Move timingSafeStrcmp to main

Refactor login packet handler for more flexible auth
BUILD - Optimize Dockerfile by using alpine as base image (#277 )
2024-11-24 05:51:05 +00:00 · 2024-11-16 19:16:49 -08:00 · 2024-11-16 13:42:20 -08:00 · 2024-10-28 21:26:25 -07:00 · 2024-10-28 20:49:34 -07:00 · 2024-10-28 20:39:25 -07:00
39 changed files with 737 additions and 217 deletions
--- a/.github/workflows/check-builds.yaml
+++ b/.github/workflows/check-builds.yaml
@ -29,7 +29,7 @@ jobs:
          submodules: recursive
          fetch-depth: 0
      - name: Install dependencies
-        run: sudo apt install clang cmake snap -y && sudo snap install powershell --classic
+        run: sudo apt install clang cmake snap libsqlite3-dev -y && sudo snap install powershell --classic
      - name: Check compilation
        run: |
          $versions = "104", "728", "1013"
@ -113,7 +113,7 @@ jobs:

  copy-artifacts:
    if: github.event_name != 'pull_request' && github.ref == 'refs/heads/master'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
    needs: [windows-build, ubuntu-build]
    env:
      BOT_SSH_KEY: ${{ secrets.BOT_SSH_KEY }}
--- a/.github/workflows/push-docker-image.yml
+++ b/.github/workflows/push-docker-image.yml
@ -3,6 +3,7 @@ name: Push Docker Image
 on:
  release:
    types: [published]
+  workflow_dispatch:

 jobs:
  push-docker-image:
@ -10,11 +11,6 @@ jobs:
    runs-on: ubuntu-latest
    permissions:
      contents: read
-    strategy:
-      matrix:
-        platforms:
-          - linux/amd64
-          - linux/arm64
    steps:
      - uses: actions/checkout@v4
      - name: Retrieve major version
@ -28,11 +24,15 @@ jobs:
        with:
          password: ${{ secrets.DOCKERHUB_TOKEN }}
          username: ${{ secrets.DOCKERHUB_USERNAME }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
      - name: Build and push the Docker image
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./Dockerfile
-          platforms: ${{ matrix.platforms }}
+          platforms: linux/amd64,linux/arm64
          push: true
          tags: ${{ secrets.DOCKERHUB_REPOSITORY }}:${{ github.ref_name }},${{ secrets.DOCKERHUB_REPOSITORY }}:${{ steps.split.outputs._0 }},${{ secrets.DOCKERHUB_REPOSITORY }}:latest
--- a/27
+++ b/27
@ -1,32 +1,41 @@
 # build
-FROM debian:stable-slim as build
+FROM alpine:3 as build

 WORKDIR /usr/src/app

-RUN apt-get -y update && apt-get install -y \
+RUN apk update && apk upgrade && apk add \
+linux-headers \
 git \
-clang \
+clang18 \
 make \
-libsqlite3-dev
+sqlite-dev

 COPY src ./src
 COPY vendor ./vendor
 COPY .git ./.git
 COPY Makefile CMakeLists.txt version.h.in ./

-RUN make -j8
+RUN sed -i 's/^CC=clang$/&-18/' Makefile
+RUN sed -i 's/^CXX=clang++$/&-18/' Makefile
+
+RUN make nosandbox -j$(nproc)

 # prod
-FROM debian:stable-slim
+FROM alpine:3

 WORKDIR /usr/src/app

-RUN apt-get -y update && apt-get install -y \
-libsqlite3-dev
+RUN apk update && apk upgrade && apk add \
+libstdc++ \
+sqlite-dev

 COPY --from=build /usr/src/app/bin/fusion /bin/fusion
 COPY sql ./sql

 CMD ["/bin/fusion"]

-LABEL Name=openfusion Version=0.0.2
+EXPOSE 23000/tcp
+EXPOSE 23001/tcp
+EXPOSE 8003/tcp
+
+LABEL Name=openfusion Version=1.6.0
--- a/8
+++ b/8
@ -115,6 +115,7 @@ CXXHDR=\
 	src/settings.hpp\
 	src/Transport.hpp\
 	src/TableData.hpp\
+	src/Bucket.hpp\
 	src/Chunking.hpp\
 	src/Buddies.hpp\
 	src/Groups.hpp\
@ -133,6 +134,8 @@ HDR=$(CHDR) $(CXXHDR)
 all: $(SERVER)

 windows: $(SERVER)
+nosandbox: $(SERVER)
+nolandlock: $(SERVER)

 # assign Windows-specific values if targeting Windows
 windows : CC=$(WIN_CC)
@ -142,6 +145,9 @@ windows : CXXFLAGS=$(WIN_CXXFLAGS)
 windows : LDFLAGS=$(WIN_LDFLAGS)
 windows : SERVER=$(WIN_SERVER)

+nosandbox : CFLAGS+=-DCONFIG_NOSANDBOX=1
+nolandlock : CFLAGS+=-DCONFIG_NOLANDLOCK=1
+
 .SUFFIXES: .o .c .cpp .h .hpp

 .c.o:
@ -163,7 +169,7 @@ version.h:

 src/main.o: version.h

-.PHONY: all windows clean nuke
+.PHONY: all windows nosandbox nolandlock clean nuke

 # only gets rid of OpenFusion objects, so we don't need to
 # recompile the libs every time
--- a/README.md
+++ b/README.md
@ -1,34 +1,35 @@
-<p align="center"><img width="640" src="res/openfusion-hero.png" alt=""></p>
+<p align="center"><img width="640" src="res/openfusion-hero.png" alt="OpenFusion Logo"></p>

 <p align="center">
    <a href="https://github.com/OpenFusionProject/OpenFusion/releases/latest"><img src="https://img.shields.io/github/v/release/OpenFusionProject/OpenFusion" alt="Current Release"></a>
    <a href="https://github.com/OpenFusionProject/OpenFusion/actions/workflows/check-builds.yaml"><img src="https://github.com/OpenFusionProject/OpenFusion/actions/workflows/check-builds.yaml/badge.svg" alt="Workflow"></a>
+    <a href="https://hub.docker.com/repository/docker/openfusion/openfusion/"><img src="https://badgen.net/docker/pulls/openfusion/openfusion?icon=docker&label=pulls"></a>
    <a href="https://discord.gg/DYavckB"><img src="https://img.shields.io/badge/chat-on%20discord-7289da.svg?logo=discord" alt="Discord"></a>
    <a href="https://github.com/OpenFusionProject/OpenFusion/blob/master/LICENSE.md"><img src="https://img.shields.io/github/license/OpenFusionProject/OpenFusion" alt="License"></a>
 </p>

-OpenFusion is a reverse-engineered server for FusionFall. It primarily targets versions `beta-20100104` and `beta-20111013` of the original game, with [limited support](https://github.com/OpenFusionProject/OpenFusion/wiki/FusionFall-Version-Support) for others.
+OpenFusion is a reverse-engineered server for FusionFall. It primarily targets versions `beta-20100104` and `beta-20111013` of the original game, with [limited support](https://openfusion.dev/docs/reference/fusionfall-version-support/) for others.

 ## Usage

 ### Getting Started
 #### Method A: Installer (Easiest)
-1. Download the client installer by clicking [here](https://github.com/OpenFusionProject/OpenFusion/releases/download/1.5.2/OpenFusionClient-1.5.2-Installer.exe) - choose to run the file.
+1. Download the client installer by clicking [here](https://github.com/OpenFusionProject/OpenFusion/releases/download/1.6/OpenFusionClient-1.6-Installer.exe) - choose to run the file.
 2. After a few moments, the client should open: you will be given a choice between two public servers by default. Select the one you wish to play and click connect.
 3. To create an account, simply enter the details you wish to use at the login screen then click Log In. Do *not* click register, as this will just lead to a blank screen.
 4. Make a new character, and enjoy the game! Your progress will be saved automatically, and you can resume playing by entering the login details you used in step 3.

 #### Method B: Standalone .zip file
-1. Download the client from [here](https://github.com/OpenFusionProject/OpenFusion/releases/download/1.5.2/OpenFusionClient-1.5.2.zip).
+1. Download the client from [here](https://github.com/OpenFusionProject/OpenFusion/releases/download/1.6/OpenFusionClient-1.6.zip).
 2. Extract it to a folder of your choice. Note: if you are upgrading from an older version, it is preferable to start with a fresh folder rather than overwriting a previous install.
 3. Run OpenFusionClient.exe - you will be given a choice between two public servers by default. Select the one you wish to play and click connect.
 4. To create an account, simply enter the details you wish to use at the login screen then click Log In. Do *not* click register, as this will just lead to a blank screen.
 5. Make a new character, and enjoy the game! Your progress will be saved automatically, and you can resume playing by entering the login details you used in step 4.

-Instructions for getting the client to run on Linux through Wine can be found [here](https://github.com/OpenFusionProject/OpenFusion/wiki/Running-the-game-client-on-Linux).
+Instructions for getting the client to run on Linux through Wine can be found [here](https://openfusion.dev/docs/guides/running-on-linux/).

 ### Hosting a server
-1. Grab `OpenFusionServer-1.5-Original.zip` or `OpenFusionServer-1.5-Academy.zip` from [here](https://github.com/OpenFusionProject/OpenFusion/releases/tag/1.5.2).
+1. Grab `OpenFusionServer-1.6-Original.zip` or `OpenFusionServer-1.6-Academy.zip` from [here](https://github.com/OpenFusionProject/OpenFusion/releases/tag/1.6).
 2. Extract it to a folder of your choice, then run `winfusion.exe` (Windows) or `fusion` (Linux) to start the server.
 3. Add a new server to the client's list:
    1. For Description, enter anything you want. This is what will show up in the server list.
@ -79,17 +80,17 @@ This just works if you're all under the same LAN, but if you want to play over t

 ## Compiling 

-OpenFusion has one external dependency: SQLite. The oldest compatible version is `3.33.0`. You can install it on Windows using `vcpkg`, and on Unix/Linux using your distribution's package manager. For a more indepth guide on how to set up vcpkg, [read this guide on the wiki](https://github.com/OpenFusionProject/OpenFusion/wiki/Installing-SQLite-on-Windows-using-vcpkg).
+OpenFusion has one external dependency: SQLite. The oldest compatible version is `3.33.0`. You can install it on Windows using `vcpkg`, and on Unix/Linux using your distribution's package manager. For a more indepth guide on how to set up vcpkg, [read this guide](https://openfusion.dev/docs/development/installing-sqlite-on-windows-using-vcpkg/).

 You have two choices for compiling OpenFusion: the included Makefile and the included CMakeLists file.

 ### Makefile

-A detailed compilation guide is available for Windows users in the wiki [using MinGW-w64 and MSYS2](https://github.com/OpenFusionProject/OpenFusion/wiki/Compilation-on-Windows). Otherwise, to compile it for the current platform you're on, just run `make` with the correct build tools installed (currently make and clang).
+A detailed compilation guide is available for Windows users on the website [using MinGW-w64 and MSYS2](https://openfusion.dev/docs/development/compilation-on-windows-msys2-mingw/). Otherwise, to compile it for the current platform you're on, just run `make` with the correct build tools installed (currently make and clang).

