To hide network latency, MP turns send commands not for the next turn
but N turns after that (introduced in c684c211a2).
Further, MP turn length was increased to 500ms compared to 200ms SP
turns (introduced in 6a15b78c98).
Unfortunately, increasing MP turn length has negative consequences:
- makes pathfinding/unit motion much worse & unit behaviour worse in
general.
- makes the game more 'lag-spikey', since computations are done less
often, but thus then can take more time.
This diff essentially reverts 6a15b78c98, instead increasing
COMMAND_DELAY from 2 to 4 in MP. This:
- Reduces the 'inherent command lag' in MP from 1000ms to 800ms
- Increases the lag range at which MP will run smoothtly from 500ms to
600ms
- makes SP and MP turns behave identically again, removing the
hindrances described above.
As a side effect, single-player was not actually using COMMAND_DELAY,
this is now done (can be used to simulate MP command lag).
Refs #3752
Differential Revision: https://code.wildfiregames.com/D3275
This was SVN commit r25001.
- Replace ScriptInterface::RegisterFunction with
ScriptFunction::Register
- Mostly removing unused cmpPrivate*
- Some usage introduces specific getters (mapgenerator, AIWorker,
XmppClient,...)
- Several passthrough functions are simply removed in favour of calling
the original, reducing duplication
- Make use of ScriptRequest/ScriptInterface capabilities where
relevant.
- Make JSI_* headers only expose necessary functions, lightening them
considerably and reducing duplication
- Reuse namespaces in JSI_* implementations directly, reducing visual
noise there
Follows f3aedf88a6
Differential Revision: https://code.wildfiregames.com/D3626
This was SVN commit r24983.
The 'controller' of an MP game (the host in general, though dedicated
servers would change that) is currently whoever first tells the server
that it is. This can be abused since it relies on trusting the clients.
This changes that logic: the server defines a 'controller secret', and
the first client to sent the correct controller secret is the
controller. This is safe assuming the secret is unknowable enough (the
current solution wouldn't pass strict cryptography tests, but it's
likely good enough).
Reverts 1a3fb29ff3, which introduced the 'trust the clients' mechanic,
as a change over 'the first local IP is controller'.
Necessary step towards dedicated server, if we want to use the regular
gamesetup (Refs #3556)
Differential Revision: https://code.wildfiregames.com/D3075
This was SVN commit r24952.
Follow-up to 1a8de6d2b8. This makes it again possible to host without
STUN via the lobby.
The lobby bot will answer the host "Register" command with the external
IP. This is only sent to the host, avoiding IP leakage.
There is a small window in which a client might try to join and the
public IP isn't up, and the request goes through, but that seems rather
unlikely to be a problem in practice.
Refs #5913
Differential Revision: https://code.wildfiregames.com/D3490
This was SVN commit r24858.
As suggested by elexis, 1a8de6d2b8 should get some protection against
brute force attacks on password.
This is supposed to prevent attackers from getting connection data by
guessing the password.
Each failed attempt increases the counter.
XmppClient on the server side checks for the users with certain number
of failed attempts, determined in CNetServer, and refuses to check the
password, answering with banned message.
So they cant guess again in given match. Effect of this block will
dissapear after new match is created.
Differential revision: D3467
Comments by: wraitii, Stan
Tested by: Stan, Freagarach
Ref: #5913
This was SVN commit r24794.
Follows 1a8de6d2b8.
Validate the password when a client joins a game, so even a player that
knows the connection data cannot join.
Refs #3556, Refs #5913
Differential Revision: https://code.wildfiregames.com/D3438
This was SVN commit r24775.
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
The NetClient code is now threaded, and this means it can try to flush
messages while 'knowingly' being disconnected.
This can be avoided by storing some state in NetClientSession
Improves 2d40068cd1, refs #3700
Differential Revision: https://code.wildfiregames.com/D3352
This was SVN commit r24616.
Follows 107d3d461f and other 'pthread->std::thread' diffs.
Windows uses Structured Exception Handling to allow reporting errors
(both C++ and hardware) nicely. This works by wrapping the code in a
__try __catch block.
The pthread wrapper did this automatically, but we now need to do it
explicitly for std::thread.
Tested by: Stan
Differential Revision: https://code.wildfiregames.com/D3261
This was SVN commit r24530.
This threads the netclient session, which avoids timeouts when the
main-thread is not polling (map creation, very long simulation frames).
