string uri;
float i, n;
- uri = strcat( "action=ban&hostname=", uri_escape(autocvar_hostname));
+ uri = strcat("action=ban&hostname=", uri_escape(autocvar_hostname));
uri = strcat(uri, "&ip=", uri_escape(ip));
uri = strcat(uri, "&duration=", ftos(bantime));
uri = strcat(uri, "&reason=", uri_escape(reason));
n = tokenize_console(autocvar_g_ban_sync_uri);
- if(n >= MAX_IPBAN_URIS)
+ if (n >= MAX_IPBAN_URIS) {
n = MAX_IPBAN_URIS;
- for(i = 0; i < n; ++i)
- {
- if(strstrofs(argv(i), "?", 0) >= 0)
+ }
+ for (i = 0; i < n; ++i) {
+ if (strstrofs(argv(i), "?", 0) >= 0) {
uri_get(strcat(argv(i), "&", uri), URI_GET_DISCARD); // 0 = "discard" callback target
- else
+ } else {
uri_get(strcat(argv(i), "?", uri), URI_GET_DISCARD); // 0 = "discard" callback target
+ }
}
}
string uri;
float i, n;
- uri = strcat( "action=unban&hostname=", uri_escape(autocvar_hostname));
+ uri = strcat("action=unban&hostname=", uri_escape(autocvar_hostname));
uri = strcat(uri, "&ip=", uri_escape(ip));
n = tokenize_console(autocvar_g_ban_sync_uri);
- if(n >= MAX_IPBAN_URIS)
+ if (n >= MAX_IPBAN_URIS) {
n = MAX_IPBAN_URIS;
- for(i = 0; i < n; ++i)
- {
- if(strstrofs(argv(i), "?", 0) >= 0)
+ }
+ for (i = 0; i < n; ++i) {
+ if (strstrofs(argv(i), "?", 0) >= 0) {
uri_get(strcat(argv(i), "&", uri), URI_GET_DISCARD); // 0 = "discard" callback target
- else
+ } else {
uri_get(strcat(argv(i), "?", uri), URI_GET_DISCARD); // 0 = "discard" callback target
+ }
}
}
id -= URI_GET_IPBAN;
- if(id >= MAX_IPBAN_URIS)
- {
+ if (id >= MAX_IPBAN_URIS) {
LOG_INFO("Received ban list for invalid ID");
return;
}
string prelude = strcat("Received ban list from ", uri, ": ");
- if(OnlineBanList_RequestWaiting[id] == 0)
- {
+ if (OnlineBanList_RequestWaiting[id] == 0) {
LOG_INFO(prelude, "rejected (unexpected)");
return;
}
OnlineBanList_RequestWaiting[id] = 0;
- if(time > OnlineBanList_Timeout)
- {
+ if (time > OnlineBanList_Timeout) {
LOG_INFO(prelude, "rejected (too late)");
return;
}
syncinterval = autocvar_g_ban_sync_interval;
- if(syncinterval == 0)
- {
+ if (syncinterval == 0) {
LOG_INFO(prelude, "rejected (syncing disabled)");
return;
}
- if(syncinterval > 0)
+ if (syncinterval > 0) {
syncinterval *= 60;
+ }
- if(status != 0)
- {
+ if (status != 0) {
LOG_INFO(prelude, "error: status is ", ftos(status));
return;
}
- if(substring(data, 0, 1) == "<")
- {
+ if (substring(data, 0, 1) == "<") {
LOG_INFO(prelude, "error: received HTML instead of a ban list");
return;
}
- if(strstrofs(data, "\r", 0) != -1)
- {
+ if (strstrofs(data, "\r", 0) != -1) {
LOG_INFO(prelude, "error: received carriage returns");
return;
}
- if(data == "")
+ if (data == "") {
n = 0;
- else
+ } else {
n = tokenizebyseparator(data, "\n");
+ }
- if((n % 4) != 0)
- {
+ if ((n % 4) != 0) {
LOG_INFO(prelude, "error: received invalid item count: ", ftos(n));
return;
}
