ilikecats/stk-code_catmod
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove old ban list

Browse Source
This commit is contained in:
Benau 2019-05-06 00:20:30 +08:00
parent bcc3aef4c8
commit f397064850
5 changed files with 0 additions and 210 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
src/main.cpp
View File

@ -2491,71 +2491,6 @@ void runUnitTests()
Log::info("UnitTest", "RewindQueue");
RewindQueue::unitTesting();
Log::info("UnitTest", "IP ban");
NetworkConfig::get()->unsetNetworking();
ServerLobby sl;
sl.setSaveServerConfig(false);
ServerConfig::m_server_ip_ban_list =
{
{ "1.2.3.4/32", std::numeric_limits<uint32_t>::max() }
};
sl.updateBanList();
assert(sl.isBannedForIP(TransportAddress("1.2.3.4")));
assert(!sl.isBannedForIP(TransportAddress("1.2.3.5")));
assert(!sl.isBannedForIP(TransportAddress("1.2.3.3")));
ServerConfig::m_server_ip_ban_list =
{
{ "1.2.3.4/23", std::numeric_limits<uint32_t>::max() }
};
sl.updateBanList();
assert(!sl.isBannedForIP(TransportAddress("1.2.1.255")));
assert(sl.isBannedForIP(TransportAddress("1.2.2.0")));
assert(sl.isBannedForIP(TransportAddress("1.2.2.3")));
assert(sl.isBannedForIP(TransportAddress("1.2.2.4")));
assert(sl.isBannedForIP(TransportAddress("1.2.2.5")));
assert(sl.isBannedForIP(TransportAddress("1.2.3.3")));
assert(sl.isBannedForIP(TransportAddress("1.2.3.4")));
assert(sl.isBannedForIP(TransportAddress("1.2.3.5")));
assert(sl.isBannedForIP(TransportAddress("1.2.3.255")));
assert(!sl.isBannedForIP(TransportAddress("1.2.4.0")));
ServerConfig::m_server_ip_ban_list =
{
{ "11.12.13.14/22", std::numeric_limits<uint32_t>::max() },
{ "12.13.14.15/24", std::numeric_limits<uint32_t>::max() },
{ "123.234.56.78/26", std::numeric_limits<uint32_t>::max() },
{ "234.123.56.78/25", std::numeric_limits<uint32_t>::max() },
// Test for overlap handling
{ "12.13.14.23/32", std::numeric_limits<uint32_t>::max() },
{ "12.13.14.255/32", std::numeric_limits<uint32_t>::max() }
};
sl.updateBanList();
assert(!sl.isBannedForIP(TransportAddress("11.12.11.255")));
assert(sl.isBannedForIP(TransportAddress("11.12.12.0")));
assert(sl.isBannedForIP(TransportAddress("11.12.13.14")));
assert(sl.isBannedForIP(TransportAddress("11.12.15.255")));
assert(!sl.isBannedForIP(TransportAddress("11.12.16.0")));
assert(!sl.isBannedForIP(TransportAddress("12.13.13.255")));
assert(sl.isBannedForIP(TransportAddress("12.13.14.0")));
assert(sl.isBannedForIP(TransportAddress("12.13.14.15")));
assert(sl.isBannedForIP(TransportAddress("12.13.14.255")));
assert(!sl.isBannedForIP(TransportAddress("12.13.15.0")));
assert(!sl.isBannedForIP(TransportAddress("123.234.56.63")));
assert(sl.isBannedForIP(TransportAddress("123.234.56.64")));
assert(sl.isBannedForIP(TransportAddress("123.234.56.78")));
assert(sl.isBannedForIP(TransportAddress("123.234.56.127")));
assert(!sl.isBannedForIP(TransportAddress("123.234.56.128")));
assert(!sl.isBannedForIP(TransportAddress("234.123.55.255")));
assert(sl.isBannedForIP(TransportAddress("234.123.56.0")));
assert(sl.isBannedForIP(TransportAddress("234.123.56.78")));
assert(sl.isBannedForIP(TransportAddress("234.123.56.127")));
assert(!sl.isBannedForIP(TransportAddress("234.123.56.128")));
Log::info("UnitTest", "=====================");
Log::info("UnitTest", "Testing successful ");
Log::info("UnitTest", "=====================");

