Skip to content
Permalink
Browse files

Block attempts to connect to the client (#10589)

A Minetest peer initiates a connection by sending a packet with an invalid peer_id, for whatever reason the code for doing this ran on both the client and the server meaning you could connect to a client if you knew what the address:port tuple it was listening on.
  • Loading branch information
red-001 committed Nov 2, 2020
1 parent 9c9344c commit 0abb3e89fa6298041faa7e46d437e5a81f71cdd3
Showing with 10 additions and 2 deletions.
  1. +1 −1 src/network/connection.cpp
  2. +5 −0 src/network/connection.h
  3. +4 −1 src/network/connectionthreads.cpp
@@ -1566,7 +1566,7 @@ void Connection::sendAck(session_t peer_id, u8 channelnum, u16 seqnum)

UDPPeer* Connection::createServerPeer(Address& address)
{
if (getPeerNoEx(PEER_ID_SERVER) != 0)
if (ConnectedToServer())
{
throw ConnectionException("Already connected to a server");
}
@@ -809,6 +809,11 @@ class Connection
void putEvent(ConnectionEvent &e);

void TriggerSend();

bool ConnectedToServer()
{
return getPeerNoEx(PEER_ID_SERVER) != nullptr;
}
private:
MutexedQueue<ConnectionEvent> m_event_queue;

@@ -956,8 +956,11 @@ void ConnectionReceiveThread::receive(SharedBuffer<u8> &packetdata,
// command was sent reliably.
}

/* The peer was not found in our lists. Add it. */
if (peer_id == PEER_ID_INEXISTENT) {
/* Ignore it if we are a client */
if (m_connection->ConnectedToServer())
return;
/* The peer was not found in our lists. Add it. */
peer_id = m_connection->createPeer(sender, MTP_MINETEST_RELIABLE_UDP, 0);
}

0 comments on commit 0abb3e8

Please sign in to comment.
You can’t perform that action at this time.