Eradicated the CVAR_NQUSERINFOHACK flag, for good
[xonotic/darkplaces.git] / host_cmd.c
1 /*
2 Copyright (C) 1996-1997 Id Software, Inc.
3
4 This program is free software; you can redistribute it and/or
5 modify it under the terms of the GNU General Public License
6 as published by the Free Software Foundation; either version 2
7 of the License, or (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
12
13 See the GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
18
19 */
20
21 #include "quakedef.h"
22 #include "sv_demo.h"
23 #include "image.h"
24
25 #include "prvm_cmds.h"
26 #include "utf8lib.h"
27
28 // for secure rcon authentication
29 #include "hmac.h"
30 #include "mdfour.h"
31 #include <time.h>
32
33 extern cvar_t sv_adminnick;
34 extern cvar_t sv_status_privacy;
35 extern cvar_t sv_status_show_qcstatus;
36 extern cvar_t sv_namechangetimer;
37 cvar_t rcon_password = {CVAR_CLIENT | CVAR_SERVER | CVAR_PRIVATE, "rcon_password", "", "password to authenticate rcon commands; NOTE: changing rcon_secure clears rcon_password, so set rcon_secure always before rcon_password; may be set to a string of the form user1:pass1 user2:pass2 user3:pass3 to allow multiple user accounts - the client then has to specify ONE of these combinations"};
38 cvar_t rcon_secure = {CVAR_CLIENT | CVAR_SERVER, "rcon_secure", "0", "force secure rcon authentication (1 = time based, 2 = challenge based); NOTE: changing rcon_secure clears rcon_password, so set rcon_secure always before rcon_password"};
39 cvar_t rcon_secure_challengetimeout = {CVAR_CLIENT, "rcon_secure_challengetimeout", "5", "challenge-based secure rcon: time out requests if no challenge came within this time interval"};
40 cvar_t rcon_address = {CVAR_CLIENT, "rcon_address", "", "server address to send rcon commands to (when not connected to a server)"};
41 cvar_t name = {CVAR_CLIENT | CVAR_SAVE | CVAR_USERINFO, "name", "player", "change your player name"};
42 cvar_t topcolor = {CVAR_CLIENT | CVAR_SAVE | CVAR_USERINFO, "topcolor", "0", "change the color of your shirt"};
43 cvar_t bottomcolor = {CVAR_CLIENT | CVAR_SAVE | CVAR_USERINFO, "bottomcolor", "0", "change the color of your pants"};
44 cvar_t team = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "team", "none", "QW team (4 character limit, example: blue)"};
45 cvar_t skin = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "skin", "", "QW player skin name (example: base)"};
46 cvar_t playermodel = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "playermodel", "", "current player model in Nexuiz/Xonotic"};
47 cvar_t playerskin = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "playerskin", "", "current player skin in Nexuiz/Xonotic"};
48 cvar_t noaim = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "noaim", "1", "QW option to disable vertical autoaim"};
49 cvar_t pmodel = {CVAR_CLIENT | CVAR_USERINFO | CVAR_SAVE, "pmodel", "0", "current player model number in nehahra"};
50 cvar_t r_fixtrans_auto = {CVAR_CLIENT, "r_fixtrans_auto", "0", "automatically fixtrans textures (when set to 2, it also saves the fixed versions to a fixtrans directory)"};
51
52 //============================================================================
53
54 /*
55 ======================
56 SV_Name_f
57 ======================
58 */
59 static void SV_Name_f(cmd_state_t *cmd)
60 {
61         prvm_prog_t *prog = SVVM_prog;
62         int i, j;
63         qboolean valid_colors;
64         const char *newNameSource;
65         char newName[sizeof(host_client->name)];
66
67         if (Cmd_Argc (cmd) == 1)
68                 return;
69
70         if (Cmd_Argc (cmd) == 2)
71                 newNameSource = Cmd_Argv(cmd, 1);
72         else
73                 newNameSource = Cmd_Args(cmd);
74
75         strlcpy(newName, newNameSource, sizeof(newName));
76
77         if (cmd->source == src_command)
78                 return;
79
80         if (host.realtime < host_client->nametime && strcmp(newName, host_client->name))
81         {
82                 SV_ClientPrintf("You can't change name more than once every %.1f seconds!\n", max(0.0f, sv_namechangetimer.value));
83                 return;
84         }
85
86         host_client->nametime = host.realtime + max(0.0f, sv_namechangetimer.value);
87
88         // point the string back at updateclient->name to keep it safe
89         strlcpy (host_client->name, newName, sizeof (host_client->name));
90
91         for (i = 0, j = 0;host_client->name[i];i++)
92                 if (host_client->name[i] != '\r' && host_client->name[i] != '\n')
93                         host_client->name[j++] = host_client->name[i];
94         host_client->name[j] = 0;
95
96         if(host_client->name[0] == 1 || host_client->name[0] == 2)
97         // may interfere with chat area, and will needlessly beep; so let's add a ^7
98         {
99                 memmove(host_client->name + 2, host_client->name, sizeof(host_client->name) - 2);
100                 host_client->name[sizeof(host_client->name) - 1] = 0;
101                 host_client->name[0] = STRING_COLOR_TAG;
102                 host_client->name[1] = '0' + STRING_COLOR_DEFAULT;
103         }
104
105         u8_COM_StringLengthNoColors(host_client->name, 0, &valid_colors);
106         if(!valid_colors) // NOTE: this also proves the string is not empty, as "" is a valid colored string
107         {
108                 size_t l;
109                 l = strlen(host_client->name);
110                 if(l < sizeof(host_client->name) - 1)
111                 {
112                         // duplicate the color tag to escape it
