fix: security fixes (#1974)

* fix: security fixes dont print passwords for worlds bound strings from clients actually enable encryption between rakpeers dont allow underflow when reading a string Tested that packets are encrypted tested that models can still be built tested that combat still works * add check * use c++ nullptr instead of NULL * initialize to 0 * globalize constant (should be in a namespace at least in the future) * Update GameMessages.cpp * check bounds
2026-06-02 21:04:20 +00:00 · 2026-05-17 12:21:22 -07:00
parent 67bbe4c1f0
commit f5d33a773a
13 changed files with 43 additions and 9 deletions
--- a/dNet/dServer.cpp
+++ b/dNet/dServer.cpp
@@ -215,6 +215,8 @@ bool dServer::Startup() {
 	mPeer = RakNetworkFactory::GetRakPeerInterface();

 	if (!mPeer) return false;
+
+	if (mUseEncryption) mPeer->InitializeSecurity(nullptr, nullptr, nullptr, nullptr);
 	if (!mPeer->Startup(mMaxConnections, 10, &mSocketDescriptor, 1)) return false;

 	if (mIsInternal) {
@@ -226,7 +228,6 @@ bool dServer::Startup() {
 	}

 	mPeer->SetMaximumIncomingConnections(mMaxConnections);
-	if (mUseEncryption) mPeer->InitializeSecurity(NULL, NULL, NULL, NULL);

 	return true;
 }