Security feedback
This commit is contained in:
momo5502
parent
8da84d7287
commit
33d493b502
2
deps/protobuf
vendored
2
deps/protobuf
vendored
@ -1 +1 @@
|
||||
Subproject commit 32daf513ced8d51e8de6cc8d800cfc972c4df5d6
|
||||
Subproject commit 8f67b165f0a949219fafc48c533be3fbf53497b7
|
||||
@ -3,6 +3,7 @@
|
||||
namespace Components
|
||||
{
|
||||
Auth::AuthInfo Auth::ClientAuthInfo[18];
|
||||
Auth::TokenIncrementing Auth::TokenContainer;
|
||||
|
||||
Utils::Cryptography::Token Auth::GuidToken;
|
||||
Utils::Cryptography::ECDSA::Key Auth::GuidKey;
|
||||
@ -48,6 +49,39 @@ namespace Components
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (Auth::TokenContainer.generating)
|
||||
{
|
||||
Localization::Set("MPUI_SECURITY_INCREASE_MESSAGE", Utils::VA("Increasing security level from %d to %d"/* (approx. 1 min)"*/, Auth::GetSecurityLevel(), Auth::TokenContainer.targetLevel));
|
||||
}
|
||||
else if(Auth::TokenContainer.thread)
|
||||
{
|
||||
if (Auth::TokenContainer.thread->joinable())
|
||||
{
|
||||
Auth::TokenContainer.thread->join();
|
||||
}
|
||||
|
||||
delete Auth::TokenContainer.thread;
|
||||
Auth::TokenContainer.thread = nullptr;
|
||||
Auth::TokenContainer.generating = false;
|
||||
|
||||
Logger::Print("Security level is %d\n", Auth::GetSecurityLevel());
|
||||
Command::Execute("closemenu security_increase_popmenu", false);
|
||||
|
||||
if (!Auth::TokenContainer.cancel)
|
||||
{
|
||||
if (Auth::TokenContainer.command.empty())
|
||||
{
|
||||
Game::MessageBox(Utils::VA("Your new security level is now %d", Auth::GetSecurityLevel()), "Success");
|
||||
}
|
||||
else
|
||||
{
|
||||
Command::Execute(Auth::TokenContainer.command, false);
|
||||
}
|
||||
}
|
||||
|
||||
Auth::TokenContainer.cancel = false;
|
||||
}
|
||||
}
|
||||
|
||||
void Auth::RegisterClient(int clientNum)
|
||||
@ -126,6 +160,35 @@ namespace Components
|
||||
return Auth::GetZeroBits(Auth::GuidToken, Auth::GuidKey.GetPublicKey());
|
||||
}
|
||||
|
||||
void Auth::IncreaseSecurityLevel(uint32_t level, std::string command)
|
||||
{
|
||||
if (Auth::GetSecurityLevel() >= level) return;
|
||||
|
||||
if (!Auth::TokenContainer.generating)
|
||||
{
|
||||
Auth::TokenContainer.cancel = false;
|
||||
Auth::TokenContainer.targetLevel = level;
|
||||
Auth::TokenContainer.command = command;
|
||||
|
||||
// Open menu
|
||||
Command::Execute("openmenu security_increase_popmenu", true);
|
||||
|
||||
// Start thread
|
||||
Auth::TokenContainer.thread = new std::thread([&level] ()
|
||||
{
|
||||
Auth::TokenContainer.generating = true;
|
||||
Auth::TokenContainer.startTime = Game::Com_Milliseconds();
|
||||
Auth::IncrementToken(Auth::GuidToken, Auth::GuidKey.GetPublicKey(), Auth::TokenContainer.targetLevel, &Auth::TokenContainer.cancel);
|
||||
Auth::TokenContainer.generating = false;
|
||||
|
||||
if (Auth::TokenContainer.cancel)
|
||||
{
|
||||
Logger::Print("Token incrementation thread terminated\n");
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t Auth::GetZeroBits(Utils::Cryptography::Token token, std::string publicKey)
|
||||
{
|
||||
std::string message = publicKey + token.ToString();
|
||||
@ -156,7 +219,7 @@ namespace Components
|
||||
return bits;
|
||||
}
|
||||
|
||||
void Auth::IncrementToken(Utils::Cryptography::Token& token, std::string publicKey, uint32_t zeroBits)
|
||||
void Auth::IncrementToken(Utils::Cryptography::Token& token, std::string publicKey, uint32_t zeroBits, bool* cancel)
|
||||
{
|
||||
if (zeroBits > 512) return; // Not possible, due to SHA512
|
||||
|
||||
@ -178,6 +241,9 @@ namespace Components
|
||||
token = tempToken;
|
||||
lastLevel = level;
|
||||
}
|
||||
|
||||
// Allow canceling that shit
|
||||
if (cancel && *cancel) return;