Unlike the NetServer, which should be as independent as possible from
the main thread, the NetClient is fundamentally tied to the game thread.
Therefore, this only threads the session object.
To ensure good performance and ease-of-use, lock-free queues for
in/out-going messages are used.
This fixes artificial timeouts, while also improving actual ping reports
(since frame-time is no longer a factor).
It effectively reverts D1513/eda236522c and 2e7e1c0b2b, all hacks around
lag-timeouts (and bits of 1a3fb29ff3).
Based on a patch by: Stan
Comments by: Vladislavbelov
Fixes#3700, refs #3373
Differential Revision: https://code.wildfiregames.com/D2848
This was SVN commit r24518.
GUIObjectBase is made a IGUIObject* to avoid including those headers
un-necessarily. Subsequent diffs ought to clean up the various of
pointers for that with a similar type with reference semantics.
Also:
- Add standard C and C++ headers (mostly cstring for memcpy, string and
vector) where needed.
- Swap out some includes for forward declarations
- Clean up un-necessary boost includes in precompiled and other headers.
- Clean up precompiled headers, including fewer things.
- Move ACPI to the windows-specific folder as it's included there only
and mostly specific to that platform.
Thanks Stan for the testing.
Differential Revision: https://code.wildfiregames.com/D3129
This was SVN commit r24352.
This ugprades 0 A.D. to the latest ESR at the moment of writing.
Mostly straighforward API changes (see meta-Bug 1633145)
- js::Class is merged with JSClass
- JSNewArrayObject becomes JS::NewArrayObject
- ArrayObject-functions are moved to a new public header Array.h
- JSMSG error messages have again been changed, requiring some tweaks.
- AutoValueArray becomes RootedBalueArray (Bug 1634435)
- 'uneval' is behind a Realm flag (Bug 1565170), but no removal is
planned in the short-term future.
- Some minor GC API changes (Bugs 1569564 and 1633405)
- Error reporting has had some tweaks, and error flags have been removed
(Bug 1620583)
- StructuredClone are now always thread-safe, simplifying an API change
introduced in SM52 (Bug 1607791)
Tested by: Stan, Freagarach, mammadori
Closes#5861
Differential Revision: https://code.wildfiregames.com/D3168
This was SVN commit r24333.
This cleans up many un-necessary header includes, either simply
providing nothing or forward declarations in their place.
No major compilation time change here, though this does reduce depencies
in some headers.
Also fix up old MacOS STL-include fixes that are no longer relevant.
Differential Revision: https://code.wildfiregames.com/D3128
This was SVN commit r24227.
No particularly noteworthy changes, as most complex API changes were
already supported in SM45 and done.
The addition of JSStructuredCloneData allows to remove our custom class.
Changes:
- InformalValueTypeName is back in the API, so remove our
implementation.
- Stop using JSRuntime entirely in favour of JSContext*
- JSPropertyDescriptor is renamed.
- CompartmentOptions are tweaked slightly (no functional changes)
- JS::Construct - API update.
- JSClass split - API update.
- A js.msg error message was removed, so we had to use a different one.
- Tests fix: fix comparison of union instances
- Disable warning in spidermonkey Vector.h
- Update error reporting to SM52 (minor API updates)
- Ignore warnings about unused return values (would come from OOM, which
isn't recoverable)
Most of the patching was done by Itms.
Tested by: Stan, Freagarach
Fixes#4893
Differential Revision: https://code.wildfiregames.com/D3095
This was SVN commit r24203.
- Check for pending exceptions after function calls and script
executions.
- Call LOGERROR instead of JS_ReportError when there is a conversion
error in FromJSVal, since that can only be called from C++ (where JS
errors don't really make sense). Instead, C++ callers of FromJSVal
should handle the failure and, themselves, either report an error or
simply do something else.
- Wrap JS_ReportError since that makes updating it later easier.
This isn't a systematical fix since ToJSVal also ought return a boolean
for failures, and we probably should trigger errors instead of warnings
on 'implicit' conversions, rather a preparation diff.
Part of the SM52 migration, stage: SM45 compatible (actually SM52
incompatible, too).
Based on a patch by: Itms
Comments by: Vladislavbelov, Stan`
Refs #742, #4893
Differential Revision: https://code.wildfiregames.com/D3093
This was SVN commit r24187.
SM52 essentially replaces JSRuntime with JSContext (though JSContext
itself was replaced with JSCompartment).
To prepare for this migration, rename all Runtime-related things to
Context.
