0ad/source/network/StunClient.h

53 lines
1.8 KiB
C
Raw Normal View History

Hide ip and port from users until they want to join, add optional password Current issue with the lobby, is that we make ips of hosts public for anyone to read. This patch consists of 3 parts. 1.) Removing ips and ports from lobby javascript 2.) Removing need of script on the server to attach public ips to game stanza by asking the host using xmppclient as proxy. 3.) Implementing password protected matches, to deny this information to not trusted players. Further description: Do not send ports and stunip to the bots. Removed from stanza. Do not send ip to the lobby. Removed from mapping gamelist from backend to gui (still on the backend side, because it is done by script on 0ad server). Get ip and ports on request when trying to connect. On the host side, ask stun server what is host's public ip and remember it. On the client side, send iq through xmppclient to the hosting player and ask for ip, port and if Stun is used, then if answer is success, continue with connecting, else fail. Add optional password for matches. Add password required identifier to the stanza. Allow host to setup password for the match. Hash it on the host side and store inside Netserver. If no password is given, matches will behave as it is not required. On the client side, if password for the match is required, show additional window before trying to connect and ask for password, then hash it and send with iq request for ip, port and stun. Server will answer with ip, port and stun only if passwords matches, else will asnwer with error string. Some security: Passwords are hashed before sending, so it is not easy to guess what users typed. (per wraitii) Hashes are using different salt as lobby hashing and not using usernames as salt (as that is not doable), so they are different even typing the same password as for the lobby account. Client remembers which user was asked for connection data and iq's id of request. If answer doesn't match these things, it is ignored. (thnx user1) Every request for connection data is logged with hostname of the requester to the mainlog file (no ips). If user gets iq to send connection data and is not hosting the match, will respond with error string "not_server". If server gets iq::result with connection data, request is ignored. Differential revision: D3184 Reviewed by: @wraitii Comments by: @Stan, @bb, @Imarok, @vladislavbelov Tested in lobby This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
/* Copyright (C) 2021 Wildfire Games.
* Copyright (C) 2013-2016 SuperTuxKart-Team.
* This file is part of 0 A.D.
*
* 0 A.D. is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 of the License, or
* (at your option) any later version.
*
* 0 A.D. is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with 0 A.D. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef STUNCLIENT_H
#define STUNCLIENT_H
Fix unreported glooxwrapper leaks following 61261d14fc, refs #2305. Fixes an occurring leak indicated by the reported clang unused variable compiler warning, refs #5294, #5550, by adding the missing glooxwrapper::Jingle::Session::Session destructor . Fix two leaks that would have occurred if the according code had been used: Delete unused glooxwrapper::Jingle::ICEUDP::ICEUDP instead of adding the missing destructor. Delete unused glooxwrapper::Jingle::Content::Content instead of adding the missing destructor. Explain why glooxwrapper::Client::registerStanzaExtension doesn't leak the new StanzaExtensionWrapper. Explain why glooxwrapper::Jingle::Session::sessionInitiate doesn't leak the new gloox::Jingle::Content, nor the new gloox::Jingle::ICEUDP. Explain why glooxwrapper::SessionManager::registerPlugins doesn't leak the new gloox::Jingle::Content and new gloox::Jingle::ICEUDP. Explain why glooxwrapper::SessionManager::createSession doesn't leak the gloox::Jingle::Session. I will not leak memory in the glooxwrapper. I will not leak memory in the glooxwrapper. I will not leak memory in the glooxwrapper. Use references in the StunClient and glooxwrapper to anticipate any confusion as to whose obligation it is to delete variables when they are passed around across several files. Use static_cast and reinterpret_cast instead of C-style casts in the StunClient. Differential Revision: https://code.wildfiregames.com/D2094 Refs D2093 for the reported leaks. Reviewed By: Josh Comments By: fcxSanya, Vladislav for D2094, and echotangoecho, leper in 61261d14fc This was SVN commit r22678.