LOG_INFO(prelude, "OK, ", ftos(n / 4), " items");
- for(i = 0; i < n; i += 4)
- {
+ for (i = 0; i < n; i += 4) {
ip = argv(i);
timeleft = stof(argv(i + 1));
reason = argv(i + 2);
LOG_TRACE(" serverip=", serverip);
timeleft -= 1.5 * autocvar_g_ban_sync_timeout;
- if(timeleft < 0)
+ if (timeleft < 0) {
continue;
+ }
l = strlen(ip);
- if(l != 44) // length 44 is a cryptographic ID
- {
- for(j = 0; j < l; ++j)
- if(strstrofs("0123456789.", substring(ip, j, 1), 0) == -1)
- {
+ if (l != 44) { // length 44 is a cryptographic ID
+ for (j = 0; j < l; ++j) {
+ if (strstrofs("0123456789.", substring(ip, j, 1), 0) == -1) {
LOG_INFO("Invalid character ", substring(ip, j, 1), " in IP address ", ip, ". Skipping this ban.");
goto skip;
}
+ }
}
- if(autocvar_g_ban_sync_trusted_servers_verify)
- if((strstrofs(strcat(";", OnlineBanList_Servers, ";"), strcat(";", serverip, ";"), 0) == -1))
+ if (autocvar_g_ban_sync_trusted_servers_verify) {
+ if ((strstrofs(strcat(";", OnlineBanList_Servers, ";"), strcat(";", serverip, ";"), 0) == -1)) {
continue;
+ }
+ }
- if(syncinterval > 0)
+ if (syncinterval > 0) {
timeleft = min(syncinterval + (OnlineBanList_Timeout - time) + 5, timeleft);
- // the ban will be prolonged on the next sync
- // or expire 5 seconds after the next timeout
+ }
+ // the ban will be prolonged on the next sync
+ // or expire 5 seconds after the next timeout
Ban_Insert(ip, timeleft, strcat("ban synced from ", serverip, " at ", uri), 0);
LOG_INFO("Ban list syncing: accepted ban of ", ip, " by ", serverip, " at ", uri, ": ", reason);
-LABEL(skip)
+ LABEL(skip)
}
}
string uri;
float i, n;
- if(autocvar_g_ban_sync_uri == "")
+ if (autocvar_g_ban_sync_uri == "") {
goto killme;
- if(autocvar_g_ban_sync_interval == 0) // < 0 is okay, it means "sync on level start only"
+ }
+ if (autocvar_g_ban_sync_interval == 0) { // < 0 is okay, it means "sync on level start only"
goto killme;
+ }
argc = tokenize_console(autocvar_g_ban_sync_trusted_servers);
- if(argc == 0)
+ if (argc == 0) {
goto killme;
+ }
- if(OnlineBanList_Servers)
+ if (OnlineBanList_Servers) {
strunzone(OnlineBanList_Servers);
+ }
OnlineBanList_Servers = argv(0);
- for(i = 1; i < argc; ++i)
+ for (i = 1; i < argc; ++i) {
OnlineBanList_Servers = strcat(OnlineBanList_Servers, ";", argv(i));
+ }
OnlineBanList_Servers = strzone(OnlineBanList_Servers);
- uri = strcat( "action=list&hostname=", uri_escape(autocvar_hostname));
+ uri = strcat("action=list&hostname=", uri_escape(autocvar_hostname));
uri = strcat(uri, "&servers=", uri_escape(OnlineBanList_Servers));
OnlineBanList_Timeout = time + autocvar_g_ban_sync_timeout;
n = tokenize_console(autocvar_g_ban_sync_uri);
- if(n >= MAX_IPBAN_URIS)
+ if (n >= MAX_IPBAN_URIS) {
n = MAX_IPBAN_URIS;
- for(i = 0; i < n; ++i)
- {
- if(OnlineBanList_RequestWaiting[i])
+ }
+ for (i = 0; i < n; ++i) {
+ if (OnlineBanList_RequestWaiting[i]) {
