Secure lobby authentication - prevent joins as a different player
Reviewed by: Dunedan, elexis, Itms
Fixes #3549
Differential Revision: https://code.wildfiregames.com/D897
Secure lobby authentication - prevent joins as a different player
Description
Details
Event Timeline
Comment Actions The 3 lobby hosts and svn testers disabled the feature because they don't want to lose the ability to replace players. It can't be so difficult to set the secure-auth flag with a boolean from the options dialog.
Comment Actions The configuration entry and the options UI entry proposed were meant to be used for players that play with the vanilla 0ad code. Thus only But there is a mod that exploits this authentication being optional by implementing an impersonation-join UI feature, disabling all five of the mentioned preconditions of arguably legitimate use. Under these circumstances, it seems better to remove the config option.
Comment Actions Since this commit delayed the OnAuthenticate call which called DeduplicatePlayerName call, it should be this commit that broke the duplicateplayernames config setting. (I could not manage to verify this experimentally within 3 minutes.) If one sets that value to true when hosting a lobbied game, all players will join with foo (2) in the gamesetup and won't be able to rejoin after a disconnect! Comment Actions Hmm, bad thing.
|