If a formspec is submitted from a form fields handling
callback of another form (or "formspec shown from another
formspec"), the fields submitted for it can get
rejected by the form exploit mitigation subsystem with a
message like "'zorman2000' submitted formspec
('formspec_error:form2') but server hasn't sent formspec to
client, possible exploitation attempt" being sent to logs.
This was already reported as #7374 and a change was made
that fixed the simple testcase included with that bug
report but the bug still kept lurking around and popping
out in more complicated scenarios like the advtrains TSS
route programming UI.
Deep investigation of the problem revealed that this
sequence of events is entirely possible and leads to the
bug:
1. Server: show form1
2. Client *shows form1*
3. Client: submits form1
4. Server: show form2
5. Client: says form1 closed
6. Client *shows form2*
7. Client: submits form2
What happens inside the code is that when the server in
step 4 sends form2, the registry of opened forms is
updated to reflect the fact that form2 is now the valid
form for the client to submit. Then when in step 5 client
says "form1 was closed", the exploit mitigation subsystem
code deletes the registry entry for the client without
bothering to check whether the form client says was
closed just now is indeed the form that is recorded in
that entry as the valid form. Then later, in step 7 the
client tries to submit its valid form fields, these will
be rejected because the entry is missing.
It turns out the procedure where the broken code resides
already gets the form name so a simple "if" around the
offending piece of code fixes the whole thing. And
advtrains TSS agrees with that.
Reported by GCC
```
minetest/src/server.cpp:996:42: warning: ‘peer_id’ may be used uninitialized in this function [-Wmaybe-uninitialized]
errorstream << "ProcessData: peer=" << peer_id << e.what() << std::endl;
```
* Adds Lua methods 'set_rotation()' and 'get_rotation'. Also changed some method names to be more clear. Instead of an f32 being sent over network for yaw, now a v3f is sent for rotation on xyz axes. Perserved Lua method set_yaw/setyaw so that old mods still work, other wise to set yaw they would need to switch to set_rotation(0, yaw, 0).
* src/sky.cpp 146 warn V519 The 'suncolor_f.r' variable is assigned values twice successively. Perhaps this is a mistake. Check lines: 142, 146.
* src/sky.cpp 147 warn V519 The 'suncolor_f.g' variable is assigned values twice successively. Perhaps this is a mistake. Check lines: 143, 147.
* src/sky.cpp 148 warn V519 The 'suncolor_f.b' variable is assigned values twice successively. Perhaps this is a mistake. Check lines: 144, 148.
* src/threading/thread.cpp 63 err V730 Not all members of a class are initialized inside the constructor. Consider inspecting: m_thread_obj.
* src/server.cpp 3243 err V595 The 'log' pointer was utilized before it was verified against nullptr. Check lines: 3243, 3258.
* Drop EventManager from GameDef & do some client cleanups
* EventManager is only used by Client. Don't expose it on Server & GameDef for nothing
* Drop Client::event() in favor of direct calls to getEventManager
* Cleanup some event put from new + put to put(new)
* MtEvent: add Type(u8) enum
* This will enhance event performance & ensure stricter type
* Drop MtEvent::checkIs (unused)
* clang-tidy reported fixes
* Code style
* Move event_manager.h to the client directory as it's only used by client
Add EventManager unittests + switch to unordered_map as order is not important here
Drop a unused function
* Server: delegate mod management & config to ServerModConfiguration (rename it to ServerModManager)
* Use c++11 range based loops
* Add unittests + experimental/default mod as a test case to permit testing mod loading in future tests
* ObjectRef::set_local_animation: fix wrong lua return (should push a boolean, currently returns nil)
* ObjectRef::set_eye_offset: fix wrong lua return (should push a boolean, currently returns nil)
* Fix various Server functions which depends on RemotePlayer objet and return true/false when player object is nil whereas it's a caller implementation error. Change those bool functions to void and add sanitize_check call instead. Current callers are always checking player object validity
* Optimize Server::setClouds : use CloudParams object ref instead of attribute deserialization from structure & perform RemotePlayer::setCloudParams directly in server class like many other calls
* Optimize Server::SendCloudParams: use CloudParams object ref instead of deserialized attributes
This doesn't check the fields in anyway whatsoever so it should only be seen as a way to mitigate exploits, a last line of defense to make it harder to exploit bugs in mods, not as a reason to not do all the usually checks.
* Rename IWritableNodeDefManager to NodeDefManager
* Make INodeDefManager functions const
* Use "const *NodeDefManager" instead of "*INodeDefManager"
* Remove unused INodeDefManager class
* Merge NodeDefManager and CNodeDefManager
* Document NodeDefManager
Solves some issues with ModStorage functionality in mapgen threads
that occurred when mapgen threads continued to run after the main
server thread had stopped. Also shuts down mapgen threads before
shutdown callbacks are called.