113                         host_client->name[i] = STRING_COLOR_TAG;
114                         host_client->name[i+1] = 0;
115                         //Con_DPrintf("abuse detected, adding another trailing color tag\n");
116                 }
117                 else
118                 {
119                         // remove the last character to fix the color code
120                         host_client->name[l-1] = 0;
121                         //Con_DPrintf("abuse detected, removing a trailing color tag\n");
122                 }
123         }
124
125         // find the last color tag offset and decide if we need to add a reset tag
126         for (i = 0, j = -1;host_client->name[i];i++)
127         {
128                 if (host_client->name[i] == STRING_COLOR_TAG)
129                 {
130                         if (host_client->name[i+1] >= '0' && host_client->name[i+1] <= '9')
131                         {
132                                 j = i;
133                                 // if this happens to be a reset  tag then we don't need one
134                                 if (host_client->name[i+1] == '0' + STRING_COLOR_DEFAULT)
135                                         j = -1;
136                                 i++;
137                                 continue;
138                         }
139                         if (host_client->name[i+1] == STRING_COLOR_RGB_TAG_CHAR && isxdigit(host_client->name[i+2]) && isxdigit(host_client->name[i+3]) && isxdigit(host_client->name[i+4]))
140                         {
141                                 j = i;
142                                 i += 4;
143                                 continue;
144                         }
145                         if (host_client->name[i+1] == STRING_COLOR_TAG)
146                         {
147                                 i++;
148                                 continue;
149                         }
150                 }
151         }
152         // does not end in the default color string, so add it
153         if (j >= 0 && strlen(host_client->name) < sizeof(host_client->name) - 2)
154                 memcpy(host_client->name + strlen(host_client->name), STRING_COLOR_DEFAULT_STR, strlen(STRING_COLOR_DEFAULT_STR) + 1);
155
156         PRVM_serveredictstring(host_client->edict, netname) = PRVM_SetEngineString(prog, host_client->name);
157         if (strcmp(host_client->old_name, host_client->name))
158         {
159                 if (host_client->begun)
160                         SV_BroadcastPrintf("%s ^7changed name to %s\n", host_client->old_name, host_client->name);
161                 strlcpy(host_client->old_name, host_client->name, sizeof(host_client->old_name));
162                 // send notification to all clients
163                 MSG_WriteByte (&sv.reliable_datagram, svc_updatename);
164                 MSG_WriteByte (&sv.reliable_datagram, host_client - svs.clients);
165                 MSG_WriteString (&sv.reliable_datagram, host_client->name);
166                 SV_WriteNetnameIntoDemo(host_client);
167         }
168 }
169
170 /*
171 ======================
172 CL_Playermodel_f
173 ======================
174 */
175 // the old cl_playermodel in cl_main has been renamed to __cl_playermodel
176 static void CL_Playermodel_f(cmd_state_t *cmd)
177 {
178         prvm_prog_t *prog = SVVM_prog;
179         int i, j;
180         char newPath[sizeof(host_client->playermodel)];
181
182         if (Cmd_Argc (cmd) == 1)
183         {
184                 if (cmd->source == src_command)
185                 {
186                         Con_Printf("\"playermodel\" is \"%s\"\n", playermodel.string);
187                 }
188                 return;
189         }
190
191         if (Cmd_Argc (cmd) == 2)
192                 strlcpy (newPath, Cmd_Argv(cmd, 1), sizeof (newPath));
193         else
194                 strlcpy (newPath, Cmd_Args(cmd), sizeof (newPath));
195
196         for (i = 0, j = 0;newPath[i];i++)
197                 if (newPath[i] != '\r' && newPath[i] != '\n')
198                         newPath[j++] = newPath[i];
199         newPath[j] = 0;
200
201         if (cmd->source == src_command)
202         {
203                 Cvar_Set (&cvars_all, "_cl_playermodel", newPath);
204                 return;
205         }
206
207         /*
208         if (host.realtime < host_client->nametime)
209         {
210                 SV_ClientPrintf("You can't change playermodel more than once every 5 seconds!\n");
211                 return;
212         }
213
214         host_client->nametime = host.realtime + 5;
215         */
216
217         // point the string back at updateclient->name to keep it safe
218         strlcpy (host_client->playermodel, newPath, sizeof (host_client->playermodel));
219         PRVM_serveredictstring(host_client->edict, playermodel) = PRVM_SetEngineString(prog, host_client->playermodel);
220         if (strcmp(host_client->old_model, host_client->playermodel))
221         {
222                 strlcpy(host_client->old_model, host_client->playermodel, sizeof(host_client->old_model));
223                 /*// send notification to all clients
224                 MSG_WriteByte (&sv.reliable_datagram, svc_updatepmodel);
225                 MSG_WriteByte (&sv.reliable_datagram, host_client - svs.clients);
226                 MSG_WriteString (&sv.reliable_datagram, host_client->playermodel);*/
227         }
228 }
229
230 /*
231 ======================
232 CL_Playerskin_f
233 ======================
234 */
