Fixed/extended/modified ban stuff to be good for inclusion

commands:
/#ipban <nick>
/#ipunban <ip>

.gitignore

@@ -9,6 +9,7 @@ src/jthread/CMakeFiles/*
 src/jthread/Makefile
 src/jthread/cmake_config.h
 src/jthread/cmake_install.cmake
+.*.swp
 minetest.conf
 bin/
 CMakeCache.txt

src/CMakeLists.txt

@@ -127,6 +127,7 @@ set(common_SRCS
 	test.cpp
 	sha1.cpp
 	base64.cpp
+	ban.cpp
 )
 
 # This gives us the icon

src/auth.cpp

@@ -40,6 +40,8 @@ std::string privsToString(u64 privs)
 		os<<"privs,";
 	if(privs & PRIV_SHOUT)
 		os<<"shout,";
+	if(privs & PRIV_BAN)
+		os<<"ban,";
 	if(os.tellp())
 	{
 		// Drop the trailing comma. (Why on earth can't
@@ -70,6 +72,8 @@ u64 stringToPrivs(std::string str)
 			privs |= PRIV_PRIVS;
 		else if(s == "shout")
 			privs |= PRIV_SHOUT;
+		else if(s == "ban")
+			privs |= PRIV_BAN;
 		else
 			return PRIV_INVALID;
 	}

src/auth.h

@@ -38,6 +38,7 @@ const u64 PRIV_SERVER = 16;          // Can manage the server (e.g. shutodwn
                                      // ,settings)
 const u64 PRIV_SHOUT = 32;           // Can broadcast chat messages to all
                                      // players
+const u64 PRIV_BAN = 64;             // Can ban players
 
 // Default privileges - these can be overriden for new players using the
 // config option "default_privs" - however, this value still applies for

