Merge branch 'master' into control_fix

Author: Xenius97

[admin]/admin/conf/skins.xml

@@ -5,11 +5,11 @@
 	<group name="Special">
 		<skin model="1" name="Truth" />
 		<skin model="2" name="Maccer" />
-                <skin model="5" name="Big Bear(Large)"/>
-                <skin model="6" name="White Croupier"/>
-                <skin model="8" name="Cab Driver"/>
-                <skin model="42" name="Suzie"/>
-                <skin model="86" name="Tracksuit Girl (Pink)" />
+		<skin model="5" name="Big Bear(Large)" />
+		<skin model="6" name="White Croupier" />
+		<skin model="8" name="Cab Driver" />
+		<skin model="42" name="Suzie" />
+		<skin model="86" name="Tracksuit Girl (Pink)" />
 		<skin model="265" name="Tenpenny" />
 		<skin model="266" name="Pulaski" />
 		<skin model="267" name="Hern" />
@@ -171,8 +171,8 @@
 		<skin model="287" name="Army" />
 	</group>
 	<group name="Police">
-                <skin model="3" name="Deputy Officer"/>
-                <skin model="4" name="Sheriff"/>
+		<skin model="3" name="Deputy Officer" />
+		<skin model="4" name="Sheriff" />
 		<skin model="190" name="Barbara Schternvart" />
 		<skin model="246" name="Cop Stripper" />
 		<skin model="280" name="Cop 1" />
@@ -194,7 +194,6 @@
 		<skin model="88" name="Casual Old Lady" />
 		<skin model="89" name="Cleaning Lady" />
 		<skin model="103" name="Baller Jacket" />
-		<skin model="103" name="Baller Jacket" />
 		<skin model="105" name="Grove Sweater" />
 		<skin model="130" name="Native Ugly" />
 		<skin model="151" name="Melanie" />
@@ -214,7 +213,7 @@
 		<skin model="17" name="Black suit" />
 		<skin model="57" name="Chinese Businessman" />
 		<skin model="61" name="Pilot" />
-                <skin model="65" name="Air Traffic Controller (1)"/>
+		<skin model="65" name="Air Traffic Controller (1)" />
 		<skin model="76" name="Businesswoman 1" />
 		<skin model="141" name="Cute Librarian" />
 		<skin model="147" name="Sigmund Freud" />
@@ -229,8 +228,8 @@
 		<skin model="228" name="Japanese Businessman 3" />
 		<skin model="255" name="Limo Driver" />
 		<skin model="263" name="Asian Hostess" />
-		<skin model="273" name="Reporter"/>
-		<skin model="289" name="Air Traffic Controller (2)"/>
+		<skin model="273" name="Reporter" />
+		<skin model="289" name="Air Traffic Controller (2)" />
 	</group>
 	<group name="Fighters">
 		<skin model="49" name="Ninja Sensei" />
@@ -286,7 +285,7 @@
 		<skin model="29" name="White Dealer" />
 		<skin model="30" name="Religious Essey" />
 		<skin model="47" name="Top Button Essey" />
-                <skin model="48" name="Hippy Maley" />
+		<skin model="48" name="Hippy Maley" />
 		<skin model="67" name="Red Bandana" />
 		<skin model="143" name="Sam Jackson" />
 		<skin model="241" name="Afro Brother" />

[admin]/admin2/conf/skins.xml

@@ -8,6 +8,7 @@
 		<skin model="92" name="Rollergirl" />
 		<skin model="96" name="Soccer Player" />
 		<skin model="97" name="Baywatch Dude" />
+		<skin model="98" name="Worker Male" />
 		<skin model="138" name="Bikini Tattoo" />
 		<skin model="139" name="Yellow Bikini" />
 		<skin model="140" name="Buxom Bikini" />
@@ -240,6 +241,7 @@
 		<skin model="29" name="White Dealer" />
 		<skin model="30" name="Religious Essey" />
 		<skin model="47" name="Top Button Essey" />
+		<skin model="48" name="Hippy Maley" />
 		<skin model="67" name="Red Bandana" />
 		<skin model="143" name="Sam Jackson" />
 		<skin model="241" name="Afro Brother" />
@@ -266,6 +268,7 @@
 		<skin model="212" name="Tin Foil Hat" />
 		<skin model="213" name="Hobo Elvis" />
 		<skin model="230" name="Hooded Hobo" />
+		<skin model="239" name="Homeless Bob" />
 	</group>
 	<group name="Nightclubbers">
 		<skin model="43" name="Porn Producer" />