235 static void CL_Playerskin_f(cmd_state_t *cmd)
236 {
237         prvm_prog_t *prog = SVVM_prog;
238         int i, j;
239         char newPath[sizeof(host_client->playerskin)];
240
241         if (Cmd_Argc (cmd) == 1)
242         {
243                 if (cmd->source == src_command)
244                 {
245                         Con_Printf("\"playerskin\" is \"%s\"\n", playerskin.string);
246                 }
247                 return;
248         }
249
250         if (Cmd_Argc (cmd) == 2)
251                 strlcpy (newPath, Cmd_Argv(cmd, 1), sizeof (newPath));
252         else
253                 strlcpy (newPath, Cmd_Args(cmd), sizeof (newPath));
254
255         for (i = 0, j = 0;newPath[i];i++)
256                 if (newPath[i] != '\r' && newPath[i] != '\n')
257                         newPath[j++] = newPath[i];
258         newPath[j] = 0;
259
260         if (cmd->source == src_command)
261         {
262                 Cvar_Set (&cvars_all, "_cl_playerskin", newPath);
263                 return;
264         }
265
266         /*
267         if (host.realtime < host_client->nametime)
268         {
269                 SV_ClientPrintf("You can't change playermodel more than once every 5 seconds!\n");
270                 return;
271         }
272
273         host_client->nametime = host.realtime + 5;
274         */
275
276         // point the string back at updateclient->name to keep it safe
277         strlcpy (host_client->playerskin, newPath, sizeof (host_client->playerskin));
278         PRVM_serveredictstring(host_client->edict, playerskin) = PRVM_SetEngineString(prog, host_client->playerskin);
279         if (strcmp(host_client->old_skin, host_client->playerskin))
280         {
281                 //if (host_client->begun)
282                 //      SV_BroadcastPrintf("%s changed skin to %s\n", host_client->name, host_client->playerskin);
283                 strlcpy(host_client->old_skin, host_client->playerskin, sizeof(host_client->old_skin));
284                 /*// send notification to all clients
285                 MSG_WriteByte (&sv.reliable_datagram, svc_updatepskin);
286                 MSG_WriteByte (&sv.reliable_datagram, host_client - svs.clients);
287                 MSG_WriteString (&sv.reliable_datagram, host_client->playerskin);*/
288         }
289 }
290
291 /*
292 ==================
293 CL_Color_f
294 ==================
295 */
296 cvar_t cl_color = {CVAR_READONLY | CVAR_CLIENT | CVAR_SAVE, "_cl_color", "0", "internal storage cvar for current player colors (changed by color command)"};
297 static void CL_Color(cmd_state_t *cmd, int changetop, int changebottom)
298 {
299         /*
300          * This is just a convenient way to change topcolor and bottomcolor
301          * We can't change cl_color from here directly because topcolor and
302          * bottomcolor may be changed separately and do not call this function.
303          * So it has to be changed when the userinfo strings are updated, which
304          * happens twice here. Perhaps find a cleaner way?
305          */
306
307         prvm_prog_t *prog = SVVM_prog;
308         int top, bottom, playercolor;
309
310         // get top and bottom either from the provided values or the current values
311         // (allows changing only top or bottom, or both at once)
312         top = changetop >= 0 ? changetop : (topcolor.integer);
313         bottom = changebottom >= 0 ? changebottom : bottomcolor.integer;
314
315         top &= 15;
316         bottom &= 15;
317         // LadyHavoc: allowing skin colormaps 14 and 15 by commenting this out
318         //if (top > 13)
319         //      top = 13;
320         //if (bottom > 13)
321         //      bottom = 13;
322
323         playercolor = top*16 + bottom;
324
325         if (cmd->source == src_command)
326         {
327                 Cvar_SetValueQuick(&topcolor, top);
328                 Cvar_SetValueQuick(&bottomcolor, bottom);
329                 return;
330         }
331
332         if (cls.protocol == PROTOCOL_QUAKEWORLD)
333                 return;
334
335         if (host_client->edict && PRVM_serverfunction(SV_ChangeTeam))
336         {
337                 Con_DPrint("Calling SV_ChangeTeam\n");
338                 prog->globals.fp[OFS_PARM0] = playercolor;
339                 PRVM_serverglobalfloat(time) = sv.time;
340                 PRVM_serverglobaledict(self) = PRVM_EDICT_TO_PROG(host_client->edict);
341                 prog->ExecuteProgram(prog, PRVM_serverfunction(SV_ChangeTeam), "QC function SV_ChangeTeam is missing");
342         }
343         else
344         {
345                 if (host_client->edict)
346                 {
347                         PRVM_serveredictfloat(host_client->edict, clientcolors) = playercolor;
348                         PRVM_serveredictfloat(host_client->edict, team) = bottom + 1;
349                 }
350                 host_client->colors = playercolor;
351                 if (host_client->old_colors != host_client->colors)
352                 {
353                         host_client->old_colors = host_client->colors;
354                         // send notification to all clients
355                         MSG_WriteByte (&sv.reliable_datagram, svc_updatecolors);
356                         MSG_WriteByte (&sv.reliable_datagram, host_client - svs.clients);
357                         MSG_WriteByte (&sv.reliable_datagram, host_client->colors);
358                 }
359         }
360 }
361
362 // Ignore the callbacks so this two-to-three way synchronization doesn't cause an infinite loop.
