); diff --git a/src/engine/server/server.h b/src/engine/server/server.h index 4c450a48..2ff06a05 100644 --- a/src/engine/server/server.h +++ b/src/engine/server/server.h @@ -5,6 +5,7 @@ #include + class CSnapIDPool { enum @@ -39,6 +40,25 @@ public: void FreeID(int ID); }; + +class CServerBan : public CNetBan +{ + class CServer *m_pServer; + + template int BanExt(T *pBanPool, const typename T::CDataType *pData, int Seconds, const char *pReason); + +public: + class CServer *Server() const { return m_pServer; } + + void Init(class IConsole *pConsole, class IStorage *pStorage, class CServer* pServer); + + int BanAddr(const NETADDR *pAddr, int Seconds, const char *pReason); + int BanRange(const CNetRange *pRange, int Seconds, const char *pReason); + + static void ConBanExt(class IConsole::IResult *pResult, void *pUser); +}; + + class CServer : public IServer { class IGameServer *m_pGameServer; @@ -114,6 +134,7 @@ public: CSnapIDPool m_IDPool; CNetServer m_NetServer; CEcon m_Econ; + CServerBan m_ServerBan; IEngineMap *m_pMap; @@ -184,13 +205,9 @@ public: void ProcessClientPacket(CNetChunk *pPacket); - void SendServerInfo(NETADDR *pAddr, int Token); + void SendServerInfo(const NETADDR *pAddr, int Token); void UpdateServerInfo(); - int BanAdd(NETADDR Addr, int Seconds, const char *pReason); - int BanRemove(NETADDR Addr); - int BanRemoveAll(); - void PumpNetwork(); char *GetMapName(); @@ -200,11 +217,7 @@ public: int Run(); static void ConKick(IConsole::IResult *pResult, void *pUser); - static void ConBan(IConsole::IResult *pResult, void *pUser); - static void ConUnban(IConsole::IResult *pResult, void *pUser); - static void ConUnbanAll(IConsole::IResult *pResult, void *pUser); - static void ConBans(IConsole::IResult *pResult, void *pUser); - static void ConStatus(IConsole::IResult *pResult, void *pUser); + static void ConStatus(IConsole::IResult *pResult, void *pUser); static void ConShutdown(IConsole::IResult *pResult, void *pUser); static void ConRecord(IConsole::IResult *pResult, void *pUser); static void ConStopRecord(IConsole::IResult *pResult, void *pUser); -- cgit 1.4.1