[wesnoth-commits] [wesnoth/wesnoth] f2c06f: wesnothd: Initial support for checking forum bans ...

Sun May 6 08:26:10 UTC 2018

  Branch: refs/heads/master
  Home:   https://github.com/wesnoth/wesnoth
  Commit: f2c06f0a4e0d82a8e2a78d4ad25c91c09a6c2b63
      https://github.com/wesnoth/wesnoth/commit/f2c06f0a4e0d82a8e2a78d4ad25c91c09a6c2b63
  Author: Iris Morelle <shadowm at wesnoth.org>
  Date:   2018-05-06 (Sun, 06 May 2018)

  Changed paths:
    M src/multiplayer_error_codes.hpp
    M src/server/forum_user_handler.cpp
    M src/server/forum_user_handler.hpp
    M src/server/mysql_prepared_statement.ipp
    M src/server/sample_user_handler.cpp
    M src/server/sample_user_handler.hpp
    M src/server/server.cpp
    M src/server/user_handler.hpp

  Log Message:
  -----------
  wesnothd: Initial support for checking forum bans during login

This adds a user_is_banned() method to the user_handler classes that
returns whether a given username (and optionally IP address) is banned
by the user_handler platform. Obviously right now this is only intended
to work with forum_user_handler and phpBB.

Forum bans are checked against entries in the banlist table using
username (actually user id), IP address, and email address where
applicable. A user matching a ban on any of those three items will not
be permitted into the server *unless* they have the moderator flag set.
It might be worth making an exception for board founders as well,
although that is probably orthogonal to this patchset.

Right now there are a few missing items:

 * The server sends clients an error that allows them to try again with
   a different username/password combination immediately. Nothing stops
   them from causing noise in the server logs this way, so we probably
   need to ensure this counts as an authentication failure for the
   purpose of temporarily and automatically banning the IP address.

 * The user handler doesn't allow retrieving details about the ban, so
   all that the main server code can do is report back to the client as
   their nickname being banned, when this is not necessarily the case
   (email or IP address bans). I need to figure out a better API for
   retrieving this info.

 * Likewise, the server does not log the specifics about the matched ban
   yet unless the mp_user_handler log domain is set to the info log
   level.

 * There's no i18n support on the client side for the error message sent
   by the server -- which is going to change anyway.

 * Testing this patch uncovered an issue with the MP client not
   displaying messages sent during the login sequence, including the mod
   authentication notice.

  Commit: 749e684f03982fe268ab15074f28d701d0e55f18
      https://github.com/wesnoth/wesnoth/commit/749e684f03982fe268ab15074f28d701d0e55f18
  Author: Iris Morelle <shadowm at wesnoth.org>
  Date:   2018-05-06 (Sun, 06 May 2018)

  Changed paths:
    M src/multiplayer_error_codes.hpp
    M src/server/forum_user_handler.cpp
    M src/server/forum_user_handler.hpp
    M src/server/sample_user_handler.cpp
    M src/server/sample_user_handler.hpp
    M src/server/server.cpp
    M src/server/user_handler.hpp

  Log Message:
  -----------
  wesnothd: Report different user_handler ban types

This enables reporting back to the client the specific type of ban that
affects the account. This information is already normally provided by
phpBB when trying to view a page while banned, so we are not leaking any
new information here.

There isn't an API to retrieve the (user-visible) ban reason from the
ban list yet. It's probably not worth worrying about it since affected
users can see it when navigating to forums.wesnoth.org anyway.

  Commit: d48c84236c17adca9421fe15d0d0666f1c2b96cb
      https://github.com/wesnoth/wesnoth/commit/d48c84236c17adca9421fe15d0d0666f1c2b96cb
  Author: Iris Morelle <shadowm at wesnoth.org>
  Date:   2018-05-06 (Sun, 06 May 2018)

  Changed paths:
    M src/server/forum_user_handler.cpp

  Log Message:
  -----------
  wesnothd/fuh: Check IP address bans before everything else

There isn't much point in doing more expensive ban look ups first.

(Also, yes, I am aware that as it is there's still two SELECT queries
that could be coalesced into a single one -- namely, the ones for the
user_email and user_id columns.)

  Commit: 80d6dbbaf94e17658a9bf05a28846d227e5d3259
      https://github.com/wesnoth/wesnoth/commit/80d6dbbaf94e17658a9bf05a28846d227e5d3259
  Author: Iris Morelle <shadowm at wesnoth.org>
  Date:   2018-05-06 (Sun, 06 May 2018)

  Changed paths:
    M src/game_initialization/multiplayer.cpp

  Log Message:
  -----------
  mp: Add client-side localization support for user_handler bans

  Commit: c0f160b35150d1893b77da43de3279dfe54fc10c
      https://github.com/wesnoth/wesnoth/commit/c0f160b35150d1893b77da43de3279dfe54fc10c
  Author: Iris Morelle <shadowm at wesnoth.org>
  Date:   2018-05-06 (Sun, 06 May 2018)

  Changed paths:
    M src/server/forum_user_handler.cpp

  Log Message:
  -----------
  fuh: Add NOTE on the status of glob bans

[ci skip]

Compare: https://github.com/wesnoth/wesnoth/compare/851b28e24bfe...c0f160b35150
      **NOTE:** This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/

      Functionality will be removed from GitHub.com on January 31st, 2019.