363 static void CL_Color_c(char *string)
364 {
365         char vabuf[1024];
366         
367         Cvar_Set_NoCallback(&topcolor, va(vabuf, sizeof(vabuf), "%i", ((atoi(string) >> 4) & 15)));
368         Cvar_Set_NoCallback(&bottomcolor, va(vabuf, sizeof(vabuf), "%i", (atoi(string) & 15)));
369 }
370
371 static void CL_Topcolor_c(char *string)
372 {
373         char vabuf[1024];
374         
375         Cvar_Set_NoCallback(&cl_color, va(vabuf, sizeof(vabuf), "%i", atoi(string)*16 + bottomcolor.integer));
376 }
377
378 static void CL_Bottomcolor_c(char *string)
379 {
380         char vabuf[1024];
381
382         Cvar_Set_NoCallback(&cl_color, va(vabuf, sizeof(vabuf), "%i", topcolor.integer*16 + atoi(string)));
383 }
384
385 static void CL_Color_f(cmd_state_t *cmd)
386 {
387         int             top, bottom;
388
389         if (Cmd_Argc(cmd) == 1)
390         {
391                 if (cmd->source == src_command)
392                 {
393                         Con_Printf("\"color\" is \"%i %i\"\n", topcolor.integer, bottomcolor.integer);
394                         Con_Print("color <0-15> [0-15]\n");
395                 }
396                 return;
397         }
398
399         if (Cmd_Argc(cmd) == 2)
400                 top = bottom = atoi(Cmd_Argv(cmd, 1));
401         else
402         {
403                 top = atoi(Cmd_Argv(cmd, 1));
404                 bottom = atoi(Cmd_Argv(cmd, 2));
405         }
406         CL_Color(cmd, top, bottom);
407 }
408
409 cvar_t rate = {CVAR_CLIENT | CVAR_SAVE | CVAR_USERINFO, "rate", "20000", "change your connection speed"};
410 cvar_t rate_burstsize = {CVAR_CLIENT | CVAR_SAVE | CVAR_USERINFO, "rate_burstsize", "1024", "internal storage cvar for current rate control burst size (changed by rate_burstsize command)"};
411 static void SV_Rate_f(cmd_state_t *cmd)
412 {
413         int rate;
414
415         rate = atoi(Cmd_Argv(cmd, 1));
416
417         if (cmd->source == src_command)
418                 return;
419
420         host_client->rate = rate;
421 }
422
423 static void SV_Rate_BurstSize_f(cmd_state_t *cmd)
424 {
425         int rate_burstsize;
426
427         if (Cmd_Argc(cmd) != 2)
428                 return;
429
430         rate_burstsize = atoi(Cmd_Argv(cmd, 1));
431
432         host_client->rate_burstsize = rate_burstsize;
