Add support for multiple admin passwords

This commit is contained in:
Gustaf Alhäll 2023-11-06 19:09:43 +01:00
parent 5fc7a5c2da
commit b10b9c35ed
No known key found for this signature in database
GPG key ID: 6C1F67D690CDEDFD
4 changed files with 50 additions and 17 deletions

View file

@ -90,8 +90,8 @@ INT16 consistancy[BACKUPTICS];
// true when a player is connecting or disconnecting so that the gameplay has stopped in its tracks
boolean hu_stopped = false;
UINT8 adminpassmd5[16];
boolean adminpasswordset = false;
UINT8 (*adminpassmd5)[16];
UINT32 adminpasscount = 0;
tic_t neededtic;
SINT8 servernode = 0; // the number of the server node
@ -862,26 +862,31 @@ static void PT_Login(SINT8 node, INT32 netconsole)
#ifndef NOMD5
UINT8 finalmd5[16];/* Well, it's the cool thing to do? */
UINT32 i;
if (doomcom->datalength < 16)/* ignore partial sends */
return;
if (!adminpasswordset)
if (adminpasscount == 0)
{
CONS_Printf(M_GetText("Password from %s failed (no password set).\n"), player_names[netconsole]);
return;
}
// Do the final pass to compare with the sent md5
D_MD5PasswordPass(adminpassmd5, 16, va("PNUM%02d", netconsole), &finalmd5);
if (!memcmp(netbuffer->u.md5sum, finalmd5, 16))
for (i = 0; i < adminpasscount; i++)
{
CONS_Printf(M_GetText("%s passed authentication.\n"), player_names[netconsole]);
COM_BufInsertText(va("promote %d\n", netconsole)); // do this immediately
// Do the final pass to compare with the sent md5
D_MD5PasswordPass(adminpassmd5[i], 16, va("PNUM%02d", netconsole), &finalmd5);
if (!memcmp(netbuffer->u.md5sum, finalmd5, 16))
{
CONS_Printf(M_GetText("%s passed authentication.\n"), player_names[netconsole]);
COM_BufInsertText(va("promote %d\n", netconsole)); // do this immediately
return;
}
}
else
CONS_Printf(M_GetText("Password from %s failed.\n"), player_names[netconsole]);
CONS_Printf(M_GetText("Password from %s failed.\n"), player_names[netconsole]);
#else
(void)netconsole;
#endif

View file

@ -127,8 +127,8 @@ tic_t GetLag(INT32 node);
void D_MD5PasswordPass(const UINT8 *buffer, size_t len, const char *salt, void *dest);
extern UINT8 adminpassmd5[16];
extern boolean adminpasswordset;
extern UINT8 (*adminpassmd5)[16];
extern UINT32 adminpasscount;
extern boolean hu_stopped;

View file

@ -150,6 +150,7 @@ static void Command_Clearscores_f(void);
// Remote Administration
static void Command_Changepassword_f(void);
static void Command_Clearpassword_f(void);
static void Command_Login_f(void);
static void Got_Verification(UINT8 **cp, INT32 playernum);
static void Got_Removal(UINT8 **cp, INT32 playernum);
@ -468,6 +469,7 @@ void D_RegisterServerCommands(void)
// Remote Administration
COM_AddCommand("password", Command_Changepassword_f, COM_LUA);
COM_AddCommand("clearpassword", Command_Clearpassword_f, COM_LUA);
COM_AddCommand("login", Command_Login_f, COM_LUA); // useful in dedicated to kick off remote admin
COM_AddCommand("promote", Command_Verify_f, COM_LUA);
RegisterNetXCmd(XD_VERIFIED, Got_Verification);
@ -2841,8 +2843,15 @@ static void Got_Teamchange(UINT8 **cp, INT32 playernum)
void D_SetPassword(const char *pw)
{
D_MD5PasswordPass((const UINT8 *)pw, strlen(pw), BASESALT, &adminpassmd5);
adminpasswordset = true;
adminpassmd5 = Z_Realloc(adminpassmd5, sizeof(*adminpassmd5) * ++adminpasscount, PU_STATIC, NULL);
D_MD5PasswordPass((const UINT8 *)pw, strlen(pw), BASESALT, &adminpassmd5[adminpasscount-1]);
}
void D_ClearPassword(void)
{
Z_Free(adminpassmd5);
adminpassmd5 = NULL;
adminpasscount = 0;
}
// Remote Administration
@ -2860,12 +2869,30 @@ static void Command_Changepassword_f(void)
if (COM_Argc() != 2)
{
CONS_Printf(M_GetText("password <password>: change remote admin password\n"));
CONS_Printf(M_GetText("password <password>: add remote admin password\n"));
return;
}
D_SetPassword(COM_Argv(1));
CONS_Printf(M_GetText("Password set.\n"));
CONS_Printf(M_GetText("Password added.\n"));
#endif
}
// Remote Administration
static void Command_Clearpassword_f(void)
{
#ifdef NOMD5
// If we have no MD5 support then completely disable XD_LOGIN responses for security.
CONS_Alert(CONS_NOTICE, "Remote administration commands are not supported in this build.\n");
#else
if (client) // cannot change remotely
{
CONS_Printf(M_GetText("Only the server can use this.\n"));
return;
}
D_ClearPassword();
CONS_Printf(M_GetText("Passwords cleared.\n"));
#endif
}

View file

@ -209,6 +209,7 @@ void ClearAdminPlayers(void);
void RemoveAdminPlayer(INT32 playernum);
void ItemFinder_OnChange(void);
void D_SetPassword(const char *pw);
void D_ClearPassword(void);
// used for the player setup menu
UINT8 CanChangeSkin(INT32 playernum);