* Make Player::peer_id server-side only and add getters and setters
Player::peer_id has no sense client side, move it to server, make it private and add setter and getter
Also add some PEER_ID_INEXISTENT instead of harcoded 0
* Add session_t typedef + remove unused functions
u16 peer_id is used everywhere, to be more consistent and permit some evolutions on this type in the future (i'm working on a PoC), uniformize u16 peer_id to SessionId peer_id
Implement network communication for channels
* Implement ModChannel manager server side to route incoming messages from clients to other clients
* Add signal handler switch on client & ModChannelMgr on client to handle channels
* Add Lua API bindings + client packet sending + unittests
* Implement server message sending
* Add callback from received message handler to Lua API using registration method
* Fix HP transport + some double <-> float problems
TOCLIENT_HP transport u16 hp as a u8, use u16 HP, this prevent HP over 255 to overflow across network
* Fix more double/float problem in serverpackethandler & remove implicit struct type for TileAnimationParams
* Fix connection unittests container
* Cleanup network headers
* Move peerhandler to a specific header to reduce compilation times
* Move socket.cpp/h to network folder
* More work
* Network code cleanups
* Move socket.{cpp,h} to network folder
* Move Address object to network/address.{cpp,h}
* Move network exceptions to network/networkexceptions.h
* Client: use unique_ptr for Connection
* Server/ClientIface: use shared_ptr for Connection
* Format fixes
* Remove socket.cpp socket.h from clang-format whitelist
* Also fix NetworkPacket code style & make it under clang-format
* Respect object property hp_max field for players
This allows modders to configure the maximal HP per player
* Statbars: Downscale bar to full 20 HP when exceeding this value
Add default max HP for players and breath constants to builtin
Document the constants
* Rename PLAYER_MAX_HP -> PLAYER_MAX_HP_DEFAULT
* server.cpp: unroll setting when sending mapblocks
* Improve a little bit performance when sending mapblocks massively
* Use a range based for
* Code style fixes
* Use more for range based loops
* Simplify some tests
* Code style fixes
* connection.h: better PeerChange constructor instead of creating uninitalized object and then affect variables
* Use various modern for loops
* Make some loop iterator constants, whereas there weren't
* Use empty on some size() > 0 tests
* Various little codestyle fixes
* Fix an hidden scope variable in Server::SendBlockNoLock
* [CSM] Add flavour limits controlled by server
Server send flavour limits to client permitting to disable or limit some Lua calls
* Add limits for reading nodedefs and itemdefs
* flavour: Add lookup node limits
* Merge get_node_or_nil into get_node.
Sending fake node doesn't make sense in CSM, just return nil if node is not available for any reason
* Add node range customization when noderange flavour is enabled (default 8 nodes)
* Limit nodes range & disable chat message sending by default
* Bump protocol version
* New TOCLIENT_CHAT_MESSAGE packet
* Rename old packet to TOCLIENT_CHAT_MESSAGE_OLD for compat
* Handle TOCLIENT_CHAT_MESSAGE new structure client side
* Client chat queue should use a specific object
* SendChatMessage: use the right packet depending on protocol version (not complete yet)
* Add chatmessage(type) objects and handle them client side (partially)
* Use ChatMessage instead of std::wstring server side
* Update with timestamp support
thread_local permits to limit variable lifetime to thread duration. Use it on each setting place which uses static to cache variable result only for thread lifetime. This permits to keep the same performance level & reconfigure server from MT gui in those various variables places.
Add thread_local to undersampling calculation too.
Previously, findSpawnPos() did not take the 'mapgen_limit' setting into account,
a small limit often resulted in a spawn out in the void.
Use the recently added 'calcMapgenEdges()' to get max spawn range through a new
mapgenParams function 'getSpawnRangeMax()'.
Previously, when a player respawned into a world, 'objectpos_over_limit()' was
used as a check, which was inaccurate.
Use the recently added 'saoPosOverLimit()' to get exact mapgen edges.
Also fix default value of 'm_sao_limit_min'.
These code be generated by CSM, a modded client or just copy and pasted by the player.
Changes
- Update configuration example and setting translation file.
- Remove colour codes before logging chat.
- Add setting to remove colour codes before processing the chat.
* Have the server send the player list to the client
Currently the client generates the player list based on the Client active object list, the issue with this is that we can't be sure all player active objects will be sent to the client, so this could result in players showing up when someone run `/status` but auto complete not working with their nick and CSM not being aware of the player
* Allow enabling and disabling mods.
* Re-fix 605599b6f150b89ba6539c4d088231b326adcb48
This breaks some chars like € in chat.
Instead verify is char is a non control char -> iswcntrl
Previously, every individual particle on a server is sent to, and rendered by
(even if not actually visible), every client regardless of distance. This
significantly reduces client FPS and creates unnecessary network traffic.
Maximum distance is set by 'max block send distance' as this determines how far
a client is able to see.
Default true.
Add 'm_clouds_enabled' bool to sky.h, set from new bool in 'set sky' API.
Make 'getCloudsVisible()' depend on 'm_clouds_enabled' instead of
'm_visible' (whether normal sky is visible).
* Player data to Database
Add player data into databases (SQLite3 & PG only)
PostgreSQL & SQLite: better POO Design for databases
Add --migrate-players argument to server + deprecation warning
* Remove players directory if empty
This callback is called if a liquid definitely floods a non-air
node on the map. The callback arguments are (pos, oldnode, newnode)
and can return a `bool` value indicating whether flooding the
node should be cancelled (`return true` will prevent the node
from flooding).
Documentation is added, the callback function was tested with a
modified minetest_game.
Note that `return true` will likely cause the node's `on_flood()`
callback to be called every second until the node gets removed,
so care must be taken to prevent many callbacks from using this
return value. The current default liquid update interval is 1.0
seconds, which isn't unmanageable.
The larger aim of this patch is to remove the lava cooling ABM,
which is a significant cost to idle servers that have lava on their
map. This callback will be much more efficient.
* client side mods are located in clientmods/
* move builtin/preview.lua to clientmods/preview/init.lua as a preview mod
* refactor ModConfiguration class to work properly with client and server using child objects
* move some Server constructor mod load code to ModConfiguration to reduce code duplication between client and server
* remove mods.{cpp,h} unused functions
* use UNORDERED_SET instead of std::set in some modspec storages
* rename GameScripting to ServerScripting
* Make getBuiltinLuaPath static serverside
* Add on_shutdown callback
* Add on_receiving_chat_message & on_sending_chat_message callbacks
* ScriptApiBase: use IGameDef instead of Server
This permits to share common attribute between client & server
* Enable mod security in client side modding without conditions