Remove old ban list

src/main.cpp

@@ -2491,71 +2491,6 @@ void runUnitTests()
     Log::info("UnitTest", "RewindQueue");
     RewindQueue::unitTesting();
 
-    Log::info("UnitTest", "IP ban");
-    NetworkConfig::get()->unsetNetworking();
-    ServerLobby sl;
-    sl.setSaveServerConfig(false);
-
-    ServerConfig::m_server_ip_ban_list =
-        {
-            { "1.2.3.4/32", std::numeric_limits<uint32_t>::max() }
-        };
-    sl.updateBanList();
-    assert(sl.isBannedForIP(TransportAddress("1.2.3.4")));
-    assert(!sl.isBannedForIP(TransportAddress("1.2.3.5")));
-    assert(!sl.isBannedForIP(TransportAddress("1.2.3.3")));
-
-    ServerConfig::m_server_ip_ban_list =
-        {
-            { "1.2.3.4/23", std::numeric_limits<uint32_t>::max() }
-        };
-    sl.updateBanList();
-    assert(!sl.isBannedForIP(TransportAddress("1.2.1.255")));
-    assert(sl.isBannedForIP(TransportAddress("1.2.2.0")));
-    assert(sl.isBannedForIP(TransportAddress("1.2.2.3")));
-    assert(sl.isBannedForIP(TransportAddress("1.2.2.4")));
-    assert(sl.isBannedForIP(TransportAddress("1.2.2.5")));
-    assert(sl.isBannedForIP(TransportAddress("1.2.3.3")));
-    assert(sl.isBannedForIP(TransportAddress("1.2.3.4")));
-    assert(sl.isBannedForIP(TransportAddress("1.2.3.5")));
-    assert(sl.isBannedForIP(TransportAddress("1.2.3.255")));
-    assert(!sl.isBannedForIP(TransportAddress("1.2.4.0")));
-
-    ServerConfig::m_server_ip_ban_list =
-        {
-            { "11.12.13.14/22", std::numeric_limits<uint32_t>::max() },
-            { "12.13.14.15/24", std::numeric_limits<uint32_t>::max() },
-            { "123.234.56.78/26", std::numeric_limits<uint32_t>::max() },
-            { "234.123.56.78/25", std::numeric_limits<uint32_t>::max() },
-            // Test for overlap handling
-            { "12.13.14.23/32", std::numeric_limits<uint32_t>::max() },
-            { "12.13.14.255/32", std::numeric_limits<uint32_t>::max() }
-        };
-    sl.updateBanList();
-    assert(!sl.isBannedForIP(TransportAddress("11.12.11.255")));
-    assert(sl.isBannedForIP(TransportAddress("11.12.12.0")));
-    assert(sl.isBannedForIP(TransportAddress("11.12.13.14")));
-    assert(sl.isBannedForIP(TransportAddress("11.12.15.255")));
-    assert(!sl.isBannedForIP(TransportAddress("11.12.16.0")));
-
-    assert(!sl.isBannedForIP(TransportAddress("12.13.13.255")));
-    assert(sl.isBannedForIP(TransportAddress("12.13.14.0")));
-    assert(sl.isBannedForIP(TransportAddress("12.13.14.15")));
-    assert(sl.isBannedForIP(TransportAddress("12.13.14.255")));
-    assert(!sl.isBannedForIP(TransportAddress("12.13.15.0")));
-
-    assert(!sl.isBannedForIP(TransportAddress("123.234.56.63")));
-    assert(sl.isBannedForIP(TransportAddress("123.234.56.64")));
-    assert(sl.isBannedForIP(TransportAddress("123.234.56.78")));
-    assert(sl.isBannedForIP(TransportAddress("123.234.56.127")));
-    assert(!sl.isBannedForIP(TransportAddress("123.234.56.128")));
-
-    assert(!sl.isBannedForIP(TransportAddress("234.123.55.255")));
-    assert(sl.isBannedForIP(TransportAddress("234.123.56.0")));
-    assert(sl.isBannedForIP(TransportAddress("234.123.56.78")));
-    assert(sl.isBannedForIP(TransportAddress("234.123.56.127")));
-    assert(!sl.isBannedForIP(TransportAddress("234.123.56.128")));
-
     Log::info("UnitTest", "=====================");
     Log::info("UnitTest", "Testing successful   ");
     Log::info("UnitTest", "=====================");

