aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsfan5 <sfan5@live.de>2022-04-27 19:00:49 +0200
committersfan5 <sfan5@live.de>2022-05-14 18:33:42 +0200
commitd497c926849fc716d486d400fed45063577bd99a (patch)
tree8cd888075a5ae9c9fa813a2a874bde8e5c9910fb
parent677dc2c1558420a1d105a5f33b5c14a1d43503bb (diff)
downloadminetest-d497c926849fc716d486d400fed45063577bd99a.tar.gz
minetest-d497c926849fc716d486d400fed45063577bd99a.tar.bz2
minetest-d497c926849fc716d486d400fed45063577bd99a.zip
Fix race condition in registration leading to duplicate create_auth calls
Diffstat
-rw-r--r--src/network/serverpackethandler.cpp13
1 files changed, 12 insertions, 1 deletions
diff --git a/src/network/serverpackethandler.cpp b/src/network/serverpackethandler.cpp
index d8b49da09..ee94edc3c 100644
--- a/src/network/serverpackethandler.cpp
+++ b/src/network/serverpackethandler.cpp
@@ -1496,8 +1496,19 @@ void Server::handleCommand_FirstSrp(NetworkPacket* pkt)
}
std::string initial_ver_key;
-
initial_ver_key = encode_srp_verifier(verification_key, salt);
+
+ // It is possible for multiple connections to get this far with the same
+ // player name. In the end only one player with a given name will be emerged
+ // (see Server::StateTwoClientInit) but we still have to be careful here.
+ if (m_script->getAuth(playername, nullptr, nullptr)) {
+ // Another client beat us to it
+ actionstream << "Server: Client from " << addr_s
+ << " tried to register " << playername << " a second time."
+ << std::endl;
+ DenyAccess(peer_id, SERVER_ACCESSDENIED_ALREADY_CONNECTED);
+ return;
+ }
m_script->createAuth(playername, initial_ver_key);
m_script->on_authplayer(playername, addr_s, true);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 05:36:38 +0000