Rim/iw4x-client
Rim/iw4x-client
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #11 from IW4x/feature/add-guid-validation

Browse Source 
Generate new key if player guid has been shared.
This commit is contained in:
Maurice Heumann 2019-10-06 10:03:22 +02:00 committed by GitHub
commit e59bde4340
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 32 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/Components/Modules/Auth.cpp
View File

@ -8,6 +8,10 @@ namespace Components
Utils::Cryptography::Token Auth::ComputeToken; Utils::Cryptography::Token Auth::ComputeToken;
Utils::Cryptography::ECC::Key Auth::GuidKey; Utils::Cryptography::ECC::Key Auth::GuidKey;
std::vector<std::uint64_t> Auth::BannedUids = {
0xf4d2c30b712ac6e3
};
void Auth::Frame() void Auth::Frame()
{ {
if (Auth::TokenContainer.generating) if (Auth::TokenContainer.generating)
@ -64,6 +68,13 @@ namespace Components
return; return;
} }
if (std::find(Auth::BannedUids.begin(), Auth::BannedUids.end(), Steam::SteamUser()->GetSteamID().bits) != Auth::BannedUids.end())
{
Auth::GenerateKey();
Logger::SoftError("Your online profile is invalid. A new key has been generated.");
return;
}
std::string connectString(format, len); std::string connectString(format, len);
Game::SV_Cmd_TokenizeString(connectString.data()); Game::SV_Cmd_TokenizeString(connectString.data());
@ -187,6 +198,12 @@ namespace Components
return; return;
} }
if (std::find(Auth::BannedUids.begin(), Auth::BannedUids.end(), xuid) != Auth::BannedUids.end())
{
Network::Send(address, "error\nYour online profile is invalid. Delete your players folder and restart ^2IW4x^7.");
return;
}
if (xuid != Auth::GetKeyHash(connectData.publickey())) if (xuid != Auth::GetKeyHash(connectData.publickey()))
{ {
Network::Send(address, "error\nXUID doesn't match the certificate!"); Network::Send(address, "error\nXUID doesn't match the certificate!");
@ -268,6 +285,14 @@ namespace Components
} }
} }
void Auth::GenerateKey()
{
Auth::GuidToken.clear();
Auth::ComputeToken.clear();
Auth::GuidKey = Utils::Cryptography::ECC::GenerateKey(512);
Auth::StoreKey();
}
void Auth::LoadKey(bool force) void Auth::LoadKey(bool force)
{ {
if (Dedicated::IsEnabled() || ZoneBuilder::IsEnabled()) return; if (Dedicated::IsEnabled() || ZoneBuilder::IsEnabled()) return;
@ -287,10 +312,7 @@ namespace Components
if (!Auth::GuidKey.isValid()) if (!Auth::GuidKey.isValid())
{ {
Auth::GuidToken.clear(); Auth::GenerateKey();
Auth::ComputeToken.clear();
Auth::GuidKey = Utils::Cryptography::ECC::GenerateKey(512);
Auth::StoreKey();
} }
} }

3
src/Components/Modules/Auth.hpp
View File

@ -13,6 +13,8 @@ namespace Components
static void StoreKey(); static void StoreKey();
static void LoadKey(bool force = false); static void LoadKey(bool force = false);
static void GenerateKey();
static unsigned __int64 GetKeyHash(); static unsigned __int64 GetKeyHash();
static unsigned __int64 GetKeyHash(const std::string& key); static unsigned __int64 GetKeyHash(const std::string& key);
@ -41,6 +43,7 @@ namespace Components
static Utils::Cryptography::Token GuidToken; static Utils::Cryptography::Token GuidToken;
static Utils::Cryptography::Token ComputeToken; static Utils::Cryptography::Token ComputeToken;
static Utils::Cryptography::ECC::Key GuidKey; static Utils::Cryptography::ECC::Key GuidKey;
static std::vector<std::uint64_t> BannedUids;
static void SendConnectDataStub(Game::netsrc_t sock, Game::netadr_t adr, const char *format, int len); static void SendConnectDataStub(Game::netsrc_t sock, Game::netadr_t adr, const char *format, int len);
static void ParseConnectData(Game::msg_t* msg, Game::netadr_t* addr); static void ParseConnectData(Game::msg_t* msg, Game::netadr_t* addr);

2
src/Components/Modules/QuickPatch.cpp
View File

@ -128,7 +128,7 @@ namespace Components
{ {
if (!dest[i]) break; if (!dest[i]) break;
if (dest[i] > 125 || dest[i] < 32) if (dest[i] > 125 || dest[i] < 32 || dest[i] == '%')
{ {
return false; return false;
} }