src/network/network_console.cpp

@@ -93,11 +93,6 @@ void mainLoop(STKHost* host)
                 auto sl = LobbyProtocol::get<ServerLobby>();
                 if (sl)
                     sl->saveIPBanTable(peer->getAddress());
-                auto lock = sl->acquireConnectionMutex();
-                ServerConfig::m_server_ip_ban_list
-                    [peer->getAddress().toString(false/*show_port*/) + "/32"]
-                    = std::numeric_limits<uint32_t>::max();
-                sl->updateBanList();
             }
             else
                 std::cout << "Unknown host id: " << number << std::endl;
@@ -119,21 +114,6 @@ void mainLoop(STKHost* host)
             auto sl = LobbyProtocol::get<ServerLobby>();
             if (sl)
                 sl->listBanTable();
-
-            for (auto& ban : ServerConfig::m_server_ip_ban_list)
-            {
-                if (ban.first == "0.0.0.0/0")
-                    continue;
-                std::cout << "IP: " << ban.first << ", expire at: " <<
-                    ban.second << std::endl;
-            }
-            for (auto& ban : ServerConfig::m_server_online_id_ban_list)
-            {
-                if (ban.first == 0)
-                    continue;
-                std::cout << "Online id: " << ban.first << ", expire at: " <<
-                    ban.second << std::endl;
-            }
         }
         else if (str == "speedstats")
         {

src/network/protocols/server_lobby.cpp

@@ -131,7 +131,6 @@ ServerLobby::ServerLobby() : LobbyProtocol(NULL)
     setHandleDisconnections(true);
     m_state = SET_PUBLIC_ADDRESS;
     m_save_server_config = true;
-    updateBanList();
     if (ServerConfig::m_ranked)
     {
         Log::info("ServerLobby", "This server will submit ranking scores to "
@@ -3027,76 +3026,6 @@ void ServerLobby::playerFinishedResult(Event *event)
     m_peers_ready.at(peer) = true;
 }   // playerFinishedResult
 
-//-----------------------------------------------------------------------------
-void ServerLobby::updateBanList()
-{
-    m_ip_ban_list.clear();
-    m_online_id_ban_list.clear();
-
-    for (auto& ban : ServerConfig::m_server_ip_ban_list)
-    {
-        if (ban.first == "0.0.0.0/0" ||
-            (uint32_t)StkTime::getTimeSinceEpoch() > ban.second)
-            continue;
-        uint32_t netbits = 0;
-        std::vector<std::string> ip_and_netbits =
-            StringUtils::split(ban.first, '/');
-        if (ip_and_netbits.size() != 2 ||
-            !StringUtils::fromString(ip_and_netbits[1], netbits) ||
-            netbits > 32)
-        {
-            Log::error("STKHost", "Wrong CIDR: %s", ban.first.c_str());
-            continue;
-        }
-        TransportAddress addr(ip_and_netbits[0]);
-        if (addr.getIP() == 0)
-        {
-            Log::error("STKHost", "Wrong CIDR: %s", ban.first.c_str());
-            continue;
-        }
-        uint32_t mask = ~((1 << (32 - netbits)) - 1);
-        uint32_t ip_start = addr.getIP() & mask;
-        uint32_t ip_end = (addr.getIP() & mask) | ~mask;
-        m_ip_ban_list[ip_start] =
-            std::make_tuple(ip_end, ban.first, ban.second);
-    }
-
-    std::map<std::string, uint32_t> final_ip_ban_list;
-    for (auto it = m_ip_ban_list.begin();
-        it != m_ip_ban_list.end();)
-    {
-        auto next_itr = std::next(it);
-        if (next_itr != m_ip_ban_list.end() &&
-            next_itr->first <= std::get<0>(it->second))
-        {
-            Log::warn("ServerLobby", "%s overlaps %s, removing the first one.",
-                std::get<1>(next_itr->second).c_str(),
-                std::get<1>(it->second).c_str());
-            m_ip_ban_list.erase(next_itr);
-            continue;
-        }
-        final_ip_ban_list[std::get<1>(it->second)] =
-            ServerConfig::m_server_ip_ban_list.at(std::get<1>(it->second));
-        it++;
-    }
-    ServerConfig::m_server_ip_ban_list = final_ip_ban_list;
-    // Default guided entry
-    ServerConfig::m_server_ip_ban_list["0.0.0.0/0"] = 0;
-
-    std::map<uint32_t, uint32_t> final_online_id_ban_list;
-    for (auto& ban : ServerConfig::m_server_online_id_ban_list)
-    {
-        if (ban.first == 0 ||
-            (uint32_t)StkTime::getTimeSinceEpoch() > ban.second)
-            continue;
-        m_online_id_ban_list[ban.first] = ban.second;
-        final_online_id_ban_list[ban.first] =
-            ServerConfig::m_server_online_id_ban_list.at(ban.first);
-    }
-    ServerConfig::m_server_online_id_ban_list = final_online_id_ban_list;
-    ServerConfig::m_server_online_id_ban_list[0] = 0;
-}   // updateBanList
-
 //-----------------------------------------------------------------------------
 bool ServerLobby::waitingForPlayers() const
 {
@@ -3566,35 +3495,6 @@ void ServerLobby::listBanTable()
 #endif
 }   // listBanTable
 