 ### CMake

-A detailed guide is available [on the wiki](https://github.com/OpenFusionProject/OpenFusion/wiki/Compilation-with-CMake-or-Visual-Studio) for people using regular old CMake or the version of CMake that comes with Visual Studio. tl;dr: `cmake -B build`
+A detailed guide is available [in our documentation](https://openfusion.dev/docs/development/compilation-with-cmake-or-visual-studio/) for people using regular old CMake or the version of CMake that comes with Visual Studio. TL;DR: `cmake -B build`

 ## Contributing

@ -107,4 +108,4 @@ Meanwhile the Academy server is more meant for legitimate playthroughs (default

 When hosting a local server, you will have access to all commands by default (account level 1).

-For a list of available commands, see [this wiki page](https://github.com/OpenFusionProject/OpenFusion/wiki/Ingame-Command-list).
+For a list of available commands, see [this page](https://openfusion.dev/docs/reference/ingame-command-list/).
--- a/config.ini
+++ b/config.ini
@ -18,8 +18,8 @@ acceptallcustomnames=true
 # automatically create them?
 autocreateaccounts=true
 # list of supported authentication methods (comma-separated)
-# password = allow login type 1 with plaintext passwords
-# cookie = allow login type 2 with one-shot auth cookies
+# password = allow logging in with plaintext passwords
+# cookie = allow logging in with one-shot auth cookies
 authmethods=password
 # how often should everything be flushed to the database?
 # the default is 4 minutes
@ -102,5 +102,8 @@ eventmode=0
 enabled=false
 # the port to listen for connections on
 port=8003
+# The local IP to listen on.
+# Do not change this unless you know what you're doing.
+listenip=127.0.0.1
 # how often the listeners should be updated (in milliseconds)
 interval=5000
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,11 +1,9 @@
-version: '3.4'
-
 services:
  openfusion:
-    image: openfusion
    build:
      context: .
      dockerfile: ./Dockerfile
+    image: openfusion/openfusion:latest
    volumes:
      - ./config.ini:/usr/src/app/config.ini
      - ./database.db:/usr/src/app/database.db
--- a/src/Abilities.cpp
+++ b/src/Abilities.cpp
@ -334,8 +334,8 @@ void Abilities::useNanoSkill(CNSocket* sock, SkillData* skill, sNano& nano, std:
    size_t resplen = sizeof(sP_FE2CL_NANO_SKILL_USE_SUCC);
    for(SkillResult& sr : results)
        resplen += sr.size;
-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-    memset(respbuf, 0, resplen);
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_NANO_SKILL_USE_SUCC* pkt = (sP_FE2CL_NANO_SKILL_USE_SUCC*)respbuf;
    pkt->iPC_ID = plr->iID;
@ -368,7 +368,6 @@ void Abilities::useNPCSkill(EntityRef npc, int skillID, std::vector<ICombatant*>
    SkillData* skill = &SkillTable[skillID];

    std::vector<SkillResult> results = handleSkill(skill, 0, src, affected);
-    if(results.empty()) return; // no effect; no need for confirmation packets

    // lazy validation since skill results might be different sizes
    if (!validOutVarPacket(sizeof(sP_FE2CL_NPC_SKILL_HIT), results.size(), MAX_SKILLRESULT_SIZE)) {
@ -380,8 +379,8 @@ void Abilities::useNPCSkill(EntityRef npc, int skillID, std::vector<ICombatant*>
    size_t resplen = sizeof(sP_FE2CL_NPC_SKILL_HIT);
    for(SkillResult& sr : results)
        resplen += sr.size;
-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-    memset(respbuf, 0, resplen);
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_NPC_SKILL_HIT* pkt = (sP_FE2CL_NPC_SKILL_HIT*)respbuf;
    pkt->iNPC_ID = npc.id;
--- a/src/Bucket.hpp
+++ b/src/Bucket.hpp
@ -0,0 +1,40 @@
+#pragma once
+
+#include <array>
+#include <optional>
+
+#include <assert.h>
+
+template<class T, size_t N>
+class Bucket {
+    std::array<T, N> buf;
+    size_t sz;
+public:
+    Bucket() {
+        sz = 0;
+    }
+
+    void add(const T& item) {
+        assert(sz < N);
+        buf[sz++] = item;
+    }
+
+    std::optional<T> get(size_t idx) const {
+        if (idx < sz) {
+            return buf[idx];
+        }
+        return std::nullopt;
+    }
+
+    size_t size() const {
+        return sz;
+    }
+
+    bool isFull() const {
+        return sz == N;
+    }
+
+    void clear() {
+        sz = 0;
+    }
+};
--- a/src/Buddies.cpp
+++ b/src/Buddies.cpp
@ -41,9 +41,9 @@ void Buddies::sendBuddyList(CNSocket* sock) {

    // initialize response struct
    size_t resplen = sizeof(sP_FE2CL_REP_PC_BUDDYLIST_INFO_SUCC) + buddyCnt * sizeof(sBuddyBaseInfo);
-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];

-    memset(respbuf, 0, resplen);
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_REP_PC_BUDDYLIST_INFO_SUCC* resp = (sP_FE2CL_REP_PC_BUDDYLIST_INFO_SUCC*)respbuf;
    sBuddyBaseInfo* respdata = (sBuddyBaseInfo*)(respbuf + sizeof(sP_FE2CL_REP_PC_BUDDYLIST_INFO_SUCC));
--- a/src/Buffs.cpp
+++ b/src/Buffs.cpp
@ -178,9 +178,9 @@ void Buffs::tickDrain(EntityRef self, Buff* buff, int mult) {
    int dealt = combatant->takeDamage(buff->getLastSource(), damage);

    size_t resplen = sizeof(sP_FE2CL_CHAR_TIME_BUFF_TIME_TICK) + sizeof(sSkillResult_Damage);
-    assert(resplen < CN_PACKET_BUFFER_SIZE - 8);
-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-    memset(respbuf, 0, resplen);
+    assert(resplen < CN_PACKET_BODY_SIZE);
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_CHAR_TIME_BUFF_TIME_TICK *pkt = (sP_FE2CL_CHAR_TIME_BUFF_TIME_TICK*)respbuf;
    pkt->iID = self.id;
--- a/src/Chunking.cpp
+++ b/src/Chunking.cpp
@ -1,7 +1,9 @@
 #include "Chunking.hpp"

+#include "Player.hpp"
 #include "MobAI.hpp"
 #include "NPCManager.hpp"
+#include "Bucket.hpp"

 #include <assert.h>

@ -11,6 +13,12 @@ using namespace Chunking;
 * The initial chunkPos value before a player is placed into the world.
 */
 const ChunkPos Chunking::INVALID_CHUNK = {};
+constexpr size_t MAX_PC_PER_AROUND = (CN_PACKET_BODY_SIZE - sizeof(int32_t)) / sizeof(sPCAppearanceData);
+constexpr size_t MAX_NPC_PER_AROUND = (CN_PACKET_BODY_SIZE - sizeof(int32_t)) / sizeof(sNPCAppearanceData);
+constexpr size_t MAX_SHINY_PER_AROUND = (CN_PACKET_BODY_SIZE - sizeof(int32_t)) / sizeof(sShinyAppearanceData);
+constexpr size_t MAX_TRANSPORTATION_PER_AROUND = (CN_PACKET_BODY_SIZE - sizeof(int32_t)) / sizeof(sTransportationAppearanceData);
+constexpr size_t MAX_IDS_PER_AROUND_DEL = (CN_PACKET_BODY_SIZE - sizeof(int32_t)) / sizeof(int32_t);
+constexpr size_t MAX_TRANSPORTATION_IDS_PER_AROUND_DEL = MAX_IDS_PER_AROUND_DEL - 1; // 1 less for eTT

 std::map<ChunkPos, Chunk*> Chunking::chunks;

@ -75,11 +83,80 @@ void Chunking::untrackEntity(ChunkPos chunkPos, const EntityRef ref) {
        deleteChunk(chunkPos);
 }

+template<class T, size_t N>
+static void sendAroundPackets(const EntityRef recipient, std::vector<Bucket<T, N>>& buckets, uint32_t packetId) {
+    assert(recipient.kind == EntityKind::PLAYER);
+
+    uint8_t pktBuf[CN_PACKET_BODY_SIZE];
+    for (const auto& bucket : buckets) {
+        memset(pktBuf, 0, CN_PACKET_BODY_SIZE);
+        int count = bucket.size();
+        *((int32_t*)pktBuf) = count;
+        T* data = (T*)(pktBuf + sizeof(int32_t));
+        for (size_t i = 0; i < count; i++) {
+            data[i] = bucket.get(i).value();
+        }
+        recipient.sock->sendPacket(pktBuf, packetId, sizeof(int32_t) + (count * sizeof(T)));
+    }
+}
+
+template<size_t N>
+static void sendAroundDelPackets(const EntityRef recipient, std::vector<Bucket<int32_t, N>>& buckets, uint32_t packetId) {
+    assert(recipient.kind == EntityKind::PLAYER);
+
+    uint8_t pktBuf[CN_PACKET_BODY_SIZE];
+    for (const auto& bucket : buckets) {
+        memset(pktBuf, 0, CN_PACKET_BODY_SIZE);
+        int count = bucket.size();
+        assert(count <= N);
+
+        size_t baseSize;
+        if (packetId == P_FE2CL_AROUND_DEL_TRANSPORTATION) {
+            sP_FE2CL_AROUND_DEL_TRANSPORTATION* pkt = (sP_FE2CL_AROUND_DEL_TRANSPORTATION*)pktBuf;
+            pkt->eTT = 3;
+            pkt->iCnt = count;
+            baseSize = sizeof(sP_FE2CL_AROUND_DEL_TRANSPORTATION);
+        } else {
+            *((int32_t*)pktBuf) = count;
+            baseSize = sizeof(int32_t);
+        }
+        int32_t* ids = (int32_t*)(pktBuf + baseSize);
+
+        for (size_t i = 0; i < count; i++) {
+            ids[i] = bucket.get(i).value();
+        }
+        recipient.sock->sendPacket(pktBuf, packetId, baseSize + (count * sizeof(int32_t)));
+    }
+}
+
+template<class T, size_t N>
+static void bufferAppearanceData(std::vector<Bucket<T, N>>& buckets, const T& data) {
+    if (buckets.empty())
+        buckets.push_back({});
+    auto& bucket = buckets[buckets.size() - 1];
+    bucket.add(data);
+    if (bucket.isFull())
+        buckets.push_back({});
+}
+
+template<size_t N>
+static void bufferIdForDisappearance(std::vector<Bucket<int32_t, N>>& buckets, int32_t id) {
+    if (buckets.empty())
+        buckets.push_back({});
+    auto& bucket = buckets[buckets.size() - 1];
+    bucket.add(id);
+    if (bucket.isFull())
+        buckets.push_back({});
+}
+
 void Chunking::addEntityToChunks(std::set<Chunk*> chnks, const EntityRef ref) {
    Entity *ent = ref.getEntity();
    bool alive = ent->isExtant();

