diff options
Diffstat (limited to 'src/server')
-rw-r--r-- | src/server/net/discoverylistener.cpp | 14 | ||||
-rw-r--r-- | src/server/serverapp/serverapp.cpp | 2 |
2 files changed, 11 insertions, 5 deletions
diff --git a/src/server/net/discoverylistener.cpp b/src/server/net/discoverylistener.cpp index d644259..9586a71 100644 --- a/src/server/net/discoverylistener.cpp +++ b/src/server/net/discoverylistener.cpp @@ -30,7 +30,7 @@ * @brief DiscoveryListener::DiscoveryListener */ DiscoveryListener::DiscoveryListener(QObject *parent) - : _socket(this) + : QObject(parent), _socket(this) { if (!_socket.bind(QHostAddress::AnyIPv4, SERVICE_DISCOVERY_PORT)) { qFatal("Could not bind to service discovery port %d", int(SERVICE_DISCOVERY_PORT)); @@ -128,15 +128,17 @@ void DiscoveryListener::onReadyRead() continue; const quint16 bucket = hash(addr) % SD_PACKET_TABLE_SIZE; if (_packetCounter[bucket] > SPAM_CUTOFF) { - qDebug() << "SD: Potential (D)DoS from " << _socket.peerAddress().toString(); + qDebug() << "SD: Potential (D)DoS from " << addr.toString(); // emit some signal and pop up a big warning that someone is flooding/ddosing the PVS SD // ... on the other hand, will the user understand? ;) continue; } ++_packetCounter[bucket]; _packet.reset(); - if (_packet.readMessage(data, quint32(size)) != NM_READ_OK) + if (_packet.readMessage(data, quint32(size)) != NM_READ_OK) { + qDebug() << "Corrupted service discovery message from" << addr.toString(); continue; + } // Valid packet, process it: const QByteArray iplist(_packet.getFieldBytes(_IPLIST)); const QByteArray hash(_packet.getFieldBytes(_HASH)); @@ -146,12 +148,16 @@ void DiscoveryListener::onReadyRead() if (salt1.size() < 16 || salt2.size() < 16) continue; // To make this more secure, you could remember the last X salts used, and ignore new packets using the same // Check if the source IP of the packet matches any of the addresses given in the IP list - if (!Network::isAddressInList(QString::fromUtf8(iplist), addr.toString())) + if (!Network::isAddressInList(QString::fromUtf8(iplist), addr.toString())) { + qDebug() << "SD: Client" << addr.toString() << "did not supply IP in list:" << iplist; continue; + } // If so, check if the submitted hash seems valid if (genSha1(&serverApp->sessionNameArray(), &salt1, &iplist) != hash && !(serverApp->getCurrentRoom()->clientPositions.contains(addr.toString()))) { // did not match local session name and client is not in same room. + qDebug() << "SD: Mismatch, neither session name match, nor client for current room" << serverApp->getCurrentRoom()->tutorIP; + qDebug() << "SD: Allowed clients from room:" << serverApp->getCurrentRoom()->clientPositions.keys(); continue; } diff --git a/src/server/serverapp/serverapp.cpp b/src/server/serverapp/serverapp.cpp index 900d3a4..c91ed15 100644 --- a/src/server/serverapp/serverapp.cpp +++ b/src/server/serverapp/serverapp.cpp @@ -145,7 +145,7 @@ const Room* ServerApp::getCurrentRoom() const static Room* defaultRoom = nullptr; if (defaultRoom == nullptr) { defaultRoom = new Room(QMap<QString, - QPoint>(), QSize(8, 6), QSize(1, 1), "", ""); + QPoint>(), QSize(8, 6), QSize(1, 1), "", "<none>"); } return defaultRoom; } |