~ubuntu-branches/debian/squeeze/openttd/squeeze

« back to all changes in this revision

Viewing changes to src/network/network_server.cpp

Committer: Bazaar Package Importer
Author(s): Matthijs Kooijman
Date: 2008-08-08 11:07:05 UTC
mfrom: (1.1.4 upstream) (2.1.1 lenny)
Revision ID: james.westby@ubuntu.com-20080808110705-zq0eo95c4pexg70i

http://bugs.debian.org/493714

* New upstream release.
- Fixes remote crash vulnerability CVE-2008-3547. Closes: #493714

files removed:
bin/data/generictrams_v0.4.grf

files modified:
changelog.txt

config.lib

debian/README.Debian

debian/changelog

debian/config

debian/control

debian/rules

docs/openttd.6

known-bugs.txt

os/debian/changelog

os/win32/installer/install.nsi

projects/determineversion.vbs

readme.txt

src/ai/ai.cpp

src/aircraft_cmd.cpp

src/articulated_vehicles.cpp

src/autoreplace_cmd.cpp

src/blitter/factory.hpp

src/bridge.h

src/command_type.h

src/console_cmds.cpp

src/depot_gui.cpp

src/economy.cpp

src/economy_type.h

src/elrail.cpp

src/engine_gui.cpp

src/fileio.cpp

src/fileio.h

src/fios.cpp

src/fios.h

src/fontcache.cpp

src/genworld_gui.cpp

src/gfx.cpp

src/gfx_type.h

src/industry_cmd.cpp

src/landscape.cpp

src/lang/brazilian_portuguese.txt

src/lang/bulgarian.txt

src/lang/catalan.txt

src/lang/croatian.txt

src/lang/czech.txt

src/lang/danish.txt

src/lang/dutch.txt

src/lang/english.txt

src/lang/estonian.txt

src/lang/finnish.txt

src/lang/french.txt

src/lang/galician.txt

src/lang/icelandic.txt

src/lang/italian.txt

src/lang/korean.txt

src/lang/piglatin.txt

src/lang/portuguese.txt

src/lang/romanian.txt

src/lang/russian.txt

src/lang/simplified_chinese.txt

src/lang/slovak.txt

src/lang/slovenian.txt

src/lang/spanish.txt

src/lang/swedish.txt

src/lang/traditional_chinese.txt

src/lang/turkish.txt

src/lang/ukrainian.txt

src/misc_cmd.cpp

src/misc_gui.cpp

src/mixer.cpp

src/network/core/config.h

src/network/network.cpp

src/network/network_client.cpp

src/network/network_server.cpp

src/network/network_udp.cpp

src/newgrf.cpp

src/newgrf_cargo.cpp

src/newgrf_config.h

src/newgrf_engine.cpp

src/newgrf_house.cpp

src/newgrf_industries.cpp

src/newgrf_station.cpp

src/oldloader.cpp

src/openttd.cpp

src/order_gui.cpp

src/ottdres.rc.in

src/player_gui.cpp

src/player_type.h

src/players.cpp

src/rail_cmd.cpp

src/rev.cpp.in

src/road_cmd.cpp

src/roadveh_cmd.cpp

src/roadveh_gui.cpp

src/saveload.cpp

src/settings.cpp

src/ship_cmd.cpp

src/signal.cpp

src/slope_func.h

src/spritecache.cpp

src/spriteloader/png.cpp

src/terraform_gui.cpp

src/town_cmd.cpp

src/train.h

src/train_cmd.cpp

src/tunnelbridge_cmd.cpp

src/vehicle.cpp

src/vehicle_func.h

src/vehicle_gui.cpp

src/win32.cpp

Show diffs side-by-side

added added

removed removed

src/network/network_server.cpp

/* $Id: network_server.cpp 11920 2008-01-18 21:25:18Z glx $ */

/* $Id: network_server.cpp 13827 2008-07-25 19:54:14Z rubidium $ */

#ifdef ENABLE_NETWORK

// uint16: The index of the client (always unique on a server. 1 = server)

// uint8: As which player the client is playing

// String: The name of the client

// String: The unique id of the client

if (ci->client_index != NETWORK_EMPTY_INDEX) {

p->Send_uint16(ci->client_index);

p->Send_uint8 (ci->client_playas);

p->Send_string(ci->client_name);

p->Send_string(ci->unique_id);

cs->Send_Packet(p);

}

609

607

610

608

DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_NEWGRFS_CHECKED)

611

609

{

610

if (cs->status != STATUS_INACTIVE) {

611

/* Illegal call, return error and ignore the packet */

612

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED);

