#include "sv_demo.h"
#include "image.h"
+// for secure rcon authentication
+#include "hmac.h"
+#include "mdfour.h"
+#include <time.h>
+
int current_skill;
cvar_t sv_cheats = {0, "sv_cheats", "0", "enables cheat commands in any game, and cheat impulses in dpmod"};
cvar_t sv_adminnick = {CVAR_SAVE, "sv_adminnick", "", "nick name to use for admin messages instead of host name"};
cvar_t sv_status_privacy = {CVAR_SAVE, "sv_status_privacy", "0", "do not show IP addresses in 'status' replies to clients"};
+cvar_t sv_status_show_qcstatus = {CVAR_SAVE, "sv_status_show_qcstatus", "0", "show the 'qcstatus' field in status replies, not the 'frags' field. Turn this on if your mod uses this field, and the 'frags' field on the other hand has no meaningful value."};
cvar_t rcon_password = {CVAR_PRIVATE, "rcon_password", "", "password to authenticate rcon commands"};
+cvar_t rcon_secure = {0, "rcon_secure", "1", "force secure rcon authentication"};
cvar_t rcon_address = {0, "rcon_address", "", "server address to send rcon commands to (when not connected to a server)"};
cvar_t team = {CVAR_USERINFO | CVAR_SAVE, "team", "none", "QW team (4 character limit, example: blue)"};
cvar_t skin = {CVAR_USERINFO | CVAR_SAVE, "skin", "", "QW player skin name (example: base)"};
*/
void Host_Status_f (void)
{
+ char qcstatus[256];
client_t *client;
int seconds = 0, minutes = 0, hours = 0, i, j, k, in, players, ping = 0, packetloss = 0;
void (*print) (const char *fmt, ...);
char ip[22];
-
+ int frags;
+
if (cmd_source == src_command)
{
// if running a client, try to send over network so the client's status report parser will see the report
if (!sv.active)
return;
+ if(cmd_source == src_command)
+ SV_VM_Begin();
+
in = 0;
if (Cmd_Argc() == 2)
{
strlcpy(ip, client->netconnection ? "hidden" : "botclient" , 22);
else
strlcpy(ip, (client->netconnection && client->netconnection->address) ? client->netconnection->address : "botclient", 22);
+
+ frags = client->frags;
+
+ if(sv_status_show_qcstatus.integer && prog->fieldoffsets.clientstatus >= 0)
+ {
+ const char *str = PRVM_E_STRING(PRVM_EDICT_NUM(i + 1), prog->fieldoffsets.clientstatus);
+ if(str && *str)
+ {
+ char *p;
+ const char *q;
+ p = qcstatus;
+ for(q = str; *q && p != qcstatus + sizeof(qcstatus) - 1; ++q)
+ if(*q != '\\' && *q != '"' && !ISWHITESPACE(*q))
+ *p++ = *q;
+ *p = 0;
+ if(*qcstatus)
+ frags = atoi(qcstatus);
+ }
+ }
if (in == 0) // default layout
{
print ("#%-3u ", i+1);
- print ("%-16.16s ", client->name);
- print ("%3i ", client->frags);
+ print ("%-16.16s ", client->name);
+ print ("%4i ", frags);
print ("%2i:%02i:%02i\n ", hours, minutes, seconds);
print ("%s\n", ip);
}
print ("%2i ", packetloss);
print ("%4i ", ping);
print ("%2i:%02i:%02i ", hours, minutes, seconds);
- print ("%4i ", client->frags);
+ print ("%4i ", frags);
print ("#%-3u ", i+1);
print ("^7%s\n", client->name);
}
print ("^7%s\n", client->name);
}
}
+
+ if(cmd_source == src_command)
+ SV_VM_End();
}
CL_Disconnect ();
Host_ShutdownServer();
+ if(svs.maxclients != svs.maxclients_next)
+ {
+ svs.maxclients = svs.maxclients_next;
+ if (svs.clients)
+ Mem_Free(svs.clients);
+ svs.clients = (client_t *)Mem_Alloc(sv_mempool, sizeof(client_t) * svs.maxclients);
+ }
+
// remove menu
key_dest = key_game;
// will still contain its IP address, so get the address...
