X-Git-Url: http://git.xonotic.org/?a=blobdiff_plain;f=crypto.c;h=e503102ec94564a8e5efe8c557602bd65bb1ac74;hb=a3b143074957e3a4c4ddf46121cbd1d88acbb1d1;hp=ce1741822eee4e2504bc78f79da4b5f3bcdb84f4;hpb=abd5d8ed68383e3a5a29be01e1f65526c41f3ab2;p=xonotic%2Fdarkplaces.git diff --git a/crypto.c b/crypto.c index ce174182..e503102e 100644 --- a/crypto.c +++ b/crypto.c @@ -778,8 +778,6 @@ void Crypto_LoadKeys(void) Host_LockSession(); // we use the session ID here - SV_LockThreadMutex(); - // load keys // note: we are just a CLIENT // so we load: @@ -874,16 +872,12 @@ void Crypto_LoadKeys(void) } if(crypto_keyfp_recommended_length < 7) crypto_keyfp_recommended_length = 7; - - SV_UnlockThreadMutex(); } static void Crypto_UnloadKeys(void) { int i; - SV_LockThreadMutex(); - keygen_i = -1; for(i = 0; i < MAX_PUBKEYS; ++i) { @@ -896,8 +890,6 @@ static void Crypto_UnloadKeys(void) challenge_append_length = 0; } crypto_idstring = NULL; - - SV_UnlockThreadMutex(); } static mempool_t *cryptomempool; @@ -2025,7 +2017,7 @@ int Crypto_ClientParsePacket(const char *data_in, size_t len_in, char *data_out, { int wantserverid = -1; Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL); - if(!crypto || !crypto->authenticated) + if(!crypto || !crypto->authenticated) // we ALSO get here if we are using an encrypted connection, so let's rule this out { if(wantserverid >= 0) return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present"); @@ -2034,11 +2026,33 @@ int Crypto_ClientParsePacket(const char *data_in, size_t len_in, char *data_out, } return CRYPTO_NOMATCH; } - else if (len_in >= 1 && string[0] == 'j' && cls.connect_trying && d0_rijndael_dll && crypto_aeslevel.integer >= 3) + else if (len_in >= 1 && string[0] == 'j' && cls.connect_trying && d0_rijndael_dll) { int wantserverid = -1; Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL); - if(!crypto || !crypto->authenticated) + //if(!crypto || !crypto->authenticated) + { + if(wantserverid >= 0) + return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present"); + if(crypto_aeslevel.integer >= 3) + return Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)"); + } + return CRYPTO_NOMATCH; + } + else if (len_in >= 5 && BuffLittleLong((unsigned char *) string) == ((int)NETFLAG_CTL | (int)len_in)) + { + int wantserverid = -1; + + // these three are harmless + if(string[4] == CCREP_SERVER_INFO) + return CRYPTO_NOMATCH; + if(string[4] == CCREP_PLAYER_INFO) + return CRYPTO_NOMATCH; + if(string[4] == CCREP_RULE_INFO) + return CRYPTO_NOMATCH; + + Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL); + //if(!crypto || !crypto->authenticated) { if(wantserverid >= 0) return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");