Avoid cases of filenames
Update years in terms and other legal(ish) documents
Don't update years in license headers, since change is not meaningful
Will add linter rule in seperate commit
Happy recompiling everyone!
Original Patch By: Nescio
Comment By: Gallaecio
Differential Revision: D2620
This was SVN commit r27786.
This fixes packet loss issues on some VPN solutions.
Patch By: sera
Differential Revision: https://code.wildfiregames.com/D4967
This was SVN commit r27599.
Switch some logic from C++ to JS in PREGAME for player assignments. Refs
#3049Fixes#6204
Reported by: Imarok
Tested By: Imarok
Differential Revision: https://code.wildfiregames.com/D4092
This was SVN commit r25699.
The purpose of our client-side hashing for lobby game passwords is to
prevent malicious hosts from getting valuable passwords from clients
(e.g. accidentally typing their lobby password instead of the game, or
even their email password, etc).
However, the hashing was deterministic (and rather simple), making it
possible to compute rainbow tables and recover user passwords anyways.
By adding more variation, including some that cannot so easily be
controlled by the host (the client name), this becomes impractical. The
password hashing function used is rather fast, but given the base low
probability of mistypes, this seems fine.
Differential Revision: https://code.wildfiregames.com/D3459
This was SVN commit r25459.
Instead of using platform-specific sockets, use enet_socket* functions
(which ends up doing the same).
Clean up some confusing APIs, removing the distinction between finding
the public IP for the host/join.
Fix endianness support & use simpler code.
Refs D364 / 61261d14fc (and some subsequent fixing diffs).
Differential Revision: https://code.wildfiregames.com/D3970
This was SVN commit r25453.
This allows joining a lobby game hosted on the same network (behind the
same NAT gateway).
This is relatively primitive to keep things simple: if the server and
the client have the same public IP, it is assumed that they are on the
same network and the client instead requests the local IP.
Differential Revision: https://code.wildfiregames.com/D3944
This was SVN commit r25448.
Follows 34b1920e7b.
JSON functions and ToString are movec to their own headers.
Also clean out a few PersistentRooted usage to use the 2-phase init to
clean up scriptInterface usage.
With these functions split off, we can finally clean out headers and
remove ScriptInterface.h from most of them, in favour of smaller and
more precise headers.
Take the opportunity to clarify some comments regarding Mutability.
Differential Revision: https://code.wildfiregames.com/D3961
This was SVN commit r25434.
Follows 34b1920e7b.
This splits off the object-related functions, such as
[Set/Get/Has]Property, CreateObject, CreateArray, FreezeObject.
It also puts the definitions in the header itself, which might end up
with faster code here & there, though perhaps slower compilation time
(somewhat doubtful since we already included most things anyways).
Differential Revision: https://code.wildfiregames.com/D3956
This was SVN commit r25430.
Observers no longer lag the game for players. There is still some time
to serialise the game when sending it to a joining observer, and
depending on the chosen 'max lag' the game may stop while observers
sufficiently catch up, but this impact too is reduced.
- Make the NetServerTurnManager ignore players marked as 'observers' for
the purpose of ending a turn, effectively making it possible for
observers to lag without it affecting the players in any way.
- Add a config option (network.observermaxlag) that specifies how many
turns behind the live game observers are allowed to be. Default to 10
turns, or 2 seconds, to keep them 'largely live'.
- The controller is not treated as an observer.
- Implement a simple UI to show this delay & allow the game to speed up
automatically to try and catch up. This can be deactivated via
network.autocatchup.
- Move network options to the renamed 'Network / Lobby' options page.
- Do not debug_warn/crash when receiving commands from the past -
instead warn and carry on, to avoid DOS and "coop play" issues.
Refs #5903, Refs #4210
Differential Revision: https://code.wildfiregames.com/D3737
This was SVN commit r25156.
The NetServer stored a complete copy of the game Init Attributes, which
it sent to new clients on updates from the controller. This worked well,
but prevents incremental updates and other unrelated messages from being
sent.
This changes the system so that:
- in PREGAME state, the server does not update its copy of the game init
attributes
- the server forwards game setup messages from the controller to all
clients
- Joining clients get a full copy of the Settings, when joining, from
the controller (this is a js-driven behaviour - other situations might
not need do it).
- Make the StartNetworkGame message take a copy of the final init
attributes, to ensure synchronization (and simplify some logic).
In practice, this:
- makes it possible to send different types of gamesetup messages (this
introduces two: a regular update and the full 'initial-update' for new
clients).
- moves some C++ hardcoding into JS - here in essence the PREGAME server
state is now init-attributes-agnostic.
- does not change much for readiness control - the server already needed
to force a change at game start to set random elements.
Note that the loading page is currently still receiving the 'local' game
attributes, which assumes that all clients are correctly synchronized
(they should be).
