Merge remote-tracking branch 'lat/remove-passwords' into awful-mix-fucked

2024-11-10 07:12:03 +00:00 · 2020-04-26 01:16:27 -07:00 · 2020-04-26 01:16:27 -07:00 · b3247b48a1
commit b3247b48a1
parent bb3dcf7d5f bee60709ec
10 changed files with 37 additions and 488 deletions
--- a/src/command.c
+++ b/src/command.c
@ -1304,8 +1304,7 @@ found:
 	var->string = var->zstring = Z_StrDup(valstr);
-	if (var->flags & CV_PASSWORD); // Don't change value for password field
+	if (override)
 	else if (override)
 		var->value = overrideval;
 	else if (var->flags & CV_FLOAT)
 	{
--- a/src/command.h
+++ b/src/command.h
@ -98,8 +98,7 @@ typedef enum
 	CV_HIDEN = 1024, // variable is not part of the cvar list so cannot be accessed by the console
 	                 // can only be set when we have the pointer to it
                   // used on menus
-	CV_CHEAT = 2048, // Don't let this be used in multiplayer unless cheats are on.
+	CV_CHEAT = 2048 // Don't let this be used in multiplayer unless cheats are on.
 	CV_PASSWORD = 4096 // Password field
 } cvflags_t;
 typedef struct CV_PossibleValue_s
--- a/src/d_clisrv.c
+++ b/src/d_clisrv.c
@ -23,7 +23,6 @@
 #include "d_net.h"
 #include "d_netfil.h" // fileneedednum
 #include "d_main.h"
 #include "d_event.h"
 #include "g_game.h"
 #include "hu_stuff.h"
 #include "keys.h"
@ -1133,32 +1132,22 @@ typedef enum
 	CL_CONNECTED,
 	CL_ABORTED,
 	CL_ASKFULLFILELIST,
 	CL_ASKDOWNLOADFILES,
 	CL_WAITDOWNLOADFILESRESPONSE,
 #ifdef HAVE_CURL
 	CL_PREPAREHTTPFILES,
 	CL_DOWNLOADHTTPFILES,
 #endif
 	CL_CHALLENGE
 } cl_mode_t;
 static void GetPackets(void);
 static cl_mode_t cl_mode = CL_SEARCHING;
 static boolean cl_needsdownload = false;
 static UINT16 cl_lastcheckedfilecount = 0;
 static UINT8 cl_challengenum = 0;
 static UINT8 cl_challengequestion[MD5_LEN+1];
 static char cl_challengepassword[65];
 static UINT8 cl_challengeanswer[MD5_LEN+1];
 static UINT8 cl_challengeattempted = 0;
 static char cl_challengeaddress[64];
 #ifdef HAVE_CURL
 char http_source[MAX_MIRROR_LENGTH];
 #endif
 static UINT16 cl_lastcheckedfilecount = 0;	// used for full file list
 // Player name send/load
 static void CV_SavePlayerNames(UINT8 **p)
@ -1194,7 +1183,6 @@ static void CV_LoadPlayerNames(UINT8 **p)
 }
 #ifdef CLIENT_LOADINGSCREEN
 static UINT32 SL_SearchServer(INT32 node);
 //
 // CL_DrawConnectionStatus
@ -1223,42 +1211,11 @@ static inline void CL_DrawConnectionStatus(void)
 		// 15 pal entries total.