InfoString_GetValue(cls.userinfo, "*ip", temp, sizeof(temp));
if (temp[0])
+ {
+ // clear the rcon password, to prevent vulnerability by stuffcmd-ing a setinfo command to change *ip, then reconnect
+ Cvar_SetQuick(&rcon_password, "");
CL_EstablishConnection(temp);
+ }
else
Con_Printf("Reconnect to what server? (you have not connected to a server yet)\n");
return;
Con_Print("connect <serveraddress> : connect to a multiplayer game\n");
return;
}
+ // clear the rcon password, to prevent vulnerability by stuffcmd-ing a connect command
+ Cvar_SetQuick(&rcon_password, "");
CL_EstablishConnection(Cmd_Argv(1));
}
// convert space to _ to make stdio happy
// LordHavoc: convert control characters to _ as well
for (i=0 ; i<SAVEGAME_COMMENT_LENGTH ; i++)
- if (comment[i] <= ' ')
+ if (ISWHITESPACEORCONTROL(comment[i]))
comment[i] = '_';
comment[SAVEGAME_COMMENT_LENGTH] = '\0';
if (i >= 0 && i < MAX_MODELS)
{
strlcpy(sv.model_precache[i], com_token, sizeof(sv.model_precache[i]));
- sv.models[i] = Mod_ForName (sv.model_precache[i], true, false, false);
+ sv.models[i] = Mod_ForName (sv.model_precache[i], true, false, sv.model_precache[i][0] == '*' ? sv.modelname : NULL);
}
else
Con_Printf("unsupported model %i \"%s\"\n", i, com_token);
i++;
continue;
}
+ if (host_client->name[i+1] == STRING_COLOR_RGB_TAG_CHAR && isxdigit(host_client->name[i+2]) && isxdigit(host_client->name[i+3]) && isxdigit(host_client->name[i+4]))
+ {
+ j = i;
+ i += 4;
+ continue;
+ }
if (host_client->name[i+1] == STRING_COLOR_TAG)
{
i++;
if (!e)
return;
- m = Mod_ForName (Cmd_Argv(1), false, true, false);
+ m = Mod_ForName (Cmd_Argv(1), false, true, NULL);
if (!m || !m->loaded || !m->Draw)
{
Con_Printf("viewmodel: can't load %s\n", Cmd_Argv(1));
if (Cmd_Argc() != 2)
{
- Con_Printf("\"maxplayers\" is \"%u\"\n", svs.maxclients);
+ Con_Printf("\"maxplayers\" is \"%u\"\n", svs.maxclients_next);
return;
}
if (sv.active)
{
Con_Print("maxplayers can not be changed while a server is running.\n");
- return;
+ Con_Print("It will be changed on next server startup (\"map\" command).\n");
}
n = atoi(Cmd_Argv(1));
n = bound(1, n, MAX_SCOREBOARD);
Con_Printf("\"maxplayers\" set to \"%u\"\n", n);
- if (svs.clients)
- Mem_Free(svs.clients);
- svs.maxclients = n;
- svs.clients = (client_t *)Mem_Alloc(sv_mempool, sizeof(client_t) * svs.maxclients);
+ svs.maxclients_next = n;
if (n == 1)
Cvar_Set ("deathmatch", "0");
else
for (i = 0;rcon_password.string[i];i++)
{
- if (rcon_password.string[i] <= ' ')
+ if (ISWHITESPACE(rcon_password.string[i]))
{
Con_Printf("rcon_password is not allowed to have any whitespace.\n");
return;
if (mysocket)
{
// simply put together the rcon packet and send it
- NetConn_WriteString(mysocket, va("\377\377\377\377rcon %s %s", rcon_password.string, Cmd_Args()), &to);
+ if(rcon_secure.integer)
+ {
+ char buf[1500];
+ char argbuf[1500];
+ dpsnprintf(argbuf, sizeof(argbuf), "%ld %s", (long) time(NULL), Cmd_Args());
+ memcpy(buf, "\377\377\377\377srcon HMAC-MD4 TIME ", 24);
+ if(HMAC_MDFOUR_16BYTES((unsigned char *) (buf + 24), (unsigned char *) argbuf, strlen(argbuf), (unsigned char *) rcon_password.string, strlen(rcon_password.string)))
+ {
+ buf[40] = ' ';
+ strlcpy(buf + 41, argbuf, sizeof(buf) - 41);
+ NetConn_Write(mysocket, buf, 41 + strlen(buf + 41), &to);
+ }
+ }
+ else
+ {
+ NetConn_WriteString(mysocket, va("\377\377\377\377rcon %s %s", rcon_password.string, Cmd_Args()), &to);
+ }
}
}
Cvar_RegisterVariable (&rcon_password);
Cvar_RegisterVariable (&rcon_address);
+ Cvar_RegisterVariable (&rcon_secure);
Cmd_AddCommand ("rcon", Host_Rcon_f, "sends a command to the server console (if your rcon_password matches the server's rcon_password), or to the address specified by rcon_address when not connected (again rcon_password must match the server's)");
Cmd_AddCommand ("user", Host_User_f, "prints additional information about a player number or name on the scoreboard");
Cmd_AddCommand ("users", Host_Users_f, "prints additional information about all players on the scoreboard");
Cvar_RegisterVariable(&sv_cheats);
Cvar_RegisterVariable(&sv_adminnick);
Cvar_RegisterVariable(&sv_status_privacy);
+ Cvar_RegisterVariable(&sv_status_show_qcstatus);
}
void Host_NoOperation_f(void)
projects / xonotic / darkplaces.git / blobdiff