-    // TODO: maybe optimize this, potentially using AROUND packets?
+    std::vector<Bucket<sPCAppearanceData, MAX_PC_PER_AROUND>> pcAppearances;
+    std::vector<Bucket<sNPCAppearanceData, MAX_NPC_PER_AROUND>> npcAppearances;
+    std::vector<Bucket<sShinyAppearanceData, MAX_SHINY_PER_AROUND>> shinyAppearances;
+    std::vector<Bucket<sTransportationAppearanceData, MAX_TRANSPORTATION_PER_AROUND>> transportationAppearances;
    for (Chunk *chunk : chnks) {
        for (const EntityRef otherRef : chunk->entities) {
            // skip oneself
@ -95,7 +172,38 @@ void Chunking::addEntityToChunks(std::set<Chunk*> chnks, const EntityRef ref) {

            // notify this *player* of the existence of all visible Entities
            if (ref.kind == EntityKind::PLAYER && other->isExtant()) {
-                other->enterIntoViewOf(ref.sock);
+                sPCAppearanceData pcData;
+                sNPCAppearanceData npcData;
+                sShinyAppearanceData eggData;
+                sTransportationAppearanceData busData;
+                switch(otherRef.kind) {
+                case EntityKind::PLAYER:
+                    pcData = dynamic_cast<Player*>(other)->getAppearanceData();
+                    bufferAppearanceData(pcAppearances, pcData);
+                    break;
+                case EntityKind::SIMPLE_NPC:
+                    npcData = dynamic_cast<BaseNPC*>(other)->getAppearanceData();
+                    bufferAppearanceData(npcAppearances, npcData);
+                    break;
+                case EntityKind::COMBAT_NPC:
+                    npcData = dynamic_cast<CombatNPC*>(other)->getAppearanceData();
+                    bufferAppearanceData(npcAppearances, npcData);
+                    break;
+                case EntityKind::MOB:
+                    npcData = dynamic_cast<Mob*>(other)->getAppearanceData();
+                    bufferAppearanceData(npcAppearances, npcData);
+                    break;
+                case EntityKind::EGG:
+                    eggData = dynamic_cast<Egg*>(other)->getShinyAppearanceData();
+                    bufferAppearanceData(shinyAppearances, eggData);
+                    break;
+                case EntityKind::BUS:
+                    busData = dynamic_cast<Bus*>(other)->getTransportationAppearanceData();
+                    bufferAppearanceData(transportationAppearances, busData);
+                    break;
+                default:
+                    break;
+                }
            }

            // for mobs, increment playersInView
@ -105,13 +213,27 @@ void Chunking::addEntityToChunks(std::set<Chunk*> chnks, const EntityRef ref) {
                ((Mob*)other)->playersInView++;
        }
    }
+
+    if (ref.kind == EntityKind::PLAYER) {
+        if (!pcAppearances.empty())
+            sendAroundPackets(ref, pcAppearances, P_FE2CL_PC_AROUND);
+        if (!npcAppearances.empty())
+            sendAroundPackets(ref, npcAppearances, P_FE2CL_NPC_AROUND);
+        if (!shinyAppearances.empty())
+            sendAroundPackets(ref, shinyAppearances, P_FE2CL_SHINY_AROUND);
+        if (!transportationAppearances.empty())
+            sendAroundPackets(ref, transportationAppearances, P_FE2CL_TRANSPORTATION_AROUND);
+    }
 }

 void Chunking::removeEntityFromChunks(std::set<Chunk*> chnks, const EntityRef ref) {
    Entity *ent = ref.getEntity();
    bool alive = ent->isExtant();

-    // TODO: same as above
+    std::vector<Bucket<int32_t, MAX_IDS_PER_AROUND_DEL>> pcDisappearances;
+    std::vector<Bucket<int32_t, MAX_IDS_PER_AROUND_DEL>> npcDisappearances;
+    std::vector<Bucket<int32_t, MAX_IDS_PER_AROUND_DEL>> shinyDisappearances;
+    std::vector<Bucket<int32_t, MAX_TRANSPORTATION_IDS_PER_AROUND_DEL>> transportationDisappearances;
    for (Chunk *chunk : chnks) {
        for (const EntityRef otherRef : chunk->entities) {
            // skip oneself
@ -127,7 +249,29 @@ void Chunking::removeEntityFromChunks(std::set<Chunk*> chnks, const EntityRef re

            // notify this *player* of the departure of all visible Entities
            if (ref.kind == EntityKind::PLAYER && other->isExtant()) {
-                other->disappearFromViewOf(ref.sock);
+                int32_t id;
+                switch(otherRef.kind) {
+                case EntityKind::PLAYER:
+                    id = dynamic_cast<Player*>(other)->iID;
+                    bufferIdForDisappearance(pcDisappearances, id);
+                    break;
+                case EntityKind::SIMPLE_NPC:
+                case EntityKind::COMBAT_NPC:
+                case EntityKind::MOB:
+                    id = dynamic_cast<BaseNPC*>(other)->id;
+                    bufferIdForDisappearance(npcDisappearances, id);
+                    break;
+                case EntityKind::EGG:
+                    id = dynamic_cast<Egg*>(other)->id;
+                    bufferIdForDisappearance(shinyDisappearances, id);
+                    break;
+                case EntityKind::BUS:
+                    id = dynamic_cast<Bus*>(other)->id;
+                    bufferIdForDisappearance(transportationDisappearances, id);
+                    break;
+                default:
+                    break;
+                }
            }

            // for mobs, decrement playersInView
@ -137,6 +281,17 @@ void Chunking::removeEntityFromChunks(std::set<Chunk*> chnks, const EntityRef re
                ((Mob*)other)->playersInView--;
        }
    }
+
+    if (ref.kind == EntityKind::PLAYER) {
+        if (!pcDisappearances.empty())
+            sendAroundDelPackets(ref, pcDisappearances, P_FE2CL_AROUND_DEL_PC);
+        if (!npcDisappearances.empty())
+            sendAroundDelPackets(ref, npcDisappearances, P_FE2CL_AROUND_DEL_NPC);
+        if (!shinyDisappearances.empty())
+            sendAroundDelPackets(ref, shinyDisappearances, P_FE2CL_AROUND_DEL_SHINY);
+        if (!transportationDisappearances.empty())
+            sendAroundDelPackets(ref, transportationDisappearances, P_FE2CL_AROUND_DEL_TRANSPORTATION);
+    }
 }

 static void emptyChunk(ChunkPos chunkPos) {
--- a/src/Combat.cpp
+++ b/src/Combat.cpp
@ -539,9 +539,9 @@ static void dealGooDamage(CNSocket *sock) {
        return; // ignore completely

    size_t resplen = sizeof(sP_FE2CL_CHAR_TIME_BUFF_TIME_TICK) + sizeof(sSkillResult_DotDamage);
-    assert(resplen < CN_PACKET_BUFFER_SIZE - 8);
-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-    memset(respbuf, 0, resplen);
+    assert(resplen < CN_PACKET_BODY_SIZE);
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_CHAR_TIME_BUFF_TIME_TICK *pkt = (sP_FE2CL_CHAR_TIME_BUFF_TIME_TICK*)respbuf;
    sSkillResult_DotDamage *dmg = (sSkillResult_DotDamage*)(respbuf + sizeof(sP_FE2CL_CHAR_TIME_BUFF_TIME_TICK));
@ -633,9 +633,9 @@ static void pcAttackChars(CNSocket *sock, CNPacketData *data) {

    // initialize response struct
    size_t resplen = sizeof(sP_FE2CL_PC_ATTACK_CHARs_SUCC) + pkt->iTargetCnt * sizeof(sAttackResult);
-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];

-    memset(respbuf, 0, resplen);
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_PC_ATTACK_CHARs_SUCC *resp = (sP_FE2CL_PC_ATTACK_CHARs_SUCC*)respbuf;
    sAttackResult *respdata = (sAttackResult*)(respbuf+sizeof(sP_FE2CL_PC_ATTACK_CHARs_SUCC));
@ -847,9 +847,9 @@ static void projectileHit(CNSocket* sock, CNPacketData* data) {
     */

    size_t resplen = sizeof(sP_FE2CL_PC_GRENADE_STYLE_HIT) + pkt->iTargetCnt * sizeof(sAttackResult);
-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];

-    memset(respbuf, 0, resplen);
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_PC_GRENADE_STYLE_HIT* resp = (sP_FE2CL_PC_GRENADE_STYLE_HIT*)respbuf;
    sAttackResult* respdata = (sAttackResult*)(respbuf + sizeof(sP_FE2CL_PC_GRENADE_STYLE_HIT));
--- a/src/Eggs.cpp
+++ b/src/Eggs.cpp
@ -87,8 +87,8 @@ void Eggs::eggBuffPlayer(CNSocket* sock, int skillId, int eggId, int duration) {

    // initialize response struct
    size_t resplen = sizeof(sP_FE2CL_NPC_SKILL_HIT) + result.size;
-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-    memset(respbuf, 0, resplen);
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_NPC_SKILL_HIT* pkt = (sP_FE2CL_NPC_SKILL_HIT*)respbuf;
    pkt->iNPC_ID = eggId;
@ -126,15 +126,6 @@ static void eggStep(CNServer* serv, time_t currTime) {

 }

-void Eggs::npcDataToEggData(int x, int y, int z, sNPCAppearanceData* npc, sShinyAppearanceData* egg) {
-    egg->iX = x;
-    egg->iY = y;
-    egg->iZ = z;
-    // client doesn't care about egg->iMapNum
-    egg->iShinyType = npc->iNPCType;
-    egg->iShiny_ID = npc->iNPC_ID;
-}
-
 static void eggPickup(CNSocket* sock, CNPacketData* data) {
    auto pickup = (sP_CL2FE_REQ_SHINY_PICKUP*)data->buf;
    Player* plr = PlayerManager::getPlayer(sock);
@ -192,7 +183,7 @@ static void eggPickup(CNSocket* sock, CNPacketData* data) {
    // drop
    if (type->dropCrateId != 0) {
        const size_t resplen = sizeof(sP_FE2CL_REP_REWARD_ITEM) + sizeof(sItemReward);
-        assert(resplen < CN_PACKET_BUFFER_SIZE - 8);
+        assert(resplen < CN_PACKET_BODY_SIZE);
        // we know it's only one trailing struct, so we can skip full validation

        uint8_t respbuf[resplen]; // not a variable length array, don't worry
--- a/src/Eggs.hpp
+++ b/src/Eggs.hpp
@ -15,5 +15,4 @@ namespace Eggs {
    void init();

    void eggBuffPlayer(CNSocket* sock, int skillId, int eggId, int duration);
-    void npcDataToEggData(int x, int y, int z, sNPCAppearanceData* npc, sShinyAppearanceData* egg);
 }
--- a/src/Entities.cpp
+++ b/src/Entities.cpp
@ -70,11 +70,7 @@ void Bus::enterIntoViewOf(CNSocket *sock) {
    INITSTRUCT(sP_FE2CL_TRANSPORTATION_ENTER, pkt);

    // TODO: Potentially decouple this from BaseNPC?
-    pkt.AppearanceData = {
-        3, id, type,
-        x, y, z
-    };
-
+    pkt.AppearanceData = getTransportationAppearanceData();
    sock->sendPacket(pkt, P_FE2CL_TRANSPORTATION_ENTER);
 }

