Sign game traffic that could be used to cause problems

src/d_clisrv.c

@@ -4662,6 +4662,35 @@ static void HandlePacketFromPlayer(SINT8 node)
 		I_Error("bad table nodetoplayer: node %d player %d", doomcom->remotenode, netconsole);
 #endif
 	
+	uint8_t allzero[32];
+	memset(allzero, 0, sizeof(allzero));
+
+	int splitnodes;
+	if (IsPacketSigned(netbuffer->packettype))
+	{
+		for (splitnodes = 0; splitnodes < MAXSPLITSCREENPLAYERS; splitnodes++)
+		{
+			const void* message = &netbuffer->u;
+			if (memcmp(allzero, lastReceivedKey[node][splitnodes], sizeof(allzero)) == 0)
+			{
+				//CONS_Printf("Throwing out a guest signature from node %d player %d\n", node, splitnodes);
+			}
+			else
+			{
+				if (crypto_eddsa_check(netbuffer->signature[splitnodes], lastReceivedKey[node][splitnodes], message, doomcom->datalength - BASEPACKETSIZE))
+				{
+					//CONS_Printf("Failed signature check on packet type %d from node %d player %d\nkey %s size %d\n", 
+						netbuffer->packettype, node, splitnodes,
+						GetPrettyRRID(lastReceivedKey[node][splitnodes], true), doomcom->datalength - BASEPACKETSIZE);
+					SendKick(netconsole, KICK_MSG_CON_FAIL);
+					return;
+				}
+			}
+				
+		}
+	}
+
+
 	switch (netbuffer->packettype)
 	{
 // -------------------------------------------- SERVER RECEIVE ----------

src/d_clisrv.h

@@ -371,6 +371,8 @@ struct doomdata_t
 	UINT8 ackreturn; // The return of the ack number
 
 	UINT8 packettype;
+	uint8_t signature[MAXSPLITSCREENPLAYERS][64];
+	UINT16 payloadsize;
 	UINT8 reserved; // Padding
 	union
 	{

src/d_net.c

@@ -30,6 +30,7 @@
 #include "i_tcp.h"
 #include "d_main.h" // srb2home
 #include "stun.h"
+#include "monocypher/monocypher.h"
 
 //
 // NETWORKING
@@ -992,12 +993,59 @@ static boolean ShouldDropPacket(void)
 }
 #endif
 
+boolean IsPacketSigned(int packettype)
+{
+	switch (packettype)
+	{
+		case PT_CLIENTCMD:
+		case PT_CLIENT2CMD:
+		case PT_CLIENT3CMD:
+		case PT_CLIENT4CMD:
+		case PT_CLIENTMIS:
+		case PT_CLIENT2MIS:
+		case PT_CLIENT3MIS:
+		case PT_CLIENT4MIS:
+		case PT_TEXTCMD:
+		case PT_TEXTCMD2:
+		case PT_TEXTCMD3:
+		case PT_TEXTCMD4:
+		case PT_LOGIN:
+		case PT_ASKLUAFILE:
+		case PT_SENDINGLUAFILE:
+			return true;
+		default:
+			return false;
+	}
+}
+
 //
 // HSendPacket
 //
 boolean HSendPacket(INT32 node, boolean reliable, UINT8 acknum, size_t packetlength)
 {
 	doomcom->datalength = (INT16)(packetlength + BASEPACKETSIZE);
+
+	if (IsPacketSigned(netbuffer->packettype))
+	{	
+		int i;
+		netbuffer->payloadsize = packetlength;
+
+		for (i = 0; i < MAXSPLITSCREENPLAYERS; i++)
+		{
+			const void* message = &netbuffer->u;
+			//CONS_Printf("Signing packet type %d of length %d\n", netbuffer->packettype, packetlength);
+			if (cv_lastprofile[i].value == 0)	
+				memset(netbuffer->signature[i], 0, sizeof(netbuffer->signature[i]));
+			else
+				crypto_eddsa_sign(netbuffer->signature[i], PR_GetLocalPlayerProfile(i)->secret_key, message, packetlength);
+		}
+	}
+	else
+	{
+		//CONS_Printf("NOT signing PT_%d of length %d, it doesn't need to be\n", netbuffer->packettype, packetlength);
+		memset(netbuffer->signature, 0, sizeof(netbuffer->signature));
+	}
+
 	if (node == 0) // Packet is to go back to us
 	{
 		if ((rebound_head+1) % MAXREBOUND == rebound_tail)

src/d_net.h

@@ -68,6 +68,8 @@ void Net_AbortPacketType(UINT8 packettype);
 void Net_SendAcks(INT32 node);
 void Net_WaitAllAckReceived(UINT32 timeout);
 
+boolean IsPacketSigned(int packettype);
+
 #ifdef __cplusplus
 } // extern "C"
 #endif