gmsv_gatekeeper - Lua controlled server authentication - Garry's Mod

Chris, you rock! Working great now. Thanks so much.

When will this be updated, Gmod racer won't be up until its updated since the last gmod update (112) D:

Actually, it also appears that the Drop method isn't doing anything. It doesn't error out, it just doesn't work. [lua]gatekeeper.Drop(9,'Test')[/lua] No output, and the player isn't dropped. This is the version that Chris just posted.

See below.

Awesome, working now. The password hook might be causing a segfault though. Let me double check it. [editline]10th February 2011[/editline] Returning true or false from the PlayerPasswordAuth hook works fine, but returning the table with the error string makes the server Segfault Retuning just a string segfaults as well

[QUOTE=mr.wolf;27980256]Awesome, working now. The password hook might be causing a segfault though. Let me double check it. [editline]10th February 2011[/editline] Returning true or false from the PlayerPasswordAuth hook works fine, but returning the table with the error string makes the server Segfault Retuning just a string segfaults as well[/QUOTE] I see the problem, hold on. [editline]11th February 2011[/editline] [url]http://dl.dropbox.com/u/7745323/gmsv_gatekeeper_f3.rar[/url]

Sweet, everything seems to be working this time. Tested gatekeeper.Drop, and the hook, and both function as they should. Thanks for all your help Chris. What was the problem?

[QUOTE=mr.wolf;27981526]Sweet, everything seems to be working this time. Tested gatekeeper.Drop, and the hook, and both function as they should. Thanks for all your help Chris. What was the problem?[/QUOTE] The offsets were broken by new functions. [editline]11th February 2011[/editline] The original problem was caused by a signature change in CBaseServer::RunFrame. I replaced signature scanning with sourcemod's symbol lookup function, so it shouldn't be a problem in the future.

-snip-

I'm having an issue with the hook If I return false in the hook, the server crashes. [lua]return {false, "Kicked. Test"}[/lua]

[QUOTE=Kazak1;29517522]I'm having an issue with the hook If I return false in the hook, the server crashes. [lua]return {false, "Kicked. Test"}[/lua][/QUOTE] Can we see the rest of the code.

With the new update PlayerPasswordAuth is sending in STEAM_ID_UNKNOWN every time, can someone take a look at it?

[QUOTE=Drew P. Richard;29655058]With the new update PlayerPasswordAuth is sending in STEAM_ID_UNKNOWN every time, can someone take a look at it?[/QUOTE] Confirmed. STEAM_ID_UNKNOWN @ every steamid.

[url]http://dl.dropbox.com/u/7745323/gmsv_gatekeeper_f5.zip[/url]

[QUOTE=Chrisaster;29656594][url]http://dl.dropbox.com/u/7745323/gmsv_gatekeeper_f5.zip[/url][/QUOTE] Great! Thanks alot!

Thanks for this.

[QUOTE=Jonzky;29656855]The file is down?[/QUOTE] Seems perfectly fine to me

[QUOTE=King Flawless;29656869]Seems perfectly fine to me[/QUOTE] Yes... He did edit his post.

You're my hero, thanks.

Argh, I was wrong. Now I get [quote] error loading module 'gatekeeper' from file 'c:\xxx\orangebo x\garrysmod\lua\includes\modules\gmsv_gatekeeper.dll': system error 14001 [/quote] at startup. -- NVM.

Tranquility: Authorizing STEAM_ID_UNKNOWN... Nate [<MYIPWASHERE>:27005] joined with steamID STEAM_ID_UNKNOWN. <MYIPWASHERE>:27005: password failed. Help please.

[QUOTE=nate1111;29917902]Tranquility: Authorizing STEAM_ID_UNKNOWN... Nate [<MYIPWASHERE>:27005] joined with steamID STEAM_ID_UNKNOWN. <MYIPWASHERE>:27005: password failed. Help please.[/QUOTE] [QUOTE=Chrisaster;29656594][url]http://dl.dropbox.com/u/7745323/gmsv_gatekeeper_f5.zip[/url][/QUOTE]

- snip -

-snip-

I have an attacker that is bypassing gatekeeper. Here's the code I have, and I checked afterwards to make sure the hook was still in place when he joined. [lua]require("gatekeeper") local bans = { "STEAM_0:1:17672340", "STEAM_0:1:38116330", "STEAM_0:1:5489988", } hook.Add("PlayerPasswordAuth", "inf_permbans" .. tostring(math.random(100000,999999)), function(name, pass, steam, ip) if table.HasValue(bans, steam) then if file.Exists("infbans.txt") then filex.Append("infbans.txt", "\n" .. steam .. " " .. ip .. " " .. name .. " " .. os.date("%m/%d/%y - %H:%M")) else file.Write("infbans.txt", "INFINITY GATEKEEPER PERM BANS\n" .. steam .. " " .. ip .. " " .. name .. " " .. os.date("%m/%d/%y - %H:%M")) end return {false, "Contact: [email]infinitywraith@gmail.com[/email]"} end end) timer.Create("inf_permbancheck" .. tostring(math.random(100000,999999)), 5, 0, function() for _,v in pairs(player.GetAll()) do if table.HasValue(bans, v:SteamID()) then gatekeeper.Drop(v:UserID(), "Contact: [email]infinitywraith@gmail.com[/email]") end end end)[/lua] He gets past the PasswordAuth check, but is caught by the timer checker. I have the F5 version of gatekeeper, and I have tested the script on myself, and it indeed stops me before I even join the server. [editline]5th June 2011[/editline] Sorry it appears that the player has overwritten _G.gatekeeper, player and other variables, I will try localizing them in my script and see how that goes.

When PlayerPasswordAuth is called the SteamID is not, can not, will not be validated, client is free to lie as much as they want at that point.

He's removing the hooks through an lua_run of some sort, disregard, I'll figure it out myself.

I find it unlikely he is removing a sever-side hook client-side, you just need to do a second check on spawn to see if they are banned.

[QUOTE=infinitywrai;30267286]He's removing the hooks through an lua_run of some sort, disregard, I'll figure it out myself.[/QUOTE] If you are sure he is doing that, he has access to your server.

[lua]if table.HasValue(bans, v:SteamID()) then[/lua] You can't check a players steamid before the server confirms its his.