It has to be called before `SetupConnection` is called. Now the
server-data is setup during the constructor.
When connecting using the lobby, the data isn't known at construction
time. Then it is done at the start of `TryToConnectWithSTUN`.
It's better to construct a js-array from a `JS::RootedValueVector`.
Because it is more strongly typed and the index doesn't has to be
specified when appending an element.
Some usages are replaced with `JS::RootedValueArray`.
Fixes: #8702
The gendered citizen feature changed stat counter names in
3592814aa8 which are submitted to echelon
for rated games with the game report, the change in name for the property
means it no longer matches the database column name effectively breaking
rated games.
Translate the property name on the fly.
Fixes: #8687
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
Shows the reason for the role change in the status message. This is
mostly relevant for communicating the reason and possibly duration for a
moderator or bot muting a user.
Refs: #5679
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
Prefix output of DbgXMPP so it is clearly assosiated. Furhter avoid
newlines in debug statements.
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
When a patch version is released, it must declare compatibility with the
previous patch versions of the same main release. This allows players to
keep replaying their games and to keep playing online with users of
other patches of the same main release.
This should have anticipated for dae7a8c394
Make include-what-you-use happy with some files in source and fix what
needs to be fixed.
Ref: #8086
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
Some gloox headers need workarounds to be included, so mark the header
"lib/external_libraries/gloox.h" as source for all gloox symbols and
collect all headers we use under it.
Further make include-what-you-use happy with files in source/lobby and
fix what needs to be fixed after.
Ref: #8086
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
This fixes the ability for users with uppercase letters in their
username to change their passwords, which wasn't possible before on
non-Windows platforms. The underlying issue for that is
https://github.com/processone/ejabberd/issues/4377 and in addition some
inconsistent normalization of usernames in password change requests
by gloox. This commit works around that by always using the local JID
part as username for password requests, which got the nodeprep string
profile already applied.
It also fixes a problem that Windows users which were able to change
their passwords, weren't able to login afterwards anymore, unless they
typed their username in all lowercase in the login form. This was caused
by using the all lowercase username as input for the password hash
function, instead of using the username in the user supplied case.
Fixes#7796
This makes using STUN mandatory for games hosted using the multiplayer
lobby. The motivation for that is a reduction in complexity, because
right now if STUN is disabled we use a home-grown STUN-like logic, which
got implemented before Pyrogenesis got STUN support.
That home-grown logic relies on a custom ejabberd module (mod_ipstamp),
which inserts the external IP-address of a host in the response messages
when a host registers a game. Originally mod_ipstamp was also used to
inform all potential players of a hosts IP-address, however that has
already been removed to let hosts to only share their IP-address with
players actually joining their game.
Removing the home-grown logic and instead always relying on STUN removes
complexity in Pyrogenesis and the lobby server and also eases hosting
games for players, as they don't have to figure out anymore whether they
need to enable STUN or not.
These changes shouldn't negatively impact the ability of Pyrogenesis to
handle different types of NAT or broken networks. There is one
difference though: While the custom logic using mod_ipstamp utilized TCP
as transport protocol, the STUN implementation in Pyrogenesis currently
uses UDP. That doesn't allow hosts with UDP-connectivity issues to
resolve their external IP-address anymore, however without
UDP-connectivity they aren't able to successfully host games anyway, as
the actual game updates are transferred using UDP as well.
- Shallow-freezing of objects is never used in our codebase, so remove
that code path.
- Deep-freeze is bugged in recent versions of SpiderMonkey (see bug
https://bugzilla.mozilla.org/show_bug.cgi?id=1930258). Until a fix
and/or a better API is provided, reimplement this feature by
recusively freezing object properties.
- Add tests for the deepfreeze function.
During the removal of glooxwrapper the function GetJID was mapped to
getID. This results in NetClient querying for host jid not getting the
right value which prevents hosting a game in the lobby.
Reported-by: Dunedan
Refs: #7203
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
This wrapper was meant to support multiple C++ ABIs with a single
pre-built gloox library wrap as a C library. A new ABI change was
rejected a few years back, so this will probably take a while for it to
be on the table again. With the bug tracker and mailing list currently
unavailable and known TLS issues we might have replaced gloox by then
anyway.
Supporting multiple ABIs with the current setup isn't an issue either
and is already done for 32bit vs 64bit ABI on Windows.
Therefore use gloox types directly in lobby code instead of wrapper
types and delete the wrapper and build-integration.
Migrate to override where applicable, as it helped avoid subtle
differences in signatures and finding missing inheritance of LogHandler.
Finally use version check instead of os check to work around Windows
using the 1.1 development branch instead of releases.
Fixes: #7198
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
Up to now Pyrogenesis didn't check if lobby related XMPP stanzas were
sent by the lobby bots. This meant that every user could send forged
data, like the list of games, to be displayed by another user. This
change fixes that by checking such stanzas come from the expected lobby
bots.
Patch by: @Dunedan
Accepted by: @Stan
Differential Revision: https://code.wildfiregames.com/D5216
This was SVN commit r28197.
Previously private messages and announcements got handled the same way.
This adds a distinct handling for server announcements, which allows
formatting them in a different way. They are now not prefixed with
"Private" anymore and show the announcement subject as well, if one was
set.
Patch by: @Dunedan
Accepted by: @Stan
Differential Revision: https://code.wildfiregames.com/D5268
This was SVN commit r28186.
Avoid cases of filenames
Update years in terms and other legal(ish) documents
Don't update years in license headers, since change is not meaningful
Will add linter rule in seperate commit
Happy recompiling everyone!