2019-08-16 17:12:19 -07:00
#include <string>
typedef struct _ENetHost ENetHost;
Hide ip and port from users until they want to join, add optional password Current issue with the lobby, is that we make ips of hosts public for anyone to read. This patch consists of 3 parts. 1.) Removing ips and ports from lobby javascript 2.) Removing need of script on the server to attach public ips to game stanza by asking the host using xmppclient as proxy. 3.) Implementing password protected matches, to deny this information to not trusted players. Further description: Do not send ports and stunip to the bots. Removed from stanza. Do not send ip to the lobby. Removed from mapping gamelist from backend to gui (still on the backend side, because it is done by script on 0ad server). Get ip and ports on request when trying to connect. On the host side, ask stun server what is host's public ip and remember it. On the client side, send iq through xmppclient to the hosting player and ask for ip, port and if Stun is used, then if answer is success, continue with connecting, else fail. Add optional password for matches. Add password required identifier to the stanza. Allow host to setup password for the match. Hash it on the host side and store inside Netserver. If no password is given, matches will behave as it is not required. On the client side, if password for the match is required, show additional window before trying to connect and ask for password, then hash it and send with iq request for ip, port and stun. Server will answer with ip, port and stun only if passwords matches, else will asnwer with error string. Some security: Passwords are hashed before sending, so it is not easy to guess what users typed. (per wraitii) Hashes are using different salt as lobby hashing and not using usernames as salt (as that is not doable), so they are different even typing the same password as for the lobby account. Client remembers which user was asked for connection data and iq's id of request. If answer doesn't match these things, it is ignored. (thnx user1) Every request for connection data is logged with hostname of the requester to the mainlog file (no ips). If user gets iq to send connection data and is not hosting the match, will respond with error string "not_server". If server gets iq::result with connection data, request is ignored. Differential revision: D3184 Reviewed by: @wraitii Comments by: @Stan, @bb, @Imarok, @vladislavbelov Tested in lobby This was SVN commit r24728.
2021-01-20 10:31:39 -08:00
class CStr8;
namespace StunClient
{
/**
* Return the publicly accessible IP of the given ENet host/socket.
* This is done by contacting STUN server.
* The return IP & port should only be considered valid for the give host/socket.
*/
bool FindPublicIP(ENetHost& enetClient, CStr8& ip, u16& port);
/**
* Send a message to the target server with the given ENet host/socket.
* This will open a port on the local gateway (if any) to receive trafic,
* allowing the recipient to answer (thus 'punching a hole' in the NAT).
* NB: this assumes consistent NAT, i.e. the outgoing port is always the same for the given client,
* thus allowing the IP discovered via STUN to be sent to the target server.
*/
Fix unreported glooxwrapper leaks following 61261d14fc, refs #2305. Fixes an occurring leak indicated by the reported clang unused variable compiler warning, refs #5294, #5550, by adding the missing glooxwrapper::Jingle::Session::Session destructor . Fix two leaks that would have occurred if the according code had been used: Delete unused glooxwrapper::Jingle::ICEUDP::ICEUDP instead of adding the missing destructor. Delete unused glooxwrapper::Jingle::Content::Content instead of adding the missing destructor. Explain why glooxwrapper::Client::registerStanzaExtension doesn't leak the new StanzaExtensionWrapper. Explain why glooxwrapper::Jingle::Session::sessionInitiate doesn't leak the new gloox::Jingle::Content, nor the new gloox::Jingle::ICEUDP. Explain why glooxwrapper::SessionManager::registerPlugins doesn't leak the new gloox::Jingle::Content and new gloox::Jingle::ICEUDP. Explain why glooxwrapper::SessionManager::createSession doesn't leak the gloox::Jingle::Session. I will not leak memory in the glooxwrapper. I will not leak memory in the glooxwrapper. I will not leak memory in the glooxwrapper. Use references in the StunClient and glooxwrapper to anticipate any confusion as to whose obligation it is to delete variables when they are passed around across several files. Use static_cast and reinterpret_cast instead of C-style casts in the StunClient. Differential Revision: https://code.wildfiregames.com/D2094 Refs D2093 for the reported leaks. Reviewed By: Josh Comments By: fcxSanya, Vladislav for D2094, and echotangoecho, leper in 61261d14fc This was SVN commit r22678.
2019-08-16 17:12:19 -07:00
void SendHolePunchingMessages(ENetHost& enetClient, const std::string& serverAddress, u16 serverPort);
/**
* Return the local IP.
* Technically not a STUN method, but convenient to define here.
*/
bool FindLocalIP(CStr8& ip);
}
#endif // STUNCLIENT_H