From 17f710bfd539cc0140503363578913ed6aa3376e Mon Sep 17 00:00:00 2001
From: luk3yx <luk3yx@users.noreply.github.com>
Date: Fri, 5 Aug 2022 20:40:29 +1200
Subject: [PATCH] Send SSCSMs in singleplayer and add more APIs to SSCSM
 sandbox (#72)

---
 builtin/client/sscsm.lua          | 25 +++++++++++++++++++++++--
 builtin/game/sscsm/init.lua       | 31 ++++++++++++++-----------------
 src/script/cpp_api/s_security.cpp |  1 +
 3 files changed, 38 insertions(+), 19 deletions(-)

diff --git a/builtin/client/sscsm.lua b/builtin/client/sscsm.lua
index 99089e227..81bd00ef4 100644
--- a/builtin/client/sscsm.lua
+++ b/builtin/client/sscsm.lua
@@ -176,9 +176,10 @@ end
 local env = Env:new_empty()
 
 -- Clone everything
-env:add_globals("assert", "dump", "dump2", "error", "ipairs", "math",
+env:add_globals("assert", "chacha", "dump", "dump2", "error", "ipairs", "math",
 	"next", "pairs", "pcall", "select", "setmetatable", "string", "table",
-	"tonumber", "tostring", "type", "vector", "xpcall", "_VERSION", "utf8")
+	"tonumber", "tostring", "type", "vector", "xpcall", "_VERSION", "utf8",
+	"PLATFORM")
 
 env:set_copy("os", {clock = os.clock, difftime = os.difftime, time = os.time})
 
@@ -219,6 +220,26 @@ do
 		t[k] = safe_funcs[func] or func
 	end
 
+	local core_settings = core.settings
+	local sub = string.sub
+	local function setting_safe(key)
+		return type(key) == "string" and sub(key, 1, 7) ~= "secure." and
+			key ~= "password"
+	end
+
+	t.settings = {
+		get = function(_, key)
+			if setting_safe(key) then
+				return core_settings:get(key)
+			end
+		end,
+		get_bool = function(_, key, default)
+			if setting_safe(key) then
+				return core_settings:get_bool(key, default)
+			end
+		end,
+	}
+
 	env:set_copy("minetest", t)
 end
 
diff --git a/builtin/game/sscsm/init.lua b/builtin/game/sscsm/init.lua
index 8f6beac10..643510dbf 100644
--- a/builtin/game/sscsm/init.lua
+++ b/builtin/game/sscsm/init.lua
@@ -143,24 +143,21 @@ core.register_on_mods_loaded(recalc_csm_order)
 -- Handle players joining
 local has_sscsms = {}
 local mod_channel = core.mod_channel_join("sscsm:exec_pipe")
-if not core.is_singleplayer() then
-	core.register_on_modchannel_message(function(channel_name, sender, message)
-		if channel_name ~= "sscsm:exec_pipe" or not sender or
-				not mod_channel:is_writeable() or message ~= "0" or
-				sender:find("\n") or has_sscsms[sender] then
-			return
+core.register_on_modchannel_message(function(channel_name, sender, message)
+	if channel_name ~= "sscsm:exec_pipe" or not sender or
+			not mod_channel:is_writeable() or message ~= "0" or
+			sender:find("\n") or has_sscsms[sender] then
+		return
+	end
+	core.log("info", "[SSCSM] Sending CSMs on request for " .. sender .. "...")
+	for _, name in ipairs(csm_order) do
+		local def = sscsm.registered_csms[name]
+		if not def.is_enabled_for or def.is_enabled_for(sender) then
+			mod_channel:send_all("0" .. sender .. "\n" .. name
+				.. "\n" .. sscsm.registered_csms[name].code)
 		end
-		core.log("action", "[SSCSM] Sending CSMs on request for " .. sender
-			.. "...")
-		for _, name in ipairs(csm_order) do
-			local def = sscsm.registered_csms[name]
-			if not def.is_enabled_for or def.is_enabled_for(sender) then
-				mod_channel:send_all("0" .. sender .. "\n" .. name
-					.. "\n" .. sscsm.registered_csms[name].code)
-			end
-		end
-	end)
-end
+	end
+end)
 
 -- Register the SSCSM "builtins"
 sscsm.register({
diff --git a/src/script/cpp_api/s_security.cpp b/src/script/cpp_api/s_security.cpp
index aaff8ecb1..e8b7d5f71 100644
--- a/src/script/cpp_api/s_security.cpp
+++ b/src/script/cpp_api/s_security.cpp
@@ -256,6 +256,7 @@ void ScriptApiSecurity::initializeSecurityClient()
 		"_VERSION",
 		"xpcall",
 		// Completely safe libraries
+		"chacha",
 		"coroutine",
 		"string",
 		"table",