@ -82,12 +78,22 @@ void Egg::enterIntoViewOf(CNSocket *sock) {
    INITSTRUCT(sP_FE2CL_SHINY_ENTER, pkt);

    // TODO: Potentially decouple this from BaseNPC?
-    pkt.ShinyAppearanceData = {
+    pkt.ShinyAppearanceData = getShinyAppearanceData();
+    sock->sendPacket(pkt, P_FE2CL_SHINY_ENTER);
+}
+
+sTransportationAppearanceData Bus::getTransportationAppearanceData() {
+    return sTransportationAppearanceData {
+        3, id, type,
+        x, y, z
+    };
+}
+
+sShinyAppearanceData Egg::getShinyAppearanceData() {
+    return sShinyAppearanceData {
        id, type, 0, // client doesn't care about map num
        x, y, z
    };
-
-    sock->sendPacket(pkt, P_FE2CL_SHINY_ENTER);
 }

 sNano* Player::getActiveNano() {
--- a/src/Entities.hpp
+++ b/src/Entities.hpp
@ -161,6 +161,8 @@ struct Egg : public BaseNPC {

    virtual void enterIntoViewOf(CNSocket *sock) override;
    virtual void disappearFromViewOf(CNSocket *sock) override;
+
+    sShinyAppearanceData getShinyAppearanceData();
 };

 struct Bus : public BaseNPC {
@ -172,4 +174,6 @@ struct Bus : public BaseNPC {

    virtual void enterIntoViewOf(CNSocket *sock) override;
    virtual void disappearFromViewOf(CNSocket *sock) override;
+
+    sTransportationAppearanceData getTransportationAppearanceData();
 };
--- a/src/Groups.cpp
+++ b/src/Groups.cpp
@ -87,8 +87,8 @@ void Groups::addToGroup(Group* group, EntityRef member) {
        size_t pcCount = pcs.size();
        size_t npcCount = npcs.size();

-        uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-        memset(respbuf, 0, CN_PACKET_BUFFER_SIZE);
+        uint8_t respbuf[CN_PACKET_BODY_SIZE];
+        memset(respbuf, 0, CN_PACKET_BODY_SIZE);
        sP_FE2CL_PC_GROUP_JOIN* pkt = (sP_FE2CL_PC_GROUP_JOIN*)respbuf;

        pkt->iID_NewMember = PlayerManager::getPlayer(member.sock)->iID;
@ -143,8 +143,8 @@ bool Groups::removeFromGroup(Group* group, EntityRef member) {
        size_t pcCount = pcs.size();
        size_t npcCount = npcs.size();

-        uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-        memset(respbuf, 0, CN_PACKET_BUFFER_SIZE);
+        uint8_t respbuf[CN_PACKET_BODY_SIZE];
+        memset(respbuf, 0, CN_PACKET_BODY_SIZE);
        sP_FE2CL_PC_GROUP_LEAVE* pkt = (sP_FE2CL_PC_GROUP_LEAVE*)respbuf;

        pkt->iID_LeaveMember = PlayerManager::getPlayer(member.sock)->iID;
@ -288,8 +288,8 @@ void Groups::groupTickInfo(CNSocket* sock) {
    size_t pcCount = pcs.size();
    size_t npcCount = npcs.size();

-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-    memset(respbuf, 0, CN_PACKET_BUFFER_SIZE);
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);
    sP_FE2CL_PC_GROUP_MEMBER_INFO* pkt = (sP_FE2CL_PC_GROUP_MEMBER_INFO*)respbuf;

    pkt->iID = plr->iID;
--- a/src/Items.cpp
+++ b/src/Items.cpp
@ -46,7 +46,7 @@ static void nanoCapsuleHandler(CNSocket* sock, int slot, sItemBase *chest) {

    // in order to remove capsule form inventory, we have to send item reward packet with empty item
    const size_t resplen = sizeof(sP_FE2CL_REP_REWARD_ITEM) + sizeof(sItemReward);
-    assert(resplen < CN_PACKET_BUFFER_SIZE - 8);
+    assert(resplen < CN_PACKET_BODY_SIZE);

    // we know it's only one trailing struct, so we can skip full validation
    uint8_t respbuf[resplen]; // not a variable length array, don't worry
@ -475,8 +475,8 @@ static void itemUseHandler(CNSocket* sock, CNPacketData* data) {
    if (gumball.iOpt == 0)
        gumball = {};

-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-    memset(respbuf, 0, resplen);
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_REP_PC_ITEM_USE_SUCC *resp = (sP_FE2CL_REP_PC_ITEM_USE_SUCC*)respbuf;
    sSkillResult_Buff *respdata = (sSkillResult_Buff*)(respbuf+sizeof(sP_FE2CL_NANO_SKILL_USE_SUCC));
@ -556,7 +556,7 @@ static void chestOpenHandler(CNSocket *sock, CNPacketData *data) {

    // item giving packet
    const size_t resplen = sizeof(sP_FE2CL_REP_REWARD_ITEM) + sizeof(sItemReward);
-    assert(resplen < CN_PACKET_BUFFER_SIZE - 8);
+    assert(resplen < CN_PACKET_BODY_SIZE);
    // we know it's only one trailing struct, so we can skip full validation

    uint8_t respbuf[resplen]; // not a variable length array, don't worry
@ -645,7 +645,7 @@ void Items::checkItemExpire(CNSocket* sock, Player* player) {
    */

    const size_t resplen = sizeof(sP_FE2CL_PC_DELETE_TIME_LIMIT_ITEM) + sizeof(sTimeLimitItemDeleteInfo2CL);
-    assert(resplen < CN_PACKET_BUFFER_SIZE - 8);
+    assert(resplen < CN_PACKET_BODY_SIZE);
    // we know it's only one trailing struct, so we can skip full validation
    uint8_t respbuf[resplen]; // not a variable length array, don't worry
    auto packet = (sP_FE2CL_PC_DELETE_TIME_LIMIT_ITEM*)respbuf;
@ -715,7 +715,7 @@ static void giveSingleDrop(CNSocket *sock, Mob* mob, int mobDropId, const DropRo
    Player *plr = PlayerManager::getPlayer(sock);

    const size_t resplen = sizeof(sP_FE2CL_REP_REWARD_ITEM) + sizeof(sItemReward);
-    assert(resplen < CN_PACKET_BUFFER_SIZE - 8);
+    assert(resplen < CN_PACKET_BODY_SIZE);
    // we know it's only one trailing struct, so we can skip full validation

    uint8_t respbuf[resplen]; // not a variable length array, don't worry
--- a/src/Missions.cpp
+++ b/src/Missions.cpp
@ -64,7 +64,7 @@ static bool isQuestItemFull(CNSocket* sock, int itemId, int itemCount) {
 static void dropQuestItem(CNSocket *sock, int task, int count, int id, int mobid) {
    std::cout << "Altered item id " << id << " by " << count << " for task id " << task << std::endl;
    const size_t resplen = sizeof(sP_FE2CL_REP_REWARD_ITEM) + sizeof(sItemReward);
-    assert(resplen < CN_PACKET_BUFFER_SIZE);
+    assert(resplen < CN_PACKET_BODY_SIZE);
    // we know it's only one trailing struct, so we can skip full validation

    Player *plr = PlayerManager::getPlayer(sock);
@ -152,14 +152,14 @@ static int giveMissionReward(CNSocket *sock, int task, int choice=0) {
        plr->Inven[slots[i]] = { 999, 999, 999, 0 }; // temp item; overwritten later
    }

-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
    size_t resplen = sizeof(sP_FE2CL_REP_REWARD_ITEM) + nrewards * sizeof(sItemReward);
-    assert(resplen < CN_PACKET_BUFFER_SIZE);
+    assert(resplen < CN_PACKET_BODY_SIZE);
    sP_FE2CL_REP_REWARD_ITEM *resp = (sP_FE2CL_REP_REWARD_ITEM *)respbuf;
    sItemReward *item = (sItemReward *)(respbuf + sizeof(sP_FE2CL_REP_REWARD_ITEM));

    // don't forget to zero the buffer!
-    memset(respbuf, 0, resplen);
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    // update player
    plr->money += reward->money;
--- a/src/MobAI.cpp
+++ b/src/MobAI.cpp
@ -238,8 +238,8 @@ static void dealCorruption(Mob *mob, std::vector<int> targetData, int skillID, i
        return;
    }

-    uint8_t respbuf[CN_PACKET_BUFFER_SIZE];
-    memset(respbuf, 0, resplen);
+    uint8_t respbuf[CN_PACKET_BODY_SIZE];
+    memset(respbuf, 0, CN_PACKET_BODY_SIZE);

    sP_FE2CL_NPC_SKILL_CORRUPTION_HIT *resp = (sP_FE2CL_NPC_SKILL_CORRUPTION_HIT*)respbuf;
    sCAttackResult *respdata = (sCAttackResult*)(respbuf+sizeof(sP_FE2CL_NPC_SKILL_CORRUPTION_HIT));
@ -478,6 +478,14 @@ void MobAI::deadStep(CombatNPC* npc, time_t currTime) {
    if (self->groupLeader == self->id)
        roamingStep(self, currTime);

+    /*
+     * If the mob hasn't fully despanwed yet, don't try to respawn it. This protects
+     * against the edge case where mobs with a very short regenTime would try to respawn
+     * before they've faded away; and would respawn even if they were meant to be removed.
+     */
+    if (!self->despawned)
+        return;
+
    if (self->killedTime != 0 && currTime - self->killedTime < self->regenTime * 100)
        return;

--- a/src/Transport.cpp
+++ b/src/Transport.cpp
@ -388,8 +388,21 @@ NPCPath* Transport::findApplicablePath(int32_t id, int32_t type, int taskID) {

 void Transport::constructPathNPC(int32_t id, NPCPath* path) {
    BaseNPC* npc = NPCManager::NPCs[id];
-    if (npc->kind == EntityKind::MOB)
-        ((Mob*)(npc))->staticPath = true;
+
+    if (npc->kind == EntityKind::MOB) {
+        auto mob = (Mob*)npc;
+        mob->staticPath = true;
+
+        Vec3 firstPoint = path->points.front();
+
+        // Ensure that the first point coincides with the mob's spawn point.
+        if (mob->spawnX != firstPoint.x || mob->spawnY != firstPoint.y) {
+            std::cout << "[FATAL] The first point of the route for mob " << mob->id << " (type " << mob->type
+                << ") does not correspond with its spawn point." << std::endl;
+            exit(1);
+        }
+    }
+
    npc->loopingPath = path->isLoop;

    // Interpolate
--- a/src/core/CNProtocol.cpp
+++ b/src/core/CNProtocol.cpp
@ -428,7 +428,7 @@ void CNServer::removePollFD(int fd) {
 }

 void CNServer::start() {
-    std::cout << "Starting server at *:" << port << std::endl;
+    std::cout << "Starting " << serverType << " server at *:" << port << std::endl;
    while (active) {
        // the timeout is to ensure shard timers are ticking
        int n = poll(fds.data(), fds.size(), 50);
--- a/src/core/CNProtocol.hpp
+++ b/src/core/CNProtocol.hpp
@ -95,14 +95,14 @@ inline constexpr bool isOutboundPacketID(uint32_t id) {
 // for outbound packets
 inline constexpr bool validOutVarPacket(size_t base, size_t npayloads, size_t plsize) {
    // check for multiplication overflow
-    if (npayloads > 0 && (CN_PACKET_BUFFER_SIZE - 8) / (size_t)npayloads < plsize)
+    if (npayloads > 0 && (CN_PACKET_BODY_SIZE) / (size_t)npayloads < plsize)
        return false;

