Commit Graph

418 Commits

Author SHA1 Message Date
est31
27db929252 Add minetest.check_password_entry callback
Gives a convenient way to check a player's password.

This entirely bypasses the SRP protocol, so should be used
with great care.

This function is not intended to be used
in-game, but solely by external protocols, where no
authentication of the minetest engine is provided, and
also only for protocols, in which the user already gives the
server the plaintext password.

Examples for good use are the classical http form, or irc,
an example for a bad use is a password change dialog inside
formspec.

Users should be aware that they lose the advantages of the SRP
protocol if they enter their passwords for servers outside the
normal entry box, like in in-game formspec menus,
or through irc /msg s,

This patch also fixes an auth.h mistake which has mixed up the
order of params inside the decode_srp_verifier_and_salt function.

Zeno-: Added errorstream message for invalid format when I committed
2016-05-30 23:28:08 +10:00
Zeno-
a9bc7dc405 Remove unused code in s_security.cpp (#4172)
Note that the macro CHECK_FILE_ERR implements the code removed
2016-05-30 22:37:40 +10:00
Auke Kok
d499ec4838 Particles: Add option to remove particles on collision
Adds the particle option `collision_removal = bool`

Some particles are hard to use right now since they either go through
solid blocks (without collision detection), and with collision
detection enabled they (e.g. raindrops) would just stop dead on the
floor and sit there until they expire, or worse, scrape along a wall
or ceiling.

We can solve the problem by adding a boolean flag that tells the
particle to be removed if it ever collides with something. This will
make it easier to add rain that doesn't fall through your roof or stick
on the top of it. Or clouds and smoke that don't go through trees.

Particles that collide with this flag are marked expired
unconditionally, causing them to be treated like normal expired
particles and cleaned up normally.

Documentation is adjusted accordingly.

An added bonus of this patch is that particles can potentially collide
many times with nodes, and this reduces the amount of collisions to 1
(max), which may end up reducing particle load on the client.
2016-05-28 00:08:23 -04:00
red-001
62d15ac7c1 Add base64 encoding and decoding to the lua api. (#3919) 2016-05-27 23:37:28 -04:00
kwolekr
9b5c492be5 Fix MgStoneType and BiomeType enum names 2016-05-27 23:23:58 -04:00
kwolekr
76f4856479 Move biome calculation to BiomeGen
BiomeGen defines an interface that, given a set of BiomeParams, computes biomes
for a given area using the algorithm implemented by that specific BiomeGen.
This abstracts away the old system where each mapgen supplied the noises
required for biome generation.
2016-05-27 23:23:58 -04:00
est31
ac8bb457aa Pathfinder: Fix style
* Fix naming style for methods and classes:
	Use camelCase for methods and PascalCase for classes as
	code style demands it. And use sneak_case for methods that
	are not member of a class.
* Replace "* " with " *" for Pointers
* Same for references
* Put function body opening braces on new line
* Other misc minor non functional style improvements
2016-05-01 15:32:02 +02:00
est31
af30183124 Add option to not send pre v25 init packet
The legacy init packet (pre v25) sends information about the client's
password that a server could use to log in to other servers if the
username and password are the same. All the other benefits of SRP of
protocol v25 are missed if the legacy init packet is still sent during
connection creation.

This patch adds an option to not send the v25 init packet. Not sending
the v25 packet means breaking compat with pre v25 servers, but as the
option is not enabled by default, no servers are affected unless the
user explicitly flips the switch. More than 90% of the servers on the
serverlist support post v25 protocols.

The patch also fixes a bug with greying out of non compliant servers
being done wrongly, the min and max params were mixed.
2016-03-15 17:20:09 +01:00
est31
e0151d1054 Much better API for auth.{cpp, h}
* No function overloading
* Adhere coding style and with method names following
  lowercase_underscore_style
* Use std::string in external API, handling these is
  much more fun
2016-03-15 05:55:49 +01:00
Auke Kok
37b4f0d34c Allow nodes to specify which sides to connect to.
NDT_CONNECTED attempts to connect to any side of nodes that it can
connect to, which is troublesome for FACEDIR type nodes that generally
may only have one usable face, and can be rotated.

