2022-02-27 07:53:44 -05:00
|
|
|
#include <STDInclude.hpp>
|
2022-12-26 07:07:24 -05:00
|
|
|
#include "RCon.hpp"
|
2017-01-19 16:23:59 -05:00
|
|
|
|
|
|
|
|
namespace Components
|
|
|
|
|
{
|
2022-12-16 16:48:52 -05:00
|
|
|
std::unordered_map<std::uint32_t, int> RCon::RateLimit;
|
|
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
RCon::Container RCon::RconContainer;
|
|
|
|
|
Utils::Cryptography::ECC::Key RCon::RconKey;
|
2017-01-19 16:23:59 -05:00
|
|
|
|
|
|
|
|
std::string RCon::Password;
|
|
|
|
|
|
2022-03-03 11:37:18 -05:00
|
|
|
Dvar::Var RCon::RconPassword;
|
|
|
|
|
Dvar::Var RCon::RconLogRequests;
|
|
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
void RCon::AddCommands()
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2017-06-14 06:06:04 -04:00
|
|
|
Command::Add("rcon", [](Command::Params* params)
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-03-17 14:50:20 -04:00
|
|
|
if (params->size() < 2) return;
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-03-17 14:50:20 -04:00
|
|
|
const auto* operation = params->get(1);
|
|
|
|
|
if (std::strcmp(operation, "login") == 0)
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-03-17 14:50:20 -04:00
|
|
|
if (params->size() < 3) return;
|
2022-10-19 10:28:53 -04:00
|
|
|
Password = params->get(2);
|
|
|
|
|
return;
|
2017-01-19 16:23:59 -05:00
|
|
|
}
|
2022-10-19 10:28:53 -04:00
|
|
|
|
|
|
|
|
if (std::strcmp(operation, "logout") == 0)
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-10-19 10:28:53 -04:00
|
|
|
Password.clear();
|
|
|
|
|
return;
|
2017-01-19 16:23:59 -05:00
|
|
|
}
|
2022-10-19 10:28:53 -04:00
|
|
|
|
2022-11-16 12:25:21 -05:00
|
|
|
auto* addr = reinterpret_cast<Game::netadr_t*>(0xA5EA44);
|
2022-10-19 10:28:53 -04:00
|
|
|
if (Password.empty())
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-10-19 10:28:53 -04:00
|
|
|
Logger::Print("You need to be logged in and connected to a server!\n");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Network::Address target(addr);
|
|
|
|
|
if (!target.isValid() || target.getIP().full == 0)
|
|
|
|
|
{
|
|
|
|
|
target = Party::Target();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (target.isValid())
|
|
|
|
|
{
|
|
|
|
|
Network::SendCommand(target, "rcon", Password + " " + params->join(1));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Logger::Print("You are connected to an invalid server\n");
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
Command::Add("remoteCommand", [](Command::Params* params)
|
|
|
|
|
{
|
|
|
|
|
if (params->size() < 2) return;
|
|
|
|
|
|
|
|
|
|
RconContainer.command = params->get(1);
|
|
|
|
|
|
2022-11-16 12:25:21 -05:00
|
|
|
auto* addr = reinterpret_cast<Game::netadr_t*>(0xA5EA44);
|
2022-10-19 10:28:53 -04:00
|
|
|
Network::Address target(addr);
|
|
|
|
|
if (!target.isValid() || target.getIP().full == 0)
|
|
|
|
|
{
|
|
|
|
|
target = Party::Target();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (target.isValid())
|
|
|
|
|
{
|
|
|
|
|
Network::SendCommand(target, "rconRequest");
|
2017-01-19 16:23:59 -05:00
|
|
|
}
|
|
|
|
|
});
|
2022-10-19 10:28:53 -04:00
|
|
|
}
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-12-16 16:48:52 -05:00
|
|
|
bool RCon::RateLimitCheck(const Network::Address& address, const int time)
|
|
|
|
|
{
|
|
|
|
|
auto ip = address.getIP();
|
|
|
|
|
|
|
|
|
|
if (!RateLimit.contains(ip.full))
