CSM restrictions: Make 'LOAD_CLIENT_MODS' disable loading of 'builtin' (#8000)
Previously, when the CSM restriction 'LOAD_CLIENT_MODS' was used a client was still able to add CSM code to 'builtin' to bypass that restriction, because 'builtin' is not yet verified. Until server-sent CSM and verifying of 'builtin' are complete, make 'LOAD_CLIENT_MODS' disable the loading of builtin. Clarify code comments and messages to distinguish between client-side modding and client-side scripting. 'Scripting' includes 'builtin', 'modding' does not.
This commit is contained in:
parent
c26eab6319
commit
ceacff13a6
@ -1189,14 +1189,16 @@ block_send_optimize_distance (Block send optimize distance) int 4 2
|
||||
# so that the utility of noclip mode is reduced.
|
||||
server_side_occlusion_culling (Server side occlusion culling) bool true
|
||||
|
||||
# Restricts the access of certain client-side functions on servers
|
||||
# Combine these byteflags below to restrict client-side features:
|
||||
# LOAD_CLIENT_MODS: 1 (disable client mods loading)
|
||||
# Restricts the access of certain client-side functions on servers.
|
||||
# Combine the byteflags below to restrict client-side features, or set to 0
|
||||
# for no restrictions:
|
||||
# LOAD_CLIENT_MODS: 1 (disable loading client-provided mods)
|
||||
# CHAT_MESSAGES: 2 (disable send_chat_message call client-side)
|
||||
# READ_ITEMDEFS: 4 (disable get_item_def call client-side)
|
||||
# READ_NODEDEFS: 8 (disable get_node_def call client-side)
|
||||
# LOOKUP_NODES_LIMIT: 16 (limits get_node call client-side to
|
||||
# csm_restriction_noderange)
|
||||
# READ_PLAYERINFO: 32 (disable get_player_names call client-side)
|
||||
csm_restriction_flags (Client side modding restrictions) int 62
|
||||
|
||||
# If the CSM restriction for node range is enabled, get_node calls are limited
|
||||
|
@ -110,7 +110,8 @@ Client::Client(
|
||||
m_cache_save_interval = g_settings->getU16("server_map_save_interval");
|
||||
|
||||
m_modding_enabled = g_settings->getBool("enable_client_modding");
|
||||
// Only create the client script environment if client modding is enabled
|
||||
// Only create the client script environment if client scripting is enabled by the
|
||||
// client.
|
||||
if (m_modding_enabled) {
|
||||
m_script = new ClientScripting(this);
|
||||
m_env.setScript(m_script);
|
||||
@ -125,10 +126,22 @@ void Client::loadMods()
|
||||
return;
|
||||
}
|
||||
|
||||
// If client modding is not enabled, don't load client-provided CSM mods or
|
||||
// builtin.
|
||||
// If client scripting is disabled by the client, don't load builtin or
|
||||
// client-provided mods.
|
||||
if (!m_modding_enabled) {
|
||||
warningstream << "Client side mods are disabled by configuration." << std::endl;
|
||||
warningstream << "Client side scripting is disabled by client." << std::endl;
|
||||
return;
|
||||
}
|
||||
|
||||
// If client scripting is disabled by the server, don't load builtin or
|
||||
// client-provided mods.
|
||||
// TODO Delete this code block when server-sent CSM and verifying of builtin are
|
||||
// complete.
|
||||
if (checkCSMRestrictionFlag(CSMRestrictionFlags::CSM_RF_LOAD_CLIENT_MODS)) {
|
||||
warningstream << "Client-provided mod loading is disabled by server." <<
|
||||
std::endl;
|
||||
// This line is needed because builtin is not loaded
|
||||
m_modding_enabled = false;
|
||||
return;
|
||||
}
|
||||
|
||||
@ -136,16 +149,19 @@ void Client::loadMods()
|
||||
scanModIntoMemory(BUILTIN_MOD_NAME, getBuiltinLuaPath());
|
||||
m_script->loadModFromMemory(BUILTIN_MOD_NAME);
|
||||
|
||||
// If the server has disabled client-provided CSM mod loading, don't load
|
||||
// client-provided CSM mods. Builtin is loaded so needs verfying.
