vlad.os/LuaCsForBarotraumaEP
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Readded special client permissions

Browse Source 
Also added a command that requires a password to gain the permissions.
I think they were never vulnerable in the first place, gamerfood was just trying to intimidate us.
This commit is contained in:
juanjp600
2016-11-20 22:01:37 -03:00
parent 7a3bce3973
commit ba7fcad8f2
7 changed files with 81 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
Subsurface/Source/DebugConsole.cs
View File

@@ -6,6 +6,7 @@ using Microsoft.Xna.Framework.Graphics;
using Microsoft.Xna.Framework.Input;
using Barotrauma.Networking;
using Barotrauma.Items.Components;
using System.Text;
namespace Barotrauma
{
@@ -123,7 +124,6 @@ namespace Barotrauma
if (PlayerInput.KeyDown(Keys.Enter) && textBox.Text != "")
{
NewMessage(textBox.Text, Color.White);
ExecuteCommand(textBox.Text, game);
textBox.Text = "";
@@ -165,6 +165,7 @@ namespace Barotrauma
case "netstats":
case "help":
case "dumpids":
case "admin":
return true;
default:
return false;
@@ -175,7 +176,11 @@ namespace Barotrauma
{
if (string.IsNullOrWhiteSpace(command)) return;
string[] commands = command.Split(' ');
if (!commands[0].ToLowerInvariant().Equals("admin"))
{
NewMessage(textBox.Text, Color.White);
}
#if !DEBUG
if (GameMain.Client != null && !IsCommandPermitted(commands[0].ToLowerInvariant(), GameMain.Client))
@@ -370,6 +375,17 @@ namespace Barotrauma
case "enablecrewai":
HumanAIController.DisableCrewAI = false;
break;
case "admin":
if (GameMain.Server != null)
{
GameMain.Server.AdminAuthPass = commands[1];
}
else if (GameMain.Client != null)
{
GameMain.Client.RequestAdminAuth(commands[1]);
}
break;
case "kick":
if (GameMain.NetworkMember == null || commands.Length < 2) break;
GameMain.NetworkMember.KickPlayer(string.Join(" ", commands.Skip(1)), false);

6
Subsurface/Source/Networking/Client.cs
View File

@@ -52,13 +52,13 @@ namespace Barotrauma.Networking
public float deleteDisconnectedTimer;
public ClientPermissions Permissions;
public ClientPermissions Permissions = ClientPermissions.None;
public int KickVoteCount
{
get { return kickVoters.Count; }
}
public Client(NetPeer server, string name, byte ID)
: this(name, ID)
{
@@ -129,7 +129,7 @@ namespace Barotrauma.Networking
public bool HasPermission(ClientPermissions permission)
{
return false; //Permissions.HasFlag(permission);
return this.Permissions.HasFlag(permission);
}
public T GetVote<T>(VoteType voteType)

15
Subsurface/Source/Networking/GameClient.cs
View File

@@ -26,7 +26,7 @@ namespace Barotrauma.Networking
private GUIButton endRoundButton;
private GUITickBox endVoteTickBox;
private ClientPermissions permissions;
private ClientPermissions permissions = ClientPermissions.None;
private bool connected;
@@ -839,7 +839,7 @@ namespace Barotrauma.Networking
public bool HasPermission(ClientPermissions permission)
{
return false;// permissions.HasFlag(permission);
return permissions.HasFlag(permission);
}
public override void Draw(Microsoft.Xna.Framework.Graphics.SpriteBatch spriteBatch)
@@ -1026,6 +1026,15 @@ namespace Barotrauma.Networking
client.SendMessage(msg, NetDeliveryMethod.ReliableUnordered);
}
public void RequestAdminAuth(string pass)
{
NetOutgoingMessage msg = client.CreateMessage();
msg.Write((byte)PacketTypes.RequestAdminAuth);
msg.Write(Encoding.UTF8.GetString(NetUtility.ComputeSHAHash(Encoding.UTF8.GetBytes(pass))));
client.SendMessage(msg, NetDeliveryMethod.ReliableUnordered);
}
public override void KickPlayer(string kickedName, bool ban, bool range = false)
{
if (!permissions.HasFlag(ClientPermissions.Kick) && !ban) return;
@@ -1036,7 +1045,7 @@ namespace Barotrauma.Networking
msg.Write(ban);
msg.Write(kickedName);
client.SendMessage(msg, NetDeliveryMethod.ReliableUnordered);
client.SendMessage(msg, NetDeliveryMethod.ReliableUnordered);
}
public bool VoteForKick(GUIButton button, object userdata)

29
Subsurface/Source/Networking/GameServer.cs
View File

@@ -55,6 +55,8 @@ namespace Barotrauma.Networking
name = name.Replace(":", "");
name = name.Replace(";", "");
AdminAuthPass = "";
this.name = name;
this.password = "";
if (password.Length>0)
@@ -551,6 +553,32 @@ namespace Barotrauma.Networking
EndGame();
}
break;
case (byte)PacketTypes.RequestAdminAuth:
string pass = inc.ReadString();
if (adminAuthPass.Length == 0)
{
Log(sender.name + " tried to become admin!", Color.Red);
return;
}
if (adminAuthPass==pass)
{
if (sender.Permissions == ClientPermissions.None)
{
Log(sender.name + " is now an admin.", Color.Yellow);
sender.SetPermissions(ClientPermissions.Kick | ClientPermissions.Ban | ClientPermissions.EndRound);
}
else
{
Log(sender.name + " is no longer an admin.", Color.Yellow);
sender.SetPermissions(ClientPermissions.None);
}
UpdateClientPermissions(sender);
}
else
{
Log(sender.name + " has failed admin authentication!", Color.Red);
}
break;
case (byte)PacketTypes.KickPlayer:
bool ban = inc.ReadBoolean();
string kickedName = inc.ReadString();
@@ -561,7 +589,6 @@ namespace Barotrauma.Networking
if (ban && !sender.HasPermission(ClientPermissions.Ban))
{
Log(sender.name + " attempted to ban " + kickedClient.name + " (insufficient permissions)", Color.Red);
}
else if (!sender.HasPermission(ClientPermissions.Kick))
{

4
Subsurface/Source/Networking/GameServerLogin.cs
View File

@@ -198,6 +198,10 @@ namespace Barotrauma.Networking
{
newClient.SetPermissions(savedPermissions.Permissions);
}
else
{
newClient.SetPermissions(ClientPermissions.None);
}
connectedClients.Add(newClient);

14
Subsurface/Source/Networking/GameServerSettings.cs
View File

@@ -63,6 +63,20 @@ namespace Barotrauma.Networking
private string password;
private string adminAuthPass = "";
public string AdminAuthPass
{
set
{
DebugConsole.NewMessage("Admin auth pass changed!",Color.Yellow);
adminAuthPass = "";
if (value.Length > 0)
{
adminAuthPass = Encoding.UTF8.GetString(Lidgren.Network.NetUtility.ComputeSHAHash(Encoding.UTF8.GetBytes(value)));
}
}
}
private GUIFrame settingsFrame;
private GUIFrame[] settingsTabs;
private int settingsTabIndex;

2
Subsurface/Source/Networking/NetworkMember.cs
View File

@@ -19,6 +19,8 @@ namespace Barotrauma.Networking
KickPlayer,
RequestAdminAuth,
Permissions,
RequestNetLobbyUpdate,