continue;
+ }
OnlineBanList_RequestWaiting[i] = 1;
- if(strstrofs(argv(i), "?", 0) >= 0)
+ if (strstrofs(argv(i), "?", 0) >= 0) {
uri_get(strcat(argv(i), "&", uri), URI_GET_IPBAN + i); // 1000 = "banlist" callback target
- else
+ } else {
uri_get(strcat(argv(i), "?", uri), URI_GET_IPBAN + i); // 1000 = "banlist" callback target
+ }
}
- if(autocvar_g_ban_sync_interval > 0)
+ if (autocvar_g_ban_sync_interval > 0) {
this.nextthink = time + max(60, autocvar_g_ban_sync_interval * 60);
- else
+ } else {
goto killme;
+ }
return;
-LABEL(killme)
+ LABEL(killme)
delete(this);
}
string out;
float i;
- if(!ban_loaded)
+ if (!ban_loaded) {
return;
+ }
// version of list
out = "1";
- for(i = 0; i < ban_count; ++i)
- {
- if(time > ban_expire[i])
+ for (i = 0; i < ban_count; ++i) {
+ if (time > ban_expire[i]) {
continue;
+ }
out = strcat(out, " ", ban_ip[i]);
out = strcat(out, " ", ftos(ban_expire[i] - time));
}
- if(strlen(out) <= 1) // no real entries
+ if (strlen(out) <= 1) { // no real entries
cvar_set("g_banned_list", "");
- else
+ } else {
cvar_set("g_banned_list", out);
+ }
}
float Ban_Delete(float i)
{
- if(i < 0)
+ if (i < 0) {
return false;
- if(i >= ban_count)
+ }
+ if (i >= ban_count) {
return false;
- if(ban_expire[i] == 0)
+ }
+ if (ban_expire[i] == 0) {
return false;
- if(ban_expire[i] > 0)
- {
+ }
+ if (ban_expire[i] > 0) {
OnlineBanList_SendUnban(ban_ip[i]);
strunzone(ban_ip[i]);
}
void Ban_LoadBans()
{
float i, n;
- for(i = 0; i < ban_count; ++i)
+ for (i = 0; i < ban_count; ++i) {
Ban_Delete(i);
+ }
ban_count = 0;
ban_loaded = true;
n = tokenize_console(autocvar_g_banned_list);
- if(stof(argv(0)) == 1)
- {
+ if (stof(argv(0)) == 1) {
ban_count = (n - 1) / 2;
- for(i = 0; i < ban_count; ++i)
- {
- ban_ip[i] = strzone(argv(2*i+1));
- ban_expire[i] = time + stof(argv(2*i+2));
+ for (i = 0; i < ban_count; ++i) {
+ ban_ip[i] = strzone(argv(2 * i + 1));
+ ban_expire[i] = time + stof(argv(2 * i + 2));
}
}
LOG_INFO("^2Listing all existing active bans:");
n = 0;
- for(i = 0; i < ban_count; ++i)
- {
- if(time > ban_expire[i])
+ for (i = 0; i < ban_count; ++i) {
+ if (time > ban_expire[i]) {
continue;
+ }
++n; // total number of existing bans
float i1, i2, i3, i4;
string s;
- if(client.crypto_idfp_signed)
+ if (client.crypto_idfp_signed) {
ban_idfp = client.crypto_idfp;
- else
+ } else {
ban_idfp = string_null;
+ }
s = client.netaddress;
i1 = strstrofs(s, ".", 0);
- if(i1 < 0)
+ if (i1 < 0) {
goto ipv6;
+ }
i2 = strstrofs(s, ".", i1 + 1);
- if(i2 < 0)
+ if (i2 < 0) {
return false;
+ }
i3 = strstrofs(s, ".", i2 + 1);
- if(i3 < 0)
+ if (i3 < 0) {
return false;
+ }
i4 = strstrofs(s, ".", i3 + 1);
- if(i4 >= 0)
+ if (i4 >= 0) {
s = substring(s, 0, i4);
+ }
ban_ip1 = substring(s, 0, i1); // 8
ban_ip2 = substring(s, 0, i2); // 16
ban_ip3 = substring(s, 0, i3); // 24
- ban_ip4 = strcat1(s); // 32