[admin]/security/events.lua

@@ -12,4 +12,26 @@ addEventHandler("onPlayerTriggerInvalidEvent", root, clientTriggersInvalidEvent)
 function clientTriggersEventThreshold()
 	logViolation(source, "Exceeded event trigger threshold of "..tostring(getServerConfigSetting("max_player_triggered_events_per_interval")));
 end
-addEventHandler("onPlayerTriggerEventThreshold", root, clientTriggersEventThreshold);
+addEventHandler("onPlayerTriggerEventThreshold", root, clientTriggersEventThreshold);
+
+
+
+-- https://wiki.multitheftauto.com/wiki/OnPlayerConnect
+-- we use onPlayerConnect event to check if the player got a valid username
+function clientConnectServer(strPlayerNick, strPlayerIP, strPlayerUsername, strPlayerSerial, iPlayerVersionNumber, strPlayerVersionString)
+	if(not isPlayerNameValid(strPlayerNick)) then
+		logAction("Client "..strPlayerNick.." with IP "..strPlayerIP.." and Serial "..strPlayerSerial.." tried to join with invalid nickname! Version: "..iPlayerVersionNumber.." | "..strPlayerVersionString);
+		cancelEvent(true, "INVALID NICKNAME!");
+		return;
+	end
+end
+addEventHandler("onPlayerConnect", root, clientConnectServer);
+
+
+
+-- https://wiki.multitheftauto.com/wiki/OnPlayerChangesWorldSpecialProperty
+-- gets triggered when client changes world special property
+function clientChangesWorldSpecialProperty(strProperty, bEnabled)
+	logViolation(source, "Changed world special property \""..strProperty.."\" to "..tostring(bEnabled));
+end
+addEventHandler("onPlayerChangesWorldSpecialProperty", root, clientChangesWorldSpecialProperty);

[admin]/security/meta.xml

@@ -1,8 +1,9 @@
 <meta>
 	<info name="Security" author="-ffs-PLASMA" type="misc" version="1.0" description="Basic security functionality" />
 
-	<min_mta_version server="1.6.0-9.22470" />
+	<min_mta_version server="1.6.0-9.22790" />
 
+	<script src="utils.lua" type="server"/>
 	<script src="logging.lua" type="server"/>
 	<script src="events.lua" type="server"/>
 	<script src="misc.lua" type="server"/>

[admin]/security/players.lua

@@ -1,3 +1,14 @@
+-- used to check how many explosion/projectile sync packets a client sends overtime
+local iExplosionCheckInterval 		= 3000;	-- the interval in ms to check for players sending too many explosion and projectile sync packets
+local tblPlayerProjectiles 			= {};	-- store players sending projectile sync packets
+local tblRegularExplosions 			= {};	-- store players sending regular explosion sync packets
+local tblVehicleExplosions 			= {};	-- store players sending vehicle explosion sync packets
+local iPlayerProjectileThreshold 	= 10;	-- the threshold when we consider client suspicious for projectile creations
+local iRegularExplosionThreshold 	= 10;	-- the threshold when we consider client suspicious for regular explosions
+local iVehicleExplosionThreshold 	= 10;	-- the threshold when we consider client suspicious for vehicle explosions
+
+
+
 -- add the elementdatas you want to protect from client updates in here
 local tblProtectedElementDatas = {["Score"] = true};
 
@@ -16,6 +27,18 @@ addEventHandler("onElementDataChange", root, clientChangesElementData);
 
 
 