Part of the SM52 migration, stage: SM45 compatible.
Patch by: Itms
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3091
This was SVN commit r24181.
ScriptInterface is now a wrapper around a JSCompartment, and thus always
has a well-defined global.
The error reporter is moved to ScriptRuntime in anticipation of that
handling JSContext in a later diff.
Part of the SM52 migration, stage: SM45 compatible.
Patch by: Itms
Tested By: Freagarach
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3090
This was SVN commit r24180.
As part of the SM45->52 migration, a ScriptInterface becomes a wrapper
around a JSCompartment, not a JSContext, thus we ought to store private
data for the compartment and not the context.
This is a mass rename of CxPrivate to CmptPrivate to match that before
the actual changes.
Part of the SM52 migration, stage: SM45 compatible
Patch by: Itms
Tested By: Freagarach
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3089
This was SVN commit r24177.
JSAutoRequest is required before calling into most JSAPI methods, for GC
reasons.
Calling it is required and fragile as one must not forget.
Further, SM52 and later make manipulating JSContext* dangerous as that
can cross Compartment(Realm in SM68) barriers (and ScriptInterface now
matches a Compartment).
The solution to both problems is to avoid using JSContext* in 0 A.D.
itself. To achieve this, a Request class is introduced, and must be used
to access a JSContext* from a scriptInterface. Further, Request is
passed to other ScriptInterface functions isntead of JSContext*, making
it obvious that the caller has already called it, reducing errors and
redundant JSAutoRequest calls.
Only JSNative functions now get a naked JSContext* without protection,
but the likelihood of forgetting a request is lower since many
ScriptInterface functions now expect it.
JSContext* is directly passed to JSAPI functions only.
Part of the SM52 migration, stage: SM45 compatible
Based on a patch by: Itms
Tested By: Freagarach
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3088
This was SVN commit r24176.
- Makes it easier to change down the line (and change is coming)
- Allows making g_ScriptRuntime thread-local easily.
- Remove ParentRuntime, which is not used at the moment.
Part of the SM52 migration, stage: SM45 compatible.
Patch by: Itms
Tested By: Freagarach
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3087
This was SVN commit r24171.
DefPersistentRooted is essentially a wrapper around unique_ptr and has
no real reason to exist.
Part of SM52 migration, stage: SM45 compatible.
Patch by: Itms
Tested by: Freagarach
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3086
This was SVN commit r24170.
This crash occured on the receiver machine, making it effectively a
remote crash attack.
Reported by: Riddler66
Based on a patch by: elexis
Fixes#5726
Differential Revision: https://code.wildfiregames.com/D2629
This was SVN commit r23918.
Avoid redundant map lookups by caching the iterator.
Remove c-style casts by using type specific printf parameters, and
static_cast elsewhere.
Use references while at it, and typedef -> using.
Differential Revision: https://code.wildfiregames.com/D1567
Comments by: Vladislav
Tested on: clang 8.0.1, gcc 9.1.0
This was SVN commit r22916.
Make that function static, so that it can be used for these functions
without slowly having to obtain the ScriptInterface instance using
GetScriptInterfaceAndCBData just to get the JSContext again.
Remove few redundant conversions for CreateObject arguments.
Differential Revision: https://code.wildfiregames.com/D2128
Tested on: gcc 9.1.0, clang 8.0.1, Jenkins
Tedious performance testing in: D2128, D2127
This was SVN commit r22894.
1c0536bf08 introduced a disableGraphics bool with a default value and
relied on the default being reasonable except for the few needed cases.
be93b31411 introduced the replayLog argument with a default value and
relied on the default being reasonable except for the few needed cases.
5747619c39 fixed a bug in that commit because the default value hadn't
actually been considered to be correct for all CGame constructor calls
and was wrong for two.
By requiring callers to specify the value, authors are forced to
establish thought which value is the correct one, as opposed to hoping
that a default value will be good by default.
As you can see in the diff, it also makes it easier to compare what
values changed if they are always defined in the caller.
Use CRenderer::IsInitialised() to determine if this is a non-visual
CGame,
for the purpose of removing less transparent proxy functions that are
unneeded as long as there are about 30 other calls testing for
CRenderer::IsInitialised() to determine if the Game should be rendered.
Supersedes:
* CGame constructor argument bool disableGraphics from 1c0536bf08.
* CGame::IsGraphicsDisabled() proxy from a533fff883 to the proxy from
1c0536bf08 and two local nonVisual = args.Has("autostart-nonvisual")
variables in GameSetup.cpp from a533fff883.