    // it's safe to multiply
    size_t trailing = npayloads * plsize;

    // does it fit in a packet?
-    if (base + trailing > CN_PACKET_BUFFER_SIZE - 8)
+    if (base + trailing > CN_PACKET_BODY_SIZE)
        return false;

    // everything is a-ok!
@ -112,14 +112,14 @@ inline constexpr bool validOutVarPacket(size_t base, size_t npayloads, size_t pl
 // for inbound packets
 inline constexpr bool validInVarPacket(size_t base, size_t npayloads, size_t plsize, size_t datasize) {
    // check for multiplication overflow
-    if (npayloads > 0 && (CN_PACKET_BUFFER_SIZE - 8) / (size_t)npayloads < plsize)
+    if (npayloads > 0 && CN_PACKET_BODY_SIZE / (size_t)npayloads < plsize)
        return false;

    // it's safe to multiply
    size_t trailing = npayloads * plsize;

    // make sure size is exact
-    // datasize has already been validated against CN_PACKET_BUFFER_SIZE
+    // datasize has already been validated against CN_PACKET_BODY_SIZE
    if (datasize != base + trailing)
        return false;

--- a/src/core/CNStructs.hpp
+++ b/src/core/CNStructs.hpp
@ -29,8 +29,8 @@
 #define INITSTRUCT(T, x) T x; \
    memset(&x, 0, sizeof(T));

-#define INITVARPACKET(_buf, _Pkt, _pkt, _Trailer, _trailer) uint8_t _buf[CN_PACKET_BUFFER_SIZE]; \
-    memset(&_buf, 0, CN_PACKET_BUFFER_SIZE); \
+#define INITVARPACKET(_buf, _Pkt, _pkt, _Trailer, _trailer) uint8_t _buf[CN_PACKET_BODY_SIZE]; \
+    memset(&_buf, 0, CN_PACKET_BODY_SIZE); \
    auto _pkt = (_Pkt*)_buf; \
    auto _trailer = (_Trailer*)(_pkt + 1);

@ -49,6 +49,7 @@ std::string U16toU8(char16_t* src, size_t max);
 size_t U8toU16(std::string src, char16_t* des, size_t max); // returns number of char16_t that was written at des
 time_t getTime();
 time_t getTimestamp();
+int timingSafeStrcmp(const char* a, const char* b);
 void terminate(int);

 // The PROTOCOL_VERSION definition can be defined by the build system.
--- a/src/core/Defines.hpp
+++ b/src/core/Defines.hpp
@ -1,6 +1,8 @@
 /* enum definitions from the client */
 #pragma once

+#include "core/CNStructs.hpp"
+
 // floats
 const float VALUE_BATTERY_EMPTY_PENALTY = 0.5f;
 const float CN_EP_RANK_1 = 0.8f;
@ -410,7 +412,13 @@ enum {
    SEND_ANYCAST_NEW = 3,
    SEND_BROADCAST = 4,

+#if PROTOCOL_VERSION == 728
+    CN_PACKET_BUFFER_SIZE = 8192,
+#elif PROTOCOL_VERSION == 1013
+    CN_PACKET_BUFFER_SIZE = 8192,
+#else
    CN_PACKET_BUFFER_SIZE = 4096,
+#endif

    P_CL2LS_REQ_LOGIN = 0x12000001,		// 301989889
    P_CL2LS_REQ_CHECK_CHAR_NAME = 0x12000002,		// 301989890
@ -934,3 +942,8 @@ enum {

    N_PACKETS = N_CL2LS + N_CL2FE + N_FE2CL + N_LS2CL
 };
+
+/*
+ * Usable space in the packet buffer = CN_PACKET_BUFFER_SIZE - type - size
+ */
+constexpr size_t CN_PACKET_BODY_SIZE = CN_PACKET_BUFFER_SIZE - 2 * sizeof(int32_t);
--- a/src/core/Packets.cpp
+++ b/src/core/Packets.cpp
@ -235,7 +235,7 @@ std::map<uint32_t, PacketDesc> Packets::packets = {
    PACKET(P_FE2CL_REP_PC_EXIT_FAIL),
    PACKET(P_FE2CL_REP_PC_EXIT_SUCC),
    PACKET(P_FE2CL_PC_EXIT),
-    PACKET(P_FE2CL_PC_AROUND),
+    VAR_PACKET(P_FE2CL_PC_AROUND, iPCCnt, sPCAppearanceData),
    PACKET(P_FE2CL_PC_MOVE),
    PACKET(P_FE2CL_PC_STOP),
    PACKET(P_FE2CL_PC_JUMP),
@ -243,9 +243,9 @@ std::map<uint32_t, PacketDesc> Packets::packets = {
    PACKET(P_FE2CL_NPC_EXIT),
    PACKET(P_FE2CL_NPC_MOVE),
    PACKET(P_FE2CL_NPC_NEW),
-    PACKET(P_FE2CL_NPC_AROUND),
-    PACKET(P_FE2CL_AROUND_DEL_PC),
-    PACKET(P_FE2CL_AROUND_DEL_NPC),
+    VAR_PACKET(P_FE2CL_NPC_AROUND, iNPCCnt, sNPCAppearanceData),
+    VAR_PACKET(P_FE2CL_AROUND_DEL_PC, iPCCnt, int32_t),
+    VAR_PACKET(P_FE2CL_AROUND_DEL_NPC, iNPCCnt, int32_t),
    PACKET(P_FE2CL_REP_SEND_FREECHAT_MESSAGE_SUCC),
    PACKET(P_FE2CL_REP_SEND_FREECHAT_MESSAGE_FAIL),
    VAR_PACKET(P_FE2CL_PC_ATTACK_NPCs_SUCC, iNPCCnt, sAttackResult),
@ -387,8 +387,8 @@ std::map<uint32_t, PacketDesc> Packets::packets = {
    PACKET(P_FE2CL_TRANSPORTATION_EXIT),
    PACKET(P_FE2CL_TRANSPORTATION_MOVE),
    PACKET(P_FE2CL_TRANSPORTATION_NEW),
-    PACKET(P_FE2CL_TRANSPORTATION_AROUND),
-    PACKET(P_FE2CL_AROUND_DEL_TRANSPORTATION),
+    VAR_PACKET(P_FE2CL_TRANSPORTATION_AROUND, iCnt, sTransportationAppearanceData),
+    VAR_PACKET(P_FE2CL_AROUND_DEL_TRANSPORTATION, iCnt, int32_t),
    PACKET(P_FE2CL_REP_EP_RANK_LIST),
    PACKET(P_FE2CL_REP_EP_RANK_DETAIL),
    PACKET(P_FE2CL_REP_EP_RANK_PC_INFO),
@ -404,8 +404,8 @@ std::map<uint32_t, PacketDesc> Packets::packets = {
    PACKET(P_FE2CL_SHINY_ENTER),
    PACKET(P_FE2CL_SHINY_EXIT),
    PACKET(P_FE2CL_SHINY_NEW),
-    PACKET(P_FE2CL_SHINY_AROUND),
-    PACKET(P_FE2CL_AROUND_DEL_SHINY),
+    VAR_PACKET(P_FE2CL_SHINY_AROUND, iShinyCnt, sShinyAppearanceData),
+    VAR_PACKET(P_FE2CL_AROUND_DEL_SHINY, iShinyCnt, int32_t),
    PACKET(P_FE2CL_REP_SHINY_PICKUP_FAIL),
    PACKET(P_FE2CL_REP_SHINY_PICKUP_SUCC),
    PACKET(P_FE2CL_PC_MOVETRANSPORTATION),
--- a/src/db/login.cpp
+++ b/src/db/login.cpp
@ -1,3 +1,5 @@
+#include "core/CNStructs.hpp"
+
 #include "db/internal.hpp"

 #include "bcrypt/BCrypt.hpp"
@ -130,19 +132,21 @@ bool Database::checkCookie(int accountId, const char *tryCookie) {
        return false;
    }

-    /*
-     * since cookies are immediately invalidated, we don't need to be concerned about
-     * timing-related side channel attacks, so strcmp is fine here
-     */
-    bool match = (strcmp(cookie, tryCookie) == 0);
+    bool match = (timingSafeStrcmp(cookie, tryCookie) == 0);
    sqlite3_finalize(stmt);

-    sqlite3_prepare_v2(db, sql_invalidate, -1, &stmt, NULL);
-    sqlite3_bind_int(stmt, 1, accountId);
-    rc = sqlite3_step(stmt);
-    sqlite3_finalize(stmt);
-    if (rc != SQLITE_DONE)
-        std::cout << "[WARN] Database fail on checkCookie(): " << sqlite3_errmsg(db) << std::endl;
+    /*
+     * Only invalidate the cookie if it was correct. This prevents
+     * replay attacks without enabling DOS attacks on accounts.
+     */
+    if (match) {
+        sqlite3_prepare_v2(db, sql_invalidate, -1, &stmt, NULL);
+        sqlite3_bind_int(stmt, 1, accountId);
+        rc = sqlite3_step(stmt);
+        sqlite3_finalize(stmt);
+        if (rc != SQLITE_DONE)
+            std::cout << "[WARN] Database fail on checkCookie(): " << sqlite3_errmsg(db) << std::endl;
+    }

    return match;
 }
--- a/src/main.cpp
+++ b/src/main.cpp
@ -49,6 +49,7 @@ CNShardServer *shardServer = nullptr;
 std::thread *shardThread = nullptr;

 void startShard(CNShardServer* server) {
+    sandbox_thread_start();
    server->start();
 }

@ -150,6 +151,8 @@ int main() {
        /* not reached */
    }

+    sandbox_init();
+
    std::cout << "[INFO] Starting Server Threads..." << std::endl;
    CNLoginServer loginServer(settings::LOGINPORT);
    shardServer = new CNShardServer(settings::SHARDPORT);
@ -157,6 +160,7 @@ int main() {
    shardThread = new std::thread(startShard, (CNShardServer*)shardServer);

    sandbox_start();
+    sandbox_thread_start();

    loginServer.start();

@ -218,6 +222,17 @@ time_t getTimestamp() {
    return (time_t)value.count();
 }

+// timing safe strcmp implementation for e.g. cookie validation
+int timingSafeStrcmp(const char* a, const char* b) {
+    int diff = 0;
+    while (*a && *b) {
+        diff |= *a++ ^ *b++;
+    }
+    diff |= *a;
+    diff |= *b;
+    return diff;
+}
+
 // convert integer timestamp (in s) to FF systime struct
 sSYSTEMTIME timeStampToStruct(uint64_t time) {

--- a/src/sandbox/Sandbox.hpp
+++ b/src/sandbox/Sandbox.hpp
@ -4,11 +4,16 @@
 #if defined(__linux__) || defined(__OpenBSD__)

