2025-01-12 00:43:01 -08:00
|
|
|
/* Copyright (C) 2025 Wildfire Games.
|
2023-12-02 16:30:12 -08:00
|
|
|
* This file is part of 0 A.D.
|
2013-11-07 12:07:24 -08:00
|
|
|
*
|
2023-12-02 16:30:12 -08:00
|
|
|
* 0 A.D. is free software: you can redistribute it and/or modify
|
2013-11-07 12:07:24 -08:00
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation, either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
2023-12-02 16:30:12 -08:00
|
|
|
* 0 A.D. is distributed in the hope that it will be useful,
|
2013-11-07 12:07:24 -08:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2023-12-02 16:30:12 -08:00
|
|
|
* along with 0 A.D. If not, see <http://www.gnu.org/licenses/>.
|
2013-11-07 12:07:24 -08:00
|
|
|
*/
|
2025-06-19 15:06:41 -07:00
|
|
|
|
2013-11-07 12:07:24 -08:00
|
|
|
#include "precompiled.h"
|
2025-06-19 15:06:41 -07:00
|
|
|
|
2013-11-07 12:07:24 -08:00
|
|
|
#include "StanzaExtensions.h"
|
|
|
|
|
|
2025-06-19 15:06:41 -07:00
|
|
|
#include <list>
|
|
|
|
|
|
2013-11-07 12:07:24 -08:00
|
|
|
/******************************************************
|
|
|
|
|
* GameReport, fairly generic custom stanza extension used
|
|
|
|
|
* to report game statistics.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
GameReport::GameReport(const gloox::Tag* tag)
|
2015-06-19 10:25:28 -07:00
|
|
|
: StanzaExtension(EXTGAMEREPORT)
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2015-06-19 10:25:28 -07:00
|
|
|
if (!tag || tag->name() != "report" || tag->xmlns() != XMLNS_GAMEREPORT)
|
2013-11-07 12:07:24 -08:00
|
|
|
return;
|
|
|
|
|
// TODO if we want to handle receiving this stanza extension.
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to serialize the GameReport into XML for sending.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* GameReport::tag() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* t = new gloox::Tag("report");
|
2015-06-19 10:25:28 -07:00
|
|
|
t->setXmlns(XMLNS_GAMEREPORT);
|
2013-11-07 12:07:24 -08:00
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& tag : m_GameReport)
|
2015-06-19 10:25:28 -07:00
|
|
|
t->addChild(tag->clone());
|
2013-11-07 12:07:24 -08:00
|
|
|
|
|
|
|
|
return t;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to find the GameReport element in a recived IQ.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
const std::string& GameReport::filterString() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
static const std::string filter = "/iq/report[@xmlns='" XMLNS_GAMEREPORT "']";
|
2013-11-07 12:07:24 -08:00
|
|
|
return filter;
|
|
|
|
|
}
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::StanzaExtension* GameReport::clone() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
|
|
|
|
GameReport* q = new GameReport();
|
|
|
|
|
return q;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/******************************************************
|
2014-01-23 15:13:13 -08:00
|
|
|
* BoardListQuery, a flexible custom IQ Stanza useful for anything with ratings, used to
|
|
|
|
|
* request and receive leaderboard and rating data from server.
|
|
|
|
|
* Example stanza:
|
|
|
|
|
* <board player="foobar">1200</board>
|
2013-11-07 12:07:24 -08:00
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
BoardListQuery::BoardListQuery(const gloox::Tag* tag)
|
2015-06-19 10:25:28 -07:00
|
|
|
: StanzaExtension(EXTBOARDLISTQUERY)
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2015-06-19 10:25:28 -07:00
|
|
|
if (!tag || tag->name() != "query" || tag->xmlns() != XMLNS_BOARDLIST)
|
2013-11-07 12:07:24 -08:00
|
|
|
return;
|
2015-06-19 10:25:28 -07:00
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* c = tag->findTag("query/command");
|
2014-01-23 15:13:13 -08:00
|
|
|
if (c)
|
|
|
|
|
m_Command = c->cdata();
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& t : tag->findTagList("query/board"))
|
|
|
|
|
m_StanzaBoardList.emplace_back(t->clone());
|
2013-11-07 12:07:24 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2014-01-23 15:13:13 -08:00
|
|
|
* Required by gloox, used to find the BoardList element in a received IQ.