Refs #3806, #3049
Differential Revision: https://code.wildfiregames.com/D3714
This was SVN commit r25099.
To hide network latency, MP turns send commands not for the next turn
but N turns after that (introduced in c684c211a2).
Further, MP turn length was increased to 500ms compared to 200ms SP
turns (introduced in 6a15b78c98).
Unfortunately, increasing MP turn length has negative consequences:
- makes pathfinding/unit motion much worse & unit behaviour worse in
general.
- makes the game more 'lag-spikey', since computations are done less
often, but thus then can take more time.
This diff essentially reverts 6a15b78c98, instead increasing
COMMAND_DELAY from 2 to 4 in MP. This:
- Reduces the 'inherent command lag' in MP from 1000ms to 800ms
- Increases the lag range at which MP will run smoothtly from 500ms to
600ms
- makes SP and MP turns behave identically again, removing the
hindrances described above.
As a side effect, single-player was not actually using COMMAND_DELAY,
this is now done (can be used to simulate MP command lag).
Refs #3752
Differential Revision: https://code.wildfiregames.com/D3275
This was SVN commit r25001.
The 'controller' of an MP game (the host in general, though dedicated
servers would change that) is currently whoever first tells the server
that it is. This can be abused since it relies on trusting the clients.
This changes that logic: the server defines a 'controller secret', and
the first client to sent the correct controller secret is the
controller. This is safe assuming the secret is unknowable enough (the
current solution wouldn't pass strict cryptography tests, but it's
likely good enough).
Reverts 1a3fb29ff3, which introduced the 'trust the clients' mechanic,
as a change over 'the first local IP is controller'.
Necessary step towards dedicated server, if we want to use the regular
gamesetup (Refs #3556)
Differential Revision: https://code.wildfiregames.com/D3075
This was SVN commit r24952.
As suggested by elexis, 1a8de6d2b8 should get some protection against
brute force attacks on password.
This is supposed to prevent attackers from getting connection data by
guessing the password.
Each failed attempt increases the counter.
XmppClient on the server side checks for the users with certain number
of failed attempts, determined in CNetServer, and refuses to check the
password, answering with banned message.
So they cant guess again in given match. Effect of this block will
dissapear after new match is created.
Differential revision: D3467
Comments by: wraitii, Stan
Tested by: Stan, Freagarach
Ref: #5913
This was SVN commit r24794.
Follows 1a8de6d2b8.
Validate the password when a client joins a game, so even a player that
knows the connection data cannot join.
Refs #3556, Refs #5913
Differential Revision: https://code.wildfiregames.com/D3438
This was SVN commit r24775.
Current issue with the lobby, is that we make ips of hosts public for
anyone to read. This patch consists of 3 parts.
1.) Removing ips and ports from lobby javascript
2.) Removing need of script on the server to attach public ips to game
stanza by asking the host using xmppclient as proxy.
3.) Implementing password protected matches, to deny this information to
not trusted players.
Further description:
Do not send ports and stunip to the bots.
Removed from stanza.
Do not send ip to the lobby.
Removed from mapping gamelist from backend to gui (still on the backend
side, because it is done by script on 0ad server).
Get ip and ports on request when trying to connect.
On the host side, ask stun server what is host's public ip and remember
it.
On the client side, send iq through xmppclient to the hosting player and
ask for ip, port and if Stun is used, then if answer is success,
continue
with connecting, else fail.
Add optional password for matches.
Add password required identifier to the stanza.
Allow host to setup password for the match. Hash it on the host side and
store inside Netserver. If no password is given, matches will behave
as it is not required.
On the client side, if password for the match is required, show
additional window before trying to connect and ask for password, then
hash it
and send with iq request for ip, port and stun.
Server will answer with ip, port and stun only if passwords matches,
else will asnwer with error string.
Some security:
Passwords are hashed before sending, so it is not easy to guess what
users typed. (per wraitii)
Hashes are using different salt as lobby hashing and not using usernames
as salt (as that is not doable), so they are different even typing the
same password as for the lobby account.
Client remembers which user was asked for connection data and iq's id of
request. If answer doesn't match these things, it is ignored. (thnx
user1)
Every request for connection data is logged with hostname of the
requester to the mainlog file (no ips).
If user gets iq to send connection data and is not hosting the match,
will respond with error string "not_server".
If server gets iq::result with connection data, request is ignored.
Differential revision: D3184
Reviewed by: @wraitii
Comments by: @Stan, @bb, @Imarok, @vladislavbelov
Tested in lobby
This was SVN commit r24728.
Follows 107d3d461f and other 'pthread->std::thread' diffs.