-//-----------------------------------------------------------------------------
-bool ServerLobby::isBannedForIP(const TransportAddress& addr) const
-{
-    uint32_t ip_decimal = addr.getIP();
-    auto lb = m_ip_ban_list.lower_bound(addr.getIP());
-    bool is_banned = false;
-    if (lb != m_ip_ban_list.end() && ip_decimal >= lb->first/*ip_start*/)
-    {
-        if (ip_decimal <= std::get<0>(lb->second)/*ip_end*/ &&
-            (uint32_t)StkTime::getTimeSinceEpoch() < std::get<2>(lb->second))
-            is_banned = true;
-    }
-    else if (lb != m_ip_ban_list.begin())
-    {
-        lb--;
-        if (ip_decimal>= lb->first/*ip_start*/ &&
-            ip_decimal <= std::get<0>(lb->second)/*ip_end*/ &&
-            (uint32_t)StkTime::getTimeSinceEpoch() < std::get<2>(lb->second))
-            is_banned = true;
-    }
-    if (is_banned)
-    {
-        Log::info("ServerLobby", "%s is banned by CIDR %s",
-            addr.toString(false/*show_port*/).c_str(),
-            std::get<1>(lb->second).c_str());
-    }
-    return is_banned;
-}   // isBannedForIP
-
 //-----------------------------------------------------------------------------
 float ServerLobby::getStartupBoostOrPenaltyForKart(uint32_t ping,
                                                    unsigned kart_id)

src/network/protocols/server_lobby.hpp

@@ -133,14 +133,6 @@ private:
      *  starting race. */
     mutable std::mutex m_connection_mutex;
 
-    /** Ban list of ip ranges. */
-    std::map</*ip_start*/uint32_t, std::tuple</*ip_end*/uint32_t,
-        /*CIDR*/std::string, /*expired time epoch*/uint32_t> >
-        m_ip_ban_list;
-
-    /** Ban list of online user id. */
-    std::map<uint32_t, /*expired time epoch*/uint32_t> m_online_id_ban_list;
-
     TransportAddress m_server_address;
 
     std::mutex m_keys_mutex;
@@ -344,7 +336,6 @@ public:
     virtual bool allPlayersReady() const OVERRIDE
                             { return m_state.load() >= WAIT_FOR_RACE_STARTED; }
     virtual bool isRacing() const OVERRIDE { return m_state.load() == RACING; }
-    bool isBannedForIP(const TransportAddress& addr) const;
     bool allowJoinedPlayersWaiting() const;
     void setSaveServerConfig(bool val)          { m_save_server_config = val; }
     float getStartupBoostOrPenaltyForKart(uint32_t ping, unsigned kart_id);

src/network/server_config.hpp

@@ -345,22 +345,6 @@ namespace ServerConfig
         "Online ID ban list table name, you need to create the table first, "
         "see NETWORKING.md for details."));
 
-    SERVER_CFG_PREFIX StringToUIntServerConfigParam m_server_ip_ban_list
-        SERVER_CFG_DEFAULT(StringToUIntServerConfigParam("server-ip-ban-list",
-        "ip: IP in X.X.X.X/Y (CIDR) format for banning, use Y of 32 for a "
-        "specific ip, expired-time: unix timestamp to expire, "
-        "-1 (uint32_t max) for a permanent ban.",
-        {{ "ban", "ip", "expired-time" }},
-        { { "0.0.0.0/0", 0u } }));
-
-    SERVER_CFG_PREFIX UIntToUIntServerConfigParam m_server_online_id_ban_list
-        SERVER_CFG_DEFAULT(UIntToUIntServerConfigParam(
-        "server-online-id-ban-list",
-        "online-id: online id for banning, expired-time: unix timestamp to "
-        "expire, -1 (uint32_t max) for a permanent ban.",
-        {{ "ban", "online-id", "expired-time" }},
-        { { 0u, 0u } }));
-
     // ========================================================================
     /** Server version, will be advanced if there are protocol changes. */
     static const uint32_t m_server_version = 6;