 # if !defined(CONFIG_NOSANDBOX)
+void sandbox_init();
 void sandbox_start();
+void sandbox_thread_start();
 # else

 #include <iostream>

+inline void sandbox_init() {}
+inline void sandbox_thread_start() {}
+
 inline void sandbox_start() {
    std::cout << "[WARN] Built without a sandbox" << std::endl;
 }
@ -17,5 +22,7 @@ inline void sandbox_start() {

 #else
 // stub for unsupported platforms
+inline void sandbox_init() {}
 inline void sandbox_start() {}
+inline void sandbox_thread_start() {}
 #endif
--- a/src/sandbox/openbsd.cpp
+++ b/src/sandbox/openbsd.cpp
@ -13,6 +13,9 @@ static void eunveil(const char *path, const char *permissions) {
        err(1, "unveil");
 }

+void sandbox_init() {}
+void sandbox_thread_start() {}
+
 void sandbox_start() {
    /*
     * There shouldn't ever be a reason to disable this one, but might as well
--- a/src/sandbox/seccomp.cpp
+++ b/src/sandbox/seccomp.cpp
@ -4,6 +4,9 @@
 #include "settings.hpp"

 #include <stdlib.h>
+#include <fcntl.h>
+
+#include <filesystem>

 #include <sys/prctl.h>
 #include <sys/ptrace.h>
@ -17,6 +20,10 @@
 #include <linux/audit.h>
 #include <linux/net.h> // for socketcall() args

+#ifndef CONFIG_NOLANDLOCK
+#include <linux/landlock.h>
+#endif
+
 /*
 * Macros adapted from https://outflux.net/teach-seccomp/
 * Relevant license:
@ -54,7 +61,7 @@
    BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO|(_errno))

 #define KILL_PROCESS \
-    BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL_PROCESS)
+    BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_TRAP)

 /*
 * Macros adapted from openssh's sandbox-seccomp-filter.c
@ -297,25 +304,201 @@ static sock_fprog prog = {
    ARRLEN(filter), filter
 };

-// our own wrapper for the seccomp() syscall
+// Our own wrapper for the seccomp() syscall.
 int seccomp(unsigned int operation, unsigned int flags, void *args) {
    return syscall(__NR_seccomp, operation, flags, args);
 }

-void sandbox_start() {
+#ifndef CONFIG_NOLANDLOCK
+
+// Support compilation on systems that only have older Landlock headers.
+#ifndef LANDLOCK_ACCESS_FS_REFER
+#define LANDLOCK_ACCESS_FS_REFER 0
+#endif
+#ifndef LANDLOCK_ACCESS_FS_TRUNCATE
+#define LANDLOCK_ACCESS_FS_TRUNCATE 0
+#endif
+
+struct landlock_ruleset_attr ruleset_attr = {
+    .handled_access_fs = LANDLOCK_ACCESS_FS_READ_FILE
+        | LANDLOCK_ACCESS_FS_WRITE_FILE
+        | LANDLOCK_ACCESS_FS_READ_DIR
+        | LANDLOCK_ACCESS_FS_MAKE_REG
+        | LANDLOCK_ACCESS_FS_MAKE_DIR
+        | LANDLOCK_ACCESS_FS_MAKE_SYM
+        | LANDLOCK_ACCESS_FS_MAKE_SOCK
+        | LANDLOCK_ACCESS_FS_MAKE_FIFO
+        | LANDLOCK_ACCESS_FS_MAKE_BLOCK
+        | LANDLOCK_ACCESS_FS_REMOVE_FILE
+        | LANDLOCK_ACCESS_FS_REMOVE_DIR
+        | LANDLOCK_ACCESS_FS_TRUNCATE
+        | LANDLOCK_ACCESS_FS_REFER
+};
+
+uint64_t landlock_perms = LANDLOCK_ACCESS_FS_READ_FILE
+    | LANDLOCK_ACCESS_FS_WRITE_FILE
+    | LANDLOCK_ACCESS_FS_TRUNCATE
+    | LANDLOCK_ACCESS_FS_MAKE_REG
+    | LANDLOCK_ACCESS_FS_REMOVE_FILE;
+
+int landlock_fd;
+bool landlock_supported;
+
+/*
+ * Our own wrappers for Landlock syscalls.
+ */
+
+int landlock_create_ruleset(const struct landlock_ruleset_attr *attr, size_t size, uint32_t flags) {
+    return syscall(__NR_landlock_create_ruleset, attr, size, flags);
+}
+
+int landlock_add_rule(int ruleset_fd, enum landlock_rule_type rule_type, const void *rule_attr, uint32_t flags) {
+    return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, rule_attr, flags);
+}
+
+int landlock_restrict_self(int ruleset_fd, uint32_t flags) {
+    return syscall(__NR_landlock_restrict_self, ruleset_fd, flags);
+}
+
+static void landlock_path(std::string path, uint32_t perms) {
+    struct landlock_path_beneath_attr path_beneath = {
+        .allowed_access = perms
+    };
+
+    path_beneath.parent_fd = open(path.c_str(), O_PATH|O_CLOEXEC);
+    if (path_beneath.parent_fd < 0) {
+        perror(path.c_str());
+        exit(1);
+    }
+
+    if (landlock_add_rule(landlock_fd, LANDLOCK_RULE_PATH_BENEATH, &path_beneath, 0)) {
+        perror("landlock_add_rule");
+        exit(1);
+    }
+
+    close(path_beneath.parent_fd);
+}
+
+static bool landlock_detect() {
+    int abi = landlock_create_ruleset(NULL, 0, LANDLOCK_CREATE_RULESET_VERSION);
+
+    if (abi < 0) {
+        if (errno == ENOSYS || errno == EOPNOTSUPP) {
+            std::cout << "[WARN] No Landlock support on this system" << std::endl;
+            return false;
+        }
+        perror("landlock_create_ruleset");
+        exit(1);
+    }
+
+    std::cout << "[INFO] Detected Landlock ABI version: " << abi << std::endl;
+
+    switch (abi) {
+    case 1:
+        ruleset_attr.handled_access_fs &= ~LANDLOCK_ACCESS_FS_REFER;
+        landlock_perms &= ~LANDLOCK_ACCESS_FS_REFER;
+        // fallthrough
+    case 2:
+        ruleset_attr.handled_access_fs &= ~LANDLOCK_ACCESS_FS_TRUNCATE;
+        landlock_perms &= ~LANDLOCK_ACCESS_FS_TRUNCATE;
+    }
+
+    return true;
+}
+
+static void landlock_init() {
+    std::cout << "[INFO] Setting up Landlock sandbox..." << std::endl;
+
+    landlock_supported = landlock_detect();
+
+    if (!landlock_supported)
+        return;
+
+    landlock_fd = landlock_create_ruleset(&ruleset_attr, sizeof(ruleset_attr), 0);
+    if (landlock_fd < 0) {
+        perror("landlock_create_ruleset");
+        exit(1);
+    }
+
+    std::string dbdir = std::filesystem::path(settings::DBPATH).parent_path();
+
+    // for the DB files (we can't rely on them being in the working directory)
+    landlock_path(dbdir == "" ? "." : dbdir, landlock_perms);
+    // for writing the gruntwork file
+    landlock_path(settings::TDATADIR, landlock_perms);
+    // for passowrd salting during account creation
+    landlock_path("/dev/urandom", LANDLOCK_ACCESS_FS_READ_FILE);
+    // for core dumps, optionally
+    if (settings::SANDBOXEXTRAPATH != "")
+        landlock_path(settings::SANDBOXEXTRAPATH, landlock_perms);
+}
+
+#endif // !CONFIG_NOLANDLOCK
+
+static void sigsys_handler(int signo, siginfo_t *info, void *context) {
+    // report the unhandled syscall
+    std::cout << "[FATAL] Unhandled syscall " << info->si_syscall
+       << " at " << std::hex << info->si_call_addr << " on arch " << info->si_arch << std::endl;
+
+    std::cout << "If you're unsure why this is happening, please read https://openfusion.dev/docs/development/the-sandbox/" << std::endl
+              << "for more information and possibly open an issue at https://github.com/OpenFusionProject/OpenFusion/issues to report"
+              << " needed changes in our seccomp filter." << std::endl;
+
+    exit(1);
+}
+
+void sandbox_init() {
    if (!settings::SANDBOX) {
        std::cout << "[WARN] Running without a sandbox" << std::endl;
        return;
    }

+    // listen to SIGSYS to report unhandled syscalls
+    struct sigaction sa = {};
+
+    sa.sa_flags = SA_SIGINFO;
+    sa.sa_sigaction = sigsys_handler;
+
+    if (sigaction(SIGSYS, &sa, NULL) < 0) {
+        perror("sigaction");
+        exit(1);
+    }
+
+#ifndef CONFIG_NOLANDLOCK
+    landlock_init();
+#else
+    std::cout << "[WARN] Built without Landlock" << std::endl;
+#endif
+}
+
+void sandbox_start() {
+    if (!settings::SANDBOX)
+        return;
+
    std::cout << "[INFO] Starting seccomp-bpf sandbox..." << std::endl;

+    // Sandboxing starts in sandbox_thread_start().
+}
+
+void sandbox_thread_start() {
+    if (!settings::SANDBOX)
+        return;
+
    if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) {
        perror("prctl");
        exit(1);
    }

-    if (seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &prog) < 0) {
+#ifndef CONFIG_NOLANDLOCK
+    if (landlock_supported) {
+        if (landlock_restrict_self(landlock_fd, 0)) {
+            perror("landlock_restrict_self");
+            exit(1);
+        }
+    }
+#endif
+
+    if (seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog) < 0) {
        perror("seccomp");
        exit(1);
    }
--- a/src/servers/CNLoginServer.cpp
+++ b/src/servers/CNLoginServer.cpp
@ -109,11 +109,17 @@ void CNLoginServer::login(CNSocket* sock, CNPacketData* data) {
    std::string userLogin;
    std::string userToken; // could be password or auth cookie

+    /*
+     * In this context, "cookie auth" just means the credentials were sent
+     * in the szCookie fields instead of szID and szPassword.
+     */
+    bool isCookieAuth = login->iLoginType == USE_COOKIE_FIELDS;
+
    /*
     * The std::string -> char* -> std::string maneuver should remove any
     * trailing garbage after the null terminator.
     */
-    if (login->iLoginType == (int32_t)LoginType::COOKIE) {
+    if (isCookieAuth) {
        userLogin = std::string(AUTOU8(login->szCookie_TEGid).c_str());
        userToken = std::string(AUTOU8(login->szCookie_authid).c_str());
    } else {
@ -121,99 +127,41 @@ void CNLoginServer::login(CNSocket* sock, CNPacketData* data) {
        userToken = std::string(AUTOU16TOU8(login->szPassword).c_str());
    }

