core.check_player_privs accepts as first argument a name or player object, but just tested for a string.
This caused crashes inside builtin, when being passed any unexpected types.
This provides a better (duck-typing like) test, better error reporting.
This allows mods to perform both asynchronous and synchronous HTTP
requests. Mods are only granted access to HTTP APIs if either mod
security is disabled or if they are whitelisted in any of the
the secure.http_mods and secure.trusted_mods settings.
Adds httpfetch_caller_alloc_secure to generate random, non-predictable
caller IDs so that lua mods cannot spy on each others HTTP queries.
I could honestly not make much sense of the timer implementation
that was here. Instead I've implemented the type of timer algorithm
that I've used before, and tested it instead.
The concept is extremely simple: all timers are put in an ordered
list. We check every server tick if any of the timers have
elapsed, and execute the function associated with this timer.
We know that many timers by themselves cause new timers to be
added to this list, so we iterate *backwards* over the timer
list. This means that new timers being added while timers are
being executed, can never be executed in the same function pass,
as they are always appended to the table *after* the end of
the table, which we will never reach in the current pass over
all the table elements.
We switch time keeping to minetest.get_us_time(). dtime is
likely unreliable and we have our own high-res timer that we
can fix if it is indeed broken. This removes the need to do
any sort of time keeping.
The callback can now be invoked with either the player object or name as
the first parameter, and with either a table or a list of strings, like
this:
minetest.check_player_privs(player_name, { shout = true, fly = true })
minetest.check_player_privs(player_name, "shout", "fly")
minetest.check_player_privs(player, { shout = true, fly = true })
minetest.check_player_privs(player, "shout", "fly")