From 06221fab6b8ce6d922963b464854c3c4d6731995 Mon Sep 17 00:00:00 2001 From: pg9182 <96569817+pg9182@users.noreply.github.com> Date: Tue, 7 Mar 2023 19:37:42 -0500 Subject: Reject banned players during masterserver auth (#434) * Reject banned players during masterserver auth This is backwards-compatible with old masterserver versions (it will be treated as a general authentication failure). * Reword server ban message --- NorthstarDLL/server/auth/serverauthentication.cpp | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) (limited to 'NorthstarDLL/server') diff --git a/NorthstarDLL/server/auth/serverauthentication.cpp b/NorthstarDLL/server/auth/serverauthentication.cpp index 72f21d51..4d9eb19f 100644 --- a/NorthstarDLL/server/auth/serverauthentication.cpp +++ b/NorthstarDLL/server/auth/serverauthentication.cpp @@ -62,6 +62,22 @@ void ServerAuthenticationManager::StartPlayerAuthServer() return; } + uint64_t uid; + try + { + uid = std::strtoull(request.get_param_value("id").c_str(), nullptr, 10); + } + catch (std::exception const& ex) + { + response.set_content("{\"success\":false}", "application/json"); + return; + } + if (!g_pBanSystem->IsUIDAllowed(uid)) + { + response.set_content("{\"success\":false,\"reject\":\"Banned from this server.\"}", "application/json"); + return; + } + RemoteAuthData newAuthData {}; strncpy_s(newAuthData.uid, sizeof(newAuthData.uid), request.get_param_value("id").c_str(), sizeof(newAuthData.uid) - 1); strncpy_s( @@ -307,11 +323,11 @@ bool,, (R2::CBaseClient* self, char* pName, void* pNetChannel, char bFakePlayer, if (!bFakePlayer) { if (!g_pServerAuthentication->VerifyPlayerName(pNextPlayerToken, pName, pVerifiedName)) - pAuthenticationFailure = "Invalid Name."; + pAuthenticationFailure = "Invalid name."; else if (!g_pBanSystem->IsUIDAllowed(iNextPlayerUid)) - pAuthenticationFailure = "Banned From server."; + pAuthenticationFailure = "Banned from this server."; else if (!g_pServerAuthentication->CheckAuthentication(self, iNextPlayerUid, pNextPlayerToken)) - pAuthenticationFailure = "Authentication Failed."; + pAuthenticationFailure = "Authentication failed."; } else // need to copy name for bots still strncpy_s(pVerifiedName, pName, 63); -- cgit v1.2.3