Windows uses Structured Exception Handling to allow reporting errors
(both C++ and hardware) nicely. This works by wrapping the code in a
__try __catch block.
The pthread wrapper did this automatically, but we now need to do it
explicitly for std::thread.
Tested by: Stan
Differential Revision: https://code.wildfiregames.com/D3261
This was SVN commit r24530.
This threads the netclient session, which avoids timeouts when the
main-thread is not polling (map creation, very long simulation frames).
Unlike the NetServer, which should be as independent as possible from
the main thread, the NetClient is fundamentally tied to the game thread.
Therefore, this only threads the session object.
To ensure good performance and ease-of-use, lock-free queues for
in/out-going messages are used.
This fixes artificial timeouts, while also improving actual ping reports
(since frame-time is no longer a factor).
It effectively reverts D1513/eda236522c and 2e7e1c0b2b, all hacks around
lag-timeouts (and bits of 1a3fb29ff3).
Based on a patch by: Stan
Comments by: Vladislavbelov
Fixes#3700, refs #3373
Differential Revision: https://code.wildfiregames.com/D2848
This was SVN commit r24518.
No particularly noteworthy changes, as most complex API changes were
already supported in SM45 and done.
The addition of JSStructuredCloneData allows to remove our custom class.
Changes:
- InformalValueTypeName is back in the API, so remove our
implementation.
- Stop using JSRuntime entirely in favour of JSContext*
- JSPropertyDescriptor is renamed.
- CompartmentOptions are tweaked slightly (no functional changes)
- JS::Construct - API update.
- JSClass split - API update.
- A js.msg error message was removed, so we had to use a different one.
- Tests fix: fix comparison of union instances
- Disable warning in spidermonkey Vector.h
- Update error reporting to SM52 (minor API updates)
- Ignore warnings about unused return values (would come from OOM, which
isn't recoverable)
Most of the patching was done by Itms.
Tested by: Stan, Freagarach
Fixes#4893
Differential Revision: https://code.wildfiregames.com/D3095
This was SVN commit r24203.
- Check for pending exceptions after function calls and script
executions.
- Call LOGERROR instead of JS_ReportError when there is a conversion
error in FromJSVal, since that can only be called from C++ (where JS
errors don't really make sense). Instead, C++ callers of FromJSVal
should handle the failure and, themselves, either report an error or
simply do something else.
- Wrap JS_ReportError since that makes updating it later easier.
This isn't a systematical fix since ToJSVal also ought return a boolean
for failures, and we probably should trigger errors instead of warnings
on 'implicit' conversions, rather a preparation diff.
Part of the SM52 migration, stage: SM45 compatible (actually SM52
incompatible, too).
Based on a patch by: Itms
Comments by: Vladislavbelov, Stan`
Refs #742, #4893
Differential Revision: https://code.wildfiregames.com/D3093
This was SVN commit r24187.
SM52 essentially replaces JSRuntime with JSContext (though JSContext
itself was replaced with JSCompartment).
To prepare for this migration, rename all Runtime-related things to
Context.
Part of the SM52 migration, stage: SM45 compatible.
Patch by: Itms
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3091
This was SVN commit r24181.
JSAutoRequest is required before calling into most JSAPI methods, for GC
reasons.
Calling it is required and fragile as one must not forget.
Further, SM52 and later make manipulating JSContext* dangerous as that
can cross Compartment(Realm in SM68) barriers (and ScriptInterface now
matches a Compartment).
The solution to both problems is to avoid using JSContext* in 0 A.D.
itself. To achieve this, a Request class is introduced, and must be used
to access a JSContext* from a scriptInterface. Further, Request is
passed to other ScriptInterface functions isntead of JSContext*, making
it obvious that the caller has already called it, reducing errors and
redundant JSAutoRequest calls.
Only JSNative functions now get a naked JSContext* without protection,
but the likelihood of forgetting a request is lower since many
ScriptInterface functions now expect it.
JSContext* is directly passed to JSAPI functions only.
Part of the SM52 migration, stage: SM45 compatible
Based on a patch by: Itms
Tested By: Freagarach
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3088
This was SVN commit r24176.
- Makes it easier to change down the line (and change is coming)
- Allows making g_ScriptRuntime thread-local easily.
- Remove ParentRuntime, which is not used at the moment.
Part of the SM52 migration, stage: SM45 compatible.
Patch by: Itms
Tested By: Freagarach
Refs #4893
Differential Revision: https://code.wildfiregames.com/D3087
This was SVN commit r24171.
Avoid redundant map lookups by caching the iterator.
Remove c-style casts by using type specific printf parameters, and
static_cast elsewhere.
Use references while at it, and typedef -> using.
Differential Revision: https://code.wildfiregames.com/D1567
Comments by: Vladislav
Tested on: clang 8.0.1, gcc 9.1.0
This was SVN commit r22916.
