The first header was used to include the SpiderMonkey JS API at once,
with safeguards and preprocessor defines. Nowadays, SpiderMonkey
provides modular headers allowing us to include what we use, refs #8086.
Some defines have to be moved to compiler options but it is apparently
a mistake from the SM developers:
https://bugzilla.mozilla.org/show_bug.cgi?id=1987876
Make include-what-you-use happy with some files in source and fix what
needs to be fixed.
Ref: #8086
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
This fixes the ability for users with uppercase letters in their
username to change their passwords, which wasn't possible before on
non-Windows platforms. The underlying issue for that is
https://github.com/processone/ejabberd/issues/4377 and in addition some
inconsistent normalization of usernames in password change requests
by gloox. This commit works around that by always using the local JID
part as username for password requests, which got the nodeprep string
profile already applied.
It also fixes a problem that Windows users which were able to change
their passwords, weren't able to login afterwards anymore, unless they
typed their username in all lowercase in the login form. This was caused
by using the all lowercase username as input for the password hash
function, instead of using the username in the user supplied case.
Fixes#7796
Avoid cases of filenames
Update years in terms and other legal(ish) documents
Don't update years in license headers, since change is not meaningful
Will add linter rule in seperate commit
Happy recompiling everyone!
Original Patch By: Nescio
Comment By: Gallaecio
Differential Revision: D2620
This was SVN commit r27786.
The purpose of our client-side hashing for lobby game passwords is to
prevent malicious hosts from getting valuable passwords from clients
(e.g. accidentally typing their lobby password instead of the game, or
even their email password, etc).
However, the hashing was deterministic (and rather simple), making it
possible to compute rainbow tables and recover user passwords anyways.
By adding more variation, including some that cannot so easily be
controlled by the host (the client name), this becomes impractical. The
password hashing function used is rather fast, but given the base low
probability of mistypes, this seems fine.
Differential Revision: https://code.wildfiregames.com/D3459
This was SVN commit r25459.
Instead of using platform-specific sockets, use enet_socket* functions
(which ends up doing the same).
Clean up some confusing APIs, removing the distinction between finding
the public IP for the host/join.
Fix endianness support & use simpler code.
Refs D364 / 61261d14fc (and some subsequent fixing diffs).
Differential Revision: https://code.wildfiregames.com/D3970
This was SVN commit r25453.
This allows joining a lobby game hosted on the same network (behind the
same NAT gateway).
This is relatively primitive to keep things simple: if the server and
the client have the same public IP, it is assumed that they are on the
same network and the client instead requests the local IP.
Differential Revision: https://code.wildfiregames.com/D3944
This was SVN commit r25448.
Follows 34b1920e7b.
This splits off the object-related functions, such as
[Set/Get/Has]Property, CreateObject, CreateArray, FreezeObject.
It also puts the definitions in the header itself, which might end up
with faster code here & there, though perhaps slower compilation time
(somewhat doubtful since we already included most things anyways).
Differential Revision: https://code.wildfiregames.com/D3956
This was SVN commit r25430.
Follows 34b1920e7b.
This separates StructuredClone & DeepCopy logic into its own header,
reducing the size of the monolithic ScriptInterface header.
Differential Revision: https://code.wildfiregames.com/D3922
This was SVN commit r25419.
XMPP JID has a concept of 'resources', which can be used to
differentiate multiple clients of the same account.
We currently hardcode this 'resource' to '0ad' in two places:
- The 0 A.D. client always uses '0ad'
- The network code expects a host resource to be '0ad' when connecting.
As noted in 0fd8aa2a77#31215, it is less effort to store the JI
D directly. This patch does that. It also makes 0 A.D. use a different
resource each time.
Note that resources ought not contain particular information, as the
XMPP server is free to
clobber it. I keep '0ad-' here for debug purposes.
This allows:
- multiple 0 A.D. instances to log on the lobby at the same time (not
massively useful, but good for debugging sometimes)
- hosting a game with a custom resource, which will potentially make it
easier to have dedi
cated servers on one account.
Note that hosting multiple games on one account is currently not
supported and will have weird behaviour on the lobbybots side. They
should be upgraded independently of this.
Refs #3556
Differential Revision: https://code.wildfiregames.com/D3500
This was SVN commit r25407.
- Replace ScriptInterface::RegisterFunction with
ScriptFunction::Register
- Mostly removing unused cmpPrivate*
- Some usage introduces specific getters (mapgenerator, AIWorker,
XmppClient,...)
- Several passthrough functions are simply removed in favour of calling
the original, reducing duplication
- Make use of ScriptRequest/ScriptInterface capabilities where
relevant.
- Make JSI_* headers only expose necessary functions, lightening them
considerably and reducing duplication
- Reuse namespaces in JSI_* implementations directly, reducing visual
noise there
Follows f3aedf88a6
Differential Revision: https://code.wildfiregames.com/D3626
This was SVN commit r24983.
