mirrors/OpenRCT2
1
0
Fork 0
mirror of https://github.com/OpenRCT2/OpenRCT2 synced 2026-01-17 20:13:07 +01:00
Code Issues Releases Wiki Activity

Merge pull request #3759 from janisozaur/develop

Browse Source 
Don't allow null keys
This commit is contained in:
Ted John
2016-05-27 22:01:42 +01:00
parent e1306afbf3 8e26f2c0d1
commit ccfb1c4f95
2 changed files with 24 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/network/NetworkKey.cpp
View File

@@ -92,6 +92,7 @@ bool NetworkKey::Generate()
bool NetworkKey::LoadPrivate(SDL_RWops * file)
{
assert(file != nullptr);
size_t size = (size_t)file->size(file);
if (size == (size_t)-1)
{
@@ -135,6 +136,7 @@ bool NetworkKey::LoadPrivate(SDL_RWops * file)
bool NetworkKey::LoadPublic(SDL_RWops * file)
{
assert(file != nullptr);
size_t size = (size_t)file->size(file);
if (size == (size_t)-1)
{

36
src/network/network.cpp
View File

@@ -2008,25 +2008,33 @@ void Network::Server_Handle_AUTH(NetworkConnection& connection, NetworkPacket& p
} else {
const char *signature = (const char *)packet.Read(sigsize);
SDL_RWops *pubkey_rw = SDL_RWFromConstMem(pubkey, strlen(pubkey));
connection.key.LoadPublic(pubkey_rw);
SDL_RWclose(pubkey_rw);
bool verified = connection.key.Verify(connection.challenge.data(), connection.challenge.size(), signature, sigsize);
const std::string hash = connection.key.PublicKeyHash();
if (verified) {
connection.authstatus = NETWORK_AUTH_VERIFIED;
log_verbose("Signature verification ok. Hash %s", hash.c_str());
} else {
if (pubkey_rw == nullptr) {
connection.authstatus = NETWORK_AUTH_VERIFICATIONFAILURE;
log_verbose("Signature verification failed!");
}
if (gConfigNetwork.known_keys_only && _userManager.GetUserByHash(hash) == nullptr) {
connection.authstatus = NETWORK_AUTH_UNKNOWN_KEY_DISALLOWED;
} else {
connection.key.LoadPublic(pubkey_rw);
SDL_RWclose(pubkey_rw);
bool verified = connection.key.Verify(connection.challenge.data(), connection.challenge.size(), signature, sigsize);
const std::string hash = connection.key.PublicKeyHash();
if (verified) {
connection.authstatus = NETWORK_AUTH_VERIFIED;
log_verbose("Signature verification ok. Hash %s", hash.c_str());
} else {
connection.authstatus = NETWORK_AUTH_VERIFICATIONFAILURE;
log_verbose("Signature verification failed!");
}
if (gConfigNetwork.known_keys_only && _userManager.GetUserByHash(hash) == nullptr) {
connection.authstatus = NETWORK_AUTH_UNKNOWN_KEY_DISALLOWED;
}
}
}
const NetworkGroup * group = GetGroupByID(GetGroupIDByHash(connection.key.PublicKeyHash()));
size_t actionIndex = gNetworkActions.FindCommandByPermissionName("PERMISSION_PASSWORDLESS_LOGIN");
bool passwordless = group->CanPerformAction(actionIndex);
bool passwordless = false;
if (connection.authstatus == NETWORK_AUTH_VERIFIED) {
const NetworkGroup * group = GetGroupByID(GetGroupIDByHash(connection.key.PublicKeyHash()));
size_t actionIndex = gNetworkActions.FindCommandByPermissionName("PERMISSION_PASSWORDLESS_LOGIN");
passwordless = group->CanPerformAction(actionIndex);
}
if (!gameversion || strcmp(gameversion, NETWORK_STREAM_ID) != 0) {
connection.authstatus = NETWORK_AUTH_BADVERSION;
} else