aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorParamat <paramat@users.noreply.github.com>2019-01-03 11:10:07 +0000
committerLoïc Blot <nerzhul@users.noreply.github.com>2019-01-03 12:10:07 +0100
commitceacff13a666779d75ac48f2cc5c11bc2ce5c6e1 (patch)
treead82bd3a44ced8af130f372fb1c3df8d389b3bdd
parentc26eab6319b64089a32e43cf1626f9583947572a (diff)
downloadminetest-ceacff13a666779d75ac48f2cc5c11bc2ce5c6e1.tar.gz
minetest-ceacff13a666779d75ac48f2cc5c11bc2ce5c6e1.tar.bz2
minetest-ceacff13a666779d75ac48f2cc5c11bc2ce5c6e1.zip
CSM restrictions: Make 'LOAD_CLIENT_MODS' disable loading of 'builtin' (#8000)
Previously, when the CSM restriction 'LOAD_CLIENT_MODS' was used a client was still able to add CSM code to 'builtin' to bypass that restriction, because 'builtin' is not yet verified. Until server-sent CSM and verifying of 'builtin' are complete, make 'LOAD_CLIENT_MODS' disable the loading of builtin. Clarify code comments and messages to distinguish between client-side modding and client-side scripting. 'Scripting' includes 'builtin', 'modding' does not.
-rw-r--r--builtin/settingtypes.txt8
-rw-r--r--src/client/client.cpp36
-rw-r--r--src/client/game.cpp4
-rw-r--r--src/network/networkprotocol.h6
4 files changed, 38 insertions, 16 deletions
diff --git a/builtin/settingtypes.txt b/builtin/settingtypes.txt
index d8d9ec3ab..c312bdcf6 100644
--- a/builtin/settingtypes.txt
+++ b/builtin/settingtypes.txt
@@ -1189,14 +1189,16 @@ block_send_optimize_distance (Block send optimize distance) int 4 2
# so that the utility of noclip mode is reduced.
server_side_occlusion_culling (Server side occlusion culling) bool true
-# Restricts the access of certain client-side functions on servers
-# Combine these byteflags below to restrict client-side features:
-# LOAD_CLIENT_MODS: 1 (disable client mods loading)
+# Restricts the access of certain client-side functions on servers.
+# Combine the byteflags below to restrict client-side features, or set to 0
+# for no restrictions:
+# LOAD_CLIENT_MODS: 1 (disable loading client-provided mods)
# CHAT_MESSAGES: 2 (disable send_chat_message call client-side)
# READ_ITEMDEFS: 4 (disable get_item_def call client-side)
# READ_NODEDEFS: 8 (disable get_node_def call client-side)
# LOOKUP_NODES_LIMIT: 16 (limits get_node call client-side to
# csm_restriction_noderange)
+# READ_PLAYERINFO: 32 (disable get_player_names call client-side)
csm_restriction_flags (Client side modding restrictions) int 62
# If the CSM restriction for node range is enabled, get_node calls are limited
diff --git a/src/client/client.cpp b/src/client/client.cpp
index 17ee3a10a..3ba69333a 100644
--- a/src/client/client.cpp
+++ b/src/client/client.cpp
@@ -110,7 +110,8 @@ Client::Client(
m_cache_save_interval = g_settings->getU16("server_map_save_interval");
m_modding_enabled = g_settings->getBool("enable_client_modding");
- // Only create the client script environment if client modding is enabled
+ // Only create the client script environment if client scripting is enabled by the
+ // client.
if (m_modding_enabled) {
m_script = new ClientScripting(this);
m_env.setScript(m_script);
@@ -125,10 +126,22 @@ void Client::loadMods()
return;
}
- // If client modding is not enabled, don't load client-provided CSM mods or
- // builtin.
+ // If client scripting is disabled by the client, don't load builtin or
+ // client-provided mods.
if (!m_modding_enabled) {
- warningstream << "Client side mods are disabled by configuration." << std::endl;
+ warningstream << "Client side scripting is disabled by client." << std::endl;
+ return;
+ }
+
+ // If client scripting is disabled by the server, don't load builtin or
+ // client-provided mods.
+ // TODO Delete this code block when server-sent CSM and verifying of builtin are
+ // complete.