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
Game selection details features:
* Display victory conditions following their sending but missing display
following bffe917914, refs 7b0f6f530c.
* Display the host of the match and the game name in the selected game
details following 61261d14fc, refs D1666.
* Display mods if the mods differ (without having to attempt to join the
game prior) following eca956a513.
Performance features:
* Implement batch message processing in the XmppClient to rebuild GUI
objects only once when receiving backlog or returning from a match.
* Implement Game class to cache gamelist, filter and sorting values, as
they rarely change but are accessed often.
* Cache sprintf objects.
Security fixes:
* Add escapeText in lobby/ to avoid players breaking the lobby for every
participant, supersedes D720, comments by bb.
* Do not hide broadcasted unrecognized chat commands that mods used as
leaking private channels, fixes#5615.
Defect fixes:
* Fix XmppClient.cpp storing unused historic message types resulting in
memory waste and unintentional replay of for instance
disconnect/announcements messages following both e8dfde9ba6/D819 and
6bf74902a7/D2265, refs #3306.
* Fix XmppClient.cpp victoryCondition -> victoryConditions gamesetup.js
change from 6d54ab4c1f/D1240.
* Fix leaderboard/profile page cancel hotkey closing the lobby dialog as
well and removes cancel hotkey note from lobby_panels.xml from
960f2d7c31/D817 since the described issue was fixed by f9b529f2fb/D1701.
* Fix lobby playing menu sound in a running game after having closed the
lobby dialog following introduction in 960f2d7c31/D817.
* Fix GUI on nick change by updating g_Username.
* Update profile panel only with data matching the player requested.
Hack erasure:
* Object semantics make it cheap to add state and cache values, storing
literals in properties while removing globals, adding events while
decoupling components and gaining moddability.
* Erase comments and translation comments stating that this would be
IRC!!, supersedes D1136.
* Introduce Status chat message type to supersede "/special" chat
command + "isSpecial" property from bffe917914 (formerly g_specialKey
e6840f5fca) deluxe hack.
* Introduce System chat message type to supersede system errors
disguising as chat from a mock user called "system".
Code cleanups:
* Move code from XML to JS.
* Move size values from JS to XML, especially following 960f2d7c31/D817
and 7752219cef/D1051.
* Rename "user" to "player".
* Fix lobby/ eslint warnings, refs D2261.
* Remove message.nick emptiness check from 0940db3fc0/D835, since
XEP-0045 dictates that it is non-empty.
* Add translated string for deleted subjects.
* Add TODOs for some evident COList issues, refs #5638.
Differential Revision: https://code.wildfiregames.com/D2412
This was SVN commit r23172.
The commit introduced support for arbitrary lobby CreateGUIMessage
JS::Value arguments but didn't transfer wstring_from_utf8 appropriately.
Instead of enlengthening the code by reintroducing utf8_from_wstring
everyhwere, shorten the code and specialize ToJSVal for
glooxwrapper::string and gloox enums.
Avoid string copies for XmppClient getters, refs D1668:
Change GetPresence() and GetRole() to return the pointer to the string
literal instead of copy constructing a std::string each call.
Don't reintroduce the unneeded utf8_from_wstring conversions for the
untranslatable ASCII identifiers returned by GetPresence() and
GetRole().
Change GetSubject() to return a const ref to the member instead of copy
assigning the std::string to an output value.
Change m_Subject to std::wstring to avoid constructing a copy using
wstring_from_utf8 each GetSubject() call.
Change gloox enum to translatable string functions to be static, so as
to use them in the new ToJSVal functions (enabled by not calling
CertificateErrorToString from ConnectionErrorToString anyymore in
92fc34c87c/D2274).
Avoid per-player string copies in m_PlayerMap:
Change m_PlayerMap value type from std::vector<std::string> to a new
PlayerMap struct with named members for readability.
Use gloox enums as PlayerMap values to avoid constructing (performance)
and storing (memory footprint) std::strings.
The JS String is created from the pointer to the ASCII string literal
without intermediaries.
Use glooxwrapper::string for nickname and m_Rating since it's the data
source type received in relevant places, but that might be improved for
performance with std::wstring.
Construct map values in place where possible and post error instead of
silently inserting if an existing value is to be modified.
Avoid repeated std::map lookups on string keys by caching the
PlayerMap::iterator where available.
Remove some glooxwrapper::string to_string() calls redundant with its
operator<< and improve DbgXMPP gloox enum output.
Transfer rating too upon nickchange.
Differential Revision: https://code.wildfiregames.com/D2271
Tested on: clang 8.0.1, Jenkins
This was SVN commit r22891.
Update the list when the data it is built from changes, not only for
presence changes.
Differential Revision: https://code.wildfiregames.com/D2283
Tested on: clang 8.0.1, Jenkins
This was SVN commit r22888.
