Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check if another player has the same serial #3854

Merged
merged 11 commits into from
Nov 21, 2024
Merged

Check if another player has the same serial #3854

merged 11 commits into from
Nov 21, 2024

Conversation

Nico8340
Copy link
Contributor

@Nico8340 Nico8340 commented Nov 13, 2024
edited
Loading

This pull request adds a check when connecting to ensure that players can't use the same serial, thus preventing abuses related to serial manipulation, such as for example, when they try to spoof a server's moderator's serial as their own, while they're connected to the server.

The change involved the addition of a new parameter called check_duplicate_serials which allows turning off the feature for development and testing servers to connect with virtual machines.

The new code is: CD50
The new description is: Serial already in use

@Nico8340
New util
3864cee 
New util function that allows to search for players by serial
@Nico8340
New enum & logic
1a9d402 
New enum called SERIAL_DUPLICATE and logic that checks if there are no other players on the server having the same serial
Fernando-A-Rocha
Fernando-A-Rocha approved these changes Nov 13, 2024
View reviewed changes
Copy link
Contributor

@Fernando-A-Rocha Fernando-A-Rocha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good idea.

TracerDS
TracerDS suggested changes Nov 13, 2024
View reviewed changes
Server/mods/deathmatch/logic/CGame.cpp Outdated Show resolved Hide resolved
@Xenius97
Copy link
Contributor

This solution is not perfect because if you run multiple MTA clients on one machine (VM), you get the same serial, making localhost testing impossible.

@Xenius97
Copy link
Contributor

Maybe you could add something like check_double_serials to server settings enabled by default.

@Nico8340
Copy link
Contributor Author

This solution is not perfect because if you run multiple MTA clients on one machine (VM), you get the same serial, making localhost testing impossible.

I forgot about that, thanks for reminding.
If anyone has any ideas, feel free to share them.

@Nico8340
Copy link
Contributor Author

Nico8340 commented Nov 13, 2024
edited
Loading

Maybe you could add something like check_double_serials to server settings enabled by default.

Good idea, I look forward to other people's opinions as well

@Fernando-A-Rocha
Copy link
Contributor

This solution is not perfect because if you run multiple MTA clients on one machine (VM), you get the same serial, making localhost testing impossible.

I forgot you can use VMs to run multiple MTA clients. You need 1 VM (os) per client right?

@Nico8340
Copy link
Contributor Author

This solution is not perfect because if you run multiple MTA clients on one machine (VM), you get the same serial, making localhost testing impossible.

I forgot you can use VMs to run multiple MTA clients. You need 1 VM (os) per client right?

That's right

@Fernando-A-Rocha
Copy link
Contributor

Maybe you could add something like check_double_serials to server settings enabled by default.

Maybe we can have a setting like allow_unverified_clients that is a more generic name

@Nico8340
Make a new parameter
c8bfe8e 
Make a new parameter called check_duplicate_serials which is enabled by default
@G-Moris
Copy link
Contributor

G-Moris commented Nov 13, 2024

Would this be optimized if 'std::unordered_map' and 'find' were used instead of a loop?

@Nico8340
Copy link
Contributor Author

Would this be optimized if 'std::unordered_map' and 'find' were used instead of a loop?

In fact, in this use case there are no significant differences in terms of average server sizes, but for a larger search operation it is really better to use unordered_map and its method. If someone wants to refactor it, they have to modify the entire class, and this pull request is not intended for that.

@TheNormalnij TheNormalnij added the enhancement New feature or request label Nov 17, 2024
@TheNormalnij TheNormalnij added this to the 1.6.1 milestone Nov 17, 2024
@lopezloo
Copy link
Member

when they try to spoof a server's moderator's serial as their own

How would they know server's moderator serial?

@Nico8340
Copy link
Contributor Author

How would they know server's moderator serial?

From servers with a loophole or a data leak

Fernando-A-Rocha
Fernando-A-Rocha suggested changes Nov 19, 2024
View reviewed changes
Copy link
Contributor

@Fernando-A-Rocha Fernando-A-Rocha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Other than that, good job!

Server/mods/deathmatch/logic/CPlayerManager.cpp Outdated Show resolved Hide resolved
@TracerDS TracerDS mentioned this pull request Nov 19, 2024
Open
1 task
@Nico8340 @Fernando-A-Rocha
Make suggested changes
da0c71d 
Co-authored-by: Fernando Rocha <34967844+Fernando-A-Rocha@users.noreply.github.com>
@Dutchman101 Dutchman101 merged commit e094942 into multitheftauto:master Nov 21, 2024
6 checks passed
@Nico8340 Nico8340 deleted the serial branch November 22, 2024 12:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TracerDS TracerDS TracerDS approved these changes

@Fernando-A-Rocha Fernando-A-Rocha Fernando-A-Rocha approved these changes

@TheNormalnij TheNormalnij Awaiting requested review from TheNormalnij

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
1.6.1
Development

Successfully merging this pull request may close these issues.
8 participants
@Nico8340 @Xenius97 @Fernando-A-Rocha @G-Moris @lopezloo @TheNormalnij @TracerDS @Dutchman101