src/ban.cpp

@@ -0,0 +1,163 @@
+/*
+Minetest-c55
+Copyright (C) 2011 celeron55, Perttu Ahola <celeron55@gmail.com>
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along
+with this program; if not, write to the Free Software Foundation, Inc.,
+51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+
+#include "ban.h"
+#include <fstream>
+#include <jmutexautolock.h>
+#include <sstream>
+#include <set>
+#include "strfnd.h"
+#include "debug.h"
+
+BanManager::BanManager(const std::string &banfilepath):
+		m_banfilepath(banfilepath),
+		m_modified(false)
+{
+	m_mutex.Init();
+	try{
+		load();
+	}
+	catch(SerializationError &e)
+	{
+		dstream<<"WARNING: BanManager: creating "
+				<<m_banfilepath<<std::endl;
+	}
+}
+
+BanManager::~BanManager()
+{
+	save();
+}
+
+void BanManager::load()
+{
+	JMutexAutoLock lock(m_mutex);
+	dstream<<"BanManager: loading from "<<m_banfilepath<<std::endl;
+	std::ifstream is(m_banfilepath.c_str(), std::ios::binary);
+	if(is.good() == false)
+	{
+		dstream<<"BanManager: failed loading from "<<m_banfilepath<<std::endl;
+		throw SerializationError("BanManager::load(): Couldn't open file");
+	}
+	
+	for(;;)
+	{
+		if(is.eof() || is.good() == false)
+			break;
+		std::string line;
+		std::getline(is, line, '\n');
+		Strfnd f(line);
+		std::string ip = trim(f.next("|"));
+		std::string name = trim(f.next("|"));
+		if(ip.empty())
+			continue;
+		m_ips[ip] = name;
+	}
+	m_modified = false;
+}
+
+void BanManager::save()
+{
+	JMutexAutoLock lock(m_mutex);
+	dstream<<"BanManager: saving to "<<m_banfilepath<<std::endl;
+	std::ofstream os(m_banfilepath.c_str(), std::ios::binary);
+	
+	if(os.good() == false)
+	{
+		dstream<<"BanManager: failed loading from "<<m_banfilepath<<std::endl;
+		throw SerializationError("BanManager::load(): Couldn't open file");
+	}
+
+	for(std::map<std::string, std::string>::iterator
+			i = m_ips.begin();
+			i != m_ips.end(); i++)
+	{
+		os<<i->first<<"|"<<i->second<<"\n";
+	}
+	m_modified = false;
+}
+
+bool BanManager::isIpBanned(const std::string &ip)
+{
+	JMutexAutoLock lock(m_mutex);
+	return m_ips.find(ip) != m_ips.end();
+}
+
+std::string BanManager::getBanDescription(const std::string &ip_or_name)
+{
+	JMutexAutoLock lock(m_mutex);
+	std::string s = "";
+	for(std::map<std::string, std::string>::iterator
+			i = m_ips.begin();
+			i != m_ips.end(); i++)
+	{
+		if(i->first == ip_or_name || i->second == ip_or_name
+				|| ip_or_name == "")
+			s += i->first + "|" + i->second + ", ";
+	}
+	s = s.substr(0, s.size()-2);
+	return s;
+}
+
+std::string BanManager::getBanName(const std::string &ip)
+{
+	JMutexAutoLock lock(m_mutex);
+	std::map<std::string, std::string>::iterator i = m_ips.find(ip);
+	if(i == m_ips.end())
+		return "";
+	return i->second;
+}
+
+void BanManager::add(const std::string &ip, const std::string &name)
+{
+	JMutexAutoLock lock(m_mutex);
+	m_ips[ip] = name;
+	m_modified = true;
+}
+
+void BanManager::remove(const std::string &ip_or_name)
+{
+	JMutexAutoLock lock(m_mutex);
+	//m_ips.erase(m_ips.find(ip));
+	// Find out all ip-name pairs that match the ip or name
+	std::set<std::string> ips_to_delete;
+	for(std::map<std::string, std::string>::iterator
+			i = m_ips.begin();
+			i != m_ips.end(); i++)
+	{
+		if(i->first == ip_or_name || i->second == ip_or_name)
+			ips_to_delete.insert(i->first);
+	}
+	// Erase them
+	for(std::set<std::string>::iterator
+			i = ips_to_delete.begin();
+			i != ips_to_delete.end(); i++)
+	{
+		m_ips.erase(*i);
+	}
+	m_modified = true;
+}
+	
+
+bool BanManager::isModified()
+{
+	JMutexAutoLock lock(m_mutex);
+	return m_modified;
+}
+

src/ban.h

@@ -0,0 +1,52 @@
+/*
+Minetest-c55
+Copyright (C) 2011 celeron55, Perttu Ahola <celeron55@gmail.com>
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along
+with this program; if not, write to the Free Software Foundation, Inc.,
+51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+
+#ifndef BAN_HEADER
+#define BAN_HEADER
+
+#include <map>
+#include <string>
+#include <jthread.h>
+#include <jmutex.h>
+#include "common_irrlicht.h"
+#include "exceptions.h"
+
+class BanManager
+{
+public:
+	BanManager(const std::string &bannfilepath);
+	~BanManager();
+	void load();
+	void save();
+	bool isIpBanned(const std::string &ip);
+	// Supplying ip_or_name = "" lists all bans.
+	std::string getBanDescription(const std::string &ip_or_name);
+	std::string getBanName(const std::string &ip);
+	void add(const std::string &ip, const std::string &name);
+	void remove(const std::string &ip_or_name);
+	bool isModified();
+private:
+	JMutex m_mutex;
+	std::string m_banfilepath;
+	std::map<std::string, std::string> m_ips;
+	bool m_modified;
+
+};
+
+#endif