We introduce a node parameter `connect_sides` that is valid for
any node type. If specified, it lists faces of the node (in "top",
"bottom", "front", "left", "back", "right", form, as array) that
connecting nodeboxes can connect to. "front" corresponds to the south
facing side of a node with facedir = 0.

If the node is rotatable using *simple* FACEDIR, then the attached
face is properly rotated before checking. This allows e.g. a chest
to be attached to only from the rear side.
2016-03-12 12:08:17 -05:00
Auke Kok
e737b1c271 Nodebox: Allow nodeboxes to "connect"
We introduce a new nodebox type "connected", and allow these nodes to
have optional nodeboxes that connect it to other connecting nodeboxes.

This is all done at scenedraw time in the client. The client will
inspect the surrounding nodes and if they are to be connected to,
it will draw the appropriate connecting nodeboxes to make those
connections.

In the node_box definition, we have to specify separate nodeboxes for
each valid connection. This allows us to make nodes that connect only
horizontally (the common case) by providing optional nodeboxes for +x,
-x, +z, -z directions. Or this allows us to make wires that can connect
up and down, by providing nodeboxes that connect it up and down (+y,
-y) as well.

The optional nodeboxes can be arrays. They are named "connect_top,
"connect_bottom", "connect_front", "connect_left", "connect_back" and
"connect_right". Here, "front" means the south facing side of the node
that has facedir = 0.

Additionally, a "fixed" nodebox list present will always be drawn,
so one can make a central post, for instance. This "fixed" nodebox
can be omitted, or it can be an array of nodeboxes.

Collision boxes are also updated in exactly the same fashion, which
allows you to walk over the upper extremities of the individual
node boxes, or stand really close to them. You can also walk up
node noxes that are small in height, all as expected, and unlike the
NDT_FENCELIKE nodes.

I've posted a screenshot demonstrating the flexibility at
    http://i.imgur.com/zaJq8jo.png
In the screenshot, all connecting nodes are of this new subtype.

Transparent textures render incorrectly, Which I don't think is
related to this text, as other nodeboxes also have issues with this.

A protocol bump is performed in order to be able to send older clients
a nodeblock that is usable for them. In order to avoid abuse of users
we send older clients a "full-size" node, so that it's impossible for
them to try and walk through a fence or wall that's created in this
fashion. This was tested with a pre-bump client connected against a
server running the new protocol.

These nodes connect to other nodes, and you can select which ones
those are by specifying node names (or group names) in the
connects_to string array:
      connects_to = { "group:fence", "default:wood" }
By default, nodes do not connect to anything, allowing you to create
nodes that always have to be paired in order to connect. lua_api.txt
is updated to reflect the extension to the node_box API.

Example lua code needed to generate these nodes can be found here:
    https://gist.github.com/sofar/b381c8c192c8e53e6062
2016-03-12 12:08:17 -05:00
Auke Kok
4e59fcf5c1 Add consistent monotonic day counter - get_day_count()
I've written several experimental bits of code that revolve around the
need for a consistent calendar, but implementing one is extremely hard
in mods due to time changes and mods overriding core.get_timeofday(),
which will conflict.

The second part of the problem is that doing this from a mod requires
constant maintenance of a settings file.

An implementation in core is trivial, however, and solves all of
these problems at virtually no cost: No extra branches in server
steps, and a single branch when minetest.set_time_of_day(), which is
entirely reasonable.

We store the day_count value in env_meta.txt.

The use case is obvious: This change allows mods to create an actual
virtual calendar, or properly account for seasonal changes, etc..