433 }
434
435 /*
436 ======================
437 CL_PModel_f
438 LadyHavoc: only supported for Nehahra, I personally think this is dumb, but Mindcrime won't listen.
439 LadyHavoc: correction, Mindcrime will be removing pmodel in the future, but it's still stuck here for compatibility.
440 ======================
441 */
442 static void CL_PModel_f(cmd_state_t *cmd)
443 {
444         prvm_prog_t *prog = SVVM_prog;
445         int i;
446
447         if (Cmd_Argc (cmd) == 1)
448         {
449                 if (cmd->source == src_command)
450                 {
451                         Con_Printf("\"pmodel\" is \"%s\"\n", pmodel.string);
452                 }
453                 return;
454         }
455         i = atoi(Cmd_Argv(cmd, 1));
456
457         if (cmd->source == src_command)
458         {
459                 if (pmodel.integer == i)
460                         return;
461                 Cvar_SetValue (&cvars_all, "_cl_pmodel", i);
462                 if (cls.state == ca_connected)
463                         Cmd_ForwardToServer_f(cmd);
464                 return;
465         }
466
467         PRVM_serveredictfloat(host_client->edict, pmodel) = i;
468 }
469
470 //===========================================================================
471
472 //===========================================================================
473
474 static void CL_SendCvar_f(cmd_state_t *cmd)
475 {
476         int             i;
477         cvar_t  *c;
478         const char *cvarname;
479         client_t *old;
480         char vabuf[1024];
481
482         if(Cmd_Argc(cmd) != 2)
483                 return;
484         cvarname = Cmd_Argv(cmd, 1);
485         if (cls.state == ca_connected)
486         {
487                 c = Cvar_FindVar(&cvars_all, cvarname, CVAR_CLIENT | CVAR_SERVER);
488                 // LadyHavoc: if there is no such cvar or if it is private, send a
489                 // reply indicating that it has no value
490                 if(!c || (c->flags & CVAR_PRIVATE))
491                         Cmd_ForwardStringToServer(va(vabuf, sizeof(vabuf), "sentcvar %s", cvarname));
492                 else
493                         Cmd_ForwardStringToServer(va(vabuf, sizeof(vabuf), "sentcvar %s \"%s\"", c->name, c->string));
494                 return;
495         }
496         if(!sv.active)// || !PRVM_serverfunction(SV_ParseClientCommand))
497                 return;
498
499         old = host_client;
500         if (cls.state != ca_dedicated)
501                 i = 1;
502         else
503                 i = 0;
504         for(;i<svs.maxclients;i++)
505                 if(svs.clients[i].active && svs.clients[i].netconnection)
506                 {
507                         host_client = &svs.clients[i];
508                         SV_ClientCommands("sendcvar %s\n", cvarname);
509                 }
510         host_client = old;
511 }
512
513 /*
514 =====================
515 CL_PQRcon_f
516
517 ProQuake rcon support
518 =====================
519 */
520 static void CL_PQRcon_f(cmd_state_t *cmd)
521 {
522         int n;
523         const char *e;
524         lhnetsocket_t *mysocket;
525
526         if (Cmd_Argc(cmd) == 1)
527         {
528                 Con_Printf("%s: Usage: %s command\n", Cmd_Argv(cmd, 0), Cmd_Argv(cmd, 0));
529                 return;
530         }
531
532         if (!rcon_password.string || !rcon_password.string[0] || rcon_secure.integer > 0)
533         {
534                 Con_Printf ("You must set rcon_password before issuing an pqrcon command, and rcon_secure must be 0.\n");
535                 return;
536         }
537
538         e = strchr(rcon_password.string, ' ');
539         n = e ? e-rcon_password.string : (int)strlen(rcon_password.string);
540
541         if (cls.netcon)
542                 cls.rcon_address = cls.netcon->peeraddress;
543         else
544         {
545                 if (!rcon_address.string[0])
546                 {
547                         Con_Printf ("You must either be connected, or set the rcon_address cvar to issue rcon commands\n");
548                         return;
549                 }
550                 LHNETADDRESS_FromString(&cls.rcon_address, rcon_address.string, sv_netport.integer);
551         }
552         mysocket = NetConn_ChooseClientSocketForAddress(&cls.rcon_address);
553         if (mysocket)
554         {
555                 sizebuf_t buf;
556                 unsigned char bufdata[64];
557                 buf.data = bufdata;
558                 SZ_Clear(&buf);
559                 MSG_WriteLong(&buf, 0);
560                 MSG_WriteByte(&buf, CCREQ_RCON);
561                 SZ_Write(&buf, (const unsigned char*)rcon_password.string, n);
562                 MSG_WriteByte(&buf, 0); // terminate the (possibly partial) string
563                 MSG_WriteString(&buf, Cmd_Args(cmd));
564                 StoreBigLong(buf.data, NETFLAG_CTL | (buf.cursize & NETFLAG_LENGTH_MASK));
565                 NetConn_Write(mysocket, buf.data, buf.cursize, &cls.rcon_address);
566                 SZ_Clear(&buf);
567         }
568 }
569
570 //=============================================================================
571
572 // QuakeWorld commands
573
574 /*
575 =====================
576 CL_Rcon_f
577
578   Send the rest of the command line over as
579   an unconnected command.