20
src/network/network_console.cpp
View File

@ -93,11 +93,6 @@ void mainLoop(STKHost* host)
auto sl = LobbyProtocol::get<ServerLobby>();
if (sl)
sl->saveIPBanTable(peer->getAddress());
auto lock = sl->acquireConnectionMutex();
ServerConfig::m_server_ip_ban_list
[peer->getAddress().toString(false/*show_port*/) + "/32"]
= std::numeric_limits<uint32_t>::max();
sl->updateBanList();
}
else
std::cout << "Unknown host id: " << number << std::endl;
@ -119,21 +114,6 @@ void mainLoop(STKHost* host)
auto sl = LobbyProtocol::get<ServerLobby>();
if (sl)
sl->listBanTable();
for (auto& ban : ServerConfig::m_server_ip_ban_list)
{
if (ban.first == "0.0.0.0/0")
continue;
std::cout << "IP: " << ban.first << ", expire at: " <<
ban.second << std::endl;
}
for (auto& ban : ServerConfig::m_server_online_id_ban_list)
{
if (ban.first == 0)
continue;
std::cout << "Online id: " << ban.first << ", expire at: " <<
ban.second << std::endl;
}
}
else if (str == "speedstats")
{

100
src/network/protocols/server_lobby.cpp
View File

@ -131,7 +131,6 @@ ServerLobby::ServerLobby() : LobbyProtocol(NULL)
setHandleDisconnections(true);
m_state = SET_PUBLIC_ADDRESS;
m_save_server_config = true;
updateBanList();
if (ServerConfig::m_ranked)
{
Log::info("ServerLobby", "This server will submit ranking scores to "
@ -3027,76 +3026,6 @@ void ServerLobby::playerFinishedResult(Event *event)
m_peers_ready.at(peer) = true;
} // playerFinishedResult
//-----------------------------------------------------------------------------
void ServerLobby::updateBanList()
{
m_ip_ban_list.clear();
m_online_id_ban_list.clear();
for (auto& ban : ServerConfig::m_server_ip_ban_list)
{
if (ban.first == "0.0.0.0/0" ||
(uint32_t)StkTime::getTimeSinceEpoch() > ban.second)
continue;
uint32_t netbits = 0;
std::vector<std::string> ip_and_netbits =
StringUtils::split(ban.first, '/');
if (ip_and_netbits.size() != 2 ||
!StringUtils::fromString(ip_and_netbits[1], netbits) ||
netbits > 32)
{
Log::error("STKHost", "Wrong CIDR: %s", ban.first.c_str());
continue;
}
TransportAddress addr(ip_and_netbits[0]);
if (addr.getIP() == 0)
{
Log::error("STKHost", "Wrong CIDR: %s", ban.first.c_str());
continue;
}
uint32_t mask = ~((1 << (32 - netbits)) - 1);
uint32_t ip_start = addr.getIP() & mask;
uint32_t ip_end = (addr.getIP() & mask) | ~mask;
m_ip_ban_list[ip_start] =
std::make_tuple(ip_end, ban.first, ban.second);
}
std::map<std::string, uint32_t> final_ip_ban_list;
for (auto it = m_ip_ban_list.begin();
it != m_ip_ban_list.end();)
{
auto next_itr = std::next(it);
if (next_itr != m_ip_ban_list.end() &&
next_itr->first <= std::get<0>(it->second))
{
Log::warn("ServerLobby", "%s overlaps %s, removing the first one.",
std::get<1>(next_itr->second).c_str(),
std::get<1>(it->second).c_str());
m_ip_ban_list.erase(next_itr);
continue;
}
final_ip_ban_list[std::get<1>(it->second)] =
ServerConfig::m_server_ip_ban_list.at(std::get<1>(it->second));
it++;
}
ServerConfig::m_server_ip_ban_list = final_ip_ban_list;
// Default guided entry
ServerConfig::m_server_ip_ban_list["0.0.0.0/0"] = 0;
std::map<uint32_t, uint32_t> final_online_id_ban_list;
for (auto& ban : ServerConfig::m_server_online_id_ban_list)
{
if (ban.first == 0 ||
(uint32_t)StkTime::getTimeSinceEpoch() > ban.second)
continue;
m_online_id_ban_list[ban.first] = ban.second;
final_online_id_ban_list[ban.first] =
ServerConfig::m_server_online_id_ban_list.at(ban.first);
}
ServerConfig::m_server_online_id_ban_list = final_online_id_ban_list;
ServerConfig::m_server_online_id_ban_list[0] = 0;
} // updateBanList
//-----------------------------------------------------------------------------
bool ServerLobby::waitingForPlayers() const
{
@ -3566,35 +3495,6 @@ void ServerLobby::listBanTable()
#endif
} // listBanTable
//-----------------------------------------------------------------------------
bool ServerLobby::isBannedForIP(const TransportAddress& addr) const
{
uint32_t ip_decimal = addr.getIP();
auto lb = m_ip_ban_list.lower_bound(addr.getIP());
bool is_banned = false;
if (lb != m_ip_ban_list.end() && ip_decimal >= lb->first/*ip_start*/)
{
if (ip_decimal <= std::get<0>(lb->second)/*ip_end*/ &&
(uint32_t)StkTime::getTimeSinceEpoch() < std::get<2>(lb->second))
is_banned = true;
}
else if (lb != m_ip_ban_list.begin())
{
lb--;
if (ip_decimal>= lb->first/*ip_start*/ &&
ip_decimal <= std::get<0>(lb->second)/*ip_end*/ &&
(uint32_t)StkTime::getTimeSinceEpoch() < std::get<2>(lb->second))
is_banned = true;
}
if (is_banned)
{
Log::info("ServerLobby", "%s is banned by CIDR %s",
addr.toString(false/*show_port*/).c_str(),
std::get<1>(lb->second).c_str());
}
return is_banned;
} // isBannedForIP
//-----------------------------------------------------------------------------
float ServerLobby::getStartupBoostOrPenaltyForKart(uint32_t ping,
unsigned kart_id)

