From 9b77d953571db0432d8aa05c46c53c3e676e669f Mon Sep 17 00:00:00 2001
From: AJ Martinez <aj@tyronesama.moe>
Date: Sat, 18 Mar 2023 02:01:45 -0700
Subject: [PATCH] Pass key into player_t for other stuff to work with it

---
 src/d_clisrv.c | 8 ++++++++
 src/d_clisrv.h | 1 +
 src/d_netfil.c | 6 ++++--
 src/d_player.h | 2 ++
 4 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/d_clisrv.c b/src/d_clisrv.c
index 49770182f..48ef2d6bd 100644
--- a/src/d_clisrv.c
+++ b/src/d_clisrv.c
@@ -157,6 +157,7 @@ char connectedservername[MAXSERVERNAME];
 boolean acceptnewnode = true;
 
 char lastReceivedKey[MAXNETNODES][32];
+char lastComputedChallenge[MAXNETNODES][32];
 
 boolean serverisfull = false; //lets us be aware if the server was full after we check files, but before downloading, so we can ask if the user still wants to download or not
 tic_t firstconnectattempttime = 0;
@@ -832,6 +833,8 @@ static boolean CL_SendJoin(void)
 
 	memcpy(&netbuffer->u.clientcfg.availabilities, R_GetSkinAvailabilities(false, false), MAXAVAILABILITY*sizeof(UINT8));
 
+	memcpy(&netbuffer->u.clientcfg.challengeResponse, awaitingChallenge, 32);
+
 	return HSendPacket(servernode, false, 0, sizeof (clientconfig_pak));
 }
 
@@ -3684,6 +3687,7 @@ static void Got_AddPlayer(UINT8 **p, INT32 playernum)
 
 	players[newplayernum].splitscreenindex = splitscreenplayer;
 	players[newplayernum].bot = false;
+	memcpy(players[newplayernum].public_key, lastReceivedKey[node], sizeof(public_key));
 
 	playerconsole[newplayernum] = console;
 	splitscreen_original_party_size[console] =
@@ -4136,6 +4140,10 @@ static void HandleConnect(SINT8 node)
 		SV_SendRefuse(node, va(M_GetText("Too many people are connecting.\nPlease wait %d seconds and then\ntry rejoining."),
 			(joindelay - 2 * cv_joindelay.value * TICRATE) / TICRATE));
 	}
+	else if (netgame && node != 0 && !memcmp(netbuffer->u.clientcfg.challengeResponse, lastComputedChallenge[node], 32))
+	{
+		SV_SendRefuse(node, M_GetText("Failed to validate key exchange."));
+	}
 	else
 	{
 		boolean newnode = false;
diff --git a/src/d_clisrv.h b/src/d_clisrv.h
index 897cee81c..c400bb8a1 100644
--- a/src/d_clisrv.h
+++ b/src/d_clisrv.h
@@ -461,6 +461,7 @@ extern boolean acceptnewnode;
 extern SINT8 servernode;
 extern char connectedservername[MAXSERVERNAME];
 extern char lastReceivedKey[MAXNETNODES][32];
+extern char lastComputedChallenge[MAXNETNODES][32];
 
 void Command_Ping_f(void);
 extern tic_t connectiontimeout;
diff --git a/src/d_netfil.c b/src/d_netfil.c
index a23f688d1..cf57195cf 100644
--- a/src/d_netfil.c
+++ b/src/d_netfil.c
@@ -1319,13 +1319,15 @@ void PT_ClientKey(INT32 node)
 	clientkey_pak *packet = (void*)&netbuffer->u.clientkey;
 
 	// TODO
-	// Stage 1: Exchange packets with no verification of their contents (YOU ARE HERE)
-	// Stage 2: Exchange packets with a check, but no crypto
+	// Stage 1: Exchange packets with no verification of their contents
+	// Stage 2: Exchange packets with a check, but no crypto (YOU ARE HERE)
 	// Stage 3: The crypto part
 
 	memcpy(lastReceivedKey[node], packet->key, 32);
 
 	netbuffer->packettype = PT_SERVERCHALLENGE;
+	csprng(lastComputedChallenge[node], sizeof(serverchallenge_pak));
+	memcpy(&netbuffer->u.serverchallenge, lastComputedChallenge[node], sizeof(serverchallenge_pak));
 	HSendPacket(node, false, 0, sizeof (serverchallenge_pak));
 }
 
diff --git a/src/d_player.h b/src/d_player.h
index e362687fb..8d09a5d2d 100644
--- a/src/d_player.h
+++ b/src/d_player.h
@@ -713,6 +713,8 @@ struct player_t
 	mobj_t *stumbleIndicator;
 	mobj_t *sliptideZipIndicator;
 
+	char public_key[32];
+
 #ifdef HWRENDER
 	fixed_t fovadd; // adjust FOV for hw rendering
 #endif