rcon: add flooding protection

This commit is contained in:
Diavolo 2023-04-25 09:50:09 +02:00
parent 6cba697f49
commit df25cffac0
10 changed files with 372 additions and 304 deletions

View File

@ -25,6 +25,8 @@ namespace auth
{
namespace
{
const game::dvar_t* password;
std::array<uint64_t, 18> client_xuids{};
std::string get_hdd_serial()
@ -336,6 +338,11 @@ namespace auth
// Intercept SV_DirectConnect in SV_AddTestClient
utils::hook::call(game::select(0x1422490DC, 0x14052E582), direct_connect_bots_stub);
scheduler::once([]
{
password = game::register_dvar_string("password", "", game::DVAR_USERINFO, "password");
}, scheduler::pipeline::main);
// Patch steam id bit check
std::vector<std::pair<size_t, size_t>> patches{};
const auto p = [&patches](const size_t a, const size_t b)

View File

@ -13,7 +13,7 @@ namespace dvars_patches
{
void patch_dvars()
{
game::register_sessionmode_dvar_bool("com_pauseSupported", !game::is_server(), game::DVAR_SERVERINFO, "Whether is pause is ever supported by the game mode");
(void)game::register_sessionmode_dvar_bool("com_pauseSupported", !game::is_server(), game::DVAR_SERVERINFO, "Whether is pause is ever supported by the game mode");
}
void patch_flags()

View File

@ -2,10 +2,8 @@
#include "loader/component_loader.hpp"
#include <game/game.hpp>
#include <game/utils.hpp>
#include "network.hpp"
#include "scheduler.hpp"
#include <utils/hook.hpp>
@ -56,11 +54,6 @@ namespace patches
// make sure client's reliableAck are not negative
sv_execute_client_messages_hook.create(game::select(0x14224A460, 0x14052F840), sv_execute_client_messages_stub);
scheduler::once([]
{
game::register_dvar_string("password", "", game::DVAR_USERINFO, "password");
}, scheduler::pipeline::main);
}
};
}

View File

@ -7,7 +7,6 @@
#include "scheduler.hpp"
#include <utils/finally.hpp>
#include <utils/string.hpp>
#include <game/utils.hpp>
@ -15,9 +14,13 @@ namespace rcon
{
namespace
{
const game::dvar_t* rcon_timeout;
std::unordered_map<std::size_t, int> rate_limit_map;
std::optional<std::string> get_and_validate_rcon_command(const std::string& data)
{
const command::params params{data.data()};
const command::params params{data};
if (params.size() <= 1)
{
@ -52,8 +55,51 @@ namespace rcon
network::send(target, "print", console_buffer);
}
bool rate_limit_check(const game::netadr_t& address, const int time)
{
const auto hash = std::hash<game::netadr_t>()(address);
if (!rate_limit_map.contains(hash))
{
rate_limit_map[hash] = 0;
}
const auto last_time = rate_limit_map[hash];
if (last_time && (time - last_time) < rcon_timeout->current.value.integer)
{
return false; // Flooding
}
rate_limit_map[hash] = time;
return true;
}
void rate_limit_cleanup(const int time)
{
for (auto i = rate_limit_map.begin(); i != rate_limit_map.end();)
{
// No longer at risk of flooding, remove
if ((time - i->second) > rcon_timeout->current.value.integer)
{
i = rate_limit_map.erase(i);
}
else
{
++i;
}
}
}
void rcon_handler(const game::netadr_t& target, const network::data_view& data)
{
const auto time = game::Sys_Milliseconds();
if (!rate_limit_check(target, time))
{
return;
}
rate_limit_cleanup(time);
auto str_data = std::string(reinterpret_cast<const char*>(data.data()), data.size());
scheduler::once([target, s = std::move(str_data)]
{
@ -67,6 +113,8 @@ namespace rcon
void post_unpack() override
{
network::on("rcon", rcon_handler);
rcon_timeout = game::register_dvar_int("rcon_timeout", 500, 100, 10000, game::DVAR_NONE, "");
}
};
}

View File

@ -97,7 +97,7 @@ namespace game
WEAK symbol<bool(char const*, netadr_t*)> NET_StringToAdr{0x142172780, 0x140515110};
// Sys
WEAK symbol<int()> Sys_Milliseconds{0x142332870};
WEAK symbol<int()> Sys_Milliseconds{0x142332870, 0x1405972F0};
WEAK symbol<void()> Sys_ShowConsole{0x1423333C0, 0x140597E40};
WEAK symbol<TLSData*()> Sys_GetTLS{0x1421837B0, 0x140525EB0};
WEAK symbol<TLSData*()> Sys_IsDatabaseReady{0x142183A60};
@ -124,6 +124,10 @@ namespace game
const char* description)> Dvar_RegisterBool{
0x1422D0900, 0x14057B500
};
WEAK symbol<dvar_t*(dvarStrHash_t hash, const char* dvarName, int value, int min, int max, unsigned int flags,
const char* description)> Dvar_RegisterInt{
0x0, 0x14057B7B0
};
WEAK symbol<dvar_t*(dvarStrHash_t hash, const char* dvarName, float value, float min, float max, unsigned int flags,
const char* description)> Dvar_RegisterFloat{
0x0, 0x14057B6B0