 		const char *cltext;
-		if (cl_mode != CL_CHALLENGE)
+		for (i = 0; i < 16; ++i)
-			for (i = 0; i < 16; ++i)
+			V_DrawFill((BASEVIDWIDTH/2-128) + (i * 16), BASEVIDHEIGHT-24, 16, 8, palstart + ((animtime - i) & 15));
 				V_DrawFill((BASEVIDWIDTH/2-128) + (i * 16), BASEVIDHEIGHT-24, 16, 8, palstart + ((animtime - i) & 15));
 		switch (cl_mode)
 		{
 			case CL_CHALLENGE:
 				{
 					char asterisks[33];
 					size_t sl = min(32, strlen(cl_challengepassword));
 					UINT32 serverid;
 					memset(asterisks, '*', sl);
 					memset(asterisks+sl, 0, 33-sl);
 					V_DrawString(BASEVIDWIDTH/2-128, BASEVIDHEIGHT-24, V_MONOSPACE|V_ALLOWLOWERCASE, asterisks);
 					V_DrawFixedPatch((BASEVIDWIDTH/2) << FRACBITS, (BASEVIDHEIGHT/2) << FRACBITS, FRACUNIT, 0, W_CachePatchName("BSRVLOCK", PU_CACHE), NULL);
 					serverid = SL_SearchServer(servernode);
 					if (serverid == UINT32_MAX)
 					{
 						M_DrawTextBox(BASEVIDWIDTH/2-128-8, BASEVIDHEIGHT/2-8, 32, 1);
 						V_DrawCenteredString(BASEVIDWIDTH/2, BASEVIDHEIGHT/2, V_REDMAP, M_GetText("This server is password protected."));
 					}
 					else
 					{
 						M_DrawTextBox(BASEVIDWIDTH/2-128-8, BASEVIDHEIGHT/2-8, 32, 3);
 						V_DrawCenteredString(BASEVIDWIDTH/2, BASEVIDHEIGHT/2, V_REDMAP, M_GetText("This server,"));
 						V_DrawCenteredString(BASEVIDWIDTH/2, BASEVIDHEIGHT/2+8, V_ALLOWLOWERCASE, serverlist[serverid].info.servername);
 						V_DrawCenteredString(BASEVIDWIDTH/2, BASEVIDHEIGHT/2+16, V_REDMAP, M_GetText("is password protected."));
 					}
 					cltext = M_GetText(cl_challengeattempted ? "Incorrect password. Please try again." : "Please enter the server password.");
 				}
 				break;
 #ifdef JOININGAME
 			case CL_DOWNLOADSAVEGAME:
 				if (lastfilenum != -1)
@ -1281,12 +1238,11 @@ static inline void CL_DrawConnectionStatus(void)
 			case CL_WAITJOINRESPONSE:
 				cltext = M_GetText("Requesting to join...");
 				break;
 			case CL_ASKDOWNLOADFILES:
 			case CL_WAITDOWNLOADFILESRESPONSE:
 #ifdef HAVE_CURL
 			case CL_PREPAREHTTPFILES:
 #endif
 				cltext = M_GetText("Waiting to download files...");
 				break;
 #endif
 			default:
 				cltext = M_GetText("Connecting to server...");
 				break;
@ -1376,9 +1332,6 @@ static boolean CL_SendJoin(void)
 	netbuffer->u.clientcfg.subversion = SUBVERSION;
 	strncpy(netbuffer->u.clientcfg.application, SRB2APPLICATION,
 			sizeof netbuffer->u.clientcfg.application);
 	netbuffer->u.clientcfg.needsdownload = cl_needsdownload;
 	netbuffer->u.clientcfg.challengenum = cl_challengenum;
 	memcpy(netbuffer->u.clientcfg.challengeanswer, cl_challengeanswer, MD5_LEN);
 	return HSendPacket(servernode, false, 0, sizeof (clientconfig_pak));
 }
@ -1410,10 +1363,10 @@ static void SV_SendServerInfo(INT32 node, tic_t servertime)
 	netbuffer->u.serverinfo.kartvars = (UINT8) (
 		(cv_kartspeed.value & SV_SPEEDMASK) |
-		(dedicated ? SV_DEDICATED : 0) |
+		(dedicated ? SV_DEDICATED : 0)
 		(D_IsJoinPasswordOn() ? SV_PASSWORD : 0)
 	);
 	strncpy(netbuffer->u.serverinfo.servername, cv_servername.string,
 		MAXSERVERNAME);
 	strncpy(netbuffer->u.serverinfo.mapname, G_BuildMapName(gamemap), 7);
@ -2035,14 +1988,13 @@ static boolean CL_FinishedFileList(void)
 				return false;
 			}
-			cl_mode = CL_ASKDOWNLOADFILES;
+			if (CL_SendRequestFile())
-			return true;
+				cl_mode = CL_DOWNLOADFILES;
 		}
 #ifdef HAVE_CURL
 		else
 		{
 			cl_mode = CL_PREPAREHTTPFILES;
 			return true;
 		}
 #endif
 	}
@ -2235,7 +2187,6 @@ static boolean CL_ServerConnectionTicker(boolean viams, const char *tmpsave, tic
 			/* FALLTHRU */
 		case CL_ASKJOIN:
 			cl_needsdownload = false;
 			CL_LoadServerFiles();