|
|
|
|
|
{
|
|
|
|
|
RateLimit[ip.full] = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const auto lastTime = RateLimit[ip.full];
|
|
|
|
|
|
|
|
|
|
// Only one request every 500ms
|
|
|
|
|
if (lastTime && (time - lastTime) < 500)
|
|
|
|
|
{
|
|
|
|
|
return false; // Flooding
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
RateLimit[ip.full] = time;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void RCon::RateLimitCleanup(const int time)
|
|
|
|
|
{
|
|
|
|
|
for (auto i = RateLimit.begin(); i != RateLimit.end();)
|
|
|
|
|
{
|
|
|
|
|
// No longer at risk of flooding, remove
|
|
|
|
|
if ((time - i->second) > 500)
|
|
|
|
|
{
|
|
|
|
|
i = RateLimit.erase(i);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
++i;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
RCon::RCon()
|
|
|
|
|
{
|
|
|
|
|
AddCommands();
|
|
|
|
|
|
|
|
|
|
if (!Dedicated::IsEnabled())
|
|
|
|
|
{
|
|
|
|
|
Network::OnClientPacket("rconAuthorization", [](const Network::Address& address, [[maybe_unused]] const std::string& data)
|
|
|
|
|
{
|
|
|
|
|
if (RconContainer.command.empty())
|
|
|
|
|
{
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const auto& key = CryptoKey::Get();
|
|
|
|
|
const auto signedMsg = Utils::Cryptography::ECC::SignMessage(key, data);
|
|
|
|
|
|
|
|
|
|
Proto::RCon::Command rconExec;
|
2022-10-20 10:06:29 -04:00
|
|
|
rconExec.set_command(RconContainer.command);
|
2022-10-19 10:28:53 -04:00
|
|
|
rconExec.set_signature(signedMsg);
|
|
|
|
|
|
|
|
|
|
Network::SendCommand(address, "rconExecute", rconExec.SerializeAsString());
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-01-19 16:23:59 -05:00
|
|
|
|
|
|
|
|
// Load public key
|
2022-10-19 10:28:53 -04:00
|
|
|
static std::uint8_t publicKey[] =
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
|
|
|
|
0x04, 0x01, 0x9D, 0x18, 0x7F, 0x57, 0xD8, 0x95, 0x4C, 0xEE, 0xD0, 0x21,
|
|
|
|
|
0xB5, 0x00, 0x53, 0xEC, 0xEB, 0x54, 0x7C, 0x4C, 0x37, 0x18, 0x53, 0x89,
|
|
|
|
|
0x40, 0x12, 0xF7, 0x08, 0x8D, 0x9A, 0x8D, 0x99, 0x9C, 0x79, 0x79, 0x59,
|
|
|
|
|
0x6E, 0x32, 0x06, 0xEB, 0x49, 0x1E, 0x00, 0x99, 0x71, 0xCB, 0x4A, 0xE1,
|
|
|
|
|
0x90, 0xF1, 0x7C, 0xB7, 0x4D, 0x60, 0x88, 0x0A, 0xB7, 0xF3, 0xD7, 0x0D,
|
|
|
|
|
0x4F, 0x08, 0x13, 0x7C, 0xEB, 0x01, 0xFF, 0x00, 0x32, 0xEE, 0xE6, 0x23,
|
|
|
|
|
0x07, 0xB1, 0xC2, 0x9E, 0x45, 0xD6, 0xD7, 0xBD, 0xED, 0x05, 0x23, 0xB5,
|
|
|
|
|
0xE7, 0x83, 0xEF, 0xD7, 0x8E, 0x36, 0xDC, 0x16, 0x79, 0x74, 0xD1, 0xD5,
|
|
|
|
|
0xBA, 0x2C, 0x4C, 0x28, 0x61, 0x29, 0x5C, 0x49, 0x7D, 0xD4, 0xB6, 0x56,
|
|
|
|
|
0x17, 0x75, 0xF5, 0x2B, 0x58, 0xCD, 0x0D, 0x76, 0x65, 0x10, 0xF7, 0x51,
|
|
|
|
|
0x69, 0x1D, 0xB9, 0x0F, 0x38, 0xF6, 0x53, 0x3B, 0xF7, 0xCE, 0x76, 0x4F,
|
|
|
|
|
0x08
|
|
|
|
|
};
|
|
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
RconKey.set(std::string(reinterpret_cast<char*>(publicKey), sizeof(publicKey)));
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
RconContainer.timestamp = 0;
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-05-27 06:19:28 -04:00
|
|
|
Scheduler::Once([]
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-10-19 10:28:53 -04:00
|
|
|
RconPassword = Dvar::Register<const char*>("rcon_password", "", Game::DVAR_NONE, "The password for rcon");
|
|
|
|
|
RconLogRequests = Dvar::Register<bool>("rcon_log_requests", false, Game::DVAR_NONE, "Print remote commands in the output log");