|
||||
// TODO Uncomment when server-sent CSM and verifying of builtin are complete
|
||||
/*
|
||||
// Don't load client-provided mods if disabled by server
|
||||
if (checkCSMRestrictionFlag(CSMRestrictionFlags::CSM_RF_LOAD_CLIENT_MODS)) {
|
||||
warningstream << "Client side mods are disabled by server." << std::endl;
|
||||
warningstream << "Client-provided mod loading is disabled by server." <<
|
||||
std::endl;
|
||||
// If builtin integrity is wrong, disconnect user
|
||||
if (!checkBuiltinIntegrity()) {
|
||||
// @TODO disconnect user
|
||||
// TODO disconnect user
|
||||
}
|
||||
return;
|
||||
}
|
||||
*/
|
||||
|
||||
ClientModConfiguration modconf(getClientModsLuaPath());
|
||||
m_mods = modconf.getMods();
|
||||
@ -155,7 +171,7 @@ void Client::loadMods()
|
||||
}
|
||||
|
||||
// Print mods
|
||||
infostream << "Client Loading mods: ";
|
||||
infostream << "Client loading mods: ";
|
||||
for (const ModSpec &mod : m_mods)
|
||||
infostream << mod.name << " ";
|
||||
infostream << std::endl;
|
||||
@ -181,7 +197,7 @@ void Client::loadMods()
|
||||
|
||||
bool Client::checkBuiltinIntegrity()
|
||||
{
|
||||
// @TODO
|
||||
// TODO
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -1891,7 +1891,7 @@ void Game::processKeyInput()
|
||||
if (client->moddingEnabled())
|
||||
openConsole(0.2, L".");
|
||||
else
|
||||
m_game_ui->showStatusText(wgettext("CSM is disabled"));
|
||||
m_game_ui->showStatusText(wgettext("Client side scripting is disabled"));
|
||||
} else if (wasKeyDown(KeyType::CONSOLE)) {
|
||||
openConsole(core::clamp(g_settings->getFloat("console_height"), 0.1f, 1.0f));
|
||||
} else if (wasKeyDown(KeyType::FREEMOVE)) {
|
||||
@ -2554,7 +2554,7 @@ void Game::handleClientEvent_PlayerForceMove(ClientEvent *event, CameraOrientati
|
||||
|
||||
void Game::handleClientEvent_Deathscreen(ClientEvent *event, CameraOrientation *cam)
|
||||
{
|
||||
// If CSM enabled, deathscreen is handled by CSM code in
|
||||
// If client scripting is enabled, deathscreen is handled by CSM code in
|
||||
// builtin/client/init.lua
|
||||
if (client->moddingEnabled())
|
||||
client->getScript()->on_death();
|
||||
|
@ -947,7 +947,11 @@ enum PlayerListModifer: u8
|
||||
|
||||
enum CSMRestrictionFlags : u64 {
|
||||
CSM_RF_NONE = 0x00000000,
|
||||
CSM_RF_LOAD_CLIENT_MODS = 0x00000001, // Disable mods provided by clients
|
||||
// Until server-sent CSM and verifying of builtin are complete,
|
||||
// 'CSM_RF_LOAD_CLIENT_MODS' also disables loading 'builtin'.
|
||||
// When those are complete, this should return to only being a restriction on the
|
||||
// loading of client mods.
|
||||
CSM_RF_LOAD_CLIENT_MODS = 0x00000001, // Don't load client-provided mods or 'builtin'
|
||||
CSM_RF_CHAT_MESSAGES = 0x00000002, // Disable chat message sending from CSM
|
||||
CSM_RF_READ_ITEMDEFS = 0x00000004, // Disable itemdef lookups
|
||||
CSM_RF_READ_NODEDEFS = 0x00000008, // Disable nodedef lookups
|
||||
|
Loading…
x
Reference in New Issue
Block a user