+ ban_ip4 = strcat1(s); // 32
return true;
-LABEL(ipv6)
+ LABEL(ipv6)
i1 = strstrofs(s, ":", 0);
- if(i1 < 0)
+ if (i1 < 0) {
return false;
+ }
i1 = strstrofs(s, ":", i1 + 1);
- if(i1 < 0)
+ if (i1 < 0) {
return false;
+ }
i2 = strstrofs(s, ":", i1 + 1);
- if(i2 < 0)
+ if (i2 < 0) {
return false;
+ }
i3 = strstrofs(s, ":", i2 + 1);
- if(i3 < 0)
+ if (i3 < 0) {
return false;
+ }
ban_ip1 = strcat(substring(s, 0, i1), "::/32"); // 32
ban_ip2 = strcat(substring(s, 0, i2), "::/48"); // 48
ban_ip4 = strcat(substring(s, 0, i3), "::/64"); // 64
- if(i3 - i2 > 3) // means there is more than 2 digits and a : in the range
+ if (i3 - i2 > 3) { // means there is more than 2 digits and a : in the range
ban_ip3 = strcat(substring(s, 0, i2), ":", substring(s, i2 + 1, i3 - i2 - 3), "00::/56");
- else
+ } else {
ban_ip3 = strcat(substring(s, 0, i2), ":0::/56");
+ }
return true;
}
float Ban_IsClientBanned(entity client, float idx)
{
float i, b, e, ipbanned;
- if(!ban_loaded)
+ if (!ban_loaded) {
Ban_LoadBans();
- if(!Ban_GetClientIP(client))
+ }
+ if (!Ban_GetClientIP(client)) {
return false;
- if(idx < 0)
- {
+ }
+ if (idx < 0) {
b = 0;
e = ban_count;
- }
- else
- {
+ } else {
b = idx;
e = idx + 1;
}
ipbanned = false;
- for(i = b; i < e; ++i)
- {
+ for (i = b; i < e; ++i) {
string s;
- if(time > ban_expire[i])
+ if (time > ban_expire[i]) {
continue;
+ }
s = ban_ip[i];
- if(ban_ip1 == s) ipbanned = true;
- if(ban_ip2 == s) ipbanned = true;
- if(ban_ip3 == s) ipbanned = true;
- if(ban_ip4 == s) ipbanned = true;
- if(ban_idfp == s) return true;
+ if (ban_ip1 == s) { ipbanned = true; }
+ if (ban_ip2 == s) { ipbanned = true; }
+ if (ban_ip3 == s) { ipbanned = true; }
+ if (ban_ip4 == s) { ipbanned = true; }
+ if (ban_idfp == s) { return true; }
}
- if(ipbanned)
- {
- if(!autocvar_g_banned_list_idmode)
+ if (ipbanned) {
+ if (!autocvar_g_banned_list_idmode) {
return true;
- if (!ban_idfp)
+ }
+ if (!ban_idfp) {
return true;
+ }
}
return false;
}
bool Ban_MaybeEnforceBan(entity client)
{
- if (Ban_IsClientBanned(client, -1))
- {
+ if (Ban_IsClientBanned(client, -1)) {
string s = sprintf("^1NOTE:^7 banned client %s just tried to enter\n", client.netaddress);
dropclient(client);
bprint(s);
.bool ban_checked;
bool Ban_MaybeEnforceBanOnce(entity client)
{
- if (client.ban_checked) return false;
+ if (client.ban_checked) { return false; }
client.ban_checked = true;
return Ban_MaybeEnforceBan(client);
}
s = "";
FOREACH_CLIENTSLOT(IS_REAL_CLIENT(it),
{
- if(Ban_IsClientBanned(it, j))
- {
- if(reason != "")
- {
- if(s == "")
+ if (Ban_IsClientBanned(it, j)) {
+ if (reason != "") {
+ if (s == "") {
reason = strcat(reason, ": affects ");
- else
+ } else {
reason = strcat(reason, ", ");
+ }
reason = strcat(reason, it.netname);
}
s = strcat(s, "^1NOTE:^7 banned client ", it.netaddress, "^7 has to go\n");
float bestscore;
// already banned?
