![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to x CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Quake II] / quake2 / server|
Return to x CVS log | Up to [Quake II] / quake2 / server |
1.1 ! root 1: --- g:\quake2\code\server\sv_user.c Mon Mar 02 15:21:11 1998 ! 2: +++ sv_user.c Sun Mar 15 19:08:37 1998 ! 3: @@ -42,6 +42,7 @@ ! 4: int playernum; ! 5: edict_t *ent; ! 6: ! 7: + ! 8: Com_DPrintf ("New() from %s\n", sv_client->name); ! 9: ! 10: if (sv_client->state != cs_connected) ! 11: @@ -108,6 +109,8 @@ ! 12: ! 13: Com_DPrintf ("Configstrings() from %s\n", sv_client->name); ! 14: ! 15: + ! 16: + ! 17: if (sv_client->state != cs_connected) ! 18: { ! 19: Com_Printf ("configstrings not valid -- already spawned\n"); ! 20: @@ -165,6 +168,8 @@ ! 21: ! 22: Com_DPrintf ("Baselines() from %s\n", sv_client->name); ! 23: ! 24: + ! 25: + ! 26: if (sv_client->state != cs_connected) ! 27: { ! 28: Com_Printf ("baselines not valid -- already spawned\n"); ! 29: @@ -202,7 +207,7 @@ ! 30: if (start == MAX_EDICTS) ! 31: { ! 32: MSG_WriteByte (&sv_client->netchan.message, svc_stufftext); ! 33: - MSG_WriteString (&sv_client->netchan.message, va("precache ; cmd begin %i\n",svs.spawncount) ); ! 34: + MSG_WriteString (&sv_client->netchan.message, va("precache %i\n", svs.spawncount) ); ! 35: } ! 36: else ! 37: { ! 38: @@ -273,7 +278,6 @@ ! 39: ! 40: FS_FreeFile (sv_client->download); ! 41: sv_client->download = NULL; ! 42: - ! 43: } ! 44: ! 45: /* ! 46: @@ -285,10 +289,35 @@ ! 47: { ! 48: char *name; ! 49: extern cvar_t *allow_download; ! 50: + extern cvar_t *allow_download_players; ! 51: + extern cvar_t *allow_download_models; ! 52: + extern cvar_t *allow_download_sounds; ! 53: + extern cvar_t *allow_download_maps; ! 54: + extern int file_from_pak; // ZOID did file come from pak? ! 55: + int offset = 0; ! 56: ! 57: name = Cmd_Argv(1); ! 58: + ! 59: + if (Cmd_Argc() > 2) ! 60: + offset = atoi(Cmd_Argv(2)); // downloaded offset ! 61: + ! 62: + // hacked by zoid to allow more conrol over download ! 63: + // first off, no .. or global allow check ! 64: if (strstr (name, "..") || !allow_download->value ! 65: - || strstr (name, "maps") ) // don't allow full map downloads ! 66: + // leading dot is no good ! 67: + || *name == '.' ! 68: + // leading slash bad as well, must be in subdir ! 69: + || *name == '/' ! 70: + // next up, skin check ! 71: + || (strncmp(name, "players/", 6) == 0 && !allow_download_players->value) ! 72: + // now models ! 73: + || (strncmp(name, "models/", 6) == 0 && !allow_download_models->value) ! 74: + // now sounds ! 75: + || (strncmp(name, "sound/", 6) == 0 && !allow_download_sounds->value) ! 76: + // now maps (note special case for maps, must not be in pak) ! 77: + || (strncmp(name, "maps/", 6) == 0 && !allow_download_maps->value) ! 78: + // MUST be in a subdirectory ! 79: + || !strstr (name, "/") ) ! 80: { // don't allow anything with .. path ! 81: MSG_WriteByte (&sv_client->netchan.message, svc_download); ! 82: MSG_WriteShort (&sv_client->netchan.message, -1); ! 83: @@ -296,15 +325,24 @@ ! 84: return; ! 85: } ! 86: ! 87: + ! 88: if (sv_client->download) ! 89: FS_FreeFile (sv_client->download); ! 90: ! 91: sv_client->downloadsize = FS_LoadFile (name, (void **)&sv_client->download); ! 92: - sv_client->downloadcount = 0; ! 93: + sv_client->downloadcount = offset; ! 94: ! 95: - if (!sv_client->download) ! 96: + if (!sv_client->download ! 97: + // special check for maps, if it came from a pak file, don't allow ! 98: + // download ZOID ! 99: + || (strncmp(name, "maps/", 5) == 0 && file_from_pak)) ! 100: { ! 101: Com_DPrintf ("Couldn't download %s to %s\n", name, sv_client->name); ! 102: + if (sv_client->download) { ! 103: + FS_FreeFile (sv_client->download); ! 104: + sv_client->download = NULL; ! 105: + } ! 106: + ! 107: MSG_WriteByte (&sv_client->netchan.message, svc_download); ! 108: MSG_WriteShort (&sv_client->netchan.message, -1); ! 109: MSG_WriteByte (&sv_client->netchan.message, 0); ! 110: @@ -316,6 +354,7 @@ ! 111: } ! 112: ! 113: ! 114: + ! 