View File

@ -45,7 +45,7 @@ namespace game
return dvar->current.value.enabled;
}
const dvar_t* register_sessionmode_dvar_bool(const char* dvar_name, const bool value, const int flags,
const dvar_t* register_sessionmode_dvar_bool(const char* dvar_name, const bool value, const unsigned int flags,
const char* description, const eModes mode)
{
const auto hash = Dvar_GenerateHash(dvar_name);
@ -71,7 +71,7 @@ namespace game
return registered_dvar;
}
const dvar_t* register_dvar_bool(const char* dvar_name, const bool value, const int flags, const char* description)
const dvar_t* register_dvar_bool(const char* dvar_name, const bool value, const unsigned int flags, const char* description)
{
const auto hash = Dvar_GenerateHash(dvar_name);
auto* registered_dvar = Dvar_RegisterBool(hash, dvar_name, value, flags, description);
@ -84,7 +84,21 @@ namespace game
return registered_dvar;
}
const dvar_t* register_dvar_float(const char* dvar_name, float value, float min, float max, const int flags,
const dvar_t* register_dvar_int(const char* dvar_name, int value, int min, int max, const unsigned int flags,
const char* description)
{
const auto hash = Dvar_GenerateHash(dvar_name);
auto* registered_dvar = Dvar_RegisterInt(hash, dvar_name, value, min, max, flags, description);
if (registered_dvar)
{
registered_dvar->debugName = dvar_name;
}
return registered_dvar;
}
const dvar_t* register_dvar_float(const char* dvar_name, float value, float min, float max, const unsigned int flags,
const char* description)
{
const auto hash = Dvar_GenerateHash(dvar_name);
@ -98,7 +112,7 @@ namespace game
return registered_dvar;
}
const dvar_t* register_dvar_string(const char* dvar_name, const char* value, const int flags,
const dvar_t* register_dvar_string(const char* dvar_name, const char* value, const unsigned int flags,
const char* description)
{
const auto hash = Dvar_GenerateHash(dvar_name);
@ -112,7 +126,7 @@ namespace game
return registered_dvar;
}
void dvar_add_flags(const char* dvar_name, const dvarFlags_e flags)
void dvar_add_flags(const char* dvar_name, const unsigned int flags)
{
auto* dvar = Dvar_FindVar(dvar_name);
@ -132,7 +146,7 @@ namespace game
dvar_to_change->flags |= flags;
}
void dvar_set_flags(const char* dvar_name, const dvarFlags_e flags)
void dvar_set_flags(const char* dvar_name, const unsigned int flags)
{
auto* dvar = Dvar_FindVar(dvar_name);

View File

@ -4,20 +4,21 @@
namespace game
{
std::string get_dvar_string(const char* dvar_name);
int get_dvar_int(const char* dvar_name);
bool get_dvar_bool(const char* dvar_name);
[[nodiscard]] std::string get_dvar_string(const char* dvar_name);
[[nodiscard]] int get_dvar_int(const char* dvar_name);
[[nodiscard]] bool get_dvar_bool(const char* dvar_name);
const dvar_t* register_dvar_bool(const char* dvar_name, bool value, int flags, const char* description);
const dvar_t* register_dvar_float(const char* dvar_name, float value, float min, float max, const int flags, const char* description);
const dvar_t* register_sessionmode_dvar_bool(const char* dvar_name, bool value, int flags, const char* description, eModes mode = MODE_COUNT);
const dvar_t* register_dvar_string(const char* dvar_name, const char* value, int flags, const char* description);
[[nodiscard]] const dvar_t* register_dvar_bool(const char* dvar_name, bool value, unsigned int flags, const char* description);
[[nodiscard]] const dvar_t* register_dvar_int(const char* dvar_name, int value, int min, int max, unsigned int flags, const char* description);
[[nodiscard]] const dvar_t* register_dvar_float(const char* dvar_name, float value, float min, float max, unsigned int flags, const char* description);
[[nodiscard]] const dvar_t* register_sessionmode_dvar_bool(const char* dvar_name, bool value, unsigned int flags, const char* description, eModes mode = MODE_COUNT);
[[nodiscard]] const dvar_t* register_dvar_string(const char* dvar_name, const char* value, unsigned int flags, const char* description);
void dvar_add_flags(const char* dvar, dvarFlags_e flags);
void dvar_set_flags(const char* dvar_name, dvarFlags_e flags);
void dvar_add_flags(const char* dvar, unsigned int flags);
void dvar_set_flags(const char* dvar_name, unsigned int flags);
bool is_server_running();
size_t get_max_client_count();
[[nodiscard]] bool is_server_running();
[[nodiscard]] size_t get_max_client_count();
void foreach_client(const std::function<void(client_s&, size_t index)>& callback);
void foreach_client(const std::function<void(client_s&)>& callback);

View File

@ -305,7 +305,8 @@ namespace steam
auto& servers_list = hRequest == favorites_request ? favorites_servers : internet_servers;
static thread_local gameserveritem_t server_item{};
return servers_list.access<gameserveritem_t*>([iServer](const servers& s) -> gameserveritem_t* {
return servers_list.access<gameserveritem_t*>([iServer](const servers& s) -> gameserveritem_t*
{
if (iServer < 0 || static_cast<size_t>(iServer) >= s.size())
{
return nullptr;