[Server]: Enforce password verification for private clients (#905)

2023-04-06 17:28:57 +02:00 · 2023-04-06 17:28:57 +02:00 · 4e9ec3f0af
commit 4e9ec3f0af
parent bc000fd9be
5 changed files with 11 additions and 6 deletions
--- a/src/Components/Modules/Auth.cpp
+++ b/src/Components/Modules/Auth.cpp
@ -66,7 +66,7 @@ namespace Components
 		}
 	}
-	void Auth::SendConnectDataStub(Game::netsrc_t sock, Game::netadr_t adr, const char *format, int len)
+	void Auth::SendConnectDataStub(Game::netsrc_t sock, Game::netadr_t adr, const char* format, int len)
 	{
 		// Ensure our certificate is loaded
 		Steam::SteamUser()->GetSteamID();
@ -185,8 +185,8 @@ namespace Components
 			Utils::InfoString infostr(params[2]);
 			// Read the required data
-			const auto& steamId = infostr.get("xuid");
+			const auto steamId = infostr.get("xuid");
-			const auto& challenge = infostr.get("challenge");
+			const auto challenge = infostr.get("challenge");
 			if (steamId.empty() || challenge.empty())
 			{
--- a/src/Components/Modules/Auth.hpp
+++ b/src/Components/Modules/Auth.hpp
@ -45,7 +45,7 @@ namespace Components
 		static Utils::Cryptography::ECC::Key GuidKey;
 		static std::vector<std::uint64_t> BannedUids;
-		static void SendConnectDataStub(Game::netsrc_t sock, Game::netadr_t adr, const char *format, int len);
+		static void SendConnectDataStub(Game::netsrc_t sock, Game::netadr_t adr, const char* format, int len);
 		static void ParseConnectData(Game::msg_t* msg, Game::netadr_t* addr);
 		static void DirectConnectStub();
--- a/src/Components/Modules/Security.cpp
+++ b/src/Components/Modules/Security.cpp
@ -128,8 +128,8 @@ namespace Components
 		Utils::Hook(0x4A9F56, MsgReadBitsCompressCheckCL, HOOK_CALL).install()->quick(); // CL_ParseServerMessage
 		Utils::Hook(0x407376, SVCanReplaceServerCommand, HOOK_CALL).install()->quick(); // SV_CanReplaceServerCommand
-		Utils::Hook::Set<BYTE>(0x412370, 0xC3); // SV_SteamAuthClient
+		Utils::Hook::Set<std::uint8_t>(0x412370, 0xC3); // SV_SteamAuthClient
-		Utils::Hook::Set<BYTE>(0x5A8C70, 0xC3); // CL_HandleRelayPacket
+		Utils::Hook::Set<std::uint8_t>(0x5A8C70, 0xC3); // CL_HandleRelayPacket
 		Utils::Hook::Nop(0x41698E, 5); // Disable Svcmd_EntityList_f
@ -149,6 +149,9 @@ namespace Components
 		// Fix packets causing buffer overflow
 		Utils::Hook(0x6267E3, NET_DeferPacketToClientStub, HOOK_CALL).install()->quick();
 		// The client can fake the info string
 		Utils::Hook::Set<std::uint8_t>(0x460F6D, 0xEB); // SV_DirectConnect
 		// Prevent curl 7_19_4 from running
 		// Call to DL_Init from Live_Init
 		Utils::Hook::Nop(0x420937, 5);
--- a/src/Game/Dvars.cpp
+++ b/src/Game/Dvars.cpp
@ -49,6 +49,7 @@ namespace Game
 	const dvar_t** fs_gameDirVar = reinterpret_cast<const dvar_t**>(0x63D0CC0);
 	const dvar_t** fs_homepath = reinterpret_cast<const dvar_t**>(0x63D4FD8);
 	const dvar_t** sv_privatePassword = reinterpret_cast<const dvar_t**>(0x62C7C14);
 	const dvar_t** sv_hostname = reinterpret_cast<const dvar_t**>(0x2098D98);
 	const dvar_t** sv_gametype = reinterpret_cast<const dvar_t**>(0x2098DD4);
 	const dvar_t** sv_mapname = reinterpret_cast<const dvar_t**>(0x2098DDC);
--- a/src/Game/Dvars.hpp
+++ b/src/Game/Dvars.hpp
@ -101,6 +101,7 @@ namespace Game
 	extern const dvar_t** fs_gameDirVar;
 	extern const dvar_t** fs_homepath;
 	extern const dvar_t** sv_privatePassword;
 	extern const dvar_t** sv_hostname;
 	extern const dvar_t** sv_gametype;
 	extern const dvar_t** sv_mapname;