|
2022-05-27 06:19:28 -04:00
|
|
|
}, Scheduler::Pipeline::MAIN);
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-09-24 13:04:37 -04:00
|
|
|
Network::OnClientPacket("rcon", [](const Network::Address& address, [[maybe_unused]] const std::string& data)
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-12-16 16:48:52 -05:00
|
|
|
const auto time = Game::Sys_Milliseconds();
|
|
|
|
|
if (!RateLimitCheck(address, time))
|
|
|
|
|
{
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
RateLimitCleanup(time);
|
|
|
|
|
|
2022-05-20 18:12:46 -04:00
|
|
|
std::string data_ = data;
|
|
|
|
|
Utils::String::Trim(data_);
|
2022-11-29 09:18:10 -05:00
|
|
|
|
2022-05-20 18:12:46 -04:00
|
|
|
const auto pos = data.find_first_of(' ');
|
2017-01-19 16:23:59 -05:00
|
|
|
if (pos == std::string::npos)
|
|
|
|
|
{
|
2022-08-19 19:10:35 -04:00
|
|
|
Logger::Print(Game::CON_CHANNEL_NETWORK, "Invalid RCon request from {}\n", address.getString());
|
2017-01-19 16:23:59 -05:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-20 18:12:46 -04:00
|
|
|
auto password = data.substr(0, pos);
|
|
|
|
|
auto command = data.substr(pos + 1);
|
2017-01-19 16:23:59 -05:00
|
|
|
|
|
|
|
|
// B3 sends the password inside quotes :S
|
|
|
|
|
if (!password.empty() && password[0] == '"' && password.back() == '"')
|
|
|
|
|
{
|
|
|
|
|
password.pop_back();
|
|
|
|
|
password.erase(password.begin());
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
const auto svPassword = RconPassword.get<std::string>();
|
2017-01-19 16:23:59 -05:00
|
|
|
|
|
|
|
|
if (svPassword.empty())
|
|
|
|
|
{
|
2022-08-19 19:10:35 -04:00
|
|
|
Logger::Print(Game::CON_CHANNEL_NETWORK, "RCon request from {} dropped. No password set!\n", address.getString());
|
2017-01-19 16:23:59 -05:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
if (svPassword != password)
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-10-19 10:28:53 -04:00
|
|
|
Logger::Print(Game::CON_CHANNEL_NETWORK, "Invalid RCon password sent from {}\n", address.getString());
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static std::string outputBuffer;
|
|
|
|
|
outputBuffer.clear();
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2021-07-15 15:45:46 -04:00
|
|
|
#ifndef DEBUG
|
2022-10-19 10:28:53 -04:00
|
|
|
if (RconLogRequests.get<bool>())
|
2021-07-15 15:45:46 -04:00
|
|
|
#endif
|
2022-10-19 10:28:53 -04:00
|
|
|
{
|
|
|
|
|
Logger::Print(Game::CON_CHANNEL_NETWORK, "Executing RCon request from {}: {}\n", address.getString(), command);
|
|
|
|
|
}
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
Logger::PipeOutput([](const std::string& output)
|
|
|
|
|
{
|
|
|
|
|
outputBuffer.append(output);
|
|
|
|
|
});
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
Command::Execute(command, true);
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
Logger::PipeOutput(nullptr);
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
Network::SendCommand(address, "print", outputBuffer);
|
|
|
|
|
outputBuffer.clear();
|
2017-01-19 16:23:59 -05:00
|
|
|
});
|
|
|
|
|
|
2022-09-24 13:04:37 -04:00
|
|
|
Network::OnClientPacket("rconRequest", [](const Network::Address& address, [[maybe_unused]] const std::string& data)
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-10-19 10:28:53 -04:00
|
|
|
RconContainer.address = address;
|
|
|
|
|