src/environment.cpp

@@ -1191,7 +1191,7 @@ u16 ServerEnvironment::addActiveObjectRaw(ServerActiveObject *object,
 		delete object;
 		return 0;
 	}
-	/*dstream<<"INGO: ServerEnvironment::addActiveObjectRaw(): "
+	/*dstream<<"INFO: ServerEnvironment::addActiveObjectRaw(): "
 			<<"added (id="<<object->getId()<<")"<<std::endl;*/
 			
 	m_active_objects.insert(object->getId(), object);
@@ -1792,7 +1792,7 @@ u16 ClientEnvironment::addActiveObject(ClientActiveObject *object)
 		delete object;
 		return 0;
 	}
-	dstream<<"INGO: ClientEnvironment::addActiveObject(): "
+	dstream<<"INFO: ClientEnvironment::addActiveObject(): "
 			<<"added (id="<<object->getId()<<")"<<std::endl;
 	m_active_objects.insert(object->getId(), object);
 	object->addToScene(m_smgr);

src/game.cpp

@@ -1062,6 +1062,14 @@ void the_game(
 	{
 		//std::cerr<<"frame"<<std::endl;
 
+		if(client.accessDenied())
+		{
+			error_message = L"Access denied. Reason: "
+					+client.accessDeniedReason();
+			std::cout<<DTIME<<wide_to_narrow(error_message)<<std::endl;
+			break;
+		}
+
 		if(g_gamecallback->disconnect_requested)
 		{
 			g_gamecallback->disconnect_requested = false;

src/server.cpp

@@ -1063,6 +1063,7 @@ Server::Server(
 	m_env(new ServerMap(mapsavedir), this),
 	m_con(PROTOCOL_ID, 512, CONNECTION_TIMEOUT, this),
 	m_authmanager(mapsavedir+"/auth.txt"),
+	m_banmanager(mapsavedir+"/ipban.txt"),
 	m_thread(this),
 	m_emergethread(this),
 	m_time_counter(0),
@@ -1834,6 +1835,10 @@ void Server::AsyncRunStep()
 			// Auth stuff
 			if(m_authmanager.isModified())
 				m_authmanager.save();
+
+			//Bann stuff
+			if(m_banmanager.isModified())
+				m_banmanager.save();
 			
 			// Map
 			JMutexAutoLock lock(m_env_mutex);
@@ -1923,6 +1928,16 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
 				<<peer_id<<" not found"<<std::endl;
 		return;
 	}
+
+	// drop player if is ip is banned
+	if(m_banmanager.isIpBanned(peer->address.serializeString())){
+		SendAccessDenied(m_con, peer_id,
+				L"Your ip is banned. Banned name was "
+				+narrow_to_wide(m_banmanager.getBanName(
+					peer->address.serializeString())));
+		m_con.deletePeer(peer_id, false);
+		return;
+	}
 	
 	u8 peer_ser_ver = getClient(peer->id)->serialization_version;
 
@@ -1959,7 +1974,7 @@ void Server::ProcessData(u8 *data, u32 datasize, u16 peer_id)
 
 		//peer->serialization_version = deployed;
 		getClient(peer->id)->pending_serialization_version = deployed;
-
+		
 		if(deployed == SER_FMT_VER_INVALID)
 		{
 			derr_server<<DTIME<<"Server: Cannot negotiate "

src/server.h

@@ -29,6 +29,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 #include "map.h"
 #include "inventory.h"
 #include "auth.h"
+#include "ban.h"
 
 /*
 	Some random functions
@@ -455,6 +456,28 @@ public:
 			g_settings.updateConfigFile(m_configpath.c_str());
 	}
 
+	void setIpBanned(const std::string &ip, const std::string &name)
+	{
+		m_banmanager.add(ip, name);
+		return;
+	}
+
+	void unsetIpBanned(const std::string &ip_or_name)
+	{
+		m_banmanager.remove(ip_or_name);
+		return;
+	}
+
+	std::string getBanDescription(const std::string &ip_or_name)
+	{
+		return m_banmanager.getBanDescription(ip_or_name);
+	}
+
+	con::Peer* getPeerNoEx(u16 peer_id)
+	{
+		return m_con.GetPeerNoEx(peer_id);
+	}
+
 private:
 
