Commit Graph

61 Commits

Author SHA1 Message Date
Lejo1
e79bc40c0a Check for valid base64 before decoding (#9904) 2020-05-22 14:26:22 +02:00
HybridDog
4361bfcb4d
Fix configuration caching in log_deprecated (#9697)
* Fix configuration caching in log_deprecated

The configured variable was never set to true.
I've set the variables to thread_local because the configuration should be reloaded after reentering the world from mainmenu.
2020-04-22 00:07:12 +02:00
sfan5
c657fb343f Refactor Script API's log_deprecated 2020-02-23 22:24:12 +01:00
Loïc Blot
eef62c82a2
Modernize lua read (part 2 & 3): C++ templating assurance (#7410)
* Modernize lua read (part 2 & 3): C++ templating assurance

Implement the boolean reader
Implement the string reader
Also remove unused & unimplemented script_error_handler
Add a reader with default value
2018-06-30 17:11:38 +02:00
Loïc Blot
180e551c56
Modernize lua read (part 1): C++ templating insurance (#7394)
* Modernize lua read (part 1): C++ templating assurance

Implement the float reader
2018-06-04 22:38:07 +02:00
Loïc Blot
162ffd7fba
Fix isNan on setYaw Lua call (#7380)
* Fix isNan on setYaw Lua call
2018-05-31 22:52:08 +02:00
Hybrid Dog
345e1041a2 Tool.cpp/.h, lua_api/l_util.cpp: Tidy up code and remove dead code 2018-01-03 04:01:15 +00:00
sfan5
b692454f70 Add minetest.safe_write_file() to script API 2017-11-08 16:14:05 +01:00
Rob Blanckaert
65c5539035 Add sha1 to lua utils. (#6563) 2017-10-30 08:18:18 +01:00
Loïc Blot
50423d8c72 Update JsonCPP to 1.8.3 (#6466)
* Update JsonCPP to 1.8.3

* Fix deprecated functions

Json::FastWriter, Json::StyledWriter and Json::Reader are marked deprecated since 1.1 and are deprecated in 0.8 but not shown at compilation time.

Use new methods to serialize/deserialize
2017-09-26 20:30:14 +02:00
Loïc Blot
88b436e6a9 Code modernization: subfolders (#6283)
* Code modernization: subfolders

Modernize various code on subfolders client, network, script, threading, unittests, util

* empty function
* default constructor/destructor
* for range-based loops
* use emplace_back instead of push_back
* C++ STL header style
* Make connection.cpp readable in a pointed place + typo
2017-08-19 22:23:47 +02:00
red-001
f3ad75691a Create a filesystem abstraction layer for CSM and only allow accessing files that are scanned into it. (#5965)
* Load client-side mods into memory before executing them.

This removes the remaining filesystem access that client-sided mods had and it will hopefully make then more secure.

* Lua Virtual filesystem: don't load the files into memory just scan the filenames into memory.

* Fix the issues with backtrace

* fix most of the issues

* fix code style.

* add a comment
2017-06-30 20:14:39 +02:00
Loïc Blot
a98baef5e4 C++11 patchset 2: remove util/cpp11.h and util/cpp11_container.h (#5821) 2017-06-04 21:00:04 +02:00
ShadowNinja
43d1f375d1 Use a settings object for the main settings
This unifies the settings APIs.

This also unifies the sync and async registration APIs, since the async
registration API did not support adding non-functions to the API table.
2017-05-06 15:33:19 -04:00
Loic Blot
ba66fce833 [CSM] storage + fixes 2017-03-13 23:56:05 +01:00
Loïc Blot
2c19d51409 [CSM] sound_play & sound_stop support + client_lua_api doc (#5096)
* squashed: CSM: Implement register_globalstep
  * Re-use fatal error mechanism from server to disconnect client on CSM error
  * Little client functions cleanups