|
2013-11-07 12:07:24 -08:00
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
const std::string& BoardListQuery::filterString() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
static const std::string filter = "/iq/query[@xmlns='" XMLNS_BOARDLIST "']";
|
2013-11-07 12:07:24 -08:00
|
|
|
return filter;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to serialize the BoardList request into XML for sending.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* BoardListQuery::tag() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* t = new gloox::Tag("query");
|
2015-06-19 10:25:28 -07:00
|
|
|
t->setXmlns(XMLNS_BOARDLIST);
|
|
|
|
|
|
2014-01-23 15:13:13 -08:00
|
|
|
// Check for ratinglist or boardlist command
|
2015-06-19 10:25:28 -07:00
|
|
|
if (!m_Command.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("command", m_Command));
|
2013-11-07 12:07:24 -08:00
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& tag : m_StanzaBoardList)
|
2015-06-19 10:25:28 -07:00
|
|
|
t->addChild(tag->clone());
|
2013-11-07 12:07:24 -08:00
|
|
|
|
|
|
|
|
return t;
|
|
|
|
|
}
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::StanzaExtension* BoardListQuery::clone() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
|
|
|
|
BoardListQuery* q = new BoardListQuery();
|
|
|
|
|
return q;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
BoardListQuery::~BoardListQuery()
|
|
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& t : m_StanzaBoardList)
|
|
|
|
|
delete t;
|
2014-01-23 15:13:13 -08:00
|
|
|
m_StanzaBoardList.clear();
|
2013-11-07 12:07:24 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/******************************************************
|
|
|
|
|
* GameListQuery, custom IQ Stanza, used to receive
|
|
|
|
|
* the listing of games from the server, and register/
|
|
|
|
|
* unregister/changestate games on the server.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
GameListQuery::GameListQuery(const gloox::Tag* tag)
|
2015-06-19 10:25:28 -07:00
|
|
|
: StanzaExtension(EXTGAMELISTQUERY)
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2015-06-19 10:25:28 -07:00
|
|
|
if (!tag || tag->name() != "query" || tag->xmlns() != XMLNS_GAMELIST)
|
2013-11-07 12:07:24 -08:00
|
|
|
return;
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* c = tag->findTag("query/command");
|
2013-11-07 12:07:24 -08:00
|
|
|
if (c)
|
|
|
|
|
m_Command = c->cdata();
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& t : tag->findTagList("query/game"))
|
|
|
|
|
m_GameList.emplace_back(t->clone());
|
2013-11-07 12:07:24 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2014-01-23 15:13:13 -08:00
|
|
|
* Required by gloox, used to find the GameList element in a received IQ.
