fInternal basically acted as a reverse "evil bit" as in RFC 3514: when
set, the engine would not do any checks on the script contained in the
control packet, nor log the script (visibly in game; the packet log
would of course contain the packet). A malicious game client thus would
be able to inject arbitrary script without people (immediately) noticing
anything was amiss.
As of this patch, only the host is able to execute arbitrary scripts,
and those will be shown in the message board for all players to see.
This privilege can be irrevocably disabled in network games by any
client by using the "/nodebug" message board command.
Closes#936.
Actions changed include dropping definitions, (de-)selecting objects,
player elimination. This removes some more pre-assembled C4Script code
going across the network unchecked.
Part of #936.
While fInternal-flagged script controls may be useful for debuggers to
evaluate watch expressions because they don't get shown ingame, they
also bypass all checks the engine does and as such are a nightmare in
network play.
Part of #936.
Instead of sending pre-composed C4Script code across the network, make
player self-management (surrendering, team changes etc.) send a
dedicated control packet. This means less network traffic, and also a
smaller attack vector for malicions C4Script injection.
Part of #936.
MsgBoard commands used to be evaluated on the issuing client. Malicious
clients would be able to insert arbitrary C4Script code to be executed
instead of the scenario-defined command; other clients would not be able
to tell the difference.
Instead, we now only send the command identifier, issuing player and
command parameter. This is still not perfect because clients can
insert any player they want, but it's better than before.
Part of #936.
Useful for spell combos, where one spell combo might end the same way another combo starts.
Also corrected docs for OverrideAssignments (it's just a flag; not a trigger mode).
When people write obj->FindObject(Find_Distance(10)), they expect the
engine to use the distance from obj instead of the distance from the
current object (or from 0,0 if called from outside of object context).
Making the engine handle coordinate offseting at calls to FindObject
(and similar functions) instead of having the C4FO wrappers do it solves
this problem.
Compatibility impact: Code that creates their own criteria structure
instead of using the provided Find_* functions will have to be adapted
if they use any of the location-based criteria.
Before, the marker would be reset in every frame, but object markers and main counter weren't reset consistently at the same time. This could cause some objects to be not found if their markers were set after the object marker reset but before the main marker counter reset.
Fixes a bug with loading the shader file from scenario local Graphics.ocg on network clients. I think I also heard a few more sounds after the fix, so maybe they used random access into child groups too.
The LandscapeRender Init() proc loads graphics from the main graphics group, which is already closed when a section is loaded. So just keep the renderer around on landscape recreation now.
Sven Eberhardt