<URL: http://bugs.freeciv.org/Ticket/Display.html?id=40311 >
This patch disables the hack check (want_hack) when the server's running in GGZ mode. I think this is a good idea to reduce any possible security hole in what is already known to be a public game; it's also convenient for testing. Patch for trunk but should probably apply to 2.1 and 2.2 also. -jason
Index: server/gamehand.c =================================================================== --- server/gamehand.c (revision 14848) +++ server/gamehand.c (working copy) @@ -33,6 +33,7 @@ #include "support.h" #include "connecthand.h" +#include "ggzserver.h" #include "maphand.h" #include "plrhand.h" #include "unittools.h" @@ -525,14 +526,16 @@ char *token = NULL; bool you_have_hack = FALSE; - if (section_file_load_nodup(&file, get_challenge_fullname(pc))) { - token = secfile_lookup_str_default(&file, NULL, "challenge.token"); - you_have_hack = (token && strcmp(token, packet->token) == 0); - section_file_free(&file); - } + if (!with_ggz) { + if (section_file_load_nodup(&file, get_challenge_fullname(pc))) { + token = secfile_lookup_str_default(&file, NULL, "challenge.token"); + you_have_hack = (token && strcmp(token, packet->token) == 0); + section_file_free(&file); + } - if (!token) { - freelog(LOG_DEBUG, "Failed to read authentication token"); + if (!token) { + freelog(LOG_DEBUG, "Failed to read authentication token"); + } } if (you_have_hack) {
_______________________________________________ Freeciv-dev mailing list Freeciv-dev@gna.org https://mail.gna.org/listinfo/freeciv-dev