Creates the GUI messages directly as JS::Values and removes the
intermediary rigid struct.
Implementation similar to ScriptInterface::CreateObject from D2080.
Differential Revision: https://code.wildfiregames.com/D2264
Tested on: clang 8.0.1, Jenkins
This was SVN commit r22856.
They were only used to determine whether the playerlist should be
rebuilt, which can be achieved by a boolean member.
So this patch is removing unnecessary indirection from the original
solution in 8b437a0b1c and the reduction in 16b976fc35, refs #3386.
In particular the LobbyClearPresenceUpdates call was ugly and one doesnt
need hundreds of messages with data on it each if one only wants to know
if there was one.
Makes past (e8dfde9ba6) and future (D2264) patches less complex, refs
#4877.
Differential Revision: https://code.wildfiregames.com/D2265
Tested on: gcc 9.1.0, clang 8.0.1, Jenkins
This was SVN commit r22855.
Fixes an occurring leak indicated by the reported clang unused variable
compiler warning, refs #5294, #5550,
by adding the missing glooxwrapper::Jingle::Session::Session destructor
.
Fix two leaks that would have occurred if the according code had been
used:
Delete unused glooxwrapper::Jingle::ICEUDP::ICEUDP instead of adding the
missing destructor.
Delete unused glooxwrapper::Jingle::Content::Content instead of adding
the missing destructor.
Explain why glooxwrapper::Client::registerStanzaExtension doesn't leak
the new StanzaExtensionWrapper.
Explain why glooxwrapper::Jingle::Session::sessionInitiate doesn't leak
the new gloox::Jingle::Content, nor the new gloox::Jingle::ICEUDP.
Explain why glooxwrapper::SessionManager::registerPlugins doesn't leak
the new gloox::Jingle::Content and new gloox::Jingle::ICEUDP.
Explain why glooxwrapper::SessionManager::createSession doesn't leak the
gloox::Jingle::Session.
I will not leak memory in the glooxwrapper.
I will not leak memory in the glooxwrapper.
I will not leak memory in the glooxwrapper.
Use references in the StunClient and glooxwrapper to anticipate any
confusion as to whose obligation it is to delete variables when they are
passed around across several files.
Use static_cast and reinterpret_cast instead of C-style casts in the
StunClient.
Differential Revision: https://code.wildfiregames.com/D2094
Refs D2093 for the reported leaks.
Reviewed By: Josh
Comments By: fcxSanya, Vladislav for D2094, and echotangoecho, leper in
61261d14fc
This was SVN commit r22678.
The affected function was imprecise, because it called a playerlist
update whenever a "chat" level message was received instead
of only updating the playerlist if it's actually influencing the
displayed playerlist.
When there is a chat message, lobby subject change or user-role change,
there is no need to update the list.
Differential Revision: https://code.wildfiregames.com/D671
Refs #3386, 8b437a0b1c
Reviewed By: fpre / ffffffff
This was SVN commit r20040.
Allows lobby players to host games without having to configure their
router.
Differential Revision: https://code.wildfiregames.com/D364Fixes#2305
Patch By: fcxSanya.
StunClient based on code by SuperTuxKart, relicensed with approval of
the according authors hilnius, hiker, Auria, deveee, Flakebi, leper,
konstin and KroArtem.
Added rfc5245 (ejabberd) support, a GUI option, refactoring and segfault
fixes by myself.
Tested By: user1, Sandarac, Sestroretsk1714, Vladislav, Grugnas,
javiergodas
Partially Reviewed By: leper, Philip, echotangoecho
This was SVN commit r19703.
This upgrade also introduces exact stack rooting (see to the wiki:
JSRootingGuide) and fixes problems with moving GC. This allows us to
enable generational garbage collection (GGC).
Measurements a few months ago have shown a performance improvement of a
non-visual replay of around 13.5%. This probably varies quite a bit, but
it should be somewhere between 5-20%. Memory usage has also been
improved. Check the forum thread for details.
Thanks to everyone from the team who helped with this directly or
indirectly (review, finding and fixing issues, the required C++11
upgrade, the new autobuilder etc.)! Also thanks to the SpiderMonkey
developers who helped on the #jsapi channel or elsewhere!
Fixes#2462, #2415, #2428, #2684, #1374
Refs #2973, #2669
This was SVN commit r16214.
The Multiplayer lobby needs some changes to avoid compartment
mismatches. Instead of initializing it with a ScriptInterface and
storing script values at different locations, it takes a ScriptInterface
argument in the functions that really need to read or write some script
values and avoids storing values as script values with an associated
compartment where possible.
The scripting interface of the lobby is also adjusted to use
JSInterface_Lobby.h/cpp files as other components instead of adding all
functions to ScriptFunctions.cpp. This makes it a bit more clearly
arranged IMO.
Fixes#2267
Refs #2241
Refs #1886
This was SVN commit r14199.