 #ifdef JOININGAME
 			// prepare structures to save the file
@ -2244,23 +2195,9 @@ static boolean CL_ServerConnectionTicker(boolean viams, const char *tmpsave, tic
 			CL_PrepareDownloadSaveGame(tmpsave);
 #endif
 			if (CL_SendJoin())
 			{
 				*asksent = I_GetTime();
 				cl_mode = CL_WAITJOINRESPONSE;
 			}
 			break;
 		case CL_ASKDOWNLOADFILES:
 			cl_needsdownload = true;
 			if (CL_SendJoin())
 			{
 				*asksent = I_GetTime();
 				cl_mode = CL_WAITDOWNLOADFILESRESPONSE;
 			}
 			break;
 #ifdef JOININGAME
 		case CL_DOWNLOADSAVEGAME:
 			// At this state, the first (and only) needed file is the gamestate
@ -2274,19 +2211,7 @@ static boolean CL_ServerConnectionTicker(boolean viams, const char *tmpsave, tic
 				break;
 #endif
 		case CL_CHALLENGE:
 			(*asksent) = I_GetTime() - NEWTICRATE; // Send password immediately upon entering
 			break;
 		case CL_WAITJOINRESPONSE:
 		case CL_WAITDOWNLOADFILESRESPONSE:
 			if (*asksent + NEWTICRATE < I_GetTime() && CL_SendJoin())
 			{
 				*asksent = I_GetTime();
 			}
 			break;
 		case CL_CONNECTED:
 		default:
 			break;
@ -2304,15 +2229,21 @@ static boolean CL_ServerConnectionTicker(boolean viams, const char *tmpsave, tic
 	// Call it only once by tic
 	if (*oldtic != I_GetTime())
 	{
 		I_OsPolling();
 		D_ProcessEvents();
 		if (gamestate != GS_WAITINGPLAYERS)
 			return false;
-		// why are these here? this is for servers, we're a client
+		INT32 key;
-		//if (key == 's' && server)
+
-		//	doomcom->numnodes = (INT16)pnumnodes;
+		I_OsPolling();
-		//SV_FileSendTicker();
+		key = I_GetKey();
 		// Only ESC and non-keyboard keys abort connection
 		if (key == KEY_ESCAPE || key >= KEY_MOUSE1)
 		{
 			CONS_Printf(M_GetText("Network game synchronization aborted.\n"));
 			D_QuitNetGame();
 			CL_Reset();
 			D_StartTitle();
 			return false;
 		}
 		*oldtic = I_GetTime();
 #ifdef CLIENT_LOADINGSCREEN
@ -2336,73 +2267,6 @@ static boolean CL_ServerConnectionTicker(boolean viams, const char *tmpsave, tic
 	return true;
 }
 boolean CL_Responder(event_t *ev)
 {
 	size_t len;
 	INT32 ch;
 	if (!(client && cl_mode != CL_CONNECTED && cl_mode != CL_ABORTED))
 		return false; // Don't do anything outside of the connection screen
 	if (ev->type != ev_keydown)
 		return false;
 	ch = (INT32)ev->data1;
 	// Only ESC and non-keyboard keys abort connection
 	if (ch == KEY_ESCAPE || ch >= KEY_MOUSE1)
 	{
 		CONS_Printf(M_GetText("Network game synchronization aborted.\n"));
 		//M_StartMessage(M_GetText("Network game synchronization aborted.\n\nPress ESC\n"), NULL, MM_NOTHING);
 		D_QuitNetGame();
 		CL_Reset();
 		D_StartTitle();
 		return true;
 	}
 	if (cl_mode != CL_CHALLENGE)
 		return false;
 	if ((ch >= HU_FONTSTART && ch <= HU_FONTEND && hu_font[ch-HU_FONTSTART])
 	  || ch == ' ') // Allow spaces, of course
 	{
 		len = strlen(cl_challengepassword);
 		if (len < 64)
 		{
 			cl_challengepassword[len+1] = 0;
 			cl_challengepassword[len] = CON_ShiftChar(ch);
 		}
 		cl_challengeattempted = 0;
 	}
 	else if (ch == KEY_BACKSPACE)
 	{
 		len = strlen(cl_challengepassword);
 		if (len > 0)
 			cl_challengepassword[len-1] = 0;
 		cl_challengeattempted = 0;
 	}
 	else if (ch == KEY_ENTER)
 	{
 		netgame = true;
 		multiplayer = true;
 #ifndef NONET
 		SL_ClearServerList(servernode);
 		if (I_NetMakeNodewPort)
 				servernode = I_NetMakeNode(cl_challengeaddress);
 #endif
 		cl_mode = CL_SEARCHING;
 		D_ComputeChallengeAnswer(cl_challengequestion, cl_challengepassword, cl_challengeanswer);
 		cl_challengeattempted = 1;
 	}
 	return true;
 }
 /** Use adaptive send using net_bandwidth and stat.sendbytes
  *
  * \param viams ???