613

return;

614

}

615

612

616

NetworkClientInfo *ci = DEREF_CLIENT_INFO(cs);

613

617

614

618

/* We now want a password from the client else we do not allow him in! */

625

629

626

630

DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_JOIN)

627

631

{

632

if (cs->status != STATUS_INACTIVE) {

633

/* Illegal call, return error and ignore the packet */

634

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED);

635

return;

636

}

637

628

638

char name[NETWORK_CLIENT_NAME_LENGTH];

629

639

char unique_id[NETWORK_UNIQUE_ID_LENGTH];

630

640

NetworkClientInfo *ci;

634

644

635

645

p->Recv_string(client_revision, sizeof(client_revision));

636

646

637

#if defined(WITH_REV) || defined(WITH_REV_HACK)

638

647

// Check if the client has revision control enabled

639

648

if (!IsNetworkCompatibleVersion(client_revision)) {

640

649

// Different revisions!!

641

650

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_WRONG_REVISION);

642

651

return;

643

652

}

644

#endif

645

653

646

654

p->Recv_string(name, sizeof(name));

647

655

playas = (Owner)p->Recv_uint8();

889

897

* to match the player in the packet. If it doesn't, the client has done

890

898

* something pretty naughty (or a bug), and will be kicked

891

899

892

if (!(cp->cmd == CMD_PLAYER_CTRL && cp->p1 == 0) && ci->client_playas != cp->player) {

900

if (!(cp->cmd == CMD_PLAYER_CTRL && cp->p1 == 0 && ci->client_playas == PLAYER_NEW_COMPANY) && ci->client_playas != cp->player) {

893

901

IConsolePrintF(_icolour_err, "WARNING: player %d (IP: %s) tried to execute a command as player %d, kicking...",

894

902

ci->client_playas + 1, GetPlayerIP(ci), cp->player + 1);

895

903

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_PLAYER_MISMATCH);

1009

1017

1010

1018

DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_ACK)

1011

1019

{

1020

if (cs->status < STATUS_AUTH) {

1021

/* Illegal call, return error and ignore the packet */

1022

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_AUTHORIZED);

1023

return;

1024

}

1025

1012

1026

uint32 frame = p->Recv_uint32();

1013

1027

1014

1028

/* The client is trying to catch up with the server */

1137

1151

1138

1152

DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_CHAT)

1139

1153

{

1154

if (cs->status < STATUS_AUTH) {

1155

/* Illegal call, return error and ignore the packet */

1156

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_AUTHORIZED);

1157

return;

1158

}

1159

1140

1160

NetworkAction action = (NetworkAction)p->Recv_uint8();

1141

1161

DestType desttype = (DestType)p->Recv_uint8();

1142

1162

int dest = p->Recv_uint16();

1144

1164

1145

1165

p->Recv_string(msg, MAX_TEXT_MSG_LEN);

1146

1166

1147

NetworkServer_HandleChat(action, desttype, dest, msg, cs->index);

1167

const NetworkClientInfo *ci = DEREF_CLIENT_INFO(cs);

1168

switch (action) {

1169

case NETWORK_ACTION_GIVE_MONEY:

1170

if (!IsValidPlayer(ci->client_playas)) break;

1171

/* Fall-through */

1172

case NETWORK_ACTION_CHAT:

1173

case NETWORK_ACTION_CHAT_CLIENT:

1174

case NETWORK_ACTION_CHAT_COMPANY:

1175

NetworkServer_HandleChat(action, desttype, dest, msg, cs->index);

1176

break;

1177

default:

1178

IConsolePrintF(_icolour_err, "WARNING: invalid chat action from client %d (IP: %s).", ci->client_index, GetPlayerIP(ci));

1179

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED);

1180

break;

1181

}

1148

1182

}

1149

1183

1150

1184

DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_SET_PASSWORD)

1151

1185

{

1186

if (cs->status != STATUS_ACTIVE) {

1187

/* Illegal call, return error and ignore the packet */

1188

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED);

1189

return;

1190

}

1191

1152

1192

char password[NETWORK_PASSWORD_LENGTH];

1153

1193

const NetworkClientInfo *ci;

1154

1194

1162

1202

1163

1203

DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_SET_NAME)

1164

1204

{

1205

if (cs->status != STATUS_ACTIVE) {

1206

/* Illegal call, return error and ignore the packet */

1207

SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED);

1208

return;

1209

}

1210

1165

1211

char client_name[NETWORK_CLIENT_NAME_LENGTH];

1166

1212

NetworkClientInfo *ci;

1167

1213

Older »