115: //============================================================================ ! 116: ! 117: ! 118: @@ -358,9 +397,12 @@ ! 119: if (!v[0]) ! 120: Cbuf_AddText ("killserver\n"); ! 121: else ! 122: + ! 123: { ! 124: Cbuf_AddText (v); ! 125: + ! 126: Cbuf_AddText ("\n"); ! 127: + ! 128: } ! 129: Cvar_Set ("nextserver",""); ! 130: } ! 131: @@ -444,17 +486,29 @@ ! 132: */ ! 133: ! 134: ! 135: + ! 136: void ClientThink (client_t *cl, usercmd_t *cmd) ! 137: + ! 138: { ! 139: + ! 140: cl->commandMsec -= cmd->msec; ! 141: + ! 142: if (cl->commandMsec < 0 && sv_enforcetime->value ) ! 143: + ! 144: { ! 145: + ! 146: Com_DPrintf ("commandMsec underflow from %s\n", cl->name); ! 147: + ! 148: return; ! 149: + ! 150: } ! 151: + ! 152: ge->ClientThink (cl->edict, cmd); ! 153: + ! 154: } ! 155: ! 156: + ! 157: + ! 158: #define MAX_STRINGCMDS 8 ! 159: /* ! 160: =================== ! 161: @@ -467,22 +521,32 @@ ! 162: { ! 163: int c; ! 164: char *s; ! 165: + ! 166: usercmd_t nullcmd; ! 167: usercmd_t oldest, oldcmd, newcmd; ! 168: int net_drop; ! 169: int stringCmdCount; ! 170: + ! 171: int checksum, calculatedChecksum; ! 172: + ! 173: int checksumIndex; ! 174: + ! 175: qboolean move_issued; ! 176: ! 177: + ! 178: sv_client = cl; ! 179: sv_player = sv_client->edict; ! 180: ! 181: + ! 182: // only allow one move command ! 183: + ! 184: move_issued = false; ! 185: ! 186: + ! 187: + ! 188: stringCmdCount = 0; ! 189: ! 190: + ! 191: while (1) ! 192: { ! 193: if (net_message.readcount > net_message.cursize) ! 194: @@ -512,57 +576,96 @@ ! 195: break; ! 196: ! 197: case clc_move: ! 198: + ! 199: if (move_issued) ! 200: + ! 201: return; // someone is trying to cheat... ! 202: + ! 203: move_issued = true; ! 204: ! 205: + ! 206: + ! 207: checksumIndex = net_message.readcount; ! 208: + ! 209: checksum = MSG_ReadByte (&net_message); ! 210: ! 211: + ! 212: + ! 213: cl->lastframe = MSG_ReadLong (&net_message); ! 214: + ! 215: memset (&nullcmd, 0, sizeof(nullcmd)); ! 216: MSG_ReadDeltaUsercmd (&net_message, &nullcmd, &oldest); ! 217: MSG_ReadDeltaUsercmd (&net_message, &oldest, &oldcmd); ! 218: MSG_ReadDeltaUsercmd (&net_message, &oldcmd, &newcmd); ! 219: ! 220: if ( cl->state != cs_spawned ) ! 221: + ! 222: { ! 223: + ! 224: cl->lastframe = -1; ! 225: break; ! 226: } ! 227: ! 228: + ! 229: + ! 230: // if the checksum fails, ignore the rest of the packet ! 231: + ! 232: calculatedChecksum = COM_BlockSequenceCheckByte ( ! 233: + ! 234: net_message.data + checksumIndex + 1, ! 235: + ! 236: net_message.readcount - checksumIndex - 1, ! 237: + ! 238: cl->netchan.incoming_sequence); ! 239: ! 240: + ! 241: + ! 242: if (calculatedChecksum != checksum) ! 243: + ! 244: { ! 245: + ! 246: + // hack for unreliable end condition ! 247: + if ((cl->netchan.incoming_sequence % ! 248: + (NUMVERTEXNORMALS * sizeof(vec3_t))) + 3 < ! 249: + (NUMVERTEXNORMALS * sizeof(vec3_t))) { ! 250: Com_DPrintf ("Failed command checksum for %s\n", cl->name); ! 251: + ! 252: return; ! 253: + ! 254: + } ! 255: } ! 256: ! 257: + ! 258: + ! 259: if (!sv_paused->value) ! 260: + ! 261: { ! 262: net_drop = cl->netchan.dropped; ! 263: if (net_drop < 20) ! 264: { ! 265: + ! 266: //if (net_drop > 2) ! 267: + ! 268: // Com_Printf ("drop %i\n", net_drop); ! 269: while (net_drop > 2) ! 270: { ! 271: ClientThink (cl, &cl->lastcmd); ! 272: + ! 273: net_drop--; ! 274: } ! 275: if (net_drop > 1) ! 276: ClientThink (cl, &oldest); ! 277: + ! 278: if (net_drop > 0) ! 279: ClientThink (cl, &oldcmd); ! 280: + ! 281: } ! 282: ClientThink (cl, &newcmd); ! 283: + ! 284: } ! 285: ! 286: + ! 287: + ! 288: cl->lastcmd = newcmd; ! 289: break; ! 290: ! 291: @@ -570,13 +673,19 @@ ! 292: case clc_stringcmd: ! 293: s = MSG_ReadString (&net_message); ! 294: ! 295: + ! 296: + ! 297: // malicious users may try using too many string commands ! 298: + ! 299: if (++stringCmdCount < MAX_STRINGCMDS) ! 300: SV_ExecuteUserCommand (s); ! 301: + ! 302: if (cl->state == cs_zombie) ! 303: + ! 304: return; // disconnect command ! 305: break; ! 306: } ! 307: } ! 308: + ! 309: } ! 310:
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.