juanjp600
d0efbe14f3
Whitelist saving
2016-09-03 17:51:10 -03:00
juanjp600
efa8b4da51
Removed per-user password from whitelist
2016-09-03 17:18:44 -03:00
juanjp600
ef2b0d8721
Whitelist + conflict resolve
2016-09-03 14:57:36 -03:00
juanjp600
52270e3a35
Hacked clients can't send chat messages from other characters anymore
...
Also added sendername as userdata in chat messages, for now it's not used for anything but we'll probably find something where this is useful
2016-08-30 17:35:58 -03:00
juanjp600
df0b064899
Hacked client can't join full server anymore
...
Not sure how they can get around lidgren's checking, but this should do the trick
2016-08-29 19:02:37 -03:00
juanjp600
83f8ad0555
Clientside fix for empty password
...
Thanks for finding this Reg
2016-08-29 18:40:27 -03:00
juanjp600
e284ff5f38
Heavier password encryption
...
I don't think this fixes actual bugs but the encryption seemed kinda weak.
2016-08-29 07:13:19 -03:00
juanjp600
d909a8d9b6
Filter out Unicode and non-printable ASCII
...
+ return when authentication fails because of null client
2016-08-28 16:01:23 -03:00
Regalis
712953cc9e
WIP client special permissions (kick, ban, end round)
2016-08-24 11:47:46 +03:00
Regalis
ef0098d52a
Anti-gamerfood measures:
...
- clients don't send server passwords as plaintext: the server sends a nonce which the client encrypt using the password as the key
- IPs are visible in netstats
- amount of client jobpreferences limited to 3 at the servers side
- sanitizing client names
2016-08-19 18:18:07 +03:00