-    // check username regex
-    if (!CNLoginServer::isUsernameGood(userLogin)) {
-        // send a custom error message
-        INITSTRUCT(sP_FE2CL_GM_REP_PC_ANNOUNCE, msg);
-        std::string text = "Invalid login\n";
-        text += "Login has to be 4 - 32 characters long and can't contain special characters other than dash and underscore";
-        U8toU16(text, msg.szAnnounceMsg, sizeof(msg.szAnnounceMsg));
-        msg.iDuringTime = 10;
-        sock->sendPacket(msg, P_FE2CL_GM_REP_PC_ANNOUNCE);
-
-        // we still have to send login fail to prevent softlock
+    if (!CNLoginServer::checkUsername(sock, userLogin)) {
        return loginFail(LoginError::LOGIN_ERROR, userLogin, sock);
    }

-    // we only interpret the token as a cookie if cookie login was used and it's allowed.
-    // otherwise we interpret it as a password, and this maintains compatibility with
-    // the auto-login trick used on older clients
-    bool isCookieAuth = login->iLoginType == (int32_t)LoginType::COOKIE
-                        && CNLoginServer::isLoginTypeAllowed(LoginType::COOKIE);
-
-    // password login checks
    if (!isCookieAuth) {
-        // bail if password auth isn't allowed
-        if (!CNLoginServer::isLoginTypeAllowed(LoginType::PASSWORD)) {
-            // send a custom error message
-            INITSTRUCT(sP_FE2CL_GM_REP_PC_ANNOUNCE, msg);
-            std::string text = "Password login disabled\n";
-            text += "This server has disabled logging in with plaintext passwords.\n";
-            text += "Please contact an admin for assistance.";
-            U8toU16(text, msg.szAnnounceMsg, sizeof(msg.szAnnounceMsg));
-            msg.iDuringTime = 12;
-            sock->sendPacket(msg, P_FE2CL_GM_REP_PC_ANNOUNCE);
-
-            // we still have to send login fail to prevent softlock
-            return loginFail(LoginError::LOGIN_ERROR, userLogin, sock);
-        }
-
-        // check regex
-        if (!CNLoginServer::isPasswordGood(userToken)) {
-            // send a custom error message
-            INITSTRUCT(sP_FE2CL_GM_REP_PC_ANNOUNCE, msg);
-            std::string text = "Invalid password\n";
-            text += "Password has to be 8 - 32 characters long";
-            U8toU16(text, msg.szAnnounceMsg, sizeof(msg.szAnnounceMsg));
-            msg.iDuringTime = 10;
-            sock->sendPacket(msg, P_FE2CL_GM_REP_PC_ANNOUNCE);
-
-            // we still have to send login fail to prevent softlock
+        // password was sent in plaintext
+        if (!CNLoginServer::checkPassword(sock, userToken)) {
            return loginFail(LoginError::LOGIN_ERROR, userLogin, sock);
        }
    }

    Database::Account findUser = {};
    Database::findAccount(&findUser, userLogin);
-    
+
    // account was not found
    if (findUser.AccountID == 0) {
-        // don't auto-create an account if it's a cookie auth for whatever reason
-        if (settings::AUTOCREATEACCOUNTS && !isCookieAuth)
+        /*
+         * Don't auto-create accounts if it's a cookie login.
+         * It'll either be a bad cookie or a plaintext password sent by auto-login;
+         * either way, we only want to allow auto-creation if the user explicitly entered their credentials.
+         */
+        if (settings::AUTOCREATEACCOUNTS && !isCookieAuth) {
            return newAccount(sock, userLogin, userToken, login->iClientVerC);
+        }

        return loginFail(LoginError::ID_DOESNT_EXIST, userLogin, sock);
    }

-    if (isCookieAuth) {
-        const char *cookie = userToken.c_str();
-        if (!Database::checkCookie(findUser.AccountID, cookie))
-            return loginFail(LoginError::ID_AND_PASSWORD_DO_NOT_MATCH, userLogin, sock);
-    } else {
-        // simple password check
-        if (!CNLoginServer::isPasswordCorrect(findUser.Password, userToken))
-            return loginFail(LoginError::ID_AND_PASSWORD_DO_NOT_MATCH, userLogin, sock);
+    // make sure either a valid cookie or password was sent
+    if (!CNLoginServer::checkToken(sock, findUser, userToken, isCookieAuth)) {
+        return loginFail(LoginError::ID_AND_PASSWORD_DO_NOT_MATCH, userLogin, sock);
    }

-    // is the account banned
-    if (findUser.BannedUntil > getTimestamp()) {
-        // send a custom error message
-        INITSTRUCT(sP_FE2CL_GM_REP_PC_ANNOUNCE, msg);
-
-        // ceiling devision
-        int64_t remainingDays = (findUser.BannedUntil-getTimestamp()) / 86400 + ((findUser.BannedUntil - getTimestamp()) % 86400 != 0);
-
-        std::string text = "Your account has been banned. \nReason: ";
-        text += findUser.BanReason;
-        text += "\nBan expires in " + std::to_string(remainingDays) + " day";
-        if (remainingDays > 1)
-            text += "s";
-
-        U8toU16(text, msg.szAnnounceMsg, sizeof(msg.szAnnounceMsg));
-        msg.iDuringTime = 99999999;
-        sock->sendPacket(msg, P_FE2CL_GM_REP_PC_ANNOUNCE);
-        // don't send fail packet
-        return;
+    if (CNLoginServer::checkBan(sock, findUser)) {
+        return; // don't send fail packet
    }

    /* 
@ -659,12 +607,12 @@ bool CNLoginServer::exitDuplicate(int accountId) {
    return false;
 }

-bool CNLoginServer::isUsernameGood(std::string login) {
+bool CNLoginServer::isUsernameGood(std::string& login) {
    const std::regex loginRegex("[a-zA-Z0-9_-]{4,32}");
    return (std::regex_match(login, loginRegex));
 }

-bool CNLoginServer::isPasswordGood(std::string password) {
+bool CNLoginServer::isPasswordGood(std::string& password) {
    const std::regex passwordRegex("[a-zA-Z0-9!@#$%^&*()_+]{8,32}");
    return (std::regex_match(password, passwordRegex));
 }
@ -680,16 +628,107 @@ bool CNLoginServer::isCharacterNameGood(std::string Firstname, std::string Lastn
    return (std::regex_match(Firstname, firstnamecheck) && std::regex_match(Lastname, lastnamecheck));
 }

-bool CNLoginServer::isLoginTypeAllowed(LoginType loginType) {
+bool CNLoginServer::isAuthMethodAllowed(AuthMethod authMethod) {
    // the config file specifies "comma-separated" but tbh we don't care
-    switch (loginType) {
-    case LoginType::PASSWORD:
+    switch (authMethod) {
+    case AuthMethod::PASSWORD:
        return settings::AUTHMETHODS.find("password") != std::string::npos;
-    case LoginType::COOKIE:
+    case AuthMethod::COOKIE:
        return settings::AUTHMETHODS.find("cookie") != std::string::npos;
    default:
        break;
    }
    return false;
 }
+
+bool CNLoginServer::checkPassword(CNSocket* sock, std::string& password) {
+    // check password auth allowed
+    if (!CNLoginServer::isAuthMethodAllowed(AuthMethod::PASSWORD)) {
+        // send a custom error message
+        INITSTRUCT(sP_FE2CL_GM_REP_PC_ANNOUNCE, msg);
+        std::string text = "Password login disabled\n";
+        text += "This server has disabled logging in with plaintext passwords.\n";
+        text += "Please contact an admin for assistance.";
+        U8toU16(text, msg.szAnnounceMsg, sizeof(msg.szAnnounceMsg));
+        msg.iDuringTime = 12;
+        sock->sendPacket(msg, P_FE2CL_GM_REP_PC_ANNOUNCE);
+
+        return false;
+    }
+
+    // check regex
+    if (!CNLoginServer::isPasswordGood(password)) {
+        // send a custom error message
+        INITSTRUCT(sP_FE2CL_GM_REP_PC_ANNOUNCE, msg);
+        std::string text = "Invalid password\n";
+        text += "Password has to be 8 - 32 characters long";
+        U8toU16(text, msg.szAnnounceMsg, sizeof(msg.szAnnounceMsg));
+        msg.iDuringTime = 10;
+        sock->sendPacket(msg, P_FE2CL_GM_REP_PC_ANNOUNCE);
+
+        return false;
+    }
+
+    return true;
+}
+
+bool CNLoginServer::checkUsername(CNSocket* sock, std::string& username) {
+    // check username regex
+    if (!CNLoginServer::isUsernameGood(username)) {
+        // send a custom error message
+        INITSTRUCT(sP_FE2CL_GM_REP_PC_ANNOUNCE, msg);
+        std::string text = "Invalid login\n";
+        text += "Login has to be 4 - 32 characters long and can't contain special characters other than dash and underscore";
+        U8toU16(text, msg.szAnnounceMsg, sizeof(msg.szAnnounceMsg));
+        msg.iDuringTime = 10;
+        sock->sendPacket(msg, P_FE2CL_GM_REP_PC_ANNOUNCE);
+
+        return false;
+    }
+
+    return true;
+}
+
+bool CNLoginServer::checkToken(CNSocket* sock, Database::Account& account, std::string& token, bool isCookieAuth) {
+    // check for valid cookie first
+    if (isCookieAuth && CNLoginServer::isAuthMethodAllowed(AuthMethod::COOKIE)) {
+        const char *cookie = token.c_str();
+        if (Database::checkCookie(account.AccountID, cookie)) {
+            return true;
+        }
+    }
+
+    // cookie check failed; check to see if it's a plaintext password sent by auto-login
+    if (CNLoginServer::isAuthMethodAllowed(AuthMethod::PASSWORD)
+        && CNLoginServer::isPasswordCorrect(account.Password, token)) {
+        return true;
+    }
+
+    return false;
+}
+
+bool CNLoginServer::checkBan(CNSocket* sock, Database::Account& account) {
+    // check if the account is banned
+    if (account.BannedUntil > getTimestamp()) {
+        // send a custom error message
+        INITSTRUCT(sP_FE2CL_GM_REP_PC_ANNOUNCE, msg);
+
+        // ceiling devision
+        int64_t remainingDays = (account.BannedUntil-getTimestamp()) / 86400 + ((account.BannedUntil - getTimestamp()) % 86400 != 0);
+
+        std::string text = "Your account has been banned. \nReason: ";
+        text += account.BanReason;
+        text += "\nBan expires in " + std::to_string(remainingDays) + " day";
+        if (remainingDays > 1)
+            text += "s";
+
+        U8toU16(text, msg.szAnnounceMsg, sizeof(msg.szAnnounceMsg));
+        msg.iDuringTime = 99999999;
+        sock->sendPacket(msg, P_FE2CL_GM_REP_PC_ANNOUNCE);
+
+        return true;
+    }
+
+    return false;
+}
 #pragma endregion
--- a/src/servers/CNLoginServer.hpp
+++ b/src/servers/CNLoginServer.hpp
@ -1,6 +1,7 @@
 #pragma once

 #include "core/Core.hpp"
+#include "db/Database.hpp"

 #include "Player.hpp"

@ -23,7 +24,9 @@ enum class LoginError {
    UPDATED_EUALA_REQUIRED = 9
 };

-enum class LoginType {
+#define USE_COOKIE_FIELDS 2
+
+enum class AuthMethod {
    PASSWORD = 1,
    COOKIE = 2
 };
@ -44,12 +47,17 @@ private:
    static void changeName(CNSocket* sock, CNPacketData* data);
    static void duplicateExit(CNSocket* sock, CNPacketData* data);

