]> git.rm.cloudns.org Git - xonotic/darkplaces.git/commitdiff
clean up rcon_secure checks
authordivverent <divverent@d7cf8633-e32d-0410-b094-e92efae38249>
Sun, 18 Oct 2009 19:53:06 +0000 (19:53 +0000)
committerdivverent <divverent@d7cf8633-e32d-0410-b094-e92efae38249>
Sun, 18 Oct 2009 19:53:06 +0000 (19:53 +0000)
git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@9350 d7cf8633-e32d-0410-b094-e92efae38249

cvar.c
host_cmd.c

diff --git a/cvar.c b/cvar.c
index 3db048c037013260683675652329875e0d924758..822f6e5e6266a0920743fe09d5434bbedd4ba26d 100644 (file)
--- a/cvar.c
+++ b/cvar.c
@@ -299,7 +299,7 @@ void Cvar_SetQuick_Internal (cvar_t *var, const char *value)
                        // whenever rcon_secure is changed to 0, clear rcon_password for
                        // security reasons (prevents a send-rcon-password-as-plaintext
                        // attack based on NQ protocol session takeover and svc_stufftext)
-                       if(!var->integer)
+                       if(var->integer <= 0)
                                Cvar_Set("rcon_password", "");
                }
                else if (!strcmp(var->name, "net_slist_favorites"))
index 5c1f0969d90e16558938df19c185739895a1e628..620c1e445d6b3f5379685ea67db344cd4509f71e 100644 (file)
@@ -514,7 +514,7 @@ void Host_Connect_f (void)
                return;
        }
        // clear the rcon password, to prevent vulnerability by stuffcmd-ing a connect command
-       if(!rcon_secure.integer)
+       if(rcon_secure.integer <= 0)
                Cvar_SetQuick(&rcon_password, "");
        CL_EstablishConnection(Cmd_Argv(1));
 }
@@ -2349,7 +2349,7 @@ void Host_PQRcon_f (void)
        lhnetsocket_t *mysocket;
        char peer_address[64];
 
-       if (!rcon_password.string || !rcon_password.string[0] || rcon_secure.integer)
+       if (!rcon_password.string || !rcon_password.string[0] || rcon_secure.integer > 0)
        {
                Con_Printf ("You must set rcon_password before issuing an pqrcon command, and rcon_secure must be 0.\n");
                return;
@@ -2462,7 +2462,7 @@ void Host_Rcon_f (void) // credit: taken from QuakeWorld
                        cls.rcon_timeout[cls.rcon_ringpos] = realtime + rcon_secure_challengetimeout.value;
                        cls.rcon_ringpos = (cls.rcon_ringpos + 1) % MAX_RCONS;
                }
-               else if(rcon_secure.integer)
+               else if(rcon_secure.integer > 0)
                {
                        char buf[1500];
                        char argbuf[1500];