From f31df5fcd19ca4d109fd604cb3d4c714469c1d63 Mon Sep 17 00:00:00 2001 From: Jusonex Date: Wed, 21 Oct 2015 09:09:19 +0200 Subject: [PATCH] Added server verification logic --- MTA10_Server/mods/deathmatch/logic/CHTTPD.cpp | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/MTA10_Server/mods/deathmatch/logic/CHTTPD.cpp b/MTA10_Server/mods/deathmatch/logic/CHTTPD.cpp index 621f82a685..82b843deb4 100644 --- a/MTA10_Server/mods/deathmatch/logic/CHTTPD.cpp +++ b/MTA10_Server/mods/deathmatch/logic/CHTTPD.cpp @@ -117,6 +117,25 @@ HttpResponse * CHTTPD::RouteRequest ( HttpRequest * ipoHttpRequest ) ResponseCode CHTTPD::HandleRequest ( HttpRequest * ipoHttpRequest, HttpResponse * ipoHttpResponse ) { + // Check if server verification was requested + auto keySecret = ipoHttpRequest->oRequestHeaders["key_secret"]; + if ( ipoHttpRequest->sUri == "/get_verification_key_code" && keySecret != "" ) + { + // Read keyfile + auto path = g_pServerInterface->GetModManager ()->GetAbsolutePath ( "verify.key" ); + SString content; + SharedUtil::FileLoad ( path, content, 100 ); + + // Verify key_secret client header to prevent unauthorized people to steal the key + if ( keySecret == content.substr ( 0, 10 ) ) + { + ipoHttpResponse->SetBody ( content, content.size () ); + return HTTPRESPONSECODE_200_OK; + } + ipoHttpResponse->SetBody ( "", 0 ); + return HTTPRESPONSECODE_401_UNAUTHORIZED; + } + CAccount * account = CheckAuthentication ( ipoHttpRequest ); if ( account )