-    static bool isUsernameGood(std::string login);
-    static bool isPasswordGood(std::string password);
+    static bool isUsernameGood(std::string& login);
+    static bool isPasswordGood(std::string& password);
    static bool isPasswordCorrect(std::string actualPassword, std::string tryPassword);
    static bool isAccountInUse(int accountId);
    static bool isCharacterNameGood(std::string Firstname, std::string Lastname);
-    static bool isLoginTypeAllowed(LoginType loginType);
+    static bool isAuthMethodAllowed(AuthMethod authMethod);
+    static bool checkUsername(CNSocket* sock, std::string& username);
+    static bool checkPassword(CNSocket* sock, std::string& password);
+    static bool checkToken(CNSocket* sock, Database::Account& account, std::string& token, bool isCookieAuth);
+    static bool checkBan(CNSocket* sock, Database::Account& account);
+
    static void newAccount(CNSocket* sock, std::string userLogin, std::string userPassword, int32_t clientVerC);
    // returns true if success
    static bool exitDuplicate(int accountId);
--- a/src/servers/Monitor.cpp
+++ b/src/servers/Monitor.cpp
@ -180,9 +180,14 @@ SOCKET Monitor::init() {
    }

    address.sin_family = AF_INET;
-    address.sin_addr.s_addr = INADDR_ANY;
    address.sin_port = htons(settings::MONITORPORT);

+    if (!inet_pton(AF_INET, settings::MONITORLISTENIP.c_str(), &address.sin_addr)) {
+        std::cout << "Failed to set monitor listen address" << std::endl;
+        printSocketError("inet_pton");
+        exit(1);
+    }
+
    if (SOCKETERROR(bind(listener, (struct sockaddr*)&address, sizeof(address)))) {
        std::cout << "Failed to bind to monitor port" << std::endl;
        printSocketError("bind");
@ -206,7 +211,7 @@ SOCKET Monitor::init() {
        exit(EXIT_FAILURE);
    }

-    std::cout << "Monitor listening on *:" << settings::MONITORPORT << std::endl;
+    std::cout << "Monitor listening on " << settings::MONITORLISTENIP << ":" << settings::MONITORPORT << std::endl;

    REGISTER_SHARD_TIMER(tick, settings::MONITORINTERVAL);

--- a/src/settings.cpp
+++ b/src/settings.cpp
@ -9,6 +9,7 @@
 // defaults :)
 int settings::VERBOSITY = 1;
 bool settings::SANDBOX = true;
+std::string settings::SANDBOXEXTRAPATH = "";

 int settings::LOGINPORT = 23000;
 bool settings::APPROVEALLNAMES = true;
@ -63,6 +64,7 @@ bool settings::DISABLEFIRSTUSEFLAG = true;
 // monitor settings
 bool settings::MONITORENABLED = false;
 int settings::MONITORPORT = 8003;
+std::string settings::MONITORLISTENIP = "127.0.0.1";
 int settings::MONITORINTERVAL = 5000;

 // event mode settings
@ -85,6 +87,7 @@ void settings::init() {

    VERBOSITY = reader.GetInteger("", "verbosity", VERBOSITY);
    SANDBOX = reader.GetBoolean("", "sandbox", SANDBOX);
+    SANDBOXEXTRAPATH = reader.Get("", "sandboxextrapath", SANDBOXEXTRAPATH);
    LOGINPORT = reader.GetInteger("login", "port", LOGINPORT);
    APPROVEALLNAMES = reader.GetBoolean("login", "acceptallcustomnames", APPROVEALLNAMES);
    AUTOCREATEACCOUNTS = reader.GetBoolean("login", "autocreateaccounts", AUTOCREATEACCOUNTS);
@ -119,5 +122,6 @@ void settings::init() {
    IZRACESCORECAPPED = reader.GetBoolean("shard", "izracescorecapped", IZRACESCORECAPPED);
    MONITORENABLED = reader.GetBoolean("monitor", "enabled", MONITORENABLED);
    MONITORPORT = reader.GetInteger("monitor", "port", MONITORPORT);
+    MONITORLISTENIP = reader.Get("monitor", "listenip", MONITORLISTENIP);
    MONITORINTERVAL = reader.GetInteger("monitor", "interval", MONITORINTERVAL);
 }
--- a/src/settings.hpp
+++ b/src/settings.hpp
@ -1,10 +1,13 @@
 #pragma once

+#include <stdint.h>
 #include <string>
+#include <time.h>

 namespace settings {
    extern int VERBOSITY;
    extern bool SANDBOX;
+    extern std::string SANDBOXEXTRAPATH;
    extern int LOGINPORT;
    extern bool APPROVEALLNAMES;
    extern bool AUTOCREATEACCOUNTS;
@ -37,6 +40,7 @@ namespace settings {
    extern int EVENTMODE;
    extern bool MONITORENABLED;
    extern int MONITORPORT;
+    extern std::string MONITORLISTENIP;
    extern int MONITORINTERVAL;
    extern bool DISABLEFIRSTUSEFLAG;
    extern bool IZRACESCORECAPPED;
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 8c98c8368243a6e2a10cc5fe273236754f896e6a
+Subproject commit bdb611b092b43b2490f9f3866374a49d811c0826
--- a/vendor/bcrypt/bcrypt.c
+++ b/vendor/bcrypt/bcrypt.c
@ -22,13 +22,14 @@
 #endif
 #include <errno.h>

-#if defined(_WIN32) || defined(_WIN64)
-// On windows we need to generate random bytes differently.
 #if defined(_WIN32) && !defined(_WIN64)
 typedef __int32 ssize_t;
 #elif defined(_WIN32) && defined(_WIN64)
 typedef __int64 ssize_t;
 #endif
+
+#if defined(_WIN32) || defined(_WIN64)
+// On windows we need to generate random bytes differently.
 #define BCRYPT_HASHSIZE 60

 #include "bcrypt.h"
@ -37,9 +38,10 @@ typedef __int64 ssize_t;
 #include <wincrypt.h> /* CryptAcquireContext, CryptGenRandom */
 #else
 #include "bcrypt.h"
-#include "ow-crypt.h"
 #endif

+#include "ow-crypt.h"
+
 #define RANDBYTES (16)

 static int try_close(int fd)
Author	SHA1	Message	Date
Gent Semaj	234ec46f36	Move timingSafeStrcmp to main	2024-11-16 19:16:49 -08:00
Gent Semaj	4d0553e9ef	Refactor login packet handler for more flexible auth	2024-11-16 13:42:20 -08:00
Gent Semaj	1543dac4e0	BUILD - Optimize Dockerfile by using alpine as base image (#277 )	2024-10-28 21:26:25 -07:00
Gent Semaj	ae327cc104	Use FE2CL_..._AROUND, _AROUND_DEL packets (#295 ) * Use FE2CL_..._AROUND, _AROUND_DEL packets * Use increased buffer size for 728 and 1013 protocols	2024-10-28 20:49:34 -07:00
Gent Semaj	6ffde9bb44	Replace most usages of CN_PACKET_BUFFER_SIZE with usable body size	2024-10-28 20:39:25 -07:00
dongresource	8568fd1c46	Restore the check that makes sure mob paths start from their spawn point This was added in `599bbedd` and accidentally removed during the TableData refactor in `c960b062`.	2024-10-19 04:26:09 +02:00
dongresource	05a5303522	Fix one-off mobs respawning if their regenTime is 0	2024-10-19 04:25:08 +02:00
dongresource	3365cb53b7	Only listen for monitor connections on localhost by default This is to prevent accidental exposure of the monitor port to the public internet if a server admin enables the monitor port without it being properly firewalled. There is now a config option that lets you override the address to bind to, so that it can still be made available to other machines over private networks such as Wireguard.	2024-10-17 01:04:50 +02:00
dongresource	5e92a58134	Print server types when starting servers Should have done this back when I added serverType.	2024-10-17 01:04:50 +02:00
dongresource	94064e1865	[sandbox] Print error message on seccomp sandbox violation Co-authored-by: cpunch <sethtstubbs@gmail.com>	2024-10-17 01:04:50 +02:00
dongresource	5e73ff272d	[sandbox] Add make target for building without Landlock	2024-10-17 01:04:47 +02:00
dongresource	197ccad0eb	[sandbox] Landlock support * Support disabling Landlock at compile time or runtime if unsupported, without disabling seccomp * Support older Landlock ABI versions * Support an extra arbitrary RW path, inteded for the coredump dir * Support database locations other than the working directory	2024-10-17 01:03:06 +02:00
CakeLancelot	68b56e7c25	Docker: disable sandbox to fix crashes and update Dockerfile/compose.yml (#294 ) Additionally: * Add EXPOSE hints to Dockerfile * as -> AS in Dockerfile to resolve warning * Point docker-compose to our docker hub image * Remove version property in docker-compose.yml as it was deprecated	2024-10-15 01:00:37 -05:00
CakeLancelot	cada1bcfd8	Update check-builds.yaml * Install SQLite3 headers as they arent included in the Ubuntu 24.04 image (only includes CLI currently): https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2404-Readme.md * Change copy-artifacts task to also use ubuntu-latest	2024-10-14 22:48:41 -05:00
Juansecu	ca43a2996a	BUILD - Fix build of Docker image for different archs (#293 )	2024-10-14 17:22:45 -05:00
dongresource	7c66041a6f	Add make target for building without the sandbox	2024-10-12 15:42:26 +02:00
dongresource	2c822e210b	[bcrypt] Fix missing include on Windows Co-authored-by: Jade Shrinemaiden <jadeshrinemaiden@gmail.com>	2024-10-12 15:15:36 +02:00
Juansecu	352fa8a133	BUILD - Expose ports used by the application server in Dockerfile	2024-10-09 19:13:54 -05:00
CakeLancelot	c116794c83	README updates Create dockerhub pull badge Change links from wiki to website	2024-10-08 22:00:45 -05:00
CakeLancelot	4ebda6066c	Docker: add manual workflow dispatch and auto install QEMU	2024-10-08 21:52:05 -05:00
Gent Semaj	6de21277d6	Fix eruption attacks cancelling when no targets are in range	2024-10-08 19:18:00 -07:00
CakeLancelot	397700e909	Update version numbers in README	2024-10-06 23:26:36 -05:00
Gent Semaj	d9b6aedd5b	Fix nested ifdefs for windows	2024-10-06 20:58:20 -07:00
CakeLancelot	145113062b	Update tdata reference to fix invalid label	2024-10-05 16:51:39 -05:00
dongresource	d717c5d74d	Update tdata reference for the car paths	2024-09-22 04:28:28 +02:00
Gent Semaj	a6eb0e2349	Auth Cookie Support (#285 ) * Auth cookie support * Add config option for auth cookie support * Safe handling of TEGid/auth_id strings * Fix bad size calculation due to pointer cast * Expiration timestamp instead of valid bit * Change setting to "allowed auth methods" This allows plaintext password auth to be disabled altogether * PR feedback	2024-09-17 20:41:48 -07:00
Juansecu	2096c3c3cc	BUILD - Optimize Dockerfile by using alpine as base image	2024-06-08 21:55:03 -05:00