Original Patch By: Nescio
Comment By: Gallaecio
Differential Revision: D2620
This was SVN commit r27786.
The purpose of our client-side hashing for lobby game passwords is to
prevent malicious hosts from getting valuable passwords from clients
(e.g. accidentally typing their lobby password instead of the game, or
even their email password, etc).
However, the hashing was deterministic (and rather simple), making it
possible to compute rainbow tables and recover user passwords anyways.
By adding more variation, including some that cannot so easily be
controlled by the host (the client name), this becomes impractical. The
password hashing function used is rather fast, but given the base low
probability of mistypes, this seems fine.
Differential Revision: https://code.wildfiregames.com/D3459
This was SVN commit r25459.
Instead of using platform-specific sockets, use enet_socket* functions
(which ends up doing the same).
Clean up some confusing APIs, removing the distinction between finding
the public IP for the host/join.
Fix endianness support & use simpler code.
Refs D364 / 61261d14fc (and some subsequent fixing diffs).
Differential Revision: https://code.wildfiregames.com/D3970
This was SVN commit r25453.
This allows joining a lobby game hosted on the same network (behind the
same NAT gateway).
This is relatively primitive to keep things simple: if the server and
the client have the same public IP, it is assumed that they are on the
same network and the client instead requests the local IP.
Differential Revision: https://code.wildfiregames.com/D3944
This was SVN commit r25448.
Follows 34b1920e7b.
This splits off the object-related functions, such as
[Set/Get/Has]Property, CreateObject, CreateArray, FreezeObject.
It also puts the definitions in the header itself, which might end up
with faster code here & there, though perhaps slower compilation time
(somewhat doubtful since we already included most things anyways).
Differential Revision: https://code.wildfiregames.com/D3956
This was SVN commit r25430.
All ToJSVal/FromJSVal definitions are put in a separate header.
Remove AssignOr[To/From]JSVal duplication.
The functions were already static so this is rather straightforward.
Follows 34b1920e7b and 2bae30c454
Differential Revision: https://code.wildfiregames.com/D3953
This was SVN commit r25428.
Follows 34b1920e7b.
This separates StructuredClone & DeepCopy logic into its own header,
reducing the size of the monolithic ScriptInterface header.
Differential Revision: https://code.wildfiregames.com/D3922
This was SVN commit r25419.
XMPP JID has a concept of 'resources', which can be used to
differentiate multiple clients of the same account.
We currently hardcode this 'resource' to '0ad' in two places:
- The 0 A.D. client always uses '0ad'
- The network code expects a host resource to be '0ad' when connecting.
As noted in 0fd8aa2a77#31215, it is less effort to store the JI
D directly. This patch does that. It also makes 0 A.D. use a different
resource each time.
Note that resources ought not contain particular information, as the
XMPP server is free to
clobber it. I keep '0ad-' here for debug purposes.
This allows:
- multiple 0 A.D. instances to log on the lobby at the same time (not
massively useful, but good for debugging sometimes)
- hosting a game with a custom resource, which will potentially make it
easier to have dedi
cated servers on one account.
Note that hosting multiple games on one account is currently not
supported and will have weird behaviour on the lobbybots side. They
should be upgraded independently of this.
Refs #3556
Differential Revision: https://code.wildfiregames.com/D3500
This was SVN commit r25407.
- 25332f9b86 added 'override' to a method in ShaderProgram.cpp. This
adds it to the rest.
- BinarySerializer.cpp had custom JS includes, because putting those in
ScriptExtraHeaders failed. The cause is that gloox leaves "#define
lookup" up. This has been reported upstream, and fixed here.
- VS17 complains about an uninitialised variable, though the usage is
safe.
Differential Revision: https://code.wildfiregames.com/D3916
This was SVN commit r25359.
- Replace ScriptInterface::RegisterFunction with
ScriptFunction::Register
- Mostly removing unused cmpPrivate*
- Some usage introduces specific getters (mapgenerator, AIWorker,
XmppClient,...)
- Several passthrough functions are simply removed in favour of calling
the original, reducing duplication
- Make use of ScriptRequest/ScriptInterface capabilities where
relevant.
- Make JSI_* headers only expose necessary functions, lightening them
considerably and reducing duplication
- Reuse namespaces in JSI_* implementations directly, reducing visual
noise there
Follows f3aedf88a6
Differential Revision: https://code.wildfiregames.com/D3626
This was SVN commit r24983.
Follow-up to 1a8de6d2b8. This makes it again possible to host without
STUN via the lobby.
The lobby bot will answer the host "Register" command with the external
IP. This is only sent to the host, avoiding IP leakage.
There is a small window in which a client might try to join and the
public IP isn't up, and the request goes through, but that seems rather
unlikely to be a problem in practice.
Refs #5913
Differential Revision: https://code.wildfiregames.com/D3490
This was SVN commit r24858.
As suggested by elexis, 1a8de6d2b8 should get some protection against
brute force attacks on password.
This is supposed to prevent attackers from getting connection data by
guessing the password.
Each failed attempt increases the counter.
XmppClient on the server side checks for the users with certain number
of failed attempts, determined in CNetServer, and refuses to check the
password, answering with banned message.
So they cant guess again in given match. Effect of this block will
dissapear after new match is created.
Differential revision: D3467
Comments by: wraitii, Stan
Tested by: Stan, Freagarach
Ref: #5913
This was SVN commit r24794.
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
