diff options
| author | Darkelarious <darkelarious@333networks.com> | 2017-07-06 12:21:45 +0200 |
|---|---|---|
| committer | Darkelarious <darkelarious@333networks.com> | 2017-07-06 12:21:45 +0200 |
| commit | e0d727670cbeda0db0812c5c9efc503d75f8d0a4 (patch) | |
| tree | 3c4a5c2aa2b065e5458ea30e86c30ed30f7bac8d /lib/MasterServer/Core | |
| parent | 34a2c7390ea9662d33258d384e72fff1912343ff (diff) | |
| download | MasterServer-Perl-e0d727670cbeda0db0812c5c9efc503d75f8d0a4.tar.gz MasterServer-Perl-e0d727670cbeda0db0812c5c9efc503d75f8d0a4.zip | |
Support for \status\ query, deprecated \about\ query
Diffstat (limited to 'lib/MasterServer/Core')
| -rwxr-xr-x | lib/MasterServer/Core/Secure.pm | 40 | ||||
| -rwxr-xr-x | lib/MasterServer/Core/Version.pm | 4 |
2 files changed, 16 insertions, 28 deletions
diff --git a/lib/MasterServer/Core/Secure.pm b/lib/MasterServer/Core/Secure.pm index 6d05f82..125e276 100755 --- a/lib/MasterServer/Core/Secure.pm +++ b/lib/MasterServer/Core/Secure.pm @@ -39,7 +39,6 @@ sub load_ciphers { # insert the game/cipher in the db or halt on error if ($self->insert_cipher(%opt) < 0) { - # failure causes a fatal error and exits $self->{dbh}->rollback; $self->halt(); } @@ -52,15 +51,12 @@ sub load_ciphers { ################################################################################ # generate a random string of 6 characters long for the \secure\ challenge -# returns string +# returns a random string, only uppercase characters ################################################################################ sub secure_string { - # generate a random string, only uppercase characters my @c = ('A'..'Z'); my $s = ""; $s .= $c[rand @c] for 1..6; - - # return random string return $s; } @@ -73,28 +69,22 @@ sub compare_challenge { # debugging enabled? Then don't care about validation return 1 if ($self->{debug_validate}); - - # secure string too long? (because vulnerable in UE) - return 0 if (length $o{secure} > 16); - + # ignore this game if asked to do so if ($self->{ignore_browser_key} =~ m/$o{gamename}/i){ $self->log("ignore", "ignored beacon validation for $o{gamename}"); return 1; } - # enctype given? - $o{enctype} = 0 unless $o{enctype}; - # calculate validate string my $val = get_validate_string( - $self->get_game_props($o{gamename})->{cipher}, + $self->get_game_props(gamename => $o{gamename})->[0]->{cipher}, $o{secure}, - $o{enctype} + $o{enctype} || 0 ); - # return whether or not they match - return ($val eq $o{validate}); + # return match or no match + return ($val eq ($o{validate} || "")); } ################################################################################ @@ -103,17 +93,15 @@ sub compare_challenge { sub validate_string { my ($self, %o) = @_; - # secure string too long? (because vulnerable in UE) - return 0 if (length $o{secure} > 16); - - # get cipher from gamename - my $cip = $self->get_game_props(lc $o{gamename})->{cipher}; - - # enctype given? - $o{enctype} = 0 unless $o{enctype}; - + # secure string too long? discard as hack. + return 0 if (length $o{secure} > 6); + # calculate and return validate string - return get_validate_string($cip, $o{secure}, $o{enctype}); + return get_validate_string( + $self->get_game_props(gamename => $o{gamename})->[0]->{cipher}, + $o{secure}, + $o{enctype} || 0 + ); } ################################################################################ diff --git a/lib/MasterServer/Core/Version.pm b/lib/MasterServer/Core/Version.pm index f87ea8d..4a49392 100755 --- a/lib/MasterServer/Core/Version.pm +++ b/lib/MasterServer/Core/Version.pm @@ -29,13 +29,13 @@ sub version { $self->{build_type} = "333networks Masterserver-Perl Multidb"; # version - $self->{build_version} = "2.3.0"; + $self->{build_version} = "2.3.1"; # short version for uplinks $self->{short_version} = "MS-perl $self->{build_version}"; # date yyyy-mm-dd - $self->{build_date} = "2017-05-13"; + $self->{build_date} = "2017-07-06"; #author, email $self->{build_author} = "Darkelarious, darkelarious\@333networks.com"; |