|
||||
}
|
||||
while (level < zeroBits);
|
||||
|
||||
@ -186,6 +252,12 @@ namespace Components
|
||||
|
||||
Auth::Auth()
|
||||
{
|
||||
Auth::TokenContainer.cancel = false;
|
||||
Auth::TokenContainer.generating = false;
|
||||
Auth::TokenContainer.thread = nullptr;
|
||||
|
||||
Localization::Set("MPUI_SECURITY_INCREASE_MESSAGE", "");
|
||||
|
||||
Auth::LoadKey(true);
|
||||
|
||||
// Only clients receive the auth request
|
||||
@ -293,21 +365,39 @@ namespace Components
|
||||
if (params.Length() < 2)
|
||||
{
|
||||
Logger::Print("Your current security level is %d\n", Auth::GetZeroBits(Auth::GuidToken, Auth::GuidKey.GetPublicKey()));
|
||||
Logger::Print("Your security token is: %s\n", Utils::DumpHex(Auth::GuidToken.ToString(), "").data());
|
||||
}
|
||||
else
|
||||
{
|
||||
uint32_t level = static_cast<uint32_t>(atoi(params[1]));
|
||||
Logger::Print("Incrementing security level from %d to %d...\n", Auth::GetSecurityLevel(), level);
|
||||
Auth::IncrementToken(Auth::GuidToken, Auth::GuidKey.GetPublicKey(), level);
|
||||
Logger::Print("Your new security level is %d\n", Auth::GetSecurityLevel());
|
||||
Auth::IncreaseSecurityLevel(level);
|
||||
}
|
||||
});
|
||||
|
||||
Logger::Print("Your security token is: %s\n", Utils::DumpHex(Auth::GuidToken.ToString(), "").data());
|
||||
UIScript::Add("security_increase_cancel", [] ()
|
||||
{
|
||||
Auth::TokenContainer.cancel = true;
|
||||
Logger::Print("Token incrementation process canceled!\n");
|
||||
});
|
||||
}
|
||||
|
||||
Auth::~Auth()
|
||||
{
|
||||
Auth::TokenContainer.cancel = true;
|
||||
Auth::TokenContainer.generating = false;
|
||||
|
||||
// Terminate thread
|
||||
if (Auth::TokenContainer.thread)
|
||||
{
|
||||
if (Auth::TokenContainer.thread->joinable())
|
||||
{
|
||||
Auth::TokenContainer.thread->join();
|
||||
}
|
||||
|
||||
delete Auth::TokenContainer.thread;
|
||||
Auth::TokenContainer.thread = nullptr;
|
||||
}
|
||||
|
||||
Auth::StoreKey();
|
||||
}
|
||||
|
||||
|
||||
@ -13,8 +13,10 @@ namespace Components
|
||||
static unsigned int GetKeyHash();
|
||||
|
||||
static uint32_t GetSecurityLevel();
|
||||
static void IncreaseSecurityLevel(uint32_t level, std::string command = "");
|
||||
|
||||
static uint32_t GetZeroBits(Utils::Cryptography::Token token, std::string publicKey);
|
||||
static void IncrementToken(Utils::Cryptography::Token& token, std::string publicKey, uint32_t zeroBits);
|
||||
static void IncrementToken(Utils::Cryptography::Token& token, std::string publicKey, uint32_t zeroBits, bool* cancel = nullptr);
|
||||
|
||||
private:
|
||||
|
||||
@ -34,7 +36,18 @@ namespace Components
|
||||
int time;
|
||||
};
|
||||
|
||||
struct TokenIncrementing
|
||||
{
|
||||
bool cancel;
|
||||
bool generating;
|
||||
std::thread* thread;
|
||||
uint32_t targetLevel;
|
||||
int startTime;
|
||||
std::string command;
|
||||
};
|
||||
|
||||
static AuthInfo ClientAuthInfo[18];
|
||||
static TokenIncrementing TokenContainer;
|
||||
|
||||
static Utils::Cryptography::Token GuidToken;
|
||||
static Utils::Cryptography::ECDSA::Key GuidKey;
|
||||
|
||||
@ -334,7 +334,9 @@ namespace Components
|
||||
}
|
||||
else if (securityLevel > Auth::GetSecurityLevel())
|
||||
{
|
||||
Party::ConnectError(Utils::VA("Your security level (%d) is lower than the server's (%d)", Auth::GetSecurityLevel(), securityLevel));
|
||||
//Party::ConnectError(Utils::VA("Your security level (%d) is lower than the server's (%d)", Auth::GetSecurityLevel(), securityLevel));
|
||||
Command::Execute("closemenu popup_reconnectingtoparty");
|
||||
Auth::IncreaseSecurityLevel(securityLevel, "reconnect");
|
||||
}
|
||||
else if (!matchType)
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user