thirdpartymirrors/RingRacers
1
0
Fork 0
mirror of https://github.com/KartKrewDev/RingRacers.git synced 2025-12-17 13:32:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Sigfail command for testing, fix guest join sigcheck, scaffolding for sigfail kick reason

Browse source
This commit is contained in:
AJ Martinez 2023-03-19 20:48:45 -07:00 committed by James R
parent 936da9870c
commit 2925843ea2
4 changed files with 45 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
src/d_clisrv.c
View file

@ -166,6 +166,9 @@ tic_t firstconnectattempttime = 0;
uint8_t awaitingChallenge[32];
consvar_t cv_allowguests = CVAR_INIT ("allowguests", "On", CV_SAVE, CV_OnOff, NULL);
#ifdef DEVELOP
consvar_t cv_sigfail = CVAR_INIT ("sigfail", "Off", CV_SAVE, CV_OnOff, NULL);
#endif
// engine
@ -855,6 +858,14 @@ static boolean CL_SendJoin(void)
I_Error("Couldn't self-verify key associated with player %d, profile %d.\nProfile data may be corrupted.", i, cv_lastprofile[i].value); // I guess this is the most reasonable way to catch a malformed key.
}
#ifdef DEVELOP
if (cv_sigfail.value)
{
CONS_Alert(CONS_WARNING, "SIGFAIL enabled, scrubbing signature from CL_SendJoin\n");
memset(signature, 0, 64);
}
#endif
// Testing
// memset(signature, 0, sizeof(signature));
@ -3177,6 +3188,10 @@ static void Got_KickCmd(UINT8 **p, INT32 playernum)
HU_AddChatText(va("\x82*%s left the game (Connection timeout)", player_names[pnum]), false);
kickreason = KR_TIMEOUT;
break;
case KICK_MSG_SIGFAIL:
HU_AddChatText(va("\x82*%s left the game (Invalid signature)", player_names[pnum]), false);
kickreason = KR_TIMEOUT;
break;
case KICK_MSG_PLAYER_QUIT:
if (netgame) // not splitscreen/bots
HU_AddChatText(va("\x82*%s left the game", player_names[pnum]), false);
@ -4205,7 +4220,7 @@ static void HandleConnect(SINT8 node)
else
{
CONS_Printf("Adding clients. Doing sigcheck for node %d, ID %s\n", node, GetPrettyRRID(lastReceivedKey[node][i], true));
if (memcmp(lastReceivedKey[node], allZero, 32)) // We're a GUEST and the server throws out our keys anyway.
if (memcmp(lastReceivedKey[node][i], allZero, 32) == 0) // We're a GUEST and the server throws out our keys anyway.
{
sigcheck = 0; // Always succeeds. Yes, this is a success response. C R Y P T O
if (!cv_allowguests.value)
@ -4217,6 +4232,7 @@ static void HandleConnect(SINT8 node)
else
{
sigcheck = crypto_eddsa_check(netbuffer->u.clientcfg.challengeResponse[i], lastReceivedKey[node][i], lastSentChallenge[node][i], 32);
CONS_Printf("Sigcheck result: %d\n", sigcheck);
}
@ -4679,6 +4695,14 @@ static void HandlePacketFromPlayer(SINT8 node)
{
for (splitnodes = 0; splitnodes < MAXSPLITSCREENPLAYERS; splitnodes++)
{
// Don't try to enforce signatures for players that aren't present.
if (splitnodes > 0 && nodetoplayer2[node] <= 0)
break;
if (splitnodes > 1 && nodetoplayer3[node] <= 0)
break;
if (splitnodes > 2 && nodetoplayer4[node] <= 0)
break;
const void* message = &netbuffer->u;
if (memcmp(allzero, lastReceivedKey[node][splitnodes], sizeof(allzero)) == 0)
{
@ -4688,10 +4712,10 @@ static void HandlePacketFromPlayer(SINT8 node)
{
if (crypto_eddsa_check(netbuffer->signature[splitnodes], lastReceivedKey[node][splitnodes], message, doomcom->datalength - BASEPACKETSIZE))
{
//CONS_Printf("Failed signature check on packet type %d from node %d player %d\nkey %s size %d\n",
//CONS_Alert(CONS_ERROR, "SIGFAIL! Packet type %d from node %d player %d\nkey %s size %d\n",
// netbuffer->packettype, node, splitnodes,
// GetPrettyRRID(lastReceivedKey[node][splitnodes], true), doomcom->datalength - BASEPACKETSIZE);
SendKick(netconsole, KICK_MSG_CON_FAIL);
//SendKick(netconsole, KICK_MSG_SIGFAIL);
return;
}
}

5
src/d_clisrv.h
View file

@ -437,6 +437,7 @@ extern consvar_t cv_playbackspeed;
#define KICK_MSG_PING_HIGH 6
#define KICK_MSG_CUSTOM_KICK 7
#define KICK_MSG_CUSTOM_BAN 8
#define KICK_MSG_SIGFAIL 9
typedef enum
{
@ -487,6 +488,10 @@ extern consvar_t cv_discordinvites;
extern consvar_t cv_allowguests;
#ifdef DEVELOP
extern consvar_t cv_sigfail;
#endif
// Used in d_net, the only dependence
tic_t ExpandTics(INT32 low, tic_t basetic);
void D_ClientServerInit(void);

8
src/d_net.c
View file

@ -1038,6 +1038,14 @@ boolean HSendPacket(INT32 node, boolean reliable, UINT8 acknum, size_t packetlen
else
crypto_eddsa_sign(netbuffer->signature[i], PR_GetLocalPlayerProfile(i)->secret_key, message, packetlength);
}
#ifdef DEVELOP
if (cv_sigfail.value)
{
CONS_Alert(CONS_WARNING, "SIGFAIL enabled, scrubbing signature from HSendPacket\n");
memset(netbuffer->signature, 0, sizeof(netbuffer->signature));
}
#endif
}
else
{

4
src/d_netcmd.c
View file

@ -948,6 +948,10 @@ void D_RegisterClientCommands(void)
CV_RegisterVar(&cv_allowguests);
#ifdef DEVELOP
CV_RegisterVar(&cv_sigfail);
#endif
// HUD
CV_RegisterVar(&cv_alttitle);
CV_RegisterVar(&cv_itemfinder);