]> git.xonotic.org Git - xonotic/darkplaces.git/blobdiff - crypto.c
projects / xonotic / darkplaces.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
transform: make hysteresis one-sided, no behaviour change
[xonotic/darkplaces.git] / crypto.c
diff --git a/crypto.c b/crypto.c
index ce1741822eee4e2504bc78f79da4b5f3bcdb84f4..e503102ec94564a8e5efe8c557602bd65bb1ac74 100644 (file)
--- a/crypto.c
+++ b/crypto.c
@@ -778,8 +778,6 @@ void Crypto_LoadKeys(void)
 
        Host_LockSession(); // we use the session ID here
 
-       SV_LockThreadMutex();
-
        // load keys
        // note: we are just a CLIENT
        // so we load:
@@ -874,16 +872,12 @@ void Crypto_LoadKeys(void)
        }
        if(crypto_keyfp_recommended_length < 7)
                crypto_keyfp_recommended_length = 7;
-
-       SV_UnlockThreadMutex();
 }
 
 static void Crypto_UnloadKeys(void)
 {
        int i;
 
-       SV_LockThreadMutex();
-
        keygen_i = -1;
        for(i = 0; i < MAX_PUBKEYS; ++i)
        {
@@ -896,8 +890,6 @@ static void Crypto_UnloadKeys(void)
                challenge_append_length = 0;
        }
        crypto_idstring = NULL;
-
-       SV_UnlockThreadMutex();
 }
 
 static mempool_t *cryptomempool;
@@ -2025,7 +2017,7 @@ int Crypto_ClientParsePacket(const char *data_in, size_t len_in, char *data_out,
        {
                int wantserverid = -1;
                Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL);
-               if(!crypto || !crypto->authenticated)
+               if(!crypto || !crypto->authenticated) // we ALSO get here if we are using an encrypted connection, so let's rule this out
                {
                        if(wantserverid >= 0)
                                return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");
@@ -2034,11 +2026,33 @@ int Crypto_ClientParsePacket(const char *data_in, size_t len_in, char *data_out,
                }
                return CRYPTO_NOMATCH;
        }
-       else if (len_in >= 1 && string[0] == 'j' && cls.connect_trying && d0_rijndael_dll && crypto_aeslevel.integer >= 3)
+       else if (len_in >= 1 && string[0] == 'j' && cls.connect_trying && d0_rijndael_dll)
        {
                int wantserverid = -1;
                Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL);
-               if(!crypto || !crypto->authenticated)
+               //if(!crypto || !crypto->authenticated)
+               {
+                       if(wantserverid >= 0)
+                               return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");
+                       if(crypto_aeslevel.integer >= 3)
+                               return Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)");
+               }
+               return CRYPTO_NOMATCH;
+       }
+       else if (len_in >= 5 && BuffLittleLong((unsigned char *) string) == ((int)NETFLAG_CTL | (int)len_in))
+       {
+               int wantserverid = -1;
+
+               // these three are harmless
+               if(string[4] == CCREP_SERVER_INFO)
+                       return CRYPTO_NOMATCH;
+               if(string[4] == CCREP_PLAYER_INFO)
+                       return CRYPTO_NOMATCH;
+               if(string[4] == CCREP_RULE_INFO)
+                       return CRYPTO_NOMATCH;
+
+               Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL);
+               //if(!crypto || !crypto->authenticated)
                {
                        if(wantserverid >= 0)
                                return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");