From 9ca44082a1e78b790ca03c36cb1f877f311102f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20M=C3=BCller?= Date: Tue, 24 Oct 2023 20:09:57 +0200 Subject: [PATCH] Add constants for username/password lengths Ensure server password can exactly fit username and password separated by colon, so there is no discrepancy where some passwords work in rcon but not for reserved slots. --- src/engine/client/client.h | 6 +++--- src/engine/server/authmanager.h | 4 +++- src/engine/shared/config_variables.h | 12 ++++++------ src/engine/shared/protocol.h | 6 ++++++ 4 files changed, 18 insertions(+), 10 deletions(-) diff --git a/src/engine/client/client.h b/src/engine/client/client.h index c527c084998..62e98282dcc 100644 --- a/src/engine/client/client.h +++ b/src/engine/client/client.h @@ -111,10 +111,10 @@ class CClient : public IClient, public CDemoPlayer::IListener int m_aAckGameTick[NUM_DUMMIES]; int m_aCurrentRecvTick[NUM_DUMMIES]; int m_aRconAuthed[NUM_DUMMIES]; - char m_aRconUsername[32]; - char m_aRconPassword[128]; + char m_aRconUsername[MAX_RCON_USERNAME_LENGTH]; + char m_aRconPassword[MAX_RCON_PASSWORD_LENGTH]; int m_UseTempRconCommands; - char m_aPassword[128]; + char m_aPassword[MAX_SERVER_PASSWORD_LENGTH]; bool m_SendPassword; bool m_ButtonRender = false; diff --git a/src/engine/server/authmanager.h b/src/engine/server/authmanager.h index 9845100e8e2..76eb899a658 100644 --- a/src/engine/server/authmanager.h +++ b/src/engine/server/authmanager.h @@ -5,6 +5,8 @@ #include +#include + #define SALT_BYTES 8 class CAuthManager @@ -12,7 +14,7 @@ class CAuthManager private: struct CKey { - char m_aIdent[64]; + char m_aIdent[MAX_RCON_USERNAME_LENGTH]; MD5_DIGEST m_Pw; unsigned char m_aSalt[SALT_BYTES]; int m_Level; diff --git a/src/engine/shared/config_variables.h b/src/engine/shared/config_variables.h index 66d518a6d47..e31cd62427a 100644 --- a/src/engine/shared/config_variables.h +++ b/src/engine/shared/config_variables.h @@ -10,7 +10,7 @@ MACRO_CONFIG_STR(PlayerName, player_name, 16, "", CFGFLAG_SAVE | CFGFLAG_CLIENT MACRO_CONFIG_STR(PlayerClan, player_clan, 12, "", CFGFLAG_SAVE | CFGFLAG_CLIENT | CFGFLAG_INSENSITIVE, "Clan of the player") MACRO_CONFIG_INT(PlayerCountry, player_country, -1, -1, 1000, CFGFLAG_SAVE | CFGFLAG_CLIENT | CFGFLAG_INSENSITIVE, "Country of the player") -MACRO_CONFIG_STR(Password, password, 128, "", CFGFLAG_CLIENT | CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Password to the server") +MACRO_CONFIG_STR(Password, password, MAX_SERVER_PASSWORD_LENGTH, "", CFGFLAG_CLIENT | CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Password to the server") MACRO_CONFIG_INT(Events, events, 1, 0, 1, CFGFLAG_SAVE | CFGFLAG_CLIENT | CFGFLAG_SERVER, "Enable triggering of events, (eye emotes on some holidays in server, christmas skins in client).") MACRO_CONFIG_STR(SteamName, steam_name, 16, "", CFGFLAG_SAVE | CFGFLAG_CLIENT, "Last seen name of the Steam profile") @@ -159,9 +159,9 @@ MACRO_CONFIG_INT(SvHighBandwidth, sv_high_bandwidth, 0, 0, 1, CFGFLAG_SERVER, "U MACRO_CONFIG_STR(SvRegister, sv_register, 16, "1", CFGFLAG_SERVER, "Register server with master server for public listing, can also accept a comma-separated list of protocols to register on, like 'ipv4,ipv6'") MACRO_CONFIG_STR(SvRegisterExtra, sv_register_extra, 256, "", CFGFLAG_SERVER, "Extra headers to send to the register endpoint, comma separated 'Header: Value' pairs") MACRO_CONFIG_STR(SvRegisterUrl, sv_register_url, 128, "https://master1.ddnet.org/ddnet/15/register", CFGFLAG_SERVER, "Masterserver URL to register to") -MACRO_CONFIG_STR(SvRconPassword, sv_rcon_password, 128, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Remote console password (full access)") -MACRO_CONFIG_STR(SvRconModPassword, sv_rcon_mod_password, 128, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Remote console password for moderators (limited access)") -MACRO_CONFIG_STR(SvRconHelperPassword, sv_rcon_helper_password, 128, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Remote console password for helpers (limited access)") +MACRO_CONFIG_STR(SvRconPassword, sv_rcon_password, MAX_RCON_PASSWORD_LENGTH, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Remote console password (full access)") +MACRO_CONFIG_STR(SvRconModPassword, sv_rcon_mod_password, MAX_RCON_PASSWORD_LENGTH, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Remote console password for moderators (limited access)") +MACRO_CONFIG_STR(SvRconHelperPassword, sv_rcon_helper_password, MAX_RCON_PASSWORD_LENGTH, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Remote console password for helpers (limited access)") MACRO_CONFIG_INT(SvRconMaxTries, sv_rcon_max_tries, 30, 0, 100, CFGFLAG_SERVER, "Maximum number of tries for remote console authentication") MACRO_CONFIG_INT(SvRconBantime, sv_rcon_bantime, 5, 0, 1440, CFGFLAG_SERVER, "The time a client gets banned if remote console authentication fails. 0 makes it just use kick") MACRO_CONFIG_INT(SvAutoDemoRecord, sv_auto_demo_record, 0, 0, 1, CFGFLAG_SERVER, "Automatically record demos") @@ -185,7 +185,7 @@ MACRO_CONFIG_INT(SvSkillLevel, sv_skill_level, 1, SERVERINFO_LEVEL_MIN, SERVERIN MACRO_CONFIG_STR(EcBindaddr, ec_bindaddr, 128, "localhost", CFGFLAG_ECON, "Address to bind the external console to. Anything but 'localhost' is dangerous") MACRO_CONFIG_INT(EcPort, ec_port, 0, 0, 0, CFGFLAG_ECON, "Port to use for the external console") -MACRO_CONFIG_STR(EcPassword, ec_password, 128, "", CFGFLAG_ECON, "External console password") +MACRO_CONFIG_STR(EcPassword, ec_password, MAX_ECON_PASSWORD_LENGTH, "", CFGFLAG_ECON, "External console password") MACRO_CONFIG_INT(EcBantime, ec_bantime, 0, 0, 1440, CFGFLAG_ECON, "The time a client gets banned if econ authentication fails. 0 just closes the connection") MACRO_CONFIG_INT(EcAuthTimeout, ec_auth_timeout, 30, 1, 120, CFGFLAG_ECON, "Time in seconds before the the econ authentication times out") MACRO_CONFIG_INT(EcOutputLevel, ec_output_level, 0, -3, 2, CFGFLAG_ECON, "Adjusts the amount of information in the external console (-3 = none, -2 = error only, -1 = warn, 0 = info, 1 = debug, 2 = trace)") @@ -204,7 +204,7 @@ MACRO_CONFIG_INT(HttpAllowInsecure, http_allow_insecure, 0, 0, 1, CFGFLAG_CLIENT // DDRace MACRO_CONFIG_STR(SvWelcome, sv_welcome, 64, "", CFGFLAG_SERVER, "Message that will be displayed to players who join the server") MACRO_CONFIG_INT(SvReservedSlots, sv_reserved_slots, 0, 0, MAX_CLIENTS, CFGFLAG_SERVER, "The number of slots that are reserved for special players") -MACRO_CONFIG_STR(SvReservedSlotsPass, sv_reserved_slots_pass, 128, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "The password that is required to use a reserved slot") +MACRO_CONFIG_STR(SvReservedSlotsPass, sv_reserved_slots_pass, MAX_SERVER_PASSWORD_LENGTH, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "The password that is required to use a reserved slot") MACRO_CONFIG_INT(SvReservedSlotsAuthLevel, sv_reserved_slots_auth_level, 1, 1, 4, CFGFLAG_SERVER, "Minimum rcon auth level needed to use a reserved slot. 4 = rcon auth disabled") MACRO_CONFIG_INT(SvHit, sv_hit, 1, 0, 1, CFGFLAG_SERVER | CFGFLAG_GAME, "Whether players can hammer/grenade/laser each other or not") MACRO_CONFIG_INT(SvEndlessDrag, sv_endless_drag, 0, 0, 1, CFGFLAG_SERVER | CFGFLAG_GAME, "Turns endless hooking on/off") diff --git a/src/engine/shared/protocol.h b/src/engine/shared/protocol.h index 6c00a487bd7..26189e093fe 100644 --- a/src/engine/shared/protocol.h +++ b/src/engine/shared/protocol.h @@ -96,6 +96,12 @@ enum MAX_NAME_LENGTH = 16, MAX_CLAN_LENGTH = 12, + MAX_RCON_USERNAME_LENGTH = 32, + MAX_RCON_PASSWORD_LENGTH = 128, + // Server password should fit rcon username and password separated by colon and zero-termination + MAX_SERVER_PASSWORD_LENGTH = MAX_RCON_USERNAME_LENGTH + 1 + MAX_RCON_PASSWORD_LENGTH + 1, + MAX_ECON_PASSWORD_LENGTH = 128, + // message packing MSGFLAG_VITAL = 1, MSGFLAG_FLUSH = 2,