580 =====================
581 */
582 static void CL_Rcon_f(cmd_state_t *cmd) // credit: taken from QuakeWorld
583 {
584         int i, n;
585         const char *e;
586         lhnetsocket_t *mysocket;
587
588         if (Cmd_Argc(cmd) == 1)
589         {
590                 Con_Printf("%s: Usage: %s command\n", Cmd_Argv(cmd, 0), Cmd_Argv(cmd, 0));
591                 return;
592         }
593
594         if (!rcon_password.string || !rcon_password.string[0])
595         {
596                 Con_Printf ("You must set rcon_password before issuing an rcon command.\n");
597                 return;
598         }
599
600         e = strchr(rcon_password.string, ' ');
601         n = e ? e-rcon_password.string : (int)strlen(rcon_password.string);
602
603         if (cls.netcon)
604                 cls.rcon_address = cls.netcon->peeraddress;
605         else
606         {
607                 if (!rcon_address.string[0])
608                 {
609                         Con_Printf ("You must either be connected, or set the rcon_address cvar to issue rcon commands\n");
610                         return;
611                 }
612                 LHNETADDRESS_FromString(&cls.rcon_address, rcon_address.string, sv_netport.integer);
613         }
614         mysocket = NetConn_ChooseClientSocketForAddress(&cls.rcon_address);
615         if (mysocket && Cmd_Args(cmd)[0])
616         {
617                 // simply put together the rcon packet and send it
618                 if(Cmd_Argv(cmd, 0)[0] == 's' || rcon_secure.integer > 1)
619                 {
620                         if(cls.rcon_commands[cls.rcon_ringpos][0])
621                         {
622                                 char s[128];
623                                 LHNETADDRESS_ToString(&cls.rcon_addresses[cls.rcon_ringpos], s, sizeof(s), true);
624                                 Con_Printf("rcon to %s (for command %s) failed: too many buffered commands (possibly increase MAX_RCONS)\n", s, cls.rcon_commands[cls.rcon_ringpos]);
625                                 cls.rcon_commands[cls.rcon_ringpos][0] = 0;
626                                 --cls.rcon_trying;
627                         }
628                         for (i = 0;i < MAX_RCONS;i++)
629                                 if(cls.rcon_commands[i][0])
630                                         if (!LHNETADDRESS_Compare(&cls.rcon_address, &cls.rcon_addresses[i]))
631                                                 break;
632                         ++cls.rcon_trying;
633                         if(i >= MAX_RCONS)
634                                 NetConn_WriteString(mysocket, "\377\377\377\377getchallenge", &cls.rcon_address); // otherwise we'll request the challenge later
635                         strlcpy(cls.rcon_commands[cls.rcon_ringpos], Cmd_Args(cmd), sizeof(cls.rcon_commands[cls.rcon_ringpos]));
636                         cls.rcon_addresses[cls.rcon_ringpos] = cls.rcon_address;
637                         cls.rcon_timeout[cls.rcon_ringpos] = host.realtime + rcon_secure_challengetimeout.value;
638                         cls.rcon_ringpos = (cls.rcon_ringpos + 1) % MAX_RCONS;
639                 }
640                 else if(rcon_secure.integer > 0)
641                 {
642                         char buf[1500];
643                         char argbuf[1500];
644                         dpsnprintf(argbuf, sizeof(argbuf), "%ld.%06d %s", (long) time(NULL), (int) (rand() % 1000000), Cmd_Args(cmd));
645                         memcpy(buf, "\377\377\377\377srcon HMAC-MD4 TIME ", 24);
646                         if(HMAC_MDFOUR_16BYTES((unsigned char *) (buf + 24), (unsigned char *) argbuf, (int)strlen(argbuf), (unsigned char *) rcon_password.string, n))
647                         {
648                                 buf[40] = ' ';
649                                 strlcpy(buf + 41, argbuf, sizeof(buf) - 41);
650                                 NetConn_Write(mysocket, buf, 41 + (int)strlen(buf + 41), &cls.rcon_address);
651                         }
652                 }
653                 else
654                 {
655                         char buf[1500];
656                         memcpy(buf, "\377\377\377\377", 4);
657                         dpsnprintf(buf+4, sizeof(buf)-4, "rcon %.*s %s",  n, rcon_password.string, Cmd_Args(cmd));
658                         NetConn_WriteString(mysocket, buf, &cls.rcon_address);
659                 }
660         }
661 }
662
663 static void CL_RCon_ClearPassword_c(char *string)
664 {
665         // whenever rcon_secure is changed to 0, clear rcon_password for
666         // security reasons (prevents a send-rcon-password-as-plaintext
667         // attack based on NQ protocol session takeover and svc_stufftext)
668         if(atoi(string) <= 0)
669                 Cvar_SetQuick(&rcon_password, "");
670 }
671
672 /*
673 ==================
674 CL_FullServerinfo_f
675
676 Sent by server when serverinfo changes
677 ==================
678 */
679 // TODO: shouldn't this be a cvar instead?
680 static void CL_FullServerinfo_f(cmd_state_t *cmd) // credit: taken from QuakeWorld
681 {
682         char temp[512];
683         if (Cmd_Argc(cmd) != 2)
684         {
685                 Con_Printf ("usage: fullserverinfo <complete info string>\n");
686                 return;
687         }
688
689         strlcpy (cl.qw_serverinfo, Cmd_Argv(cmd, 1), sizeof(cl.qw_serverinfo));
690         InfoString_GetValue(cl.qw_serverinfo, "teamplay", temp, sizeof(temp));
691         cl.qw_teamplay = atoi(temp);
692 }
693
694 /*
695 ==================
696 CL_FullInfo_f
697
698 Allow clients to change userinfo
699 ==================
700 Casey was here :)
701 */
702 static void CL_FullInfo_f(cmd_state_t *cmd) // credit: taken from QuakeWorld
703 {
704         char key[512];
705         char value[512];
706         const char *s;
707
708         if (Cmd_Argc(cmd) != 2)
709         {
710                 Con_Printf ("fullinfo <complete info string>\n");
711                 return;
712         }
713
714         s = Cmd_Argv(cmd, 1);
715         if (*s == '\\')
716                 s++;
717         while (*s)
718         {
719                 size_t len = strcspn(s, "\\");
720                 if (len >= sizeof(key)) {
721                         len = sizeof(key) - 1;
722                 }
723                 strlcpy(key, s, len + 1);
724                 s += len;
725                 if (!*s)
726                 {
727                         Con_Printf ("MISSING VALUE\n");
728                         return;
729                 }
730                 ++s; // Skip over backslash.