RconContainer.challenge = Utils::Cryptography::Rand::GenerateChallenge();
|
|
|
|
|
RconContainer.timestamp = Game::Sys_Milliseconds();
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
Network::SendCommand(address, "rconAuthorization", RconContainer.challenge);
|
2017-01-19 16:23:59 -05:00
|
|
|
});
|
|
|
|
|
|
2022-09-24 13:04:37 -04:00
|
|
|
Network::OnClientPacket("rconExecute", [](const Network::Address& address, [[maybe_unused]] const std::string& data)
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-10-19 10:28:53 -04:00
|
|
|
if (address != RconContainer.address) return; // Invalid IP
|
|
|
|
|
if (!RconContainer.timestamp || (Game::Sys_Milliseconds() - RconContainer.timestamp) > (1000 * 10)) return; // Timeout
|
|
|
|
|
|
|
|
|
|
RconContainer.timestamp = 0;
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-20 10:06:29 -04:00
|
|
|
Proto::RCon::Command rconExec;
|
|
|
|
|
rconExec.ParseFromString(data);
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-20 10:06:29 -04:00
|
|
|
if (!Utils::Cryptography::ECC::VerifyMessage(RconKey, RconContainer.challenge, rconExec.signature()))
|
2017-01-19 16:23:59 -05:00
|
|
|
{
|
2022-10-19 10:28:53 -04:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
RconContainer.output.clear();
|
|
|
|
|
Logger::PipeOutput([](const std::string& output)
|
|
|
|
|
{
|
|
|
|
|
RconContainer.output.append(output);
|
|
|
|
|
});
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-20 10:06:29 -04:00
|
|
|
Command::Execute(rconExec.command(), true);
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
Logger::PipeOutput(nullptr);
|
2017-01-19 16:23:59 -05:00
|
|
|
|
2022-10-19 10:28:53 -04:00
|
|
|
Network::SendCommand(address, "print", RconContainer.output);
|
|
|
|
|
RconContainer.output.clear();
|
2017-01-19 16:23:59 -05:00
|
|
|
});
|
|
|
|
|
}
|
2022-10-19 10:28:53 -04:00
|
|
|
|
|
|
|
|
bool RCon::CryptoKey::LoadKey(Utils::Cryptography::ECC::Key& key)
|
|
|
|
|
{
|
|
|
|
|
std::string data;
|
|
|
|
|
if (!Utils::IO::ReadFile("./private.key", &data))
|
|
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
key.deserialize(data);
|
|
|
|
|
return key.isValid();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Utils::Cryptography::ECC::Key RCon::CryptoKey::GenerateKey()
|
|
|
|
|
{
|
|
|
|
|
auto key = Utils::Cryptography::ECC::GenerateKey(512);
|
|
|
|
|
if (!key.isValid())
|
|
|
|
|
{
|
|
|
|
|
throw std::runtime_error("Failed to generate server key!");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!Utils::IO::WriteFile("./private.key", key.serialize()))
|
|
|
|
|
{
|
|
|
|
|
throw std::runtime_error("Failed to write server key!");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Utils::Cryptography::ECC::Key RCon::CryptoKey::LoadOrGenerateKey()
|
|
|
|
|
{
|
|
|
|
|
Utils::Cryptography::ECC::Key key;
|
|
|
|
|
if (LoadKey(key))
|
|
|
|
|
{
|
|
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return GenerateKey();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Utils::Cryptography::ECC::Key RCon::CryptoKey::GetKeyInternal()
|
|
|
|
|
{
|
|
|
|
|
auto key = LoadOrGenerateKey();
|
|
|
|
|
Utils::IO::WriteFile("./public.key", key.getPublicKey());
|
|
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const Utils::Cryptography::ECC::Key& RCon::CryptoKey::Get()
|
|
|
|
|
{
|
|
|
|
|
static auto key = GetKeyInternal();
|
|
|
|
|
return key;
|
|
|
|
|
}
|
2017-01-19 16:23:59 -05:00
|
|
|
}
|
