CSM restrictions: Make 'LOAD_CLIENT_MODS' disable loading of 'builtin' (#8000)

Previously, when the CSM restriction 'LOAD_CLIENT_MODS' was used a
client was still able to add CSM code to 'builtin' to bypass that
restriction, because 'builtin' is not yet verified.

Until server-sent CSM and verifying of 'builtin' are complete, make
'LOAD_CLIENT_MODS' disable the loading of builtin.

Clarify code comments and messages to distinguish between client-side
modding and client-side scripting. 'Scripting' includes 'builtin',
'modding' does not.
This commit is contained in:
Paramat 2019-01-03 11:10:07 +00:00 committed by Loïc Blot
parent c26eab6319
commit ceacff13a6
4 changed files with 38 additions and 16 deletions

@ -1189,14 +1189,16 @@ block_send_optimize_distance (Block send optimize distance) int 4 2
# so that the utility of noclip mode is reduced.
server_side_occlusion_culling (Server side occlusion culling) bool true
# Restricts the access of certain client-side functions on servers
# Combine these byteflags below to restrict client-side features:
# LOAD_CLIENT_MODS: 1 (disable client mods loading)
# Restricts the access of certain client-side functions on servers.
# Combine the byteflags below to restrict client-side features, or set to 0
# for no restrictions:
# LOAD_CLIENT_MODS: 1 (disable loading client-provided mods)
# CHAT_MESSAGES: 2 (disable send_chat_message call client-side)
# READ_ITEMDEFS: 4 (disable get_item_def call client-side)
# READ_NODEDEFS: 8 (disable get_node_def call client-side)
# LOOKUP_NODES_LIMIT: 16 (limits get_node call client-side to
# csm_restriction_noderange)
# READ_PLAYERINFO: 32 (disable get_player_names call client-side)
csm_restriction_flags (Client side modding restrictions) int 62
# If the CSM restriction for node range is enabled, get_node calls are limited

@ -110,7 +110,8 @@ Client::Client(
m_cache_save_interval = g_settings->getU16("server_map_save_interval");
m_modding_enabled = g_settings->getBool("enable_client_modding");
// Only create the client script environment if client modding is enabled
// Only create the client script environment if client scripting is enabled by the
// client.
if (m_modding_enabled) {
m_script = new ClientScripting(this);
m_env.setScript(m_script);
@ -125,10 +126,22 @@ void Client::loadMods()
return;
}
// If client modding is not enabled, don't load client-provided CSM mods or
// builtin.
// If client scripting is disabled by the client, don't load builtin or
// client-provided mods.
if (!m_modding_enabled) {
warningstream << "Client side mods are disabled by configuration." << std::endl;
warningstream << "Client side scripting is disabled by client." << std::endl;
return;
}
// If client scripting is disabled by the server, don't load builtin or
// client-provided mods.
// TODO Delete this code block when server-sent CSM and verifying of builtin are
// complete.
if (checkCSMRestrictionFlag(CSMRestrictionFlags::CSM_RF_LOAD_CLIENT_MODS)) {
warningstream << "Client-provided mod loading is disabled by server." <<
std::endl;
// This line is needed because builtin is not loaded
m_modding_enabled = false;
return;
}
@ -136,16 +149,19 @@ void Client::loadMods()
scanModIntoMemory(BUILTIN_MOD_NAME, getBuiltinLuaPath());
m_script->loadModFromMemory(BUILTIN_MOD_NAME);
// If the server has disabled client-provided CSM mod loading, don't load
// client-provided CSM mods. Builtin is loaded so needs verfying.
// TODO Uncomment when server-sent CSM and verifying of builtin are complete
/*
// Don't load client-provided mods if disabled by server
if (checkCSMRestrictionFlag(CSMRestrictionFlags::CSM_RF_LOAD_CLIENT_MODS)) {
warningstream << "Client side mods are disabled by server." << std::endl;
warningstream << "Client-provided mod loading is disabled by server." <<
std::endl;
// If builtin integrity is wrong, disconnect user
if (!checkBuiltinIntegrity()) {
// @TODO disconnect user
// TODO disconnect user
}
return;
}
*/
ClientModConfiguration modconf(getClientModsLuaPath());
m_mods = modconf.getMods();
@ -155,7 +171,7 @@ void Client::loadMods()
}
// Print mods
infostream << "Client Loading mods: ";
infostream << "Client loading mods: ";
for (const ModSpec &mod : m_mods)
infostream << mod.name << " ";
infostream << std::endl;
@ -181,7 +197,7 @@ void Client::loadMods()
bool Client::checkBuiltinIntegrity()
{
// @TODO
// TODO
return true;
}

@ -1891,7 +1891,7 @@ void Game::processKeyInput()
if (client->moddingEnabled())
openConsole(0.2, L".");
else
m_game_ui->showStatusText(wgettext("CSM is disabled"));
m_game_ui->showStatusText(wgettext("Client side scripting is disabled"));
} else if (wasKeyDown(KeyType::CONSOLE)) {
openConsole(core::clamp(g_settings->getFloat("console_height"), 0.1f, 1.0f));
} else if (wasKeyDown(KeyType::FREEMOVE)) {
@ -2554,7 +2554,7 @@ void Game::handleClientEvent_PlayerForceMove(ClientEvent *event, CameraOrientati
void Game::handleClientEvent_Deathscreen(ClientEvent *event, CameraOrientation *cam)
{
// If CSM enabled, deathscreen is handled by CSM code in
// If client scripting is enabled, deathscreen is handled by CSM code in
// builtin/client/init.lua
if (client->moddingEnabled())
client->getScript()->on_death();

@ -947,7 +947,11 @@ enum PlayerListModifer: u8
enum CSMRestrictionFlags : u64 {
CSM_RF_NONE = 0x00000000,
CSM_RF_LOAD_CLIENT_MODS = 0x00000001, // Disable mods provided by clients
// Until server-sent CSM and verifying of builtin are complete,
// 'CSM_RF_LOAD_CLIENT_MODS' also disables loading 'builtin'.
// When those are complete, this should return to only being a restriction on the
// loading of client mods.
CSM_RF_LOAD_CLIENT_MODS = 0x00000001, // Don't load client-provided mods or 'builtin'
CSM_RF_CHAT_MESSAGES = 0x00000002, // Disable chat message sending from CSM
CSM_RF_READ_ITEMDEFS = 0x00000004, // Disable itemdef lookups
CSM_RF_READ_NODEDEFS = 0x00000008, // Disable nodedef lookups