We add a "/days" chatcommand that displays the current day count. No
permissions are needed. It can only retrieve the day count, not
modify it.
2016-03-09 01:45:23 +01:00
ShadowNinja
3ce6642a26 Add AreaStore custom ID API 2016-03-07 16:33:20 -05:00
ShadowNinja
821551a266 Implement AreaStore serialization 2016-03-07 16:33:20 -05:00
ShadowNinja
2e74e9ee20 Move AreaStore container selection logic into getOptimalImplementation 2016-03-07 16:33:20 -05:00
ShadowNinja
0079887b64 Move AreaStore to util 2016-03-07 16:33:20 -05:00
ShadowNinja
095db16990 Simplify AreaStore ID management 2016-03-07 16:33:20 -05:00
est31
725cb4eb07 s_env.{cpp, h} cleanups
* Replace string by-val passing with const reference
* Fix code style
* Remove redundant `int table` definition and indentation level
2016-03-07 19:54:26 +01:00
est31
d494733839 Add minetest.register_lbm() to run code on block load only 2016-03-07 19:54:26 +01:00
ShadowNinja
88fbe7ca1e Use LuaErrors in security check macros
Throwing a LuaError calls destructors as it propagates up the stack,
wheres lua_error just executes a longjmp.
2016-03-07 13:37:15 -05:00
Jeija
1100a5d614 Require minetest.request_http_api to be called from the mod's main scope
Fixes #3764
2016-03-03 22:42:00 +01:00
ShadowNinja
7bcbc0105b Fix main menu being unable to set secure settings 2016-03-03 00:57:19 -05:00
ShadowNinja
abd4a79acb Remove debug.getupvalue from the Lua sandbox whitelist
This function could be used to steal insecure environments from trusted mods.
2016-03-03 00:09:05 -05:00
Jeija
033a510cf3 Fix minetest.request_insecure_environment() always returning nil
Fixes #3765
2016-02-26 06:36:48 +01:00
Jeija
31e0667a4a Add Lua interface to HTTPFetchRequest
This allows mods to perform both asynchronous and synchronous HTTP
requests. Mods are only granted access to HTTP APIs if either mod
security is disabled or if they are whitelisted in any of the
the secure.http_mods and secure.trusted_mods settings.

Adds httpfetch_caller_alloc_secure to generate random, non-predictable
caller IDs so that lua mods cannot spy on each others HTTP queries.
2016-02-22 15:39:41 +01:00
Jeija
1b9aef43c9 Ignore spaces in secure.trusted_mods setting 2016-02-19 18:50:42 -05:00
ShadowNinja
4827ee1258 Require request_insecure_environment to be called from the mod's main scope
Previously you could steal a secure environment from a trusted mod by wrapping
request_insecure_environment with some code like this:

local rie_cp = minetest.request_insecure_environment
local stolen_ie
function minetest.request_insecure_environment()
	local ie = rie_cp()
	stolen_ie = stolen_ie or ie
	return ie
end
2016-02-19 14:52:10 +00:00
nerzhul
fefa148d69 v2d & aabbox3d<f32> & sky cleanups
* Sky: rename Box => m_box and inline getBoundingBox
* Uniformize aabbox3d<f32> to aabb3f
2016-02-11 16:55:15 +01:00
Kahrl
b1428ab4bb Add '/clearobjects quick' 2016-02-11 04:22:58 +00:00
est31
860d70bd0e Don't print whole json data buffer to errorstream on error
`errorstream` must not be overly verbose as clientside it is directly printed
onto the ingame chat window. These days, the serverlist can contain > 200k bytes,
so better print it to warningstream if the data buffer is too long.
2016-01-28 23:53:58 +01:00
est31
e50c784e2c Fix C++11 compilability
Previous commits broke it... :(
2016-01-23 05:45:29 +01:00
Auke Kok
882a89d65a Allow per-tiles culling.
Backface culling is enabled by default for all tiles, as this
is how the lua parser initializes each tiledef. We revert to
always using the value from the tiledef since it is always
read and serialized.

Mods that wish to enable culling for e.g. mesh nodes, now can
specify the following to enable backface culling:

    tiles = {{ name = "tex.png", backface_culling = true }},

Note the double '{' and use of 'name' key here! In the same
fashion, backface_culling can be disabled for any node now.

I've tested this against the new door models and this properly
allows me to disable culling per node. I've also tested this
against my crops mod which uses mesh nodes where culling needs
to be disabled, and tested also with plantlike drawtype nodes
where we want this to continue to be disabled.