 	// con::PeerHandler implementation.
@@ -566,6 +589,9 @@ private:
 
 	// User authentication
 	AuthManager m_authmanager;
+
+	// Bann checking
+	BanManager m_banmanager;
 	
 	/*
 		Threads

src/servercommand.cpp

@@ -183,6 +183,50 @@ void cmd_teleport(std::wostringstream &os,
 	os<< L"-!- Teleported.";
 }
 
+void cmd_banunban(std::wostringstream &os, ServerCommandContext *ctx)
+{
+	if((ctx->privs && PRIV_BAN) == 0)
+	{
+		os<<L"-!- You don't have permission to do that";
+		return;
+	}
+
+	if(ctx->parms.size() < 2)
+	{
+		std::string desc = ctx->server->getBanDescription("");
+		os<<L"-!- Ban list: "<<narrow_to_wide(desc);
+		return;
+	}
+	if(ctx->parms[0] == L"ban")
+	{
+		Player *player = ctx->env->getPlayer(wide_to_narrow(ctx->parms[1]).c_str());
+
+		if(player == NULL)
+		{
+			os<<L"-!- No such player";
+			return;
+		}
+
+		con::Peer *peer = ctx->server->getPeerNoEx(player->peer_id);
+		if(peer == NULL)
+		{
+			dstream<<__FUNCTION_NAME<<": peer was not found"<<std::endl;
+			return;
+		}
+		std::string ip_string = peer->address.serializeString();
+		ctx->server->setIpBanned(ip_string, player->getName());
+		os<<L"-!- Banned "<<narrow_to_wide(ip_string)<<L"|"
+				<<narrow_to_wide(player->getName());
+	}
+	else
+	{
+		std::string ip_or_name = wide_to_narrow(ctx->parms[1]);
+		std::string desc = ctx->server->getBanDescription(ip_or_name);
+		ctx->server->unsetIpBanned(ip_or_name);
+		os<<L"-!- Unbanned "<<narrow_to_wide(desc);
+	}
+}
+
 
 std::wstring processServerCommand(ServerCommandContext *ctx)
 {
@@ -204,6 +248,8 @@ std::wstring processServerCommand(ServerCommandContext *ctx)
 			os<<L" teleport";
 		if(privs & PRIV_PRIVS)
 			os<<L" grant revoke";
+		if(privs & PRIV_BAN)
+			os<<L" ban unban";
 	}
 	else if(ctx->parms[0] == L"status")
 	{
@@ -233,6 +279,10 @@ std::wstring processServerCommand(ServerCommandContext *ctx)
 	{
 		cmd_teleport(os, ctx);
 	}
+	else if(ctx->parms[0] == L"ban" || ctx->parms[0] == L"unban")
+	{
+		cmd_banunban(os, ctx);
+	}
 	else
 	{
 		os<<L"-!- Invalid command: " + ctx->parms[0];

src/socket.cpp

@@ -97,6 +97,16 @@ void Address::Resolve(const char *name)
 	freeaddrinfo(resolved);
 }
 
+std::string Address::serializeString()
+{
+	unsigned int a, b, c, d;
+	a = (m_address && 0xFF000000)>>24;
+	b = (m_address && 0x00FF0000)>>16;
+	c = (m_address && 0x0000FF00)>>8;
+	d = (m_address && 0x000000FF);
+	return itos(a)+"."+itos(b)+"."+itos(c)+"."+itos(d);
+}
+
 unsigned int Address::getAddress() const
 {
 	return m_address;

src/socket.h

@@ -97,6 +97,7 @@ public:
 	void setPort(unsigned short port);
 	void print(std::ostream *s) const;
 	void print() const;
+	std::string serializeString();
 private:
 	unsigned int m_address;
 	unsigned short m_port;