From 7af0f7368c7d9cd4945897977fe0bbe787a8eb41 Mon Sep 17 00:00:00 2001
From: momo5502 <mauriceheumann@gmail.com>
Date: Wed, 31 May 2017 18:03:05 +0200
Subject: [PATCH] [Node] Check if ports match to get rid of unforwarded nodes

---
 src/Components/Modules/Download.cpp |  2 +-
 src/Components/Modules/Network.cpp  |  7 ++++++-
 src/Components/Modules/Network.hpp  |  2 ++
 src/Components/Modules/Node.cpp     | 15 +++++++++++----
 src/Proto/node.proto                |  4 ++++
 5 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/src/Components/Modules/Download.cpp b/src/Components/Modules/Download.cpp
index 72a3b583..0fc228e5 100644
--- a/src/Components/Modules/Download.cpp
+++ b/src/Components/Modules/Download.cpp
@@ -712,7 +712,7 @@ namespace Components
 
 			Network::OnStart([] ()
 			{
-				mg_connection* nc = mg_bind(&Download::Mgr, Utils::String::VA("%hu", (Dvar::Var("net_port").get<int>() & 0xFFFF)), Download::EventHandler);
+				mg_connection* nc = mg_bind(&Download::Mgr, Utils::String::VA("%hu", Network::GetPort()), Download::EventHandler);
 
 				if (nc)
 				{
diff --git a/src/Components/Modules/Network.cpp b/src/Components/Modules/Network.cpp
index 3d56e28a..2b75ab35 100644
--- a/src/Components/Modules/Network.cpp
+++ b/src/Components/Modules/Network.cpp
@@ -98,7 +98,7 @@ namespace Components
 	bool Network::Address::isSelf()
 	{
 		if (Game::NET_IsLocalAddress(this->address)) return true; // Loopback
-		if (this->getPort() != (Dvar::Var("net_port").get<int>() & 0xFFFF)) return false; // Port not equal
+		if (this->getPort() != Network::GetPort()) return false; // Port not equal
 
 		for (int i = 0; i < *Game::numIP; ++i)
 		{
@@ -287,6 +287,11 @@ namespace Components
 		Network::StartupSignal();
 	}
 
+	unsigned short Network::GetPort()
+	{
+		return static_cast<unsigned short>(Dvar::Var(0x64A3004).get<unsigned int>());
+	}
+
 	__declspec(naked) void Network::NetworkStartStub()
 	{
 		__asm
diff --git a/src/Components/Modules/Network.hpp b/src/Components/Modules/Network.hpp
index a7a40441..54814e3e 100644
--- a/src/Components/Modules/Network.hpp
+++ b/src/Components/Modules/Network.hpp
@@ -58,6 +58,8 @@ namespace Components
 		Network();
 		~Network();
 
+		static unsigned short GetPort();
+
 		static void Handle(std::string packet, Utils::Slot<Callback> callback);
 		static void OnStart(Utils::Slot<CallbackRaw> callback);
 
diff --git a/src/Components/Modules/Node.cpp b/src/Components/Modules/Node.cpp
index e18efc4f..aaebe35b 100644
--- a/src/Components/Modules/Node.cpp
+++ b/src/Components/Modules/Node.cpp
@@ -261,6 +261,7 @@ namespace Components
 			entry->challenge = Utils::Cryptography::Rand::GenerateChallenge();
 
 			Proto::Node::Packet packet;
+			packet.set_port(Network::GetPort());
 			packet.set_challenge(entry->challenge);
 
 #if defined(DEBUG) && !defined(DISABLE_NODE_LOG)
@@ -412,6 +413,7 @@ namespace Components
 				std::string challenge = Utils::Cryptography::Rand::GenerateChallenge();
 
 				Proto::Node::Packet packet;
+				packet.set_port(Network::GetPort());
 				packet.set_challenge(challenge);
 				packet.set_signature(Utils::Cryptography::ECC::SignMessage(Node::SignatureKey, challenge));
 
@@ -428,6 +430,11 @@ namespace Components
 			{
 				if (Dvar::Var("sv_lanOnly").get<bool>()) return;
 
+				Proto::Node::Packet packet;
+				if (!packet.ParseFromString(data)) return;
+				if (packet.challenge().empty()) return;
+				if (packet.port() && packet.port() != address.getPort()) return;
+
 				// Create a new entry, if we don't already know it
 				if (!Node::FindNode(address))
 				{
@@ -442,10 +449,6 @@ namespace Components
 				Logger::Print("Received registration request from %s\n", address.getCString());
 #endif
 
-				Proto::Node::Packet packet;
-				if (!packet.ParseFromString(data)) return;
-				if (packet.challenge().empty()) return;
-
 				std::string signature = Utils::Cryptography::ECC::SignMessage(Node::SignatureKey, packet.challenge());
 				std::string challenge = Utils::Cryptography::Rand::GenerateChallenge();
 
@@ -464,6 +467,7 @@ namespace Components
 				packet.set_challenge(challenge);
 				packet.set_signature(signature);
 				packet.set_publickey(Node::SignatureKey.getPublicKey());
+				packet.set_port(Network::GetPort());
 
 				entry->lastTime = Game::Sys_Milliseconds();
 				entry->challenge = challenge;
@@ -489,6 +493,7 @@ namespace Components
 				if (packet.challenge().empty()) return;
 				if (packet.publickey().empty()) return;
 				if (packet.signature().empty()) return;
+				if (packet.port() && packet.port() != address.getPort()) return;
 
 				std::string challenge = packet.challenge();
 				std::string publicKey = packet.publickey();
@@ -549,6 +554,7 @@ namespace Components
 				if (!packet.ParseFromString(data)) return;
 				if (packet.signature().empty()) return;
 				if (packet.publickey().empty()) return;
+				if (packet.port() && packet.port() != address.getPort()) return;
 
 				std::string publicKey = packet.publickey();
 				std::string signature = packet.signature();
@@ -627,6 +633,7 @@ namespace Components
 				if (!packet.ParseFromString(data)) return;
 				if (packet.challenge().empty()) return;
 				if (packet.signature().empty()) return;
+				if (packet.port() && packet.port() != address.getPort()) return;
 
 				std::string challenge = packet.challenge();
 				std::string signature = packet.signature();
diff --git a/src/Proto/node.proto b/src/Proto/node.proto
index 103f616d..ba1168a0 100644
--- a/src/Proto/node.proto
+++ b/src/Proto/node.proto
@@ -8,6 +8,10 @@ message Packet
 	bytes challenge = 1;
 	bytes signature = 2;
 	bytes publickey = 3;
+
+	// The port is used to check if a dedi sends data through a redirected port.
+	// This usually means the port is not forwarded
+	uint32 port     = 4;
 }
 
 message List