No default setting has changed. The defaults are just migrated
from nodedef.cpp to c_content.cpp.
2016-01-20 00:36:48 +00:00
RealBadAngel
87291ea44a Show infotext with description for item entities 2016-01-18 17:21:41 +00:00
sfan5
a58c0f458d Make ItemStack:set_count(0) clear the item stack
fixes minetest/minetest_game#786
2016-01-15 13:44:45 +01:00
paramat
0bbbc6e13d Liquids: Flow into and destroy 'floodable' nodes
Add new node property 'floodable', default false
Define "air" as floodable = true in C++ and lua
2016-01-07 05:57:19 +00:00
Sapier
25d128da36 Revert "Add support for using arbitrary meshes as items"
This reverts commit 91bafceee6606fab79db1bde4cba01b84fed65c7.

Reverted due to missinterpretation of agreement, obvious dislike and me not interested in doing fights for feature I don't actually need
2015-12-29 19:53:38 +01:00
Sapier
91bafceee6 Add support for using arbitrary meshes as items 2015-12-29 16:27:06 +01:00
Sapier
5de8e026a3 Fix lua object:get_properties() being broken 2015-12-21 00:27:13 +01:00
est31
f192a5bc43 Fix missing pop
Previous commit

70ea5d552e283bd5bce3278cbf3819bd87ba2602 "Add support for limiting rotation of automatic face movement dir entitys"

by sapier has broken minetest's feature to open worlds. This was due to a
missing stack pop operation.

Thanks to @oleastre for reporting this bug and suggesting the fix.
2015-12-20 03:36:47 +01:00
Sapier
70ea5d552e Add support for limiting rotation of automatic face movement dir entitys 2015-12-19 17:00:36 +01:00
BlockMen
9eee3c3f46 Add option to give every object a nametag
or change the nametag text of players
2015-12-15 23:32:19 +01:00
est31
51e8c2b277 Fix threshold type
Fix the type of the threshold value for mapgen.
The commit

a78dd7f2b6b0e1fefdbaa1ae21b722dd4459e4f4 "Fix spelling of noise_threshold"

has changed it to be read as int, but it can have non-integral values too.

Thanks to @kwolekr for pointing this out.
2015-12-07 09:57:45 +01:00
paramat
49073ba2c3 Mapgen: Add propagate_shadow bool to calcLighting
To terminate unwanted shadows from floatlands or realms above
Also add to LuaVoxelManip calc_lighting for use in mapgen mods
Remove the 2 argument calcLighting, mapgens now use the 5
argument form to specify the volumes for propagateSunlight and
spreadLight
In mgsinglenode replace calcLighting with setLighting and
clean-up use of tabs and spaces
2015-12-07 03:18:24 +00:00
Jun Zhang
a78dd7f2b6 Fix spelling of noise_threshold 2015-12-06 11:38:03 +01:00
Alex Ford
97908cc656 Add on_secondary_use when right clicking an item in the air 2015-12-02 02:18:44 +00:00
est31
ad5ac39d8d Add LuaSecureRandom 2015-11-08 15:57:15 -05:00
BlockMen
2a12579fab Add support for audio feedback if placing node failed 2015-11-07 13:23:38 +01:00
est31
5e507c9829 Add server side ncurses terminal
This adds a chat console the server owner can use for administration
or to talk with players.
It runs in its own thread, which makes the user interface immune to
the server's lag, behaving just like a client, except timeout.
As it uses the same console code as the f10 console, things like nick
completion or a scroll buffer basically come for free.
The terminal itself is written in a general way so that adding a
client version later on is just about implementing an interface.

Fatal errors are printed after the console exists and the ncurses
terminal buffer gets cleaned up with endwin(), so that the error still
remains visible.

The server owner can chose their username their entered text will
have in chat and where players can send PMs to.
Once the username is secured with a password to prevent anybody to
take over the server, the owner can execute admin tasks over the
console.

This change includes a contribution by @kahrl who has improved ncurses
library detection.
2015-11-06 08:51:14 +01:00
kwolekr
1384108f8c Schematics: Add core.place_schematic_on_vmanip API
Fix memory leak in minetest.place_schematic
Slightly refactor Schematic code
2015-11-05 01:18:32 -05:00
kwolekr
c2b5da735e Add callback parameter for core.emerge_area() 2015-11-02 18:43:09 -05:00