vlad.os/LuaCsForBarotraumaEP
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
888 Commits 5 Branches 2 Tags
ee16f0708be79f72305c545d2cb9d20830fbfdcb
Commit Graph

15 Commits

Author SHA1 Message Date
juanjp600
ee16f0708b -try-catch blocks for GUIComponents fixedChildren lists 
-player name and IP address in debug messages
-crash logs now output up to 15 messages
 2017-03-03 15:14:18 -03:00
juanjp600
ba026a8f88 Added list of homoglyphs for name comparison 
Unicode is now allowed in player names, but it can't be easily exploited anymore
 2017-03-02 12:09:08 -03:00
juanjp600
ba7fcad8f2 Readded special client permissions 
Also added a command that requires a password to gain the permissions.
I think they were never vulnerable in the first place, gamerfood was just trying to intimidate us.
 2016-11-20 22:01:37 -03:00
juanjp600
7a3bce3973 Hull volume helper in editor + Character name matches client name + Better-looking Watcher light source 
Also '' is a thing of the past, use \" instead
 2016-11-20 18:47:22 -03:00
juanjp600
d537e8795a Replace '' (two single quotes) with \" (double quote) 
We must correct post-traumatic Blitz disorder
 2016-09-24 21:26:08 -03:00
juanjp600
d0efbe14f3 Whitelist saving 2016-09-03 17:51:10 -03:00
juanjp600
efa8b4da51 Removed per-user password from whitelist 2016-09-03 17:18:44 -03:00
juanjp600
ef2b0d8721 Whitelist + conflict resolve 2016-09-03 14:57:36 -03:00
juanjp600
52270e3a35 Hacked clients can't send chat messages from other characters anymore 
Also added sendername as userdata in chat messages, for now it's not used for anything but we'll probably find something where this is useful
 2016-08-30 17:35:58 -03:00
juanjp600
df0b064899 Hacked client can't join full server anymore 
Not sure how they can get around lidgren's checking, but this should do the trick
 2016-08-29 19:02:37 -03:00
juanjp600
83f8ad0555 Clientside fix for empty password 
Thanks for finding this Reg
 2016-08-29 18:40:27 -03:00
juanjp600
e284ff5f38 Heavier password encryption 
I don't think this fixes actual bugs but the encryption seemed kinda weak.
 2016-08-29 07:13:19 -03:00
juanjp600
d909a8d9b6 Filter out Unicode and non-printable ASCII 
+ return when authentication fails because of null client
 2016-08-28 16:01:23 -03:00
Regalis
712953cc9e WIP client special permissions (kick, ban, end round) 2016-08-24 11:47:46 +03:00
Regalis
ef0098d52a Anti-gamerfood measures: 
- clients don't send server passwords as plaintext: the server sends a nonce which the client encrypt using the password as the key
- IPs are visible in netstats
- amount of client jobpreferences limited to 3 at the servers side
- sanitizing client names
 2016-08-19 18:18:07 +03:00