diff --git a/help_cmdline_params.json b/help_cmdline_params.json index 50c5b7ab7..f59f0b0ea 100644 --- a/help_cmdline_params.json +++ b/help_cmdline_params.json @@ -67,11 +67,6 @@ "incomplete" ] }, - "-enablelocalcommand": { - "flags": [ - "incomplete" - ] - }, "-forceTextureReload": { "flags": [ "incomplete" diff --git a/help_commands.json b/help_commands.json index 803a260a2..7bd714ace 100644 --- a/help_commands.json +++ b/help_commands.json @@ -1044,9 +1044,6 @@ "logtelnet": { "system-generated": true }, - "ls": { - "system-generated": true - }, "macrolist": { "description": "Prints a list of all available macros." }, @@ -1237,9 +1234,6 @@ "description": "You can fly and go thru objects free mode as spectator", "remarks": "Needs cheats support by server." }, - "nslookup": { - "system-generated": true - }, "observe": { "description": "Connects you to a server as a spectator. If no address is specified, observe will reconnect to the last visited server as a spectator.\n\nExample:\nobserve 123.124.125.126", "syntax": "
" @@ -1480,12 +1474,6 @@ "reset": { "system-generated": true }, - "rm": { - "system-generated": true - }, - "rmdir": { - "system-generated": true - }, "rotate": { "description": "Rotates the player by x degrees.\n\nExample: \"rotate 180\"\n - rotates your POV by 180 degrees.", "remarks": "Negative values can also be used for the desired angle." @@ -2095,4 +2083,4 @@ "z_ext_list": { "system-generated": true } -} \ No newline at end of file +} diff --git a/src/cmdline_params_ids.h b/src/cmdline_params_ids.h index a6e6522ba..3167f3f6f 100644 --- a/src/cmdline_params_ids.h +++ b/src/cmdline_params_ids.h @@ -69,7 +69,6 @@ CMDLINE_DEF(developer_mode, "-dev"), CMDLINE_DEF(server_progtype, "-progtype"), CMDLINE_DEF(server_enablecheats, "-cheats"), -CMDLINE_DEF(server_enablelocalcommand, "-enablelocalcommand"), CMDLINE_DEF(server_democache_kb, "-democache"), // leave trailing , diff --git a/src/server.h b/src/server.h index 70c8cd8fc..846c329f8 100644 --- a/src/server.h +++ b/src/server.h @@ -1088,7 +1088,6 @@ void SV_SetClientConnectionTime(client_t* client); #ifdef SERVERONLY // mvdsv not changed over to enums yet, which was more about documentation #define SV_CommandLineEnableCheats() (COM_CheckParm("-cheats")) -#define SV_CommandLineEnableLocalCommand() (COM_CheckParm("-enablelocalcommand")) #define SV_CommandLineDemoCacheArgument() (COM_CheckParm("-democache")) #define SV_CommandLineProgTypeArgument() (COM_CheckParm("-progtype")) #define SV_CommandLineUseMinimumMemory() (COM_CheckParm("-minmemory")) @@ -1096,7 +1095,6 @@ void SV_SetClientConnectionTime(client_t* client); #define SV_CommandLineHeapSizeMemoryMB() (COM_CheckParm("-mem")) #else #define SV_CommandLineEnableCheats() (COM_CheckParm(cmdline_param_server_enablecheats)) -#define SV_CommandLineEnableLocalCommand() (COM_CheckParm(cmdline_param_server_enablelocalcommand)) #define SV_CommandLineDemoCacheArgument() (COM_CheckParm(cmdline_param_server_democache_kb)) #define SV_CommandLineProgTypeArgument() (COM_CheckParm(cmdline_param_server_progtype)) #define SV_CommandLineUseMinimumMemory() (COM_CheckParm(cmdline_param_host_memory_minimum)) diff --git a/src/sv_ccmds.c b/src/sv_ccmds.c index e85b7b5c7..659ba4444 100644 --- a/src/sv_ccmds.c +++ b/src/sv_ccmds.c @@ -519,278 +519,6 @@ void SV_ReplaceChar(char *s, char from, char to) if (*s == from) *s = to; } -//bliP: ls, rm, rmdir, chmod -> -/*================== -SV_ListFiles_f -Lists files -==================*/ -void SV_ListFiles_f (void) -{ - dir_t dir; - file_t *list; - char *key; - char *dirname; - int i; - - if (Cmd_Argc() < 2) - { - Con_Printf ("ls \n"); - return; - } - - dirname = Cmd_Argv(1); - SV_ReplaceChar(dirname, '\\', '/'); - - // Double-check then move to FS_UnsafeFilename() ? - if ( !strncmp(dirname, "../", 3) || strstr(dirname, "/../") || *dirname == '/' - || ( (i = strlen(dirname)) < 3 ? 0 : !strncmp(dirname + i - 3, "/..", 4) ) - || !strncmp(dirname, "..", 3) -#ifdef _WIN32 - || ( dirname[1] == ':' && ((*dirname >= 'a' && *dirname <= 'z') || - (*dirname >= 'A' && *dirname <= 'Z')) - ) -#endif //_WIN32 - ) - { - Con_Printf("Unable to list %s\n", dirname); - return; - } - - Con_Printf("Content of %s/*.*\n", dirname); - dir = Sys_listdir(va("%s", dirname), ".*", SORT_BY_NAME); - list = dir.files; - if (!list->name[0]) - { - Con_Printf("No files\n"); - return; - } - - key = (Cmd_Argc() == 3) ? Cmd_Argv(2) : (char *) ""; - - //directories... - for (; list->name[0]; list++) - { - if (!strstr(list->name, key) || !list->isdir) - continue; - Con_Printf("- %s\n", list->name); - } - - list = dir.files; - - //files... - for (; list->name[0]; list++) - { - if (!strstr(list->name, key) || list->isdir) - continue; - if ((int)list->size / 1024 > 0) - Con_Printf("%s %.0fKB (%.2fMB)\n", list->name, - (float)list->size / 1024, (float)list->size / 1024 / 1024); - else - Con_Printf("%s %dB\n", list->name, list->size); - } - Con_Printf("Total: %d files, %.0fKB (%.2fMB)\n", dir.numfiles, - (float)dir.size / 1024, (float)dir.size / 1024 / 1024); -} - -/*================== -SV_RemoveDirectory_f -Removes an empty directory -==================*/ -void SV_RemoveDirectory_f (void) -{ - char *dirname; - - if (Cmd_Argc() != 2) - { - Con_Printf("rmdir \n"); - return; - } - - dirname = Cmd_Argv(1); - SV_ReplaceChar(dirname, '\\', '/'); - - if ( !strncmp(dirname, "../", 3) || strstr(dirname, "/../") || *dirname == '/' -#ifdef _WIN32 - || ( dirname[1] == ':' && ((*dirname >= 'a' && *dirname <= 'z') || - (*dirname >= 'A' && *dirname <= 'Z')) - ) -#endif //_WIN32 - ) - { - Con_Printf("Unable to remove\n"); - return; - } - - if (!Sys_rmdir(dirname)) - Con_Printf("Directory %s successfully removed\n", dirname); - else - Con_Printf("Unable to remove directory %s\n", dirname); -} - -/*================== -SV_RemoveFile_f -Remove a file -==================*/ -void SV_RemoveFile_f (void) -{ - char *dirname; - char *filename; - int i; - - if (Cmd_Argc() < 3) - { - Con_Printf("rm { | * | *} - removes a file | with token | all\n"); - return; - } - - dirname = Cmd_Argv(1); - filename = Cmd_Argv(2); - SV_ReplaceChar(dirname, '\\', '/'); - SV_ReplaceChar(filename, '\\', '/'); - - if ( !strncmp(dirname, "../", 3) || strstr(dirname, "/../") - || *dirname == '/' || strchr(filename, '/') - || ( (i = strlen(filename)) < 3 ? 