731
732                 len = strcspn(s, "\\");
733                 if (len >= sizeof(value)) {
734                         len = sizeof(value) - 1;
735                 }
736                 strlcpy(value, s, len + 1);
737
738                 CL_SetInfo(key, value, false, false, false, false);
739
740                 s += len;
741                 if (!*s)
742                 {
743                         break;
744                 }
745                 ++s; // Skip over backslash.
746         }
747 }
748
749 /*
750 ==================
751 CL_SetInfo_f
752
753 Allow clients to change userinfo
754 ==================
755 */
756 static void CL_SetInfo_f(cmd_state_t *cmd) // credit: taken from QuakeWorld
757 {
758         if (Cmd_Argc(cmd) == 1)
759         {
760                 InfoString_Print(cls.userinfo);
761                 return;
762         }
763         if (Cmd_Argc(cmd) != 3)
764         {
765                 Con_Printf ("usage: setinfo [ <key> <value> ]\n");
766                 return;
767         }
768         CL_SetInfo(Cmd_Argv(cmd, 1), Cmd_Argv(cmd, 2), true, false, false, false);
769 }
770
771 /*
772 ====================
773 CL_Packet_f
774
775 packet <destination> <contents>
776
777 Contents allows \n escape character
778 ====================
779 */
780 static void CL_Packet_f(cmd_state_t *cmd) // credit: taken from QuakeWorld
781 {
782         char send[2048];
783         int i, l;
784         const char *in;
785         char *out;
786         lhnetaddress_t address;
787         lhnetsocket_t *mysocket;
788
789         if (Cmd_Argc(cmd) != 3)
790         {
791                 Con_Printf ("packet <destination> <contents>\n");
792                 return;
793         }
794
795         if (!LHNETADDRESS_FromString (&address, Cmd_Argv(cmd, 1), sv_netport.integer))
796         {
797                 Con_Printf ("Bad address\n");
798                 return;
799         }
800
801         in = Cmd_Argv(cmd, 2);
802         out = send+4;
803         send[0] = send[1] = send[2] = send[3] = -1;
804
805         l = (int)strlen (in);
806         for (i=0 ; i<l ; i++)
807         {
808                 if (out >= send + sizeof(send) - 1)
809                         break;
810                 if (in[i] == '\\' && in[i+1] == 'n')
811                 {
812                         *out++ = '\n';
813                         i++;
814                 }
815                 else if (in[i] == '\\' && in[i+1] == '0')
816                 {
817                         *out++ = '\0';
818                         i++;
819                 }
820                 else if (in[i] == '\\' && in[i+1] == 't')
821                 {
822                         *out++ = '\t';
823                         i++;
824                 }
825                 else if (in[i] == '\\' && in[i+1] == 'r')
826                 {
827                         *out++ = '\r';
828                         i++;
829                 }
830                 else if (in[i] == '\\' && in[i+1] == '"')
831                 {
832                         *out++ = '\"';
833                         i++;
834                 }
835                 else
836                         *out++ = in[i];
837         }
838
839         mysocket = NetConn_ChooseClientSocketForAddress(&address);
840         if (!mysocket)
841                 mysocket = NetConn_ChooseServerSocketForAddress(&address);
842         if (mysocket)
843                 NetConn_Write(mysocket, send, out - send, &address);
844 }
845
846 static void CL_PingPLReport_f(cmd_state_t *cmd)
847 {
848         char *errbyte;
849         int i;
850         int l = Cmd_Argc(cmd);
851         if (l > cl.maxclients)
852                 l = cl.maxclients;
853         for (i = 0;i < l;i++)
854         {
855                 cl.scores[i].qw_ping = atoi(Cmd_Argv(cmd, 1+i*2));
856                 cl.scores[i].qw_packetloss = strtol(Cmd_Argv(cmd, 1+i*2+1), &errbyte, 0);
857                 if(errbyte && *errbyte == ',')
858                         cl.scores[i].qw_movementloss = atoi(errbyte + 1);
859                 else
860                         cl.scores[i].qw_movementloss = 0;
861         }
862 }
863
864 //=============================================================================
865
866 /*
867 ==================
868 Host_InitCommands
869 ==================
870 */
871 void Host_InitCommands (void)
872 {
873         dpsnprintf(cls.userinfo, sizeof(cls.userinfo), "\\name\\player\\team\\none\\topcolor\\0\\bottomcolor\\0\\rate\\10000\\msg\\1\\noaim\\1\\*ver\\dp");
874