Call the Renderer destructor instead of calling delete on the
non-pointer (SAFE_DELETE would not be supported for instance).
Started as a preparation for D2197, but actually independent.
Differential Revision: https://code.wildfiregames.com/D2211
This was SVN commit r22785.
HasSetting from 3dfa23cd25 is actually redundant with
IGUIObject::SettingExists.
GetSettingPointer from 8f4f8e240f is superseded by GetSetting reference
following 3dfa23cd25 and 040624acff.
Deregister copying SetSetting variants for CStr and CStrW following copy
removal in 040624acff.
The default template <typename T=int> from c2a71e41bf can be removed
following FallBackSprite/FallBackColor removal in 9985fcf5bd and
RecurseObject unification in d4d5187c9d.
Delete all unused GUI includes, refs D1478.
Remove GUIUtil friend class following something.
Differential Revision: https://code.wildfiregames.com/D2225
Tested on: gcc 9.1.0, Jenkins
This was SVN commit r22779.
Fixes an occurring leak indicated by the reported clang unused variable
compiler warning, refs #5294, #5550,
by adding the missing glooxwrapper::Jingle::Session::Session destructor
.
Fix two leaks that would have occurred if the according code had been
used:
Delete unused glooxwrapper::Jingle::ICEUDP::ICEUDP instead of adding the
missing destructor.
Delete unused glooxwrapper::Jingle::Content::Content instead of adding
the missing destructor.
Explain why glooxwrapper::Client::registerStanzaExtension doesn't leak
the new StanzaExtensionWrapper.
Explain why glooxwrapper::Jingle::Session::sessionInitiate doesn't leak
the new gloox::Jingle::Content, nor the new gloox::Jingle::ICEUDP.
Explain why glooxwrapper::SessionManager::registerPlugins doesn't leak
the new gloox::Jingle::Content and new gloox::Jingle::ICEUDP.
Explain why glooxwrapper::SessionManager::createSession doesn't leak the
gloox::Jingle::Session.
I will not leak memory in the glooxwrapper.
I will not leak memory in the glooxwrapper.
I will not leak memory in the glooxwrapper.
Use references in the StunClient and glooxwrapper to anticipate any
confusion as to whose obligation it is to delete variables when they are
passed around across several files.
Use static_cast and reinterpret_cast instead of C-style casts in the
StunClient.
Differential Revision: https://code.wildfiregames.com/D2094
Refs D2093 for the reported leaks.
Reviewed By: Josh
Comments By: fcxSanya, Vladislav for D2094, and echotangoecho, leper in
61261d14fc
This was SVN commit r22678.
std::thread crashes when destroyed without being joined or detached.
Joining would wait on the UPnP thread, which can take upwards of 10
seconds, so detach instead.
Reviewed By: elexis
Differential Revision: https://code.wildfiregames.com/D2181
This was SVN commit r22674.
This removes pthread mutexes/threads from:
- vfs
- the resource handler manager
- timer
- the network server.
This allows removing it from our general posix include header.
Differential Revision: https://code.wildfiregames.com/D1920
This was SVN commit r22666.
ThreadUtil shipped a scope lock and a mutex implementation, which can be
removed since we now have these in the standard library.
This lets us clean up this header which get included everywhere (through
profiler includes).
Tested By: Angen and Stan
Differential Revision: https://code.wildfiregames.com/D1915
This was SVN commit r22344.
This prevents a lobby player banned by the host from rejoining after
getting a new IP address and changing the rating part of the nickname,
refs #5320, #3241 / 32da740f14, #3549 / 0fd8aa2a77 / D897.
Differential Revision: https://code.wildfiregames.com/D1655
Reproduced By: Hannibal_Barca
This was SVN commit r21918.
This is due to too many oversteppings of the lobby Terms of Use
following JS mods that implemented an UI for players to join lobby games
with arbitrary nicknames or 'replace' / impersonate other players in
lobby games.
Agreed with: user1, Dunedan
Code proofread by: Vladislav
Minor discussions with: Imarok, Hannibal_Barca, smiley, fpre, bb, nani
refs
https://wildfiregames.com/forum/index.php?/topic/24722-improving-mod-security/
This was SVN commit r21877.
This works in autostartmode because that sets every client to an
observer and still relies on enabled cheats to have players assign
themselves.
This was SVN commit r21854.