@ -2423,7 +2287,6 @@ static void CL_ConnectToServer(boolean viams)
 #endif
 	cl_mode = CL_SEARCHING;
 	cl_challengenum = 0;
 #ifdef CLIENT_LOADINGSCREEN
 	lastfilenum = -1;
@ -2480,8 +2343,6 @@ static void CL_ConnectToServer(boolean viams)
 	SL_ClearServerList(servernode);
 #endif
 	cl_challengeattempted = 0;
 	do
 	{
 		// If the connection was aborted for some reason, leave
@ -3427,9 +3288,6 @@ void D_ClientServerInit(void)
 	gametic = 0;
 	localgametic = 0;
 	memset(cl_challengequestion, 0x00, MD5_LEN+1);
 	memset(cl_challengeanswer, 0x00, MD5_LEN+1);
 	// do not send anything before the real begin
 	SV_StopServer();
 	SV_ResetServer();
@ -3912,33 +3770,6 @@ static void HandleConnect(SINT8 node)
 		boolean newnode = false;
 #endif
 		if (node != servernode && !nodeingame[node] && D_IsJoinPasswordOn())
 		{
 			// Ensure node sent the correct password challenge
 			boolean passed = false;
 			if (netbuffer->u.clientcfg.challengenum && D_VerifyJoinPasswordChallenge(netbuffer->u.clientcfg.challengenum, netbuffer->u.clientcfg.challengeanswer))
 				passed = true;
 			if (!passed)
 			{
 				D_MakeJoinPasswordChallenge(&netbuffer->u.joinchallenge.challengenum, netbuffer->u.joinchallenge.question);
 				netbuffer->packettype = PT_JOINCHALLENGE;
 				HSendPacket(node, false, 0, sizeof(joinchallenge_pak));
 				Net_CloseConnection(node);
 				return;
 			}
 		}
 		if (netbuffer->u.clientcfg.needsdownload)
 		{
 			netbuffer->packettype = PT_DOWNLOADFILESOKAY;
 			HSendPacket(node, true, 0, 0);
 			return;
 		}
 		// client authorised to join
 		nodewaiting[node] = (UINT8)(netbuffer->u.clientcfg.localplayers - playerpernode[node]);
 		if (!nodeingame[node])
@ -4138,49 +3969,6 @@ static void HandlePacketFromAwayNode(SINT8 node)
 			Net_CloseConnection(node);
 			break;
 		case PT_JOINCHALLENGE:
 			if (server && serverrunning)
 			{ // But wait I thought I'm the server?
 				Net_CloseConnection(node);
 				break;
 			}
 			SERVERONLY
 			if (cl_mode == CL_WAITJOINRESPONSE || cl_mode == CL_WAITDOWNLOADFILESRESPONSE)
 			{
 				cl_challengenum = netbuffer->u.joinchallenge.challengenum;
 				memcpy(cl_challengequestion, netbuffer->u.joinchallenge.question, 16);
 				if (I_GetNodeAddress)
 					strcpy(cl_challengeaddress, I_GetNodeAddress(node));
 				Net_CloseConnection(node); // Don't need to stay connected while challenging
 				cl_mode = CL_CHALLENGE;
 				switch (cl_challengeattempted)
 				{
 					case 2:
 						// We already sent a correct password, so throw it back up again.
 						D_ComputeChallengeAnswer(cl_challengequestion, cl_challengepassword, cl_challengeanswer);
 #ifndef NONET
 						if (I_NetMakeNodewPort)
 							servernode = I_NetMakeNode(cl_challengeaddress);
 #endif
 						cl_mode = CL_ASKJOIN;
 						break;
 					case 1:
 						// We entered the wrong password!
 						S_StartSound(NULL, sfx_s26d);
 						break;
 					default:
 						// First entry to the password screen.
 						S_StartSound(NULL, sfx_s224);
 						break;
 				}
 			}
 			break;
 		case PT_SERVERREFUSE: // Negative response of client join request
 			if (server && serverrunning)
 			{ // But wait I thought I'm the server?
@ -4209,41 +3997,6 @@ static void HandlePacketFromAwayNode(SINT8 node)
 			}
 			break;
 		case PT_DOWNLOADFILESOKAY:
 			if (server && serverrunning)
 			{ // But wait I thought I'm the server?
 				Net_CloseConnection(node);
 				break;
 			}
 			SERVERONLY
 			// This should've already been checked, but just to be safe...
 			if (!CL_CheckDownloadable())
 			{
 				D_QuitNetGame();
 				CL_Reset();
 				D_StartTitle();
 				M_StartMessage(M_GetText(
 					"You cannot connect to this server\n"
 					"because you cannot download the files\n"
 					"that you are missing from the server.\n\n"
 					"See the console or log file for\n"
 					"more details.\n\n"
 					"Press ESC\n"
 				), NULL, MM_NOTHING);
 				break;
 			}
 			if (cl_challengeattempted == 1) // Successful password noise.