- for(i = 0; i < ban_count; ++i)
- if(ban_ip[i] == ip)
- {
+ for (i = 0; i < ban_count; ++i) {
+ if (ban_ip[i] == ip) {
// prolong the ban
- if(time + bantime > ban_expire[i])
- {
+ if (time + bantime > ban_expire[i]) {
ban_expire[i] = time + bantime;
LOG_TRACE(ip, "'s ban has been prolonged to ", ftos(bantime), " seconds from now");
- }
- else
+ } else {
LOG_TRACE(ip, "'s ban is still active until ", ftos(ban_expire[i] - time), " seconds from now");
+ }
// and enforce
reason = Ban_Enforce(i, reason);
// and abort
- if(dosync)
- if(reason != "")
- if(substring(reason, 0, 1) != "~") // like IRC: unauthenticated banner
+ if (dosync) {
+ if (reason != "") {
+ if (substring(reason, 0, 1) != "~") { // like IRC: unauthenticated banner
OnlineBanList_SendBan(ip, bantime, reason);
+ }
+ }
+ }
return false;
}
+ }
// do we have a free slot?
- for(i = 0; i < ban_count; ++i)
- if(time > ban_expire[i])
+ for (i = 0; i < ban_count; ++i) {
+ if (time > ban_expire[i]) {
break;
+ }
+ }
// no free slot? Then look for the one who would get unbanned next
- if(i >= BAN_MAX)
- {
+ if (i >= BAN_MAX) {
i = 0;
bestscore = ban_expire[i];
- for(j = 1; j < ban_count; ++j)
- {
- if(ban_expire[j] < bestscore)
- {
+ for (j = 1; j < ban_count; ++j) {
+ if (ban_expire[j] < bestscore) {
i = j;
bestscore = ban_expire[i];
}
}
// if we replace someone, will we be banned longer than him (so long-term
// bans never get overridden by short-term bans)
- if(i < ban_count)
- if(ban_expire[i] > time + bantime)
- {
- LOG_INFO(ip, " could not get banned due to no free ban slot");
- return false;
+ if (i < ban_count) {
+ if (ban_expire[i] > time + bantime) {
+ LOG_INFO(ip, " could not get banned due to no free ban slot");
+ return false;
+ }
}
// okay, insert our new victim as i
Ban_Delete(i);
reason = Ban_Enforce(i, reason);
// and abort
- if(dosync)
- if(reason != "")
- if(substring(reason, 0, 1) != "~") // like IRC: unauthenticated banner
+ if (dosync) {
+ if (reason != "") {
+ if (substring(reason, 0, 1) != "~") { // like IRC: unauthenticated banner
OnlineBanList_SendBan(ip, bantime, reason);
+ }
+ }
+ }
return true;
}
void Ban_KickBanClient(entity client, float bantime, float masksize, string reason)
{
string ip, id;
- if(!Ban_GetClientIP(client))
- {
+ if (!Ban_GetClientIP(client)) {
sprint(client, strcat("Kickbanned: ", reason, "\n"));
dropclient(client);
return;
}
// who to ban?
- switch(masksize)
- {
+ switch (masksize) {
case 1:
ip = strcat1(ban_ip1);
break;
ip = strcat1(ban_ip4);
break;
}
- if(ban_idfp)
+ if (ban_idfp) {
id = strcat1(ban_idfp);
- else
+ } else {
id = string_null;
+ }
Ban_Insert(ip, bantime, reason, 1);
- if(id)
+ if (id) {
Ban_Insert(id, bantime, reason, 1);
+ }
/*
* not needed, as we enforce the ban in Ban_Insert anyway
// and kick him