diff options
author | sfan5 <sfan5@live.de> | 2022-04-27 19:00:49 +0200 |
---|---|---|
committer | sfan5 <sfan5@live.de> | 2022-04-28 19:55:36 +0200 |
commit | 391eec9ee78fc9dfdc476ad2a8ed7755009e4a2f (patch) | |
tree | c39a24f5d846ae48c248b61afe8e68a078408f43 | |
parent | 0d91ef78ddb487e08969c9efb385ef7de69750b9 (diff) | |
download | minetest-391eec9ee78fc9dfdc476ad2a8ed7755009e4a2f.tar.gz minetest-391eec9ee78fc9dfdc476ad2a8ed7755009e4a2f.tar.bz2 minetest-391eec9ee78fc9dfdc476ad2a8ed7755009e4a2f.zip |
Fix race condition in registration leading to duplicate create_auth calls
-rw-r--r-- | src/network/serverpackethandler.cpp | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/network/serverpackethandler.cpp b/src/network/serverpackethandler.cpp index 8163cb820..6d951c416 100644 --- a/src/network/serverpackethandler.cpp +++ b/src/network/serverpackethandler.cpp @@ -1495,8 +1495,19 @@ void Server::handleCommand_FirstSrp(NetworkPacket* pkt) } std::string initial_ver_key; - initial_ver_key = encode_srp_verifier(verification_key, salt); + + // It is possible for multiple connections to get this far with the same + // player name. In the end only one player with a given name will be emerged + // (see Server::StateTwoClientInit) but we still have to be careful here. + if (m_script->getAuth(playername, nullptr, nullptr)) { + // Another client beat us to it + actionstream << "Server: Client from " << addr_s + << " tried to register " << playername << " a second time." + << std::endl; + DenyAccess(peer_id, SERVER_ACCESSDENIED_ALREADY_CONNECTED); + return; + } m_script->createAuth(playername, initial_ver_key); m_script->on_authplayer(playername, addr_s, true); |