From e123245200cb6619467b8859c488b39f9cb2f38f Mon Sep 17 00:00:00 2001
From: BobTheBob <32057864+BobTheBob9@users.noreply.github.com>
Date: Thu, 30 Dec 2021 18:09:36 +0000
Subject: move to server auth token system for verifying gameserver auth
 messages, rather than ip

---
 NorthstarDedicatedTest/masterserver.cpp         |  5 ++++-
 NorthstarDedicatedTest/masterserver.h           |  1 +
 NorthstarDedicatedTest/miscclientfixes.cpp      |  6 ++++++
 NorthstarDedicatedTest/serverauthentication.cpp | 18 +++++++++---------
 4 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/NorthstarDedicatedTest/masterserver.cpp b/NorthstarDedicatedTest/masterserver.cpp
index c4f576e3..e8ed3327 100644
--- a/NorthstarDedicatedTest/masterserver.cpp
+++ b/NorthstarDedicatedTest/masterserver.cpp
@@ -637,6 +637,7 @@ void MasterServerManager::AddSelfToServerList(int port, int authPort, char* name
 	std::thread requestThread([this, port, authPort, strName, strDescription, strMap, strPlaylist, maxPlayers, strPassword]
 		{
 			m_ownServerId[0] = 0;
+			m_ownServerAuthToken[0] = 0;
 
 			// build modinfo obj
 			rapidjson::Document modinfoDoc;
@@ -733,7 +734,7 @@ void MasterServerManager::AddSelfToServerList(int port, int authPort, char* name
 					goto REQUEST_END_CLEANUP;
 				}
 
-				if (!serverAddedJson.HasMember("id") || !serverAddedJson["id"].IsString())
+				if (!serverAddedJson.HasMember("id") || !serverAddedJson["id"].IsString() || !serverAddedJson.HasMember("serverAuthToken") || !serverAddedJson["serverAuthToken"].IsString())
 				{
 					spdlog::error("Failed reading masterserver response: malformed json object");
 					goto REQUEST_END_CLEANUP;
@@ -742,6 +743,8 @@ void MasterServerManager::AddSelfToServerList(int port, int authPort, char* name
 				strncpy(m_ownServerId, serverAddedJson["id"].GetString(), sizeof(m_ownServerId));
 				m_ownServerId[sizeof(m_ownServerId) - 1] = 0;
 
+				strncpy(m_ownServerAuthToken, serverAddedJson["serverAuthToken"].GetString(), sizeof(m_ownServerAuthToken));
+				m_ownServerAuthToken[sizeof(m_ownServerAuthToken) - 1] = 0;
 
 				// heartbeat thread
 				// ideally this should actually be done in main thread, rather than on it's own thread, so it'd stop if server freezes
diff --git a/NorthstarDedicatedTest/masterserver.h b/NorthstarDedicatedTest/masterserver.h
index 9b55adda..1c57904b 100644
--- a/NorthstarDedicatedTest/masterserver.h
+++ b/NorthstarDedicatedTest/masterserver.h
@@ -71,6 +71,7 @@ private:
 
 public:
 	char m_ownServerId[33];
+	char m_ownServerAuthToken[33];
 	char m_ownClientAuthToken[33];
 
 	bool m_bOriginAuthWithMasterServerDone = false;
diff --git a/NorthstarDedicatedTest/miscclientfixes.cpp b/NorthstarDedicatedTest/miscclientfixes.cpp
index d9fab647..dc68d18c 100644
--- a/NorthstarDedicatedTest/miscclientfixes.cpp
+++ b/NorthstarDedicatedTest/miscclientfixes.cpp
@@ -37,4 +37,10 @@ void InitialiseMiscClientFixes(HMODULE baseAddress)
 	// will say i have about 0 clue what exactly these functions do, testing this it doesn't even seem like they do much of anything i can see tbh
 	ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x5A92D0, &CrashingWeaponActivityFunc0Hook, reinterpret_cast<LPVOID*>(&CrashingWeaponActivityFunc0));
 	ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x5A9310, &CrashingWeaponActivityFunc1Hook, reinterpret_cast<LPVOID*>(&CrashingWeaponActivityFunc1));
+
+	// experimental: allow cl_extrapolate to be enabled without cheats
+	{
+		void* ptr = (char*)baseAddress + 0x275F9D9;
+		*((char*)ptr) = (char)0;
+	}
 }
\ No newline at end of file
diff --git a/NorthstarDedicatedTest/serverauthentication.cpp b/NorthstarDedicatedTest/serverauthentication.cpp
index 5351dfdc..32eb67fc 100644
--- a/NorthstarDedicatedTest/serverauthentication.cpp
+++ b/NorthstarDedicatedTest/serverauthentication.cpp
@@ -68,15 +68,15 @@ void ServerAuthenticationManager::StartPlayerAuthServer()
 
 			m_playerAuthServer.Post("/authenticate_incoming_player", [this](const httplib::Request& request, httplib::Response& response) {
 					// can't just do request.remote_addr == Cvar_ns_masterserver_hostname->m_pszString because the cvar can be a url, gotta resolve an ip from it for comparisons
-					unsigned long remoteAddr = inet_addr(request.remote_addr.c_str());
-
-					char* addrPtr = Cvar_ns_masterserver_hostname->m_pszString;
-					char* typeStart = strstr(addrPtr, "://");
-					if (typeStart)
-						addrPtr = typeStart + 3;
-					hostent* resolvedRemoteAddr = gethostbyname((const char*)addrPtr);
-
-					if (!request.has_param("id") || !request.has_param("authToken") || request.body.size() >= 65335 || !resolvedRemoteAddr || ((in_addr**)resolvedRemoteAddr->h_addr_list)[0]->S_un.S_addr != remoteAddr)
+					//unsigned long remoteAddr = inet_addr(request.remote_addr.c_str());
+					//
+					//char* addrPtr = Cvar_ns_masterserver_hostname->m_pszString;
+					//char* typeStart = strstr(addrPtr, "://");
+					//if (typeStart)
+					//	addrPtr = typeStart + 3;
+					//hostent* resolvedRemoteAddr = gethostbyname((const char*)addrPtr);
+
+					if (!request.has_param("id") || !request.has_param("authToken") || request.body.size() >= 65335 || !request.has_param("serverAuthToken") || strcmp(g_MasterServerManager->m_ownServerAuthToken, request.get_param_value("serverAuthToken").c_str()))// || !resolvedRemoteAddr || ((in_addr**)resolvedRemoteAddr->h_addr_list)[0]->S_un.S_addr != remoteAddr)
 					{
 						response.set_content("{\"success\":false}", "application/json");
 						return;
-- 
cgit v1.2.3