+ if (checkCSMRestrictionFlag(CSMRestrictionFlags::CSM_RF_LOAD_CLIENT_MODS)) {
+ warningstream << "Client-provided mod loading is disabled by server." <<
+ std::endl;
+ // This line is needed because builtin is not loaded
+ m_modding_enabled = false;
return;
}
@@ -136,16 +149,19 @@ void Client::loadMods()
scanModIntoMemory(BUILTIN_MOD_NAME, getBuiltinLuaPath());
m_script->loadModFromMemory(BUILTIN_MOD_NAME);
- // If the server has disabled client-provided CSM mod loading, don't load
- // client-provided CSM mods. Builtin is loaded so needs verfying.
+ // TODO Uncomment when server-sent CSM and verifying of builtin are complete
+ /*
+ // Don't load client-provided mods if disabled by server
if (checkCSMRestrictionFlag(CSMRestrictionFlags::CSM_RF_LOAD_CLIENT_MODS)) {
- warningstream << "Client side mods are disabled by server." << std::endl;
+ warningstream << "Client-provided mod loading is disabled by server." <<
+ std::endl;
// If builtin integrity is wrong, disconnect user
if (!checkBuiltinIntegrity()) {
- // @TODO disconnect user
+ // TODO disconnect user
}
return;
}
+ */
ClientModConfiguration modconf(getClientModsLuaPath());
m_mods = modconf.getMods();
@@ -155,7 +171,7 @@ void Client::loadMods()
}
// Print mods
- infostream << "Client Loading mods: ";
+ infostream << "Client loading mods: ";
for (const ModSpec &mod : m_mods)
infostream << mod.name << " ";
infostream << std::endl;
@@ -181,7 +197,7 @@ void Client::loadMods()
bool Client::checkBuiltinIntegrity()
{
- // @TODO
+ // TODO
return true;
}
diff --git a/src/client/game.cpp b/src/client/game.cpp
index bd37bd58a..28f6a90ed 100644
--- a/src/client/game.cpp
+++ b/src/client/game.cpp
@@ -1891,7 +1891,7 @@ void Game::processKeyInput()
if (client->moddingEnabled())
openConsole(0.2, L".");
else
- m_game_ui->showStatusText(wgettext("CSM is disabled"));
+ m_game_ui->showStatusText(wgettext("Client side scripting is disabled"));
} else if (wasKeyDown(KeyType::CONSOLE)) {
openConsole(core::clamp(g_settings->getFloat("console_height"), 0.1f, 1.0f));
} else if (wasKeyDown(KeyType::FREEMOVE)) {
@@ -2554,7 +2554,7 @@ void Game::handleClientEvent_PlayerForceMove(ClientEvent *event, CameraOrientati
void Game::handleClientEvent_Deathscreen(ClientEvent *event, CameraOrientation *cam)
{
- // If CSM enabled, deathscreen is handled by CSM code in
+ // If client scripting is enabled, deathscreen is handled by CSM code in
// builtin/client/init.lua
if (client->moddingEnabled())
client->getScript()->on_death();
diff --git a/src/network/networkprotocol.h b/src/network/networkprotocol.h
index 6d6708482..96dfbe44f 100644
--- a/src/network/networkprotocol.h
+++ b/src/network/networkprotocol.h
@@ -947,7 +947,11 @@ enum PlayerListModifer: u8
enum CSMRestrictionFlags : u64 {
CSM_RF_NONE = 0x00000000,
- CSM_RF_LOAD_CLIENT_MODS = 0x00000001, // Disable mods provided by clients
+ // Until server-sent CSM and verifying of builtin are complete,
+ // 'CSM_RF_LOAD_CLIENT_MODS' also disables loading 'builtin'.
+ // When those are complete, this should return to only being a restriction on the
+ // loading of client mods.
+ CSM_RF_LOAD_CLIENT_MODS = 0x00000001, // Don't load client-provided mods or 'builtin'
CSM_RF_CHAT_MESSAGES = 0x00000002, // Disable chat message sending from CSM
CSM_RF_READ_ITEMDEFS = 0x00000004, // Disable itemdef lookups
CSM_RF_READ_NODEDEFS = 0x00000008, // Disable nodedef lookups