* squashed: CSM: add core.after function
  * core.after is shared code between client & server
  * ModApiUtil get_us_time feature enabled for client
2017-03-13 23:56:05 +01:00
red-001
cb3a61f8db [CSM] Add method that display chat to client-sided lua. (#5089) (#5091)
* squashed: [Client-sided scripting] Don't register functions that don't work. (#5091)
2017-03-13 23:56:05 +01:00
adrido
5a0a59ad46 Dont compare short with bool (#4963)
Fixes a compiler warning on MSVC
2016-12-28 21:22:01 +01:00
ShadowNinja
59f84ca0a0 Mod security: Allow read-only access to all mod paths 2016-12-20 06:34:04 +00:00
ShadowNinja
7607b0ac20 Add version API 2016-10-31 21:53:00 -07:00
Loic Blot
613797a304 Replace various std::map with UNORDERED_MAP + various cleanups
This is part 2 for 5f084cd98d7b3326b51320455364337539710efd

Other improvements:

* Use the defined ItemGroupList when used
* make Client::checkPrivilege const
* inline some trivial functions
* Add ActiveObjectMap typedef
* Add SettingsEntries typedef
2016-10-05 10:53:19 +02:00
Rogier-5
4503b5097f Fixes for compiling with a newer (system) jsoncpp (#4429)
* Move included json code to jsoncpp subdirectory

This is needed to avoid having to specify the minetest src directory
as a system include when fixing the json includes.

* Fix json includes

They used "", so that the compiler searches the project's directory
first. The result was that when compiling with a system jsoncpp,
the project's own version of json.h was still included, instead of
the system version.

The includes now use <>, so a system location, or one specified with
'-Ilocation' is searched only.

* Fix for jsoncpp deprecated function warning

When compiling with a newer version of jsoncpp (and
ENABLE_SYSTEM_JSONCPP=true), jsoncpp emits a warning
about a deprecated function that minetest uses.
2016-08-10 12:10:00 +02:00
Dorian Wouters
fca8e53842 Fix l_request_insecure_environment not ignoring all whitespace (#4395)
l_request_insecure_environment didn't ignore all whitespace in the
secure.trusted_mods config option.

Replaces std::remove with std::remove_if and the isspace function.
2016-08-04 00:41:54 +02:00
est31
27db929252 Add minetest.check_password_entry callback
Gives a convenient way to check a player's password.

This entirely bypasses the SRP protocol, so should be used
with great care.

This function is not intended to be used
in-game, but solely by external protocols, where no
authentication of the minetest engine is provided, and
also only for protocols, in which the user already gives the
server the plaintext password.

Examples for good use are the classical http form, or irc,
an example for a bad use is a password change dialog inside
formspec.

Users should be aware that they lose the advantages of the SRP
protocol if they enter their passwords for servers outside the
normal entry box, like in in-game formspec menus,
or through irc /msg s,

This patch also fixes an auth.h mistake which has mixed up the
order of params inside the decode_srp_verifier_and_salt function.

Zeno-: Added errorstream message for invalid format when I committed
2016-05-30 23:28:08 +10:00
red-001
62d15ac7c1 Add base64 encoding and decoding to the lua api. (#3919) 2016-05-27 23:37:28 -04:00
est31
e0151d1054 Much better API for auth.{cpp, h}
* No function overloading
* Adhere coding style and with method names following
  lowercase_underscore_style
* Use std::string in external API, handling these is
  much more fun
2016-03-15 05:55:49 +01:00
ShadowNinja
0079887b64 Move AreaStore to util 2016-03-07 16:33:20 -05:00
ShadowNinja
88fbe7ca1e Use LuaErrors in security check macros
Throwing a LuaError calls destructors as it propagates up the stack,
wheres lua_error just executes a longjmp.
2016-03-07 13:37:15 -05:00
ShadowNinja
7bcbc0105b Fix main menu being unable to set secure settings 2016-03-03 00:57:19 -05:00
Jeija
033a510cf3 Fix minetest.request_insecure_environment() always returning nil
Fixes #3765
2016-02-26 06:36:48 +01:00
Jeija
1b9aef43c9 Ignore spaces in secure.trusted_mods setting 2016-02-19 18:50:42 -05:00
ShadowNinja
4827ee1258 Require request_insecure_environment to be called from the mod's main scope
Previously you could steal a secure environment from a trusted mod by wrapping
request_insecure_environment with some code like this:

