diff --git a/CMakeLists.txt b/CMakeLists.txt index 9e3119e4..650fc0c2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -87,7 +87,7 @@ elseif(UNIX) -fno-stack-protector -fstrict-enums -fno-spell-checking \ -fno-coverage-mapping -fstrict-vtable-pointers -finline-functions \ -finline-hint-functions -fshort-enums -fno-unroll-loops \ - ") + -flto -fwhole-program-vtables") # these only work on 3.9+ -finline-functions -finline-hint-functions # these only work on 3.8+ -fno-coverage-mapping -fstrict-vtable-pointers diff --git a/engine/server/library/serverGame/src/shared/core/Client.cpp b/engine/server/library/serverGame/src/shared/core/Client.cpp index 7459c3b5..011891c2 100755 --- a/engine/server/library/serverGame/src/shared/core/Client.cpp +++ b/engine/server/library/serverGame/src/shared/core/Client.cpp @@ -1007,12 +1007,18 @@ void Client::receiveClientMessage(const GameNetworkMessage & message) // check to make sure the controller message is allowed from the client bool allowFromClient = ControllerMessageFactory::allowFromClient(o.getMessage()); - // log as a possible hack - if (!allowFromClient) - LOG("CustomerService", ("UnauthorizedControllerMessage: Player %s sent an unauthorized controller message %d for object %s.", PlayerObject::getAccountDescription(getCharacterObjectId()).c_str(), o.getMessage(), o.getNetworkId().getValueString().c_str())); - - // do we allow the controller message to get executed? - if (allowFromClient || isGod() || !ConfigServerGame::getEnableClientControllerMessageCheck()) + // we default this to true so that unless + // a controller message is explicitly marked as being allowed + // from the client, or the client is a GM, it will be dropped when the game server + // receives it; this will have the effect of forcing the + // programmer to make a conscious decision to mark the + // controller message as allowable from the client; because + // controller message coming from the client is not secured, + // the mechanism to prevent a hacked client from sending the + // game server any controller message is to explicity "mark" + // those controller messages that are allowed from the client + + if (allowFromClient || isGod()) { ServerObject * target = findControlledObject(o.getNetworkId()); if(target !=0) @@ -1045,9 +1051,14 @@ void Client::receiveClientMessage(const GameNetworkMessage & message) } } } + } else { + // log as a likely hack + LOG("CustomerService", ("UnauthorizedControllerMessage: Player %s sent an unauthorized controller message %d for object %s.", PlayerObject::getAccountDescription(getCharacterObjectId()).c_str(), o.getMessage(), o.getNetworkId().getValueString().c_str())); } - if (!appended) + + if (!appended) { delete o.getData(); + } break; } diff --git a/engine/server/library/serverGame/src/shared/core/ConfigServerGame.cpp b/engine/server/library/serverGame/src/shared/core/ConfigServerGame.cpp index db741cc6..6b12672f 100755 --- a/engine/server/library/serverGame/src/shared/core/ConfigServerGame.cpp +++ b/engine/server/library/serverGame/src/shared/core/ConfigServerGame.cpp @@ -339,23 +339,6 @@ void ConfigServerGame::install(void) KEY_FLOAT (lineOfSightCacheMinHeight, 0.8f); KEY_FLOAT (lineOfSightLocationRoundValue, 5.0f); -#ifdef _DEBUG - // in debug mode, we default this to true so that unless - // a controller message is explicitly marked as being allowed - // from the client, it will be dropped when the game server - // receives it; this will have the effect of forcing the - // programmer to make a conscious decision to mark the - // controller message as allowable from the client; because - // controller message coming from the client is not secured, - // the mechanism to prevent a hacked client from sending the - // game server any controller message is to explicity "mark" - // those controller messages that are allowed from the client - KEY_BOOL (enableClientControllerMessageCheck, true); -#else - // for live, the this option will be set to true in the config file - KEY_BOOL (enableClientControllerMessageCheck, false); -#endif - KEY_INT (maxWaypointsPerCharacter,100); // Keep this in sync with the maxWaypoints value in ConfigClientGame.cpp KEY_FLOAT (maxSmallCreatureHeight, 0.7f); KEY_FLOAT (smallCreatureUpdateRadius, 64.0f); diff --git a/engine/server/library/serverGame/src/shared/core/ConfigServerGame.h b/engine/server/library/serverGame/src/shared/core/ConfigServerGame.h index ca513ac7..36cb3ee1 100755 --- a/engine/server/library/serverGame/src/shared/core/ConfigServerGame.h +++ b/engine/server/library/serverGame/src/shared/core/ConfigServerGame.h @@ -393,7 +393,6 @@ class ConfigServerGame bool fatalOnGoldPobChange; - bool enableClientControllerMessageCheck; int maxWaypointsPerCharacter; float maxSmallCreatureHeight; @@ -916,8 +915,6 @@ class ConfigServerGame static bool getFatalOnGoldPobChange(); - static bool getEnableClientControllerMessageCheck(); - static int getMaxWaypointsPerCharacter(); static float getMaxSmallCreatureHeight(); @@ -2829,13 +2826,6 @@ inline bool ConfigServerGame::getFatalOnGoldPobChange() //------------------------------------------------------------ -inline bool ConfigServerGame::getEnableClientControllerMessageCheck() -{ - return data->enableClientControllerMessageCheck; -} - -// ---------------------------------------------------------------------- - inline float ConfigServerGame::getMaxSmallCreatureHeight() { return data->maxSmallCreatureHeight;