|
2013-11-07 12:07:24 -08:00
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
const std::string& GameListQuery::filterString() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
static const std::string filter = "/iq/query[@xmlns='" XMLNS_GAMELIST "']";
|
2013-11-07 12:07:24 -08:00
|
|
|
return filter;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to serialize the game object into XML for sending.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* GameListQuery::tag() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* t = new gloox::Tag("query");
|
2015-06-19 10:25:28 -07:00
|
|
|
t->setXmlns(XMLNS_GAMELIST);
|
2013-11-07 12:07:24 -08:00
|
|
|
|
|
|
|
|
// Check for register / unregister command
|
2015-06-19 10:25:28 -07:00
|
|
|
if (!m_Command.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("command", m_Command));
|
2013-11-07 12:07:24 -08:00
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& tag : m_GameList)
|
2015-06-19 10:25:28 -07:00
|
|
|
t->addChild(tag->clone());
|
2013-11-07 12:07:24 -08:00
|
|
|
|
|
|
|
|
return t;
|
|
|
|
|
}
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::StanzaExtension* GameListQuery::clone() const
|
2013-11-07 12:07:24 -08:00
|
|
|
{
|
|
|
|
|
GameListQuery* q = new GameListQuery();
|
|
|
|
|
return q;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
GameListQuery::~GameListQuery()
|
|
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const & t : m_GameList)
|
|
|
|
|
delete t;
|
2013-11-07 12:07:24 -08:00
|
|
|
m_GameList.clear();
|
|
|
|
|
}
|
2014-09-20 08:35:26 -07:00
|
|
|
|
|
|
|
|
/******************************************************
|
|
|
|
|
* ProfileQuery, a custom IQ Stanza useful for fetching
|
|
|
|
|
* user profiles
|
|
|
|
|
* Example stanza:
|
|
|
|
|
* <profile player="foobar" highestRating="1500" rank="1895" totalGamesPlayed="50"
|
|
|
|
|
* wins="25" losses="25" /><command>foobar</command>
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
ProfileQuery::ProfileQuery(const gloox::Tag* tag)
|
2015-06-19 10:25:28 -07:00
|
|
|
: StanzaExtension(EXTPROFILEQUERY)
|
2014-09-20 08:35:26 -07:00
|
|
|
{
|
|
|
|
|
if (!tag || tag->name() != "query" || tag->xmlns() != XMLNS_PROFILE)
|
|
|
|
|
return;
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* c = tag->findTag("query/command");
|
2014-09-20 08:35:26 -07:00
|
|
|
if (c)
|
|
|
|
|
m_Command = c->cdata();
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& t : tag->findTagList("query/profile"))
|
|
|
|
|
m_StanzaProfile.emplace_back(t->clone());
|
2014-09-20 08:35:26 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to find the Profile element in a received IQ.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
const std::string& ProfileQuery::filterString() const
|
2014-09-20 08:35:26 -07:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
static const std::string filter = "/iq/query[@xmlns='" XMLNS_PROFILE "']";
|
2014-09-20 08:35:26 -07:00
|
|
|
return filter;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to serialize the Profile request into XML for sending.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* ProfileQuery::tag() const
|
2014-09-20 08:35:26 -07:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* t = new gloox::Tag("query");
|
2014-09-20 08:35:26 -07:00
|
|
|
t->setXmlns(XMLNS_PROFILE);
|
|
|
|
|
|
|
|
|
|
if (!m_Command.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("command", m_Command));
|
2014-09-20 08:35:26 -07:00
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& tag : m_StanzaProfile)
|
2015-06-19 10:25:28 -07:00
|
|
|
t->addChild(tag->clone());
|
2014-09-20 08:35:26 -07:00
|
|
|
|
|
|
|
|
return t;
|
|
|
|
|
}
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::StanzaExtension* ProfileQuery::clone() const
|
2014-09-20 08:35:26 -07:00
|
|
|
{
|
|
|
|
|
ProfileQuery* q = new ProfileQuery();
|
|
|
|
|
return q;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ProfileQuery::~ProfileQuery()
|
|
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
for (const gloox::Tag* const& t : m_StanzaProfile)
|
|
|
|
|
delete t;
|
2014-09-20 08:35:26 -07:00
|
|
|
m_StanzaProfile.clear();
|
|
|
|
|
}
|
2018-03-11 17:23:40 -07:00
|
|
|
|
|
|
|
|
/******************************************************
|
|
|
|
|
* LobbyAuth, a custom IQ Stanza, used to send and
|
|
|
|
|
* receive a security token for hosting authentication.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
LobbyAuth::LobbyAuth(const gloox::Tag* tag)
|
2018-03-11 17:23:40 -07:00
|
|
|
: StanzaExtension(EXTLOBBYAUTH)
|
|
|
|
|
{
|
|
|
|
|
if (!tag || tag->name() != "auth" || tag->xmlns() != XMLNS_LOBBYAUTH)
|
|
|
|
|
return;
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* c = tag->findTag("auth/token");
|
2018-03-11 17:23:40 -07:00
|
|
|
if (c)
|
|
|
|
|
