diff options
author | oy <Tom_Adams@web.de> | 2018-09-16 16:35:45 +0200 |
---|---|---|
committer | oy <Tom_Adams@web.de> | 2018-09-16 16:35:45 +0200 |
commit | 439483cef207f3e09f453c3406343a21eff7ba68 (patch) | |
tree | 67a3fad90e3f23d870dec78203953c6e4177364d | |
parent | 4c00063b2fd9c25998f3d308723e1ae65c20548d (diff) |
added a timer a client has to fulfill the challenge response authentication
-rw-r--r-- | src/engine/server/server.cpp | 17 | ||||
-rw-r--r-- | src/engine/server/server.h | 1 | ||||
-rw-r--r-- | src/engine/shared/config_variables.h | 3 |
3 files changed, 20 insertions, 1 deletions
diff --git a/src/engine/server/server.cpp b/src/engine/server/server.cpp index 8b3d9d53a..44867943e 100644 --- a/src/engine/server/server.cpp +++ b/src/engine/server/server.cpp @@ -703,6 +703,7 @@ int CServer::NewClientCallback(int ClientID, void *pUser) pThis->m_aClients[ClientID].m_CRCounter = 0; pThis->m_aClients[ClientID].m_CRCheckVal = rand()%CClient::CR_MAXVAL; pThis->m_aClients[ClientID].m_CRSuccess = false; + pThis->m_aClients[ClientID].m_ConStartTime = time_get(); pThis->m_aClients[ClientID].m_aName[0] = 0; pThis->m_aClients[ClientID].m_aClan[0] = 0; pThis->m_aClients[ClientID].m_Country = -1; @@ -1215,6 +1216,22 @@ void CServer::PumpNetwork() ProcessClientPacket(&Packet); } + // check for blocked connecting clients + if(g_Config.m_SvCRResponseTime > 0) + { + int64 Time = time_get(); + for(int i = 0; i < MAX_CLIENTS; ++i) + { + if(!m_aClients[i].m_CRSuccess && (m_aClients[i].m_State == CClient::STATE_AUTH || m_aClients[i].m_State == CClient::STATE_CONNECTING) && (Time - m_aClients[i].m_ConStartTime >= time_freq() * g_Config.m_SvCRResponseTime)) + { + if(g_Config.m_SvCRFailBantime == 0) + m_NetServer.Drop(i, "Failed challenge response (no response in time)"); + else if(g_Config.m_SvCRFailBantime > 0) + m_ServerBan.BanAddr(m_NetServer.ClientAddr(i), g_Config.m_SvCRFailBantime * 60, "Failed challenge response (no response in time)"); + } + } + } + m_ServerBan.Update(); m_Econ.Update(); } diff --git a/src/engine/server/server.h b/src/engine/server/server.h index 0bddf1def..2cc57cbfa 100644 --- a/src/engine/server/server.h +++ b/src/engine/server/server.h @@ -109,6 +109,7 @@ public: int m_CRCounter; int m_CRCheckVal; int m_CRSuccess; + int64 m_ConStartTime; int m_Latency; int m_SnapRate; diff --git a/src/engine/shared/config_variables.h b/src/engine/shared/config_variables.h index ed20d42d3..f3507861b 100644 --- a/src/engine/shared/config_variables.h +++ b/src/engine/shared/config_variables.h @@ -91,7 +91,8 @@ MACRO_CONFIG_STR(SvRconPassword, sv_rcon_password, 32, "", CFGFLAG_SERVER, "Remo MACRO_CONFIG_STR(SvRconModPassword, sv_rcon_mod_password, 32, "", CFGFLAG_SERVER, "Remote console password for moderators (limited access)") MACRO_CONFIG_INT(SvRconMaxTries, sv_rcon_max_tries, 3, 0, 100, CFGFLAG_SERVER, "Maximum number of tries for remote console authentication") MACRO_CONFIG_INT(SvRconBantime, sv_rcon_bantime, 5, 0, 1440, CFGFLAG_SERVER, "The time a client gets banned if remote console authentication fails. 0 makes it just use kick") -MACRO_CONFIG_INT(SvCRFailBantime, sv_crfail_bantime, 3, -1, 1440, CFGFLAG_SERVER, "The time a client gets banned if challenge response authentification fails. 0 makes it just use kick. -1 disables it") +MACRO_CONFIG_INT(SvCRFailBantime, sv_crfail_bantime, 3, -1, 1440, CFGFLAG_SERVER, "The time a client gets banned if challenge response authentication fails. 0 makes it just use kick. -1 disables it") +MACRO_CONFIG_INT(SvCRResponseTime, sv_crresponse_time, 2, 0, 360, CFGFLAG_SERVER, "The time in seconds a client has to complete the challenge response authentication. 0 disables it") MACRO_CONFIG_INT(SvAutoDemoRecord, sv_auto_demo_record, 0, 0, 1, CFGFLAG_SERVER, "Automatically record demos") MACRO_CONFIG_INT(SvAutoDemoMax, sv_auto_demo_max, 10, 0, 1000, CFGFLAG_SERVER, "Maximum number of automatically recorded demos (0 = no limit)") |