0 : !strncmp(filename + i - 3, "/..", 4) ) -#ifdef _WIN32 - || ( dirname[1] == ':' && ((*dirname >= 'a' && *dirname <= 'z') || - (*dirname >= 'A' && *dirname <= 'Z')) - ) -#endif //_WIN32 - ) - { - Con_Printf("Unable to remove\n"); - return; - } - - if (*filename == '*') //token, many files - { - dir_t dir; - file_t *list; - - // remove all files with specified token - filename++; - - dir = Sys_listdir(va("%s", dirname), ".*", SORT_BY_NAME); - list = dir.files; - for (i = 0; list->name[0]; list++) - { - if (!list->isdir && strstr(list->name, filename)) - { - if (!Sys_remove(va("%s/%s", dirname, list->name))) - { - Con_Printf("Removing %s...\n", list->name); - i++; - } - } - } - if (i) - Con_Printf("%d files removed\n", i); - else - Con_Printf("No matching found\n"); - } - else // 1 file - { - if (!Sys_remove(va("%s/%s", dirname, filename))) - Con_Printf("File %s successfully removed\n", filename); - else - Con_Printf("Unable to remove file %s\n", filename); - } - - // force cache rebuild. - FS_FlushFSHash(); -} - -/*================== -SV_ChmodFile_f -Chmod a script -==================*/ -#ifndef _WIN32 -void SV_ChmodFile_f (void) -{ - char *_mode, *filename; - unsigned int mode, m; - - if (Cmd_Argc() != 3) - { - Con_Printf("chmod \n"); - return; - } - - _mode = Cmd_Argv(1); - filename = Cmd_Argv(2); - - if (!strncmp(filename, "../", 3) || strstr(filename, "/../") || - *filename == '/' || strlen(_mode) != 3 || - ( (m = strlen(filename)) < 3 ? 0 : !strncmp(filename + m - 3, "/..", 4) )) - { - Con_Printf("Unable to chmod\n"); - return; - } - for (mode = 0; *_mode; _mode++) - { - m = *_mode - '0'; - if (m > 7) - { - Con_Printf("Unable to chmod\n"); - return; - } - mode = (mode << 3) + m; - } - - if (chmod(filename, mode)) - Con_Printf("Unable to chmod %s\n", filename); - else - Con_Printf("Chmod %s successful\n", filename); -} -#endif //_WIN32 - -/*================== -SV_LocalCommand_f -Execute system command -==================*/ -//bliP: REMOVE ME REMOVE ME REMOVE ME REMOVE ME REMOVE ME -> -void SV_LocalCommand_f (void) -{ - int i, c; - char str[1024], *temp_file = "__output_temp_file__"; - - if ((c = Cmd_Argc()) < 2) - { - Con_Printf("localcommand [command]\n"); - return; - } - - str[0] = 0; - for (i = 1; i < c; i++) - { - strlcat (str, Cmd_Argv(i), sizeof(str)); - strlcat (str, " ", sizeof(str)); - } - strlcat (str, va("> %s 2>&1\n", temp_file), sizeof(str)); - - if (system(str) == -1) - Con_Printf("command failed\n"); - else - { - char buf[512]; - FILE *f; - if ((f = fopen(temp_file, "rt")) == NULL) - Con_Printf("(empty)\n"); - else - { - while (!feof(f)) - { - buf[fread (buf, 1, sizeof(buf) - 1, f)] = 0; - Con_Printf("%s", buf); - } - fclose(f); - if (Sys_remove(temp_file)) - Con_Printf("Unable to remove file %s\n", temp_file); - } - } - -} -//REMOVE ME REMOVE ME REMOVE ME REMOVE ME REMOVE ME /* ================== @@ -1144,30 +872,6 @@ char *SV_Resolve(char *addr) return addr; } -/* -================== -SV_Nslookup_f -================== -*/ -void SV_Nslookup_f (void) -{ - char *ip, *name; - - if (Cmd_Argc() != 