m_Token = c->cdata();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to find the LobbyAuth element in a received IQ.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
const std::string& LobbyAuth::filterString() const
|
2018-03-11 17:23:40 -07:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
static const std::string filter = "/iq/auth[@xmlns='" XMLNS_LOBBYAUTH "']";
|
2018-03-11 17:23:40 -07:00
|
|
|
return filter;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to serialize the auth object into XML for sending.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* LobbyAuth::tag() const
|
2018-03-11 17:23:40 -07:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* t = new gloox::Tag("auth");
|
2018-03-11 17:23:40 -07:00
|
|
|
t->setXmlns(XMLNS_LOBBYAUTH);
|
|
|
|
|
|
|
|
|
|
// Check for the auth token
|
|
|
|
|
if (!m_Token.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("token", m_Token));
|
2018-03-11 17:23:40 -07:00
|
|
|
return t;
|
|
|
|
|
}
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::StanzaExtension* LobbyAuth::clone() const
|
2018-03-11 17:23:40 -07:00
|
|
|
{
|
|
|
|
|
return new LobbyAuth();
|
|
|
|
|
}
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
|
|
|
|
|
/******************************************************
|
|
|
|
|
* ConnectionData, a custom IQ Stanza, used to send and
|
|
|
|
|
* receive a ip and port of the server.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
ConnectionData::ConnectionData(const gloox::Tag* tag)
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
: StanzaExtension(EXTCONNECTIONDATA)
|
|
|
|
|
{
|
|
|
|
|
if (!tag || tag->name() != "connectiondata" || tag->xmlns() != XMLNS_CONNECTIONDATA)
|
|
|
|
|
return;
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* c = tag->findTag("connectiondata/ip");
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
if (c)
|
|
|
|
|
m_Ip = c->cdata();
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* p= tag->findTag("connectiondata/port");
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
if (p)
|
|
|
|
|
m_Port = p->cdata();
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* pip = tag->findTag("connectiondata/isLocalIP");
|
2021-05-16 08:34:38 -07:00
|
|
|
if (pip)
|
|
|
|
|
m_IsLocalIP = pip->cdata();
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* pw = tag->findTag("connectiondata/password");
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
if (pw)
|
|
|
|
|
m_Password = pw->cdata();
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* cs = tag->findTag("connectiondata/clientsalt");
|
2021-05-18 07:47:36 -07:00
|
|
|
if (cs)
|
|
|
|
|
m_ClientSalt = cs->cdata();
|
2024-11-12 12:24:25 -08:00
|
|
|
const gloox::Tag* e = tag->findTag("connectiondata/error");
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
if (e)
|
|
|
|
|
m_Error= e->cdata();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to find the LobbyAuth element in a received IQ.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
const std::string& ConnectionData::filterString() const
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
static const std::string filter = "/iq/connectiondata[@xmlns='" XMLNS_CONNECTIONDATA "']";
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
return filter;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Required by gloox, used to serialize the auth object into XML for sending.
|
|
|
|
|
*/
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* ConnectionData::tag() const
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
{
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::Tag* t = new gloox::Tag("connectiondata");
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
t->setXmlns(XMLNS_CONNECTIONDATA);
|
|
|
|
|
|
|
|
|
|
if (!m_Ip.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("ip", m_Ip));
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
if (!m_Port.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("port", m_Port));
|
2021-05-16 08:34:38 -07:00
|
|
|
if (!m_IsLocalIP.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("isLocalIP", m_IsLocalIP));
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
if (!m_Password.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("password", m_Password));
|
2021-05-18 07:47:36 -07:00
|
|
|
if (!m_ClientSalt.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("clientsalt", m_ClientSalt));
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
if (!m_Error.empty())
|
2024-11-12 12:24:25 -08:00
|
|
|
t->addChild(new gloox::Tag("error", m_Error));
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
return t;
|
|
|
|
|
}
|
|
|
|
|
|
2024-11-12 12:24:25 -08:00
|
|
|
gloox::StanzaExtension* ConnectionData::clone() const
|
Hide ip and port from users until they want to join, add optional password
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
|
|
|
{
|
|
|
|
|
return new ConnectionData();
|
|
|
|
|
}
|