Techwizz/pvpgn-server
1
0
Fork 0
Code Issues 68 Pull requests 2 Projects Releases 8 Packages Wiki Activity Actions

WOL Improvements #480

Closed
Sora012 wants to merge 1 commit from develop into develop
pull from: develop
merge into: Techwizz:develop
Conversation 4 Commits 1 Files changed 3 +69 -4
Sora012 commented 2023-05-13 13:26:56 -06:00 (Migrated from github.com)
Copy link

ADD: WOL server paging works via servername, or hostname for commands ("/page servername /command arg1 arg2")
ADD: WOL password changes with "/chpass" from WOL Clients (Password change via server paging is more secure than in a public chat channel where anyone can see it)
Fixed: WOL renegade clients thinking they are still ingame after leaving.
Fixed: WOL renegade dedicated server having additional issues with connection.

ADD: WOL server paging works via servername, or hostname for commands ("/page servername /command arg1 arg2") ADD: WOL password changes with "/chpass" from WOL Clients (Password change via server paging is more secure than in a public chat channel where anyone can see it) Fixed: WOL renegade clients thinking they are still ingame after leaving. Fixed: WOL renegade dedicated server having additional issues with connection.
behod commented 2023-08-11 06:58:10 -06:00 (Migrated from github.com)
Copy link

Hi i cant connection my server is anyone is 1000ms can you help me?
Uploading QQ截图20230810205732.png…

Hi i cant connection my server is anyone is 1000ms can you help me? ![Uploading QQ截图20230810205732.png…]()
behod commented 2023-08-11 06:58:44 -06:00 (Migrated from github.com)
Copy link

QQ截图20230810205732

![QQ截图20230810205732](https://github.com/pvpgn/pvpgn-server/assets/141982314/104a76cd-ad25-408e-bc93-7cb924c42e59)
Sora012 commented 2024-02-20 03:48:19 -07:00 (Migrated from github.com)
Copy link

This commit has an issue that I've already fixed but not published related and is that a client can take the name of the hostname/servername (8 characters for WOL limit) and then steal passwords when being private messaged (e.g. "/page hostname /chpass password"). I'd recommend adding the code below to account.cpp

				if ((strcasecmp(username, "matchbot") == 0) || (strncasecmp(username, prefs_get_servername(), 8) == 0) || (strcasecmp(username, prefs_get_servername()) == 0) || (strncasecmp(username, prefs_get_hostname(), 8) == 0) || (strcasecmp(username, prefs_get_hostname()) == 0)) {
					eventlog(eventlog_level_debug, __FUNCTION__, "user \"{}\" matches protected username account creation failed", username);
					goto err;
				}

Leaving this here for anyone who decides to use this commit.

This commit has an issue that I've already fixed but not published related and is that a client can take the name of the hostname/servername (8 characters for WOL limit) and then steal passwords when being private messaged (e.g. "/page hostname /chpass password"). I'd recommend adding the code below to [account.cpp](https://github.com/pvpgn/pvpgn-server/blob/develop/src/bnetd/account.cpp#L143) ``` if ((strcasecmp(username, "matchbot") == 0) || (strncasecmp(username, prefs_get_servername(), 8) == 0) || (strcasecmp(username, prefs_get_servername()) == 0) || (strncasecmp(username, prefs_get_hostname(), 8) == 0) || (strcasecmp(username, prefs_get_hostname()) == 0)) { eventlog(eventlog_level_debug, __FUNCTION__, "user \"{}\" matches protected username account creation failed", username); goto err; } ``` Leaving this here for anyone who decides to use this commit.
👍 1
Sora012 commented 2024-02-28 03:01:10 -07:00 (Migrated from github.com)
Copy link

Sorry! Just bumping this, I made a mistake with the original line (I was very tired) and I have fixed it and you should be using || not && for each portion of that line, also removed unneeded length checks. I've triple and quad checked this on my end and I'm always denied login unless an account already exists.

Double check you have no "matchbot" or servername/hostname accounts in your user folders. If you do, delete them. They'll allow login if they do exist. I'm also closing this, and will be updating my fork at a later time with more changes.

Sorry! Just bumping this, I made a mistake with the original line (I was very tired) and I have fixed it and you should be using || not && for each portion of that line, also removed unneeded length checks. I've triple and quad checked this on my end and I'm always denied login unless an account already exists. Double check you have no "matchbot" or servername/hostname accounts in your user folders. If you do, delete them. They'll allow login if they do exist. I'm also closing this, and will be updating my fork at a later time with more changes.

Pull request closed

Please reopen this pull request to perform a merge.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

   
duplicate

   
enhancement

   
help wanted

   
in progress...

   
information

   
invalid

   
not enough info

   
priority high

   
priority low

   
priority normal

   
question

   
request

   
research

   
wontfix
No labels
bug
duplicate
enhancement
help wanted
in progress...
information
invalid
not enough info
priority high
priority low
priority normal
question
request
research
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: Techwizz/pvpgn-server#480
No description provided.
Delete branch "develop"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?