From: cloudwalk Date: Wed, 1 Jul 2020 16:18:18 +0000 (+0000) Subject: Fix rcon X-Git-Url: https://git.rm.cloudns.org/?a=commitdiff_plain;h=d94b8418b64e2bd13486f2cd525522fc9615ffdb;p=xonotic%2Fdarkplaces.git Fix rcon git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@12767 d7cf8633-e32d-0410-b094-e92efae38249 --- diff --git a/cl_cmd.c b/cl_cmd.c index d17c6fda..2d00c7a5 100644 --- a/cl_cmd.c +++ b/cl_cmd.c @@ -36,10 +36,9 @@ cvar_t cl_skin = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "skin", "", "QW playe cvar_t cl_noaim = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "noaim", "1", "QW option to disable vertical autoaim"}; cvar_t cl_pmodel = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "pmodel", "0", "current player model number in nehahra"}; cvar_t r_fixtrans_auto = {CVAR_CLIENT, "r_fixtrans_auto", "0", "automatically fixtrans textures (when set to 2, it also saves the fixed versions to a fixtrans directory)"}; -cvar_t rcon_password = {CVAR_CLIENT | CVAR_SERVER | CVAR_PRIVATE, "rcon_password", "", "password to authenticate rcon commands; NOTE: changing rcon_secure clears rcon_password, so set rcon_secure always before rcon_password; may be set to a string of the form user1:pass1 user2:pass2 user3:pass3 to allow multiple user accounts - the client then has to specify ONE of these combinations"}; -cvar_t rcon_secure = {CVAR_CLIENT | CVAR_SERVER, "rcon_secure", "0", "force secure rcon authentication (1 = time based, 2 = challenge based); NOTE: changing rcon_secure clears rcon_password, so set rcon_secure always before rcon_password"}; -cvar_t rcon_secure_challengetimeout = {CVAR_CLIENT, "rcon_secure_challengetimeout", "5", "challenge-based secure rcon: time out requests if no challenge came within this time interval"}; -cvar_t rcon_address = {CVAR_CLIENT, "rcon_address", "", "server address to send rcon commands to (when not connected to a server)"}; + +extern cvar_t rcon_secure; +extern cvar_t rcon_secure_challengetimeout; /* =================== @@ -510,15 +509,6 @@ static void CL_Rcon_f(cmd_state_t *cmd) // credit: taken from QuakeWorld } } -static void CL_RCon_ClearPassword_c(cvar_t *var) -{ - // whenever rcon_secure is changed to 0, clear rcon_password for - // security reasons (prevents a send-rcon-password-as-plaintext - // attack based on NQ protocol session takeover and svc_stufftext) - if(var->integer <= 0) - Cvar_SetQuick(&rcon_password, ""); -} - /* ================== CL_FullServerinfo_f @@ -654,11 +644,6 @@ void CL_InitCommands(void) Cvar_RegisterCallback(&cl_topcolor, CL_Topcolor_c); Cvar_RegisterVariable(&cl_bottomcolor); Cvar_RegisterCallback(&cl_bottomcolor, CL_Bottomcolor_c); - Cvar_RegisterVariable(&rcon_address); - Cvar_RegisterVariable(&rcon_secure); - Cvar_RegisterCallback(&rcon_secure, CL_RCon_ClearPassword_c); - Cvar_RegisterVariable(&rcon_secure_challengetimeout); - Cvar_RegisterVariable(&rcon_password); Cvar_RegisterVariable(&r_fixtrans_auto); Cvar_RegisterVariable(&cl_team); Cvar_RegisterVariable(&cl_skin); diff --git a/console.c b/console.c index 5efad941..6bf28ec7 100644 --- a/console.c +++ b/console.c @@ -89,6 +89,11 @@ cvar_t con_completion_exec = {CVAR_CLIENT | CVAR_SAVE, "con_completion_exec", "* cvar_t condump_stripcolors = {CVAR_CLIENT | CVAR_SERVER| CVAR_SAVE, "condump_stripcolors", "0", "strip color codes from console dumps"}; +cvar_t rcon_password = {CVAR_CLIENT | CVAR_SERVER | CVAR_PRIVATE, "rcon_password", "", "password to authenticate rcon commands; NOTE: changing rcon_secure clears rcon_password, so set rcon_secure always before rcon_password; may be set to a string of the form user1:pass1 user2:pass2 user3:pass3 to allow multiple user accounts - the client then has to specify ONE of these combinations"}; +cvar_t rcon_secure = {CVAR_CLIENT | CVAR_SERVER, "rcon_secure", "0", "force secure rcon authentication (1 = time based, 2 = challenge based); NOTE: changing rcon_secure clears rcon_password, so set rcon_secure always before rcon_password"}; +cvar_t rcon_secure_challengetimeout = {CVAR_CLIENT, "rcon_secure_challengetimeout", "5", "challenge-based secure rcon: time out requests if no challenge came within this time interval"}; +cvar_t rcon_address = {CVAR_CLIENT, "rcon_address", "", "server address to send rcon commands to (when not connected to a server)"}; + int con_linewidth; int con_vislines; @@ -842,6 +847,15 @@ void Con_Clear_f(cmd_state_t *cmd) if (con_mutex) Thread_UnlockMutex(con_mutex); } +static void Con_RCon_ClearPassword_c(cvar_t *var) +{ + // whenever rcon_secure is changed to 0, clear rcon_password for + // security reasons (prevents a send-rcon-password-as-plaintext + // attack based on NQ protocol session takeover and svc_stufftext) + if(var->integer <= 0) + Cvar_SetQuick(&rcon_password, ""); +} + /* ================ Con_Init @@ -900,6 +914,12 @@ void Con_Init (void) Cvar_RegisterVariable (&condump_stripcolors); + Cvar_RegisterVariable(&rcon_address); + Cvar_RegisterVariable(&rcon_secure); + Cvar_RegisterCallback(&rcon_secure, Con_RCon_ClearPassword_c); + Cvar_RegisterVariable(&rcon_secure_challengetimeout); + Cvar_RegisterVariable(&rcon_password); + // register our commands Cmd_AddCommand(CMD_CLIENT, "toggleconsole", Con_ToggleConsole_f, "opens or closes the console"); Cmd_AddCommand(CMD_CLIENT, "messagemode", Con_MessageMode_f, "input a chat message to say to everyone");