875         Cvar_RegisterVariable(&name);
876         Cvar_RegisterAlias(&name, "_cl_name");
877         Cvar_RegisterVariable(&cl_color);
878         Cvar_RegisterCallback(&cl_color, CL_Color_c);
879         Cvar_RegisterVariable(&topcolor);
880         Cvar_RegisterCallback(&topcolor, CL_Topcolor_c);
881         Cvar_RegisterVariable(&bottomcolor);
882         Cvar_RegisterCallback(&bottomcolor, CL_Bottomcolor_c);
883         Cvar_RegisterVariable(&rate);
884         Cvar_RegisterAlias(&rate, "_cl_rate");
885         Cvar_RegisterVariable(&rate_burstsize);
886         Cvar_RegisterAlias(&rate_burstsize, "_cl_rate_burstsize");
887         Cvar_RegisterVariable(&pmodel);
888         Cvar_RegisterAlias(&pmodel, "_cl_pmodel");
889         Cvar_RegisterVariable(&playermodel);
890         Cvar_RegisterAlias(&playermodel, "_cl_playermodel");
891         Cvar_RegisterVariable(&playerskin);
892         Cvar_RegisterAlias(&playerskin, "_cl_playerskin");
893         Cvar_RegisterVariable(&rcon_password);
894         Cvar_RegisterVariable(&rcon_address);
895         Cvar_RegisterVariable(&rcon_secure);
896         Cvar_RegisterCallback(&rcon_secure, CL_RCon_ClearPassword_c);
897         Cvar_RegisterVariable(&rcon_secure_challengetimeout);
898         Cvar_RegisterVariable(&r_fixtrans_auto);
899         Cvar_RegisterVariable(&team);
900         Cvar_RegisterVariable(&skin);
901         Cvar_RegisterVariable(&noaim);
902
903         Cmd_AddCommand(CMD_USERINFO, "name", SV_Name_f, "change your player name");
904         Cmd_AddCommand(CMD_CLIENT, "color", CL_Color_f, "change your player shirt and pants colors");
905         Cmd_AddCommand(CMD_USERINFO, "color", CL_Color_f, "change your player shirt and pants colors");
906         Cmd_AddCommand(CMD_USERINFO, "rate", SV_Rate_f, "change your network connection speed");
907         Cmd_AddCommand(CMD_USERINFO, "rate_burstsize", SV_Rate_BurstSize_f, "change your network connection speed");
908         Cmd_AddCommand(CMD_USERINFO, "pmodel", CL_PModel_f, "(Nehahra-only) change your player model choice");
909         Cmd_AddCommand(CMD_USERINFO, "playermodel", CL_Playermodel_f, "change your player model");
910         Cmd_AddCommand(CMD_USERINFO, "playerskin", CL_Playerskin_f, "change your player skin number");
911
912         Cmd_AddCommand(CMD_CLIENT, "sendcvar", CL_SendCvar_f, "sends the value of a cvar to the server as a sentcvar command, for use by QuakeC");
913         Cmd_AddCommand(CMD_CLIENT, "rcon", CL_Rcon_f, "sends a command to the server console (if your rcon_password matches the server's rcon_password), or to the address specified by rcon_address when not connected (again rcon_password must match the server's); note: if rcon_secure is set, client and server clocks must be synced e.g. via NTP");
914         Cmd_AddCommand(CMD_CLIENT, "srcon", CL_Rcon_f, "sends a command to the server console (if your rcon_password matches the server's rcon_password), or to the address specified by rcon_address when not connected (again rcon_password must match the server's); this always works as if rcon_secure is set; note: client and server clocks must be synced e.g. via NTP");
915         Cmd_AddCommand(CMD_CLIENT, "pqrcon", CL_PQRcon_f, "sends a command to a proquake server console (if your rcon_password matches the server's rcon_password), or to the address specified by rcon_address when not connected (again rcon_password must match the server's)");
916         Cmd_AddCommand(CMD_CLIENT, "fullinfo", CL_FullInfo_f, "allows client to modify their userinfo");
917         Cmd_AddCommand(CMD_CLIENT, "setinfo", CL_SetInfo_f, "modifies your userinfo");
918         Cmd_AddCommand(CMD_CLIENT, "packet", CL_Packet_f, "send a packet to the specified address:port containing a text string");
919         Cmd_AddCommand(CMD_CLIENT, "fixtrans", Image_FixTransparentPixels_f, "change alpha-zero pixels in an image file to sensible values, and write out a new TGA (warning: SLOW)");
920
921         // commands that are only sent by server to client for execution
922         Cmd_AddCommand(CMD_CLIENT_FROM_SERVER, "pingplreport", CL_PingPLReport_f, "command sent by server containing client ping and packet loss values for scoreboard, triggered by pings command from client (not used by QW servers)");
923         Cmd_AddCommand(CMD_CLIENT_FROM_SERVER, "fullserverinfo", CL_FullServerinfo_f, "internal use only, sent by server to client to update client's local copy of serverinfo string");
924 }
925
926 void Host_NoOperation_f(cmd_state_t *cmd)
927 {
928 }