Commit Graph

1077 Commits

Author SHA1 Message Date
00865e1c7b Fix player state issue after failing to complete a mission
Fixes #225.

Co-authored-by: Jade <jadeshrinemaiden@gmail.com>
2022-02-11 23:20:40 +01:00
28bfd14362 Quick-fix for doDamage() crash
Couldn't get a reliable repro, but this is probably what that bug was.
It's not very throughly investigated, but we'll be tweaking those parts
of the codebase anyway, so we can examine if there's a deeper issue
later.
2022-02-08 17:02:42 +01:00
6412a9a89e Fix missing validation in Nanos::nanoEquipHandler() 2022-02-08 12:48:58 +01:00
f376c68115 [seccomp] Allow clock_nanosleep()
This apparently gets called very rarely during normal operation. This
change fixes a rare server crash.
2022-02-04 20:04:22 +01:00
3c6afa0322 Tolerate missing optional fields when loading gruntwork
These are already allowed to be absent in paths.json, but the gruntwork
loading logic wasn't updated accordingly.
2021-12-31 02:40:32 +01:00
384a2ece78 [sandbox] Seccomp filter tweaks
* Restrict fcntl() to only the flags we need
* Non-fatally deny tgkill() and rt_sigaction() so that segfaults don't
  result in a SIGSYS. They're debuggable either way, but this way it's
  clearer what the issue is right away.
* Allow truncate() and ftruncate() for sqlite's alternate journal modes
* Slight macro cleanup
* Add missing colon in a DB log message

We don't need to worry about compilation problems arising if glibc or
musl-libc add their own wrapper for the seccomp() syscall in the future.
Ours will/would just silently take precedence over the external one
without interfering with compilation. This should work regardless of
whether libc uses weak symbols and regardless of whether libc is
dynamically or statically linked into the executable. The wrapper's
signature has been stripped of its static and inline qualifiers, as it
must match the exact declaration the libc headers will/would use.

Further, if a pre-compiled binary is run on a system which genuinely
doesn't support seccomp(), it'll just return ENOSYS and the server will
terminate with an error. The user can then just disable the sandbox in
the config file. We don't need any special logic for that scenario.
2021-12-26 04:00:51 +01:00
CakeLancelot
f4a7ab7373
Update README to include installer instructions 2021-12-20 23:11:07 -06:00
bc1153c97e Call terminate() on Windows
Closes #196
2021-12-17 01:14:32 +01:00
c6ffcd4804 Clean up indentation in a few places 2021-12-16 03:34:15 +01:00
b3c844650b Tighten seccomp sandbox restrictions on mmap(), ioctl() and socketcall() 2021-12-16 00:36:48 +01:00
13bd299de4 Do not use assembly-accelerated bcrypt on i386
Adding the assembly source files to the build system(s) would be more
trouble than it's worth, considering we don't make 32-bit builds for
much other than satisfying our curiosity.
2021-12-16 00:36:48 +01:00
1e3d183f9a Add hardening flags to Makefile
Also tweaked the flags slightly so that CXXFLAGS are a superset of
CFLAGS, all optimization levels default to -O2, and .SUFFIXES works
correctly.
2021-12-16 00:36:48 +01:00
dfe596447b Whitelist syscalls for 32-bit x86 Linux
Should probably filter the args to this for the sake of proper
sandboxing.
2021-12-16 00:36:48 +01:00
9297e82589 Whitelist syscalls for musl-libc, Raspberry Pi and alt libsqlite configs 2021-12-16 00:36:48 +01:00
4319ee57a0 Switch seccomp sandbox to default-deny filter 2021-12-16 00:36:48 +01:00
09e452a09d pledge() + unveil() sandbox
This is the OpenBSD sandbox.
2021-12-16 00:36:43 +01:00
3c1e08372d Proof-of-concept, default-permit seccomp-bpf sandbox
Can be disabled by adding -DCONFIG_NOSANDBOX to CXXFLAGS.
2021-12-16 00:36:09 +01:00
05d6174351 Handle email dumping separately from chat dumping
This makes it actually possible to unambiguously parse the full thing
on the receiving end.
2021-12-03 22:23:59 +01:00
9ab998688c Fix time handling on systems with 32-bit time_t 2021-11-06 21:18:36 +01:00
7249b54127 Fix tdatadir and patchdir in config file requiring a terminating slash 2021-11-06 06:01:14 +01:00
4fa18a9642 Fix make not detecting changes to headers in vendor/ 2021-11-06 06:00:37 +01:00
gsemaj
8a294cb2be Include emails in chat dump 2021-10-25 15:32:26 -04:00
57e9834786 Fix U16toU8() returning strings longer than max
UTF-16 inputs containing actual multi-byte characters resulted in codecvt
returning a UTF-8 string longer than the requested max length.
2021-10-25 21:15:00 +02:00
70c3650ee1 Add config option to disable the localhost workaround
There are some network configurations in which it's undesirable; such as
reverse tunneling through ssh. These are obscure enough to allow leaving
the option undocumented (in the example config file).
2021-10-21 20:58:41 +02:00
e2c85aa03f Respawn players at half health
Cleaned up the adjacent code slightly; might clean it up further later.
2021-10-19 20:36:33 +02:00
Hpmason
ed285e5d24 Update version numbers in README.md
README still uses version 1.3 for links to client and server files. This changes those links to 1.4
2021-10-05 19:43:25 -04:00
0883ec4aae Update copyright in LICENSE file 2021-09-20 20:55:03 +02:00
CakeLancelot
2eb64540d1 Usernames are now case-insensitive
This fixes a UX issue, where if you accidentally capitalized a letter
in the username when logging in, it would instead create a new account.

