reemo/sockscape
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

do you know why we stopped the car again

Browse source 
that's because you're jewish
This commit is contained in:
Malloc of Kuzkycyziklistan 2017-09-13 16:02:39 -05:00
parent 978977282d
commit 07e50a3301
2 changed files with 26 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
server/Libraries/Glove/ArrayExtensions.cs
View file

@ -33,6 +33,9 @@ namespace Glove {
=> isUtf8 ? Encoding.UTF8.GetString(bytes) => isUtf8 ? Encoding.UTF8.GetString(bytes)
: Encoding.ASCII.GetString(bytes); : Encoding.ASCII.GetString(bytes);
public static bool IsAsciiString(this byte[] bytes)
=> !bytes.Any(x => x > 0x7F);
public static byte[] HostToNetworkOrder(this byte[] bytes) { public static byte[] HostToNetworkOrder(this byte[] bytes) {
if(BitConverter.IsLittleEndian) if(BitConverter.IsLittleEndian)
return bytes.Reverse().ToArray(); return bytes.Reverse().ToArray();

25
server/Socks/MasterConnection.cs
View file

@ -4,6 +4,7 @@ using System.Data.Entity;
using System.Linq; using System.Linq;
using System.Net; using System.Net;
using System.Text; using System.Text;
using System.Text.RegularExpressions;
using System.Threading.Tasks; using System.Threading.Tasks;
using Kneesocks; using Kneesocks;
using Glove; using Glove;
@ -12,6 +13,9 @@ using SockScape.Encryption;
namespace SockScape { namespace SockScape {
class MasterConnection : Connection { class MasterConnection : Connection {
private Regex UsernameRegex = new Regex("[A-Z0-9_]", RegexOptions.IgnoreCase);
private Regex EmailRegex = new Regex("\\B[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,}\\B", RegexOptions.IgnoreCase);
private Key Key; private Key Key;
public StreamCipher Encryptor { get; private set; } public StreamCipher Encryptor { get; private set; }
@ -39,6 +43,7 @@ namespace SockScape {
return; return;
} }
// TODO rate limiting by ip
switch((kInterMasterId)packet.Id) { switch((kInterMasterId)packet.Id) {
case kInterMasterId.KeyExchange: case kInterMasterId.KeyExchange:
Key.ParseResponsePacket(packet); Key.ParseResponsePacket(packet);
@ -60,7 +65,7 @@ namespace SockScape {
break; break;
} }
if(!packet[1].Str.CheckPassword(user.Password)) { if(packet[1].Str.Trim() == "" || !packet[1].Str.CheckPassword(user.Password)) {
SendEncrypted(new Packet(kInterMasterId.LoginAttempt, Convert.ToByte(false), "Password is incorrect.")); SendEncrypted(new Packet(kInterMasterId.LoginAttempt, Convert.ToByte(false), "Password is incorrect."));
break; break;
} }
@ -91,10 +96,26 @@ namespace SockScape {
} }
break; break;
case kInterMasterId.RegistrationAttempt: case kInterMasterId.RegistrationAttempt:
if(packet.RegionCount != 3)
break;
using(var db = new ScapeDb()) { using(var db = new ScapeDb()) {
if(!packet[0].Raw.IsAsciiString()) {
SendEncrypted(new Packet(kInterMasterId.RegistrationAttempt, Convert.ToByte(false), "Your username cannot contain unicode characters."));
break;
}
if(packet[0].Raw.Length > 16 || !UsernameRegex.IsMatch(packet[0].Str)) {
SendEncrypted(new Packet(kInterMasterId.RegistrationAttempt, Convert.ToByte(false), "The username is max 16 characters and can only be letters, numbers, and underscores."));
break;
}
} }
break; break;
case kInterMasterId.ServerListing:
SendEncrypted(MasterServerList.ReportPacket);
break;
default: default:
Disconnect(Frame.kClosingReason.ProtocolError, "Packet ID could not be understood at this time."); Disconnect(Frame.kClosingReason.ProtocolError, "Packet ID could not be understood at this time.");
break; break;