2) - { - Con_Printf ("Usage: nslookup \n"); - return; - } - - ip = Cmd_Argv(1); - name = SV_Resolve(ip); - if (ip != name) - Con_Printf ("Name: %s\nAddress: %s\n", name, ip); - else - Con_Printf ("Couldn't resolve %s\n", ip); - -} - /* ================ SV_Status_f @@ -1828,7 +1532,6 @@ void SV_InitOperatorCommands (void) for (i = MIN_LOG; i < MAX_LOG; ++i) Cmd_AddCommand (logs[i].command, logs[i].function); - Cmd_AddCommand ("nslookup", SV_Nslookup_f); Cmd_AddCommand ("check_maps", SV_Check_maps_f); Cmd_AddCommand ("snap", SV_Snap_f); Cmd_AddCommand ("snapall", SV_SnapAll_f); @@ -1838,24 +1541,12 @@ void SV_InitOperatorCommands (void) Cmd_AddCommand ("status", SV_Status_f); Cmd_AddCommand ("sv_status", SV_Status_f); - //bliP: init -> - Cmd_AddCommand ("rmdir", SV_RemoveDirectory_f); - Cmd_AddCommand ("rm", SV_RemoveFile_f); - Cmd_AddCommand ("ls", SV_ListFiles_f); - Cmd_AddCommand ("mute", SV_Mute_f); Cmd_AddCommand ("cuff", SV_Cuff_f); Cmd_AddCommand ("penaltylist", SV_ListPenalty_f); Cmd_AddCommand ("penaltyremove", SV_RemovePenalty_f); -#ifndef _WIN32 - Cmd_AddCommand ("chmod", SV_ChmodFile_f); -#endif //_WIN32 - //<- - if (SV_CommandLineEnableLocalCommand()) - Cmd_AddCommand ("localcommand", SV_LocalCommand_f); - Cmd_AddCommand ("map", SV_Map_f); #ifdef SERVERONLY Cmd_AddCommand ("devmap", SV_Map_f); diff --git a/src/sv_main.c b/src/sv_main.c index 267256312..a8ada2882 100644 --- a/src/sv_main.c +++ b/src/sv_main.c @@ -1636,197 +1636,6 @@ void SV_Admin_f (void) } // <-- QW262 -/* -=============== -SVC_RemoteCommand - -A client issued an rcon command. -Shift down the remaining args -Redirect all printfs -=============== -*/ -static void SVC_RemoteCommand (char *remote_command) -{ - int i; - char str[1024]; - char plain[32]; - char *p; - unsigned char *hide; - client_t *cl; - qbool admin_cmd = false; - qbool do_cmd = false; - qbool bad_cmd = false; - qbool banned = false; - - - if (Rcon_Validate (remote_command, master_rcon_password)) - { - if (SV_FilterPacket()) //banned players can't use rcon, but we log it - banned = true; - else - do_cmd = true; - } - else if (Rcon_Validate (remote_command, rcon_password.string)) - { - admin_cmd = true; - if (SV_FilterPacket()) //banned players can't use rcon, but we log it - { - bad_cmd = true; - banned = true; - } - else - { - // - // the following line prevents exploits like: - // coop rm - // $coop . * - // which expands to: - // rm . * - - Cmd_ExpandString (remote_command, str); // check *expanded* command - - // - // since the execution parser is not case sensitive, we - // must check not only for chmod, but also CHMOD, ChmoD, etc. - // so we lowercase the whole temporary line before checking - - // VVD: strcmp => strcasecmp and we don't need to do this (yes?) - //for(i = 0; str[i]; i++) - // str[i] = (char)tolower(str[i]); - - Cmd_TokenizeString (str); // must check *all* tokens, because - // a command/var may not be the first - // token -- example: "" ls . - - // - // normal rcon can't use these commands - // - // NOTE: this would still be vulnerable to semicolons if - // they were still allowed, so keep that in mind before - // re-enabling them - - for (i = 2; i < Cmd_Argc(); i++) - { - const char *tstr = Cmd_Argv(i); - - if(!tstr[0]) // skip leading empty tokens - continue; - - if (!strcasecmp(tstr, "rm") || - !strcasecmp(tstr, "rmdir") || - !strcasecmp(tstr, "ls") || - !strcasecmp(tstr, "chmod") || - !strcasecmp(tstr, "sv_admininfo") || - !strcasecmp(tstr, "if") || - !strcasecmp(tstr, "localcommand") || - !strcasecmp(tstr, "sv_crypt_rcon") || - !strcasecmp(tstr, "sv_timestamplen") || - !strncasecmp(tstr, "log", 3) || - !strcasecmp(tstr, "sys_command_line") - ) - { - bad_cmd = true; - } - break; // stop after first non-empty token - } - - Cmd_TokenizeString (remote_command); // restore original tokens - } - do_cmd = !bad_cmd; - } - - //find player name if rcon came from someone on server - plain[0] = '\0'; - for (i = 0, cl = svs.clients; i < MAX_CLIENTS; i++, cl++) - { - if (cl->state == cs_free) - continue; -#ifdef USE_PR2 - if (cl->isBot) - continue; -#endif - if (!NET_CompareBaseAdr(net_from, cl->netchan.remote_address)) - continue; - if (cl->netchan.remote_address.port != net_from.port) - continue; - - strlcpy(plain, cl->name, sizeof(plain)); - Q_normalizetext(plain); - - // we found what we need - break; - } - - if (do_cmd) - { - if (!(int)sv_crypt_rcon.value) - { - hide = net_message.data + 9; - p = admin_cmd ? rcon_password.string : master_rcon_password; - while (*p) - { - p++; - *hide++ = '*'; - } - } - - if (plain[0]) - SV_Write_Log(RCON_LOG, 1, va("Rcon from %s (%s): %s\n", NET_AdrToString(net_from), plain, net_message.data + 4)); - else - SV_Write_Log(RCON_LOG, 1, va("Rcon from %s: %s\n", NET_AdrToString(net_from), net_message.data + 4)); - - Con_Printf("Rcon from %s:\n%s\n", NET_AdrToString(net_from), net_message.data + 4); - - SV_BeginRedirect(RD_PACKET); - - str[0] = '\0'; - for (i = 2; i < Cmd_Argc(); i++) - { - strlcat(str, Cmd_Argv(i), sizeof(str)); - strlcat(str, " ", sizeof(str)); - } - - Cmd_ExecuteString(str); - } - else - { - if (admin_cmd && !(int)sv_crypt_rcon.value) - { - hide = net_message.data + 9; - p = admin_cmd ? rcon_password.string : master_rcon_password; - while (*p) - { - p++; - *hide++ = '*'; - } - } - - Con_Printf ("Bad rcon from %s: %s\n", NET_AdrToString(net_from), net_message.data + 4); - - if (!banned) - { - if (plain[0]) - SV_Write_Log(RCON_LOG, 1, va("Bad rcon from %s (%s):\n%s\n", NET_AdrToString(net_from), plain, net_message.data + 4)); - else - SV_Write_Log(RCON_LOG, 1, va("Bad rcon from %s:\n%s\n", NET_AdrToString (net_from), net_message.data + 4)); - } - else - { - SV_Write_Log(RCON_LOG, 1, va("Rcon from banned IP: %s: %s\n", NET_AdrToString(net_from), net_message.data + 4)); - SV_SendBan(); - return; - } - - SV_BeginRedirect (RD_PACKET); - if (admin_cmd) - Con_Printf ("Command not valid.\n"); - else - Con_Printf ("Bad rcon_password.\n"); - } - SV_EndRedirect (); -} -//<- - static void SVC_IP(void) { int num; @@ -1894,8 +1703,6 @@ static void SV_ConnectionlessPacket (void) SVC_Status (); else if (!strcmp(c,"log")) SVC_Log (); - else if (!strcmp(c, "rcon")) - SVC_RemoteCommand (s); else if (!strcmp(c, "ip")) SVC_IP(); else if (!strcmp(c,"connect"))