 				S_StartSound(NULL, sfx_s221);
 			cl_challengeattempted = 2;
 			CONS_Printf("trying to download\n");
 			if (CL_SendRequestFile())
 					cl_mode = CL_DOWNLOADFILES;
 			break;
 		case PT_SERVERCFG: // Positive response of client join request
 		{
 			INT32 j;
@ -4259,9 +4012,6 @@ static void HandlePacketFromAwayNode(SINT8 node)
 			if (cl_mode != CL_WAITJOINRESPONSE)
 				break;
 			if (cl_challengeattempted == 1) // Successful password noise.
 				S_StartSound(NULL, sfx_s221);
 			if (client)
 			{
 				maketic = gametic = neededtic = (tic_t)LONG(netbuffer->u.servercfg.gametic);
--- a/src/d_clisrv.h
+++ b/src/d_clisrv.h
@ -13,14 +13,11 @@
 #ifndef __D_CLISRV__
 #define __D_CLISRV__
 #include "d_event.h"
 #include "d_ticcmd.h"
 #include "d_netcmd.h"
 #include "tables.h"
 #include "d_player.h"
 #include "md5.h"
 /*
 The 'packet version' is used to distinguish packet formats.
 This version is independent of VERSION and SUBVERSION. Different
@ -86,9 +83,6 @@ typedef enum
 	PT_CLIENT4MIS,
 	PT_BASICKEEPALIVE,// Keep the network alive during wipes, as tics aren't advanced and NetUpdate isn't called
 	PT_JOINCHALLENGE, // You must give a password to joinnnnn
 	PT_DOWNLOADFILESOKAY, // You can download files from the server....
 	PT_CANFAIL,       // This is kind of a priority. Anything bigger than CANFAIL
 	                  // allows HSendPacket(*, true, *, *) to return false.
 	                  // In addition, this packet can't occupy all the available slots.
@ -361,22 +355,13 @@ typedef struct
 	char application[MAXAPPLICATION];
 	UINT8 version; // Different versions don't work
 	UINT8 subversion; // Contains build version
-	UINT8 localplayers;
+	UINT8 localplayers;	// number of splitscreen players
-	UINT8 needsdownload;
+	UINT8 mode;
 	UINT8 challengenum; // Non-zero if trying to join with a password attempt
 	UINT8 challengeanswer[MD5_LEN]; // Join challenge
 } ATTRPACK clientconfig_pak;
-typedef struct
+#define SV_SPEEDMASK 0x03		// used to send kartspeed
-{
+#define SV_DEDICATED 0x40		// server is dedicated
-	UINT8 challengenum; // Number to send back in join attempt
+#define SV_LOTSOFADDONS 0x20	// flag used to ask for full file list in d_netfil
 	UINT8 question[MD5_LEN]; // Challenge data to be manipulated and answered with
 } ATTRPACK joinchallenge_pak;
 #define SV_SPEEDMASK 0x03
 #define SV_LOTSOFADDONS 0x20
 #define SV_DEDICATED 0x40
 #define SV_PASSWORD 0x80
 #define MAXSERVERNAME 32
 #define MAXFILENEEDED 915
@ -487,7 +472,6 @@ typedef struct
 		UINT8 textcmd[MAXTEXTCMD+1];        //       66049 bytes (wut??? 64k??? More like 257 bytes...)
 		filetx_pak filetxpak;               //         139 bytes
 		clientconfig_pak clientcfg;         //         153 bytes
 		joinchallenge_pak joinchallenge;    //          17 bytes
 		serverinfo_pak serverinfo;          //        1024 bytes
 		serverrefuse_pak serverrefuse;      //       65025 bytes (somehow I feel like those values are garbage...)