local rie_cp = minetest.request_insecure_environment
local stolen_ie
function minetest.request_insecure_environment()
	local ie = rie_cp()
	stolen_ie = stolen_ie or ie
	return ie
end
2016-02-19 14:52:10 +00:00
est31
860d70bd0e Don't print whole json data buffer to errorstream on error
`errorstream` must not be overly verbose as clientside it is directly printed
onto the ingame chat window. These days, the serverlist can contain > 200k bytes,
so better print it to warningstream if the data buffer is too long.
2016-01-28 23:53:58 +01:00
kwolekr
306b067091 SAPI: Move core.get_us_time() to Util module 2015-10-26 03:46:36 -04:00
kwolekr
54f1267c2c SAPI: Mark all Lua API functions requiring envlock 2015-10-25 23:06:48 -04:00
est31
3936a5e3f7 Correct comment in l_util.cpp
Remove outdated loglevel list from a l_util.cpp comment,
and rather point to the updated code.
2015-10-26 00:32:48 +01:00
ShadowNinja
2139d7d45f Refactor logging
- Add warning log level
- Change debug_log_level setting to enumeration string
- Map Irrlicht log events to MT log events
- Encapsulate log_* functions and global variables into a class, Logger
- Unify dstream with standard logging mechanism
- Unify core.debug() with standard core.log() script API
2015-10-14 01:03:54 -04:00
Kahrl
8658c8d9b5 Use numeric indices and raw table access with LUA_REGISTRYINDEX 2015-08-27 01:56:06 +02:00
est31
c30a2d6854 Add AreaStore data structure 2015-07-27 06:42:56 +02:00
ShadowNinja
8f9af57314 Add core.get_dir_list 2015-05-16 18:33:22 -04:00
ShadowNinja
6c06330daf Add core.request_insecure_environment() 2015-05-16 18:33:19 -04:00
ShadowNinja
05ab9973f9 Add core.mkdir 2015-05-16 18:32:37 -04:00
ShadowNinja
3a8c788880 Add mod security
Due to compatibility concerns, this is temporarily disabled.
2015-05-16 18:32:31 -04:00
est31
82e35edff5 Make early protocol auth mechanism generic, and add SRP
Adds everything needed for SRP (and everything works too),
but still deactivated, as protocol v25 init packets aren't final yet.
Can be activated by changing the LATEST_PROTOCOL_VERSION header to 25
inside networkprotocol.h.
2015-05-11 18:40:27 +02:00
est31
f0a1379e5a Refactor around translatePassword
Change types for passed password from wstring to string, which removes converting
back and forth in most cases. Move the narrow_to_wide conversion, where its neccessary,
closer to irrlicht. Remove trailing spaces in guiPasswordChange.cpp. Make parameters for
translatePassword passed as const reference.
2015-04-17 06:10:30 +02:00
Craig Robbins
9527984dbc Move globals from main.cpp to more sane locations
Move debug streams to log.cpp|h

Move GUI-related globals to clientlauncher

Move g_settings and g_settings_path to settings.cpp|h

Move g_menuclouds to clouds.cpp|h

Move g_profiler to profiler.cpp|h
2015-04-01 23:04:25 +10:00
ShadowNinja
6bc4cad0ed Split settings into seperate source and header files
This also cleans up settings a bit
2014-09-21 14:39:35 -04:00
ShadowNinja
406ed5efac Add compression API 2014-09-20 14:02:54 -04:00
ShadowNinja
34d872628d Make print() NUL-safe 2014-05-15 19:09:47 -04:00
ShadowNinja
1cd512913e Organize builtin into subdirectories 2014-05-07 17:14:23 -04:00