+-- https://wiki.multitheftauto.com/wiki/OnPlayerChangesProtectedData
+-- gets triggered when a client tries to change protected element data
+-- see elementdata_whitelisted config https://wiki.multitheftauto.com/wiki/Server_mtaserver.conf#elementdata_whitelisted
+-- this needs to be setup in conjunction with your existing elementdatas to take necessary action!
+-- the key feature is to prevent the client from updating non synced server elementdatas if they know the key and attached element
+function clientChnagesProtectedData(uElement, strKey, unValue)
+	logViolation(source, "Tried to change protected elementdata for key "..tostring(strKey).." to value "..tostring(unValue).." for element "..tostring(uElement).." ("..getElementType(uElement)..")");
+end
+addEventHandler("onPlayerChangesProtectedData", root, clientChnagesProtectedData);
+
+
+
 -- https://wiki.multitheftauto.com/wiki/OnPlayerACInfo
 -- gets triggered when AC detects something for client on connect
 function clientNotifyACInfo(tblDetectedACList, iD3D9Size, strD3D9MD5, strD3D9SHA256)
@@ -55,4 +78,80 @@ function clientNetworkStatus(iStatus, iTicks)
 		logViolation(source, "Network interruption has stopped after "..iTicks.." ticks");
 	end
 end
-addEventHandler("onPlayerNetworkStatus", root, clientNetworkStatus);
+addEventHandler("onPlayerNetworkStatus", root, clientNetworkStatus);
+
+
+
+-- https://wiki.multitheftauto.com/wiki/OnPlayerProjectileCreation
+-- gets triggered when a player creates a projectile sync packets (eg. shoots a weapon, vehicle weapon or via createProjectile)
+function clientCreateProjectile(iWeaponType, fPX, fPY, fPZ, fForce, uTarget, fRX, fRY, fRZ, fVX, fVY, fVZ)
+	if(isElement(source)) then
+		if(tblPlayerProjectiles[source]) then
+			tblPlayerProjectiles[source] = tblPlayerProjectiles[source] + 1;
+		else
+			tblPlayerProjectiles[source] = 1;
+		end
+	end
+end
+addEventHandler("onPlayerProjectileCreation", root, clientCreateProjectile);
+
+
+
+-- https://wiki.multitheftauto.com/wiki/OnExplosion
+-- gets triggered when an explosion occurs, either via server script or client sync packet
+function clientCreateExplosion(fPX, fPY, fPZ, iType)
+	if(isElement(source)) then
+		if(getElementType(source) == "player") then
+			if(tblRegularExplosions[source]) then
+				tblRegularExplosions[source] = tblRegularExplosions[source] + 1;
+			else
+				tblRegularExplosions[source] = 1;
+			end
+		end
+	end
+end
+addEventHandler("onExplosion", root, clientCreateExplosion);
+
+
+
+-- https://wiki.multitheftauto.com/wiki/OnVehicleExplode
+-- gets triggered when a vehicle explodes, either via server script or client sync packet
+function clientCreateVehicleExplosion(bWithExplosion, uPlayer)
+	if(isElement(uPlayer)) then
+		if(tblVehicleExplosions[uPlayer]) then
+			tblVehicleExplosions[uPlayer] = tblVehicleExplosions[uPlayer] + 1;
+		else
+			tblVehicleExplosions[uPlayer] = 1;
+		end
+	end
+end
+addEventHandler("onVehicleExplode", root, clientCreateVehicleExplosion);
+
+
+
+-- setup a timer with specified interval above and check if any client sent too many sync packets in the given time
+-- thresholds need to be adjusted for your need and actions taken!
+setTimer(function()
+	for uPlayer, iCounter in pairs(tblPlayerProjectiles) do
+		if(iCounter >= iPlayerProjectileThreshold) then
+			logViolation(uPlayer, "Exceeded projectile threshold "..tostring(iPlayerProjectileThreshold).." - Count: "..tostring(iCounter));
+		end
+	end
+	
+	for uPlayer, iCounter in pairs(tblRegularExplosions) do
+		if(iCounter >= iRegularExplosionThreshold) then
+			logViolation(uPlayer, "Exceeded regular explosions threshold "..tostring(iRegularExplosionThreshold).." - Count: "..tostring(iCounter));
+		end
+	end
+	
+	for uPlayer, iCounter in pairs(tblVehicleExplosions) do
+		if(iCounter >= iVehicleExplosionThreshold) then
+			logViolation(uPlayer, "Exceeded vehicle explosions threshold "..tostring(iVehicleExplosionThreshold).." - Count: "..tostring(iCounter));
+		end
+	end
+	
+	tblPlayerProjectiles = {};
+	tblRegularExplosions = {};
+	tblVehicleExplosions = {};
+	
+end, iExplosionCheckInterval, 0);

[admin]/security/utils.lua

@@ -0,0 +1,16 @@
+-- checks if a player nickname is valid in terms of length and ascii chars
+function isPlayerNameValid(strPlayerName)
+	if(not strPlayerName) then return false end;
+	if(not tostring(strPlayerName)) then return false end;
+	if(#strPlayerName == 0) then return false end;
+	if(#strPlayerName > 22) then return false end;
+	
+	for i = 1, #strPlayerName do
+		local strChar = strPlayerName:sub(i, i);
+		local iCharByte = strChar:byte();
+		
+		if(iCharByte < 33 or iCharByte > 126) then return false end;
+	end
+
+	return true;
+end