 		askinfo_pak askinfo;                //          61 bytes
@ -593,7 +577,6 @@ void CL_Reset(void);
 void CL_ClearPlayer(INT32 playernum);
 void CL_RemovePlayer(INT32 playernum, INT32 reason);
 void CL_UpdateServerList(boolean internetsearch, INT32 room);
 boolean CL_Responder(event_t *ev);
 // Is there a game running
 boolean Playing(void);
--- a/src/d_main.c
+++ b/src/d_main.c
@ -231,9 +231,6 @@ void D_ProcessEvents(void)
 		if (M_ScreenshotResponder(ev))
 			continue; // ate the event
 		if (CL_Responder(ev))
 			continue;
 		if (gameaction == ga_nothing && gamestate == GS_TITLESCREEN)
 		{
 			if (cht_Responder(ev))
--- a/src/d_net.c
+++ b/src/d_net.c
@ -812,9 +812,6 @@ static const char *packettypename[NUMPACKETTYPE] =
 	"CLIENT4MIS",
 	"BASICKEEPALIVE",
 	"JOINCHALLENGE",
 	"DOWNLOADFILESOKAY",
 	"FILEFRAGMENT",
 	"TEXTCMD",
@ -847,7 +844,7 @@ static void DebugPrintpacket(const char *header)
 			break;
 		case PT_CLIENTJOIN:
 			fprintf(debugfile, "    number %d mode %d\n", netbuffer->u.clientcfg.localplayers,
-				netbuffer->u.clientcfg.needsdownload);
+				netbuffer->u.clientcfg.mode);
 			break;
 		case PT_SERVERTICS:
 		{
--- a/src/d_netcmd.c
+++ b/src/d_netcmd.c
@ -172,7 +172,6 @@ static void Got_Verification(UINT8 **cp, INT32 playernum);
 static void Got_Removal(UINT8 **cp, INT32 playernum);
 static void Command_Verify_f(void);
 static void Command_RemoveAdmin_f(void);
 static void Command_ChangeJoinPassword_f(void);
 static void Command_MotD_f(void);
 static void Got_MotD_f(UINT8 **cp, INT32 playernum);
@ -554,8 +553,6 @@ void D_RegisterServerCommands(void)
 	RegisterNetXCmd(XD_PICKVOTE, Got_PickVotecmd);
 	// Remote Administration
 	CV_RegisterVar(&cv_dummyjoinpassword);
 	COM_AddCommand("joinpassword", Command_ChangeJoinPassword_f);
 	COM_AddCommand("password", Command_Changepassword_f);
 	RegisterNetXCmd(XD_LOGIN, Got_Login);
 	COM_AddCommand("login", Command_Login_f); // useful in dedicated to kick off remote admin
@ -3972,131 +3969,6 @@ static void Got_Removal(UINT8 **cp, INT32 playernum)
 	CONS_Printf(M_GetText("You are no longer a server administrator.\n"));
 }
 // Join password stuff
 consvar_t cv_dummyjoinpassword = {"dummyjoinpassword", "", CV_HIDEN|CV_NOSHOWHELP|CV_PASSWORD, NULL, NULL, 0, NULL, NULL, 0, 0, NULL};
 #define NUMJOINCHALLENGES 32
 static UINT8 joinpassmd5[MD5_LEN+1];
 boolean joinpasswordset = false;
 static UINT8 joinpasschallenges[NUMJOINCHALLENGES][MD5_LEN];
 static tic_t joinpasschallengeson[NUMJOINCHALLENGES];
 boolean D_IsJoinPasswordOn(void)
 {
 	return joinpasswordset;
 }
 static inline void GetChallengeAnswer(UINT8 *question, UINT8 *passwordmd5, UINT8 *answer)
 {
 	D_MD5PasswordPass(question, MD5_LEN, (char *) passwordmd5, answer);
 }
 void D_ComputeChallengeAnswer(UINT8 *question, const char *pw, UINT8 *answer)
 {
 	static UINT8 passwordmd5[MD5_LEN+1];
 	memset(passwordmd5, 0x00, MD5_LEN+1);
 	D_MD5PasswordPass((const UINT8 *)pw, strlen(pw), BASESALT, &passwordmd5);
 	GetChallengeAnswer(question, passwordmd5, answer);
 }
 void D_SetJoinPassword(const char *pw)
 {
 	memset(joinpassmd5, 0x00, MD5_LEN+1);
 	D_MD5PasswordPass((const UINT8 *)pw, strlen(pw), BASESALT, &joinpassmd5);
 	joinpasswordset = true;
 }
 boolean D_VerifyJoinPasswordChallenge(UINT8 num, UINT8 *answer)
 {
 	boolean passed = false;
 	num %= NUMJOINCHALLENGES;
 	//@TODO use a constant-time memcmp....
 	if (joinpasschallengeson[num] > 0 && memcmp(answer, joinpasschallenges[num], MD5_LEN) == 0)
 		passed = true;
 	// Wipe and reset the challenge so that it can't be tried against again, as a small measure against brute-force attacks.
 	memset(joinpasschallenges[num], 0x00, MD5_LEN);
 	joinpasschallengeson[num] = 0;
 	return passed;
 }
 void D_MakeJoinPasswordChallenge(UINT8 *num, UINT8 *question)
 {
 	size_t i;
 	for (i = 0; i < NUMJOINCHALLENGES; i++)
 	{
 		(*num) = M_RandomKey(NUMJOINCHALLENGES);
 		if (joinpasschallengeson[(*num)] == 0)
 			break;
 	}
 	if (joinpasschallengeson[(*num)] > 0)
 	{
 		// Ugh, all challenges are (probably) taken. Let's find the oldest one and overwrite it.
 		tic_t oldesttic = INT32_MAX;
 		for (i = 0; i < NUMJOINCHALLENGES; i++)
 		{
 			if (joinpasschallengeson[i] < oldesttic)
 			{
 				(*num) = i;
 				oldesttic = joinpasschallengeson[i];
 			}
 		}
 	}
 	joinpasschallengeson[(*num)] = I_GetTime();
 	memset(question, 0x00, MD5_LEN);
 	for (i = 0; i < MD5_LEN; i++)
 		question[i] = M_RandomByte();
 	// Store the answer in memory. What was the question again?