The behavior was confusing, since to the user it looks as if their
characters were deleted or progress was not saved.

In order for this to work, duplicate accounts (e.g. username and USERNAME)
need to be deleted/renamed. The server will *detect* if any duplicates
exist. If any are found, it will direct the server operator to a pruning
script, or they can choose to resolve the duplicates manually.
2021-09-20 20:40:12 +02:00
bb4029a9bf Fix invisible group mobs bug
This is a simplified adaptation of
29e7bd25a4f888e9d72fa01f84df98de79f861d1 from Retrobution.

Co-authored-by: Jade <jadeshrinemaiden@gmail.com>
2021-09-19 04:55:10 +02:00
25ce0f6d82 Rewrite /lair command
This wasn't strictly necessary as this command has outlived its
usefulness, but I had gone ahead and rewritten it because it was (barring
taskStart()) the only place in the codebase that accesses Chunking::chunks
outside of Chunking.cpp. This became apparent during a (currently paused)
effort to improve the API that the Chunking namespace exposes to the
rest of the codebase.

I went ahead and rewrote the rest of this command as it was poorly
implemented anyway. This has been sitting in my working directory
uncommitted for a few months, so I may as well push it.
2021-09-19 04:55:10 +02:00
CakeLancelot
bab17eb23f
Mobs can now get criticial hits
Explanation: it was uncertain whether mobs could perform critical hits, since the color of damage numbers didn't change at all. However, I found that male characters will actually use a different sound effect when receiving a crit (I confirmed this SFX appeared in old FF videos), so I went ahead and re-enabled it.
2021-09-05 13:34:27 -05:00
CakeLancelot
aaaf03128a
Don't aggro to players using MSS 2021-09-05 13:23:05 -05:00
CakeLancelot
558d056bcf Update tdata ref
Fixes mission "Don't Fear the Reaper (4/4)" as well as a few other misplaced NPCs
2021-07-27 00:04:11 -05:00
gsemaj
0accd1f345 Make sure a vendor is actually selling the item a player wants to buy 2021-06-20 10:15:02 -04:00
CakeLancelot
bb12a60e04 Cleanly remove player after triggering rapidfire anticheat
Previously, the socket was killed but the player was still technically present.
2021-05-27 00:12:44 -05:00
CakeLancelot
8326ea6e26 Fix sliders stopping in place after one round-trip 2021-05-16 14:39:45 -05:00
81cc19f985 Fix failed task QItem handling, implement /itemQ command 2021-05-14 14:24:35 -05:00
19fd4ecb83 Various fixes in Trading.cpp 2021-05-14 14:21:18 -05:00
CakeLancelot
243e4f6d50 Add a fallback to racingCancel if a respawn point isn't found
Fixes segfault when canceling or timing out race in Mandark's House Future.

Also expanded on the comment for why this respawn is necessary.
2021-05-14 14:10:19 -05:00
gsemaj
6f59001be1 Only loop NPC movement if the NPC has a looping path assigned
Allows paths to terminate.
Also fixes a bug where follower NPCs sometimes oscillate their positions.
2021-05-09 08:38:14 -04:00
gsemaj
e5d9e7217e Fix potentially expensive copying of ChunkPos in escort path assignment 2021-05-09 08:36:45 -04:00
5c1bb0acc9 Add enabledpatches config option
The server administrator must now specify which patches they want the
server to load (if deviating from the defaults). There are multiple
reasons for this:

* It's useful to be able to pick and choose which patches you want to
boot the server with; without having to move the directories in and out
of the patch directory
* This way, we can have different default patches for different builds
of the game (104 vs 1013)
* ...ergo, it's easier to rapidly switch builds without having to
rearrange your workspace to properly run them
* This also allows us to remove the std::filesystem stuff, which has
spotty compatibility with slightly older (but still current) versions of
the compilers
2021-05-07 21:29:18 +02:00
gsemaj
32daa68458 Clean up /path command handler 2021-05-06 12:17:34 -04:00
gsemaj
2d7aa3c536 Fix EOL in settings.cpp 2021-05-06 12:17:34 -04:00
gsemaj
eb8ec85746 Scan all chunks in instance instead of in view for escort missions 2021-05-06 12:17:34 -04:00
gsemaj
a90ba9ea08 Assign paths with matching taskIDs to escort tasks on task start 2021-05-06 12:17:34 -04:00
gsemaj
974b67d4b6 Move constructPathNPC to Transport 2021-05-06 12:17:34 -04:00
gsemaj
6ae4ab2cbf Move findApplicablePaths to Transport, add taskID argument 2021-05-06 12:17:34 -04:00
gsemaj
9fb41342b3 Fix server crash if patch folder doesn't exist 2021-05-06 12:17:34 -04:00
gsemaj
0ccc66208d Added /path here 2021-05-06 12:17:34 -04:00