9
src/network/protocols/server_lobby.hpp
View File

@ -133,14 +133,6 @@ private:
* starting race. */
mutable std::mutex m_connection_mutex;
/** Ban list of ip ranges. */
std::map</*ip_start*/uint32_t, std::tuple</*ip_end*/uint32_t,
/*CIDR*/std::string, /*expired time epoch*/uint32_t> >
m_ip_ban_list;
/** Ban list of online user id. */
std::map<uint32_t, /*expired time epoch*/uint32_t> m_online_id_ban_list;
TransportAddress m_server_address;
std::mutex m_keys_mutex;
@ -344,7 +336,6 @@ public:
virtual bool allPlayersReady() const OVERRIDE
{ return m_state.load() >= WAIT_FOR_RACE_STARTED; }
virtual bool isRacing() const OVERRIDE { return m_state.load() == RACING; }
bool isBannedForIP(const TransportAddress& addr) const;
bool allowJoinedPlayersWaiting() const;
void setSaveServerConfig(bool val) { m_save_server_config = val; }
float getStartupBoostOrPenaltyForKart(uint32_t ping, unsigned kart_id);

16
src/network/server_config.hpp
View File

@ -345,22 +345,6 @@ namespace ServerConfig
"Online ID ban list table name, you need to create the table first, "
"see NETWORKING.md for details."));
SERVER_CFG_PREFIX StringToUIntServerConfigParam m_server_ip_ban_list
SERVER_CFG_DEFAULT(StringToUIntServerConfigParam("server-ip-ban-list",
"ip: IP in X.X.X.X/Y (CIDR) format for banning, use Y of 32 for a "
"specific ip, expired-time: unix timestamp to expire, "
"-1 (uint32_t max) for a permanent ban.",
{{ "ban", "ip", "expired-time" }},
{ { "0.0.0.0/0", 0u } }));
SERVER_CFG_PREFIX UIntToUIntServerConfigParam m_server_online_id_ban_list
SERVER_CFG_DEFAULT(UIntToUIntServerConfigParam(
"server-online-id-ban-list",
"online-id: online id for banning, expired-time: unix timestamp to "
"expire, -1 (uint32_t max) for a permanent ban.",
{{ "ban", "online-id", "expired-time" }},
{ { 0u, 0u } }));
// ========================================================================
/** Server version, will be advanced if there are protocol changes. */
static const uint32_t m_server_version = 6;