 	GetChallengeAnswer(question, joinpassmd5, joinpasschallenges[(*num)]);
 	// This ensures that num is always non-zero and will be valid when used for the answer
 	if ((*num) == 0)
 		(*num) = NUMJOINCHALLENGES;
 }
 // Remote Administration
 static void Command_ChangeJoinPassword_f(void)
 {
 #ifdef NOMD5
 	// If we have no MD5 support then completely disable XD_LOGIN responses for security.
 	CONS_Alert(CONS_NOTICE, "Remote administration commands are not supported in this build.\n");
 #else
 	if (client) // cannot change remotely
 	{
 		CONS_Printf(M_GetText("Only the server can use this.\n"));
 		return;
 	}
 	if (COM_Argc() != 2)
 	{
 		CONS_Printf(M_GetText("joinpassword <password>: set a password to join the server\nUse -remove to disable the password.\n"));
 		return;
 	}
 	if (strcmp(COM_Argv(1), "-remove") == 0)
 	{
 		joinpasswordset = false;
 		CONS_Printf(M_GetText("Join password removed.\n"));
 	}
 	else
 	{
 		D_SetJoinPassword(COM_Argv(1));
 		CONS_Printf(M_GetText("Join password set.\n"));
 	}
 #endif
 }
 static void Command_MotD_f(void)
 {
 	size_t i, j;
--- a/src/d_netcmd.h
+++ b/src/d_netcmd.h
@ -246,14 +246,6 @@ void RemoveAdminPlayer(INT32 playernum);
 void ItemFinder_OnChange(void);
 void D_SetPassword(const char *pw);
 extern consvar_t cv_dummyjoinpassword;
 extern boolean joinpasswordset;
 boolean D_IsJoinPasswordOn(void);
 void D_ComputeChallengeAnswer(UINT8 *question, const char *pw, UINT8 *answer);
 void D_SetJoinPassword(const char *pw);
 boolean D_VerifyJoinPasswordChallenge(UINT8 num, UINT8 *answer);
 void D_MakeJoinPasswordChallenge(UINT8 *num, UINT8 *question);
 // used for the player setup menu
 UINT8 CanChangeSkin(INT32 playernum);
--- a/src/m_menu.c
+++ b/src/m_menu.c
@ -982,10 +982,9 @@ static menuitem_t MP_MainMenu[] =
 static menuitem_t MP_ServerMenu[] =
 {
-	{IT_STRING|IT_CVAR,                NULL, "Max. Player Count",     &cv_maxplayers,         0},
+	{IT_STRING|IT_CVAR,                NULL, "Max. Player Count",     &cv_maxplayers,        10},
-	{IT_STRING|IT_CALL,                NULL, "Room...",               M_RoomMenu,            10},
+	{IT_STRING|IT_CALL,                NULL, "Room...",               M_RoomMenu,            20},
-	{IT_STRING|IT_CVAR|IT_CV_STRING,   NULL, "Server Name",           &cv_servername,        20},
+	{IT_STRING|IT_CVAR|IT_CV_STRING,   NULL, "Server Name",           &cv_servername,        30},
 	{IT_STRING|IT_CVAR|IT_CV_PASSWORD, NULL, "Password",              &cv_dummyjoinpassword, 44},
 	{IT_STRING|IT_CVAR,                NULL, "Game Type",             &cv_newgametype,       68},
 	{IT_STRING|IT_CVAR,                NULL, "Level",                 &cv_nextmap,           78},
@ -2447,9 +2446,6 @@ static void M_NextOpt(void)
 {
 	INT16 oldItemOn = itemOn; // prevent infinite loop
 	if ((currentMenu->menuitems[itemOn].status & IT_CVARTYPE) == IT_CV_PASSWORD)
 		((consvar_t *)currentMenu->menuitems[itemOn].itemaction)->value = 0;
 	do
 	{
 		if (itemOn + 1 > currentMenu->numitems - 1)
@ -2463,9 +2459,6 @@ static void M_PrevOpt(void)
 {
 	INT16 oldItemOn = itemOn; // prevent infinite loop
 	if ((currentMenu->menuitems[itemOn].status & IT_CVARTYPE) == IT_CV_PASSWORD)
 		((consvar_t *)currentMenu->menuitems[itemOn].itemaction)->value = 0;
 	do
 	{
 		if (!itemOn)
@ -2750,10 +2743,8 @@ boolean M_Responder(event_t *ev)
 	// BP: one of the more big hack i have never made