Fixes an occurring leak indicated by the reported clang unused variable
compiler warning, refs #5294, #5550,
by adding the missing glooxwrapper::Jingle::Session::Session destructor
.
Fix two leaks that would have occurred if the according code had been
used:
Delete unused glooxwrapper::Jingle::ICEUDP::ICEUDP instead of adding the
missing destructor.
Delete unused glooxwrapper::Jingle::Content::Content instead of adding
the missing destructor.
Explain why glooxwrapper::Client::registerStanzaExtension doesn't leak
the new StanzaExtensionWrapper.
Explain why glooxwrapper::Jingle::Session::sessionInitiate doesn't leak
the new gloox::Jingle::Content, nor the new gloox::Jingle::ICEUDP.
Explain why glooxwrapper::SessionManager::registerPlugins doesn't leak
the new gloox::Jingle::Content and new gloox::Jingle::ICEUDP.
Explain why glooxwrapper::SessionManager::createSession doesn't leak the
gloox::Jingle::Session.
I will not leak memory in the glooxwrapper.
I will not leak memory in the glooxwrapper.
I will not leak memory in the glooxwrapper.
Use references in the StunClient and glooxwrapper to anticipate any
confusion as to whose obligation it is to delete variables when they are
passed around across several files.
Use static_cast and reinterpret_cast instead of C-style casts in the
StunClient.
Differential Revision: https://code.wildfiregames.com/D2094
Refs D2093 for the reported leaks.
Reviewed By: Josh
Comments By: fcxSanya, Vladislav for D2094, and echotangoecho, leper in
61261d14fc
This was SVN commit r22678.
std::thread crashes when destroyed without being joined or detached.
Joining would wait on the UPnP thread, which can take upwards of 10
seconds, so detach instead.
Reviewed By: elexis
Differential Revision: https://code.wildfiregames.com/D2181
This was SVN commit r22674.
This removes pthread mutexes/threads from:
- vfs
- the resource handler manager
- timer
- the network server.
This allows removing it from our general posix include header.
Differential Revision: https://code.wildfiregames.com/D1920
This was SVN commit r22666.
ThreadUtil shipped a scope lock and a mutex implementation, which can be
removed since we now have these in the standard library.
This lets us clean up this header which get included everywhere (through
profiler includes).
Tested By: Angen and Stan
Differential Revision: https://code.wildfiregames.com/D1915
This was SVN commit r22344.
This prevents a lobby player banned by the host from rejoining after
getting a new IP address and changing the rating part of the nickname,
refs #5320, #3241 / 32da740f14, #3549 / 0fd8aa2a77 / D897.
Differential Revision: https://code.wildfiregames.com/D1655
Reproduced By: Hannibal_Barca
This was SVN commit r21918.
This is due to too many oversteppings of the lobby Terms of Use
following JS mods that implemented an UI for players to join lobby games
with arbitrary nicknames or 'replace' / impersonate other players in
lobby games.
Agreed with: user1, Dunedan
Code proofread by: Vladislav
Minor discussions with: Imarok, Hannibal_Barca, smiley, fpre, bb, nani
refs
https://wildfiregames.com/forum/index.php?/topic/24722-improving-mod-security/
This was SVN commit r21877.
This works in autostartmode because that sets every client to an
observer and still relies on enabled cheats to have players assign
themselves.
This was SVN commit r21854.
The NetClient runs in the main thread, so any part of the loading screen
consuming several seconds makes that client timeout.
This is a workaround because threading the NetClient would have prevent
these timeouts, refs #3700.
Coutnerintuitively, since enet timeout tolerance is proportional to the
latency, the better the connection of the player, the more likely it was
to drop on gamestart.
This problem became very frequent in Alpha 23, at least due to the Aura
bugfix 583b6ec625, AIInterface being particularly slow and that not
having been disabled yet in the loading screen resulting in additional
10 second freezes during the loading screen, even on empty maps, refs
#5200, 8e168f85e6.
Differential Revision: https://code.wildfiregames.com/D1513
Based on patch by: causative
This was SVN commit r21842.
Prevents changes to the gamesettings after the game was started, so as
to use the correct map seed when generating the random map terrain for
rejoiners.
D1558 will prevent the UI bug #5206 and FSM error from doubleclicking on
StartGame.
Differential Revision: https://code.wildfiregames.com/D1562
Tested and accepted by: temple
This was SVN commit r21836.
This allows the host to distinguish clients that are just slower than
everyone else with the loading screen from clients who have most likely
disconnected or crashed already and may be considered to be kicked.
This is especially important for D1513, because that increases the
timeout tolerance to a minute or longer.
Fixes#5193
Differential Revision: https://code.wildfiregames.com/D1546
Reviewed By: causative
This was SVN commit r21832.
