From 7eb5755963e26479d5d66337418a65c5116b8537 Mon Sep 17 00:00:00 2001 From: AJ Martinez Date: Sun, 2 Apr 2023 00:01:34 -0700 Subject: [PATCH] Disallow duplicate non-GUEST pubkeys --- src/d_clisrv.c | 37 ++++++++++++++++++++++++++++++++----- 1 file changed, 32 insertions(+), 5 deletions(-) diff --git a/src/d_clisrv.c b/src/d_clisrv.c index f1ff9cf96..d2f1b1ac1 100644 --- a/src/d_clisrv.c +++ b/src/d_clisrv.c @@ -4297,7 +4297,7 @@ static boolean IsPlayerGuest(int player) static void HandleConnect(SINT8 node) { char names[MAXSPLITSCREENPLAYERS][MAXPLAYERNAME + 1]; - INT32 i; + INT32 i, j; UINT8 availabilitiesbuffer[MAXAVAILABILITY]; // Sal: Dedicated mode is INCREDIBLY hacked together. @@ -4396,6 +4396,8 @@ static void HandleConnect(SINT8 node) { int sigcheck; boolean newnode = false; + char allZero[PUBKEYLENGTH]; + memset(allZero, 0, sizeof(allZero)); for (i = 0; i < netbuffer->u.clientcfg.localplayers - playerpernode[node]; i++) { @@ -4411,10 +4413,7 @@ static void HandleConnect(SINT8 node) memcpy(lastReceivedKey[node][i], PR_GetLocalPlayerProfile(i)->public_key, sizeof(lastReceivedKey[node][i])); } else // Remote player, gotta check their signature. - { - char allZero[PUBKEYLENGTH]; - memset(allZero, 0, sizeof(allZero)); - + { if (memcmp(lastReceivedKey[node][i], allZero, PUBKEYLENGTH) == 0) // IsSplitPlayerOnNodeGuest isn't appropriate here, they're not in-game yet! { if (!cv_allowguests.value) @@ -4436,6 +4435,34 @@ static void HandleConnect(SINT8 node) return; } } + + // Check non-GUESTS for duplicate pubkeys, they'll create nonsense stats + if (memcmp(lastReceivedKey[node][i], allZero, PUBKEYLENGTH) != 0) + { + // Players already here + for (j = 0; j < MAXPLAYERS; j++) + { + if (memcmp(lastReceivedKey[node][i], players[j].public_key, PUBKEYLENGTH) == 0) + { + SV_SendRefuse(node, M_GetText("Duplicate pubkey already on server.\n(Did you share your profile?)")); + return; + } + } + + // Players we're trying to add + for (j = 0; j < netbuffer->u.clientcfg.localplayers - playerpernode[node]; j++) + { + if (memcmp(lastReceivedKey[node][i], allZero, PUBKEYLENGTH) == 0) + continue; + if (i == j) + continue; + if (memcmp(lastReceivedKey[node][i], lastReceivedKey[node][j], PUBKEYLENGTH) == 0) + { + SV_SendRefuse(node, M_GetText("Duplicate pubkey in local party.\n(How did you even do this?)")); + return; + } + } + } } memcpy(availabilitiesbuffer, netbuffer->u.clientcfg.availabilities, sizeof(availabilitiesbuffer));