 	if (routine && (currentMenu->menuitems[itemOn].status & IT_TYPE) == IT_CVAR)
 	{
-		if ((currentMenu->menuitems[itemOn].status & IT_CVARTYPE) == IT_CV_STRING || (currentMenu->menuitems[itemOn].status & IT_CVARTYPE) == IT_CV_PASSWORD)
+		if ((currentMenu->menuitems[itemOn].status & IT_CVARTYPE) == IT_CV_STRING)
 		{
 			if (ch == KEY_TAB && (currentMenu->menuitems[itemOn].status & IT_CVARTYPE) == IT_CV_PASSWORD)
 				((consvar_t *)currentMenu->menuitems[itemOn].itemaction)->value ^= 1;
 			if (shiftdown && ch >= 32 && ch <= 127)
 				ch = shiftxform[ch];
@ -3844,8 +3835,6 @@ static void M_DrawGenericMenu(void)
 					case IT_CVAR:
 					{
 						consvar_t *cv = (consvar_t *)currentMenu->menuitems[i].itemaction;
 						char asterisks[MAXSTRINGLENGTH+1];
 						size_t sl;
 						switch (currentMenu->menuitems[i].status & IT_CVARTYPE)
 						{
 							case IT_CV_SLIDER:
@ -3853,27 +3842,6 @@ static void M_DrawGenericMenu(void)
 							case IT_CV_NOPRINT: // color use this
 							case IT_CV_INVISSLIDER: // monitor toggles use this
 								break;
 							case IT_CV_PASSWORD:
 								if (i == itemOn)
 								{
 									V_DrawRightAlignedThinString(x + MAXSTRINGLENGTH*8 + 10, y, V_ALLOWLOWERCASE, va(M_GetText("Tab: %s password"), cv->value ? "hide" : "show"));
 								}
 								if (!cv->value || i != itemOn)
 								{
 									sl = strlen(cv->string);
 									memset(asterisks, '*', sl);
 									memset(asterisks + sl, 0, MAXSTRINGLENGTH+1-sl);
 									M_DrawTextBox(x, y + 4, MAXSTRINGLENGTH, 1);
 									V_DrawString(x + 8, y + 12, V_ALLOWLOWERCASE, asterisks);
 									if (skullAnimCounter < 4 && i == itemOn)
 										V_DrawCharacter(x + 8 + V_StringWidth(asterisks, 0), y + 12,
 											'_' | 0x80, false);
 									y += 16;
 									break;
 								}
 								/* fallthru */
 							case IT_CV_STRING:
 								M_DrawTextBox(x, y + 4, MAXSTRINGLENGTH, 1);
 								V_DrawString(x + 8, y + 12, V_ALLOWLOWERCASE, cv->string);
@ -8457,6 +8425,7 @@ static void M_DrawConnectMenu(void)
 		V_DrawSmallString(currentMenu->x+112, S_LINEY(i)+8, globalflags, gt);
 		// display game speed for race gametypes
 		if (serverlist[slindex].info.gametype == GT_RACE)
 		{
 			spd = kartspeed_cons_t[serverlist[slindex].info.kartvars & SV_SPEEDMASK].strvalue;
@ -8464,9 +8433,6 @@ static void M_DrawConnectMenu(void)
 			V_DrawSmallString(currentMenu->x+132, S_LINEY(i)+8, globalflags, va("(%s Speed)", spd));
 		}
 		if (serverlist[slindex].info.kartvars & SV_PASSWORD)
 			V_DrawFixedPatch((currentMenu->x - 9) << FRACBITS, (S_LINEY(i)) << FRACBITS, FRACUNIT, globalflags & (~V_ALLOWLOWERCASE), W_CachePatchName("SERVLOCK", PU_CACHE), NULL);
 		MP_ConnectMenu[i+FIRSTSERVERLINE].status = IT_STRING | IT_CALL;
 	}
@ -8717,11 +8683,6 @@ static void M_StartServer(INT32 choice)
 	// Still need to reset devmode
 	cv_debug = 0;
 	if (strlen(cv_dummyjoinpassword.string) > 0)
 		D_SetJoinPassword(cv_dummyjoinpassword.string);
 	else
 		joinpasswordset = false;
 	if (demo.playback)
 		G_StopDemo();
 	if (metalrecording)
--- a/src/m_menu.h
+++ b/src/m_menu.h
@ -113,7 +113,6 @@ boolean M_CanShowLevelInList(INT32 mapnum, INT32 gt);
 #define IT_CV_NOPRINT     1536
 #define IT_CV_NOMOD       2048
 #define IT_CV_INVISSLIDER 2560
 #define IT_CV_PASSWORD    3072
 //call/submenu specific
 // There used to be a lot more here but ...