fixed compat with reunion2015 version

authdata->steamId should be always hash of full ticket

.github/workflows/build.yml

@@ -41,15 +41,14 @@ jobs:
           move msvc\${{ env.buildRelease }}\reunion_mm.dll publish\bin\Windows\reunion_mm.dll
 
       - name: Deploy artifacts
-        uses: actions/upload-artifact@v3.1.1
+        uses: actions/upload-artifact@v4
         with:
           name: win32
           path: publish/*
 
   linux:
     name: 'Linux'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
-    container: s1lentq/linux86buildtools:latest
     outputs:
       app-version: ${{ steps.app-version.outputs.version }}
 
@@ -59,9 +58,15 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Build using Intel C++ Compiler 19.0
+      - name: Check dependencies
         run: |
-          rm -rf build && CC=icc CXX=icpc cmake -B build && cmake --build build -j8
+          sudo dpkg --add-architecture i386
+          sudo apt-get update
+          sudo apt-get install -y gcc-multilib g++-multilib
+
+      - name: Build
+        run: |
+          rm -rf build && CC=gcc CXX=g++ cmake -B build && cmake --build build -j8
 
       - name: Reading appversion.h
         id: app-version
@@ -98,7 +103,7 @@ jobs:
         shell: bash
 
       - name: Deploy artifacts
-        uses: actions/upload-artifact@v3.1.1
+        uses: actions/upload-artifact@v4
         id: upload-job
         with:
           name: linux32
@@ -111,12 +116,12 @@ jobs:
 
     steps:
       - name: Deploying linux artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: linux32
 
       - name: Deploying windows artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: win32
 
@@ -126,7 +131,7 @@ jobs:
           7z a -tzip reunion-${{ needs.linux.outputs.app-version }}.zip .
 
       - name: Publish artifacts
-        uses: actions/upload-artifact@v3.1.1
+        uses: actions/upload-artifact@v4
         with:
           name: reunion-${{ needs.linux.outputs.app-version }}
           path: |

CHANGELOG.md

@@ -0,0 +1,132 @@
+# [ReUnion](https://github.com/rehlds/reUnion) Changelog
+
+---
+
+## [`0.2.0.13`](https://github.com/rehlds/ReUnion/releases/tag/0.2.0.13) - 2024-06-30
+
+### Added
+- Added `reunion2018` prefixes for SteamID as an authkey type for compatibility with dev version of Reunion `AuthVersion >= 3`
+
+### Fixed
+* Fixed collisions of `SteamIDs` with `AuthVersion >= 3`, due to truncation of authkey to 31 chars (Thanks for report, Alexs)
+* Fixed collisions of `SteamIDs` issued to non-unique serial numbers `0000_0000_0000_0000_0000_0100_0000_0000`
+  (for clients with bad `HDDsn`, SteamID will be based on VALVE_ by IP)
+
+> [!WARNING]
+> CONFIG UPDATED
+
+**Full Changelog**: [0.2.0.6...0.2.0.13](https://github.com/rehlds/ReUnion/compare/0.2.0.6...0.2.0.13)
+
+## [`0.2.0.6`](https://github.com/rehlds/ReUnion/releases/tag/0.2.0.6) - 2014-06-21
+
+### Added
+- Added game tags using CVar `sv_tags`.
+- Added new option `IDClientsLimit` for sets max number of clients from single steamid (Useful for debugging with multiple instances clients).
+
+### Fixed
+- Fixed `*sid` from userinfo.
+- Fixed can't connect to game server when server is paused.
+
+> [!WARNING]
+> CONFIG UPDATED
+> DO NOT UPDATE `.SO` WITHOUT CONFIG UPDATE
+
+> [!CAUTION]
+> IN THIS VERSION THE LENGTH OF `SteamIdHashSalt` MUST EXCEED `31` CHARACTERS
+
+**Full Changelog**: [0.2.0.6](https://github.com/rehlds/ReUnion/compare/legacy-archive...0.2.0.6)
+
+---
+
+# Legacy Beta-releases
+
+## [`0.1.0.137`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2023-01-20
+
+### Changed
+- Major refactoring of `QueryLimiter`
+
+## [`0.1.0.135`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2019-10-26
+
+### Changed
+- `API` expanded.
+
+### Added
+- Added IP Whitelist for `QueryLimiterExceptIP` setting.
+
+## [`0.1.0.133`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-11-05
+
+### Changed
+- Improved protection against attacks. Requires latest `ReHlds`.
+
+### Fixed
+- Fixed buggy client freeze fix not working.
+
+## [`0.1.0.130`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-11-05
+
+### Fixed
+- Fixed display of avatars
+
+## [`0.1.0.129`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-11-05
+
+### Fixed
+- Fixed a bug in processing `query requests` (thx `BombermaG`). Most likely it has nothing to do with the `TAB problem`, but just in case.
+
+## [`0.1.0.127`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-11-05
+
+### Fixed
+- Fixed beta errors.
+
+### Added
+- Now it runs HLTV and can separately filter requests from several ports of one IP (the number is specified in the config).
+
+> [!WARNING]
+> Don't forget to install hash salt.
+
+## [`0.1.0.125`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-11-05
+
+### Added
+- Backported old `API` support.
+
+## [`0.1.0.123`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-11-05
+
+### Added
+- New auth
+
+## [`0.1.0.113`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-11-04
+
+### Fixed
+- Fixed bug with sending empty list of players when `QueryFloodBanTime` = `0` (thanks to `HUNTERsp4x`). Those who don't have `0` can stay on `112`.
+
+## [`0.1.0.112`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-11-04
+
+### Changed
+- Some code refactoring
+
+## [`0.1.0.92d`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2021-01-04
+
+### Added
+- Added config option QueryFloodBanLevel
+
+### Fixed
+- Fixed SmartSteamEmu authorization on linux servers
+
+## [`0.1.0.92c`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2019-10-26
+
+### Added
+- Added some security checks.
+
+### Changed
+- Extended `API`.
+
+## [`0.1.0.92`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-02-11
+
+### Added
+- Added `EnableQueryLimiter` option
+
+### Changed
+- `QueryFloodBanTime` can be set to 0 to block flood without ban
+
+## [`0.1.0.89`](https://github.com/rehlds/ReUnion/releases/tag/legacy-archive) - 2018-01-07
+
+### Fixed
+- `Hotfix`: Requires `ReHLDS API` not lower than `3.4.X.X`.

README.md

@@ -1,33 +1,34 @@
-# Reunion [![C/C++ CI](https://github.com/s1lentq/reunion/actions/workflows/build.yml/badge.svg)](https://github.com/s1lentq/reunion/actions/workflows/build.yml) [![GitHub release (by tag)](https://img.shields.io/github/downloads/s1lentq/reunion/latest/total)](https://github.com/s1lentq/reunion/releases/latest) ![GitHub all releases](https://img.shields.io/github/downloads/s1lentq/reunion/total) [![Percentage of issues still open](http://isitmaintained.com/badge/open/s1lentq/reunion.svg)](http://isitmaintained.com/project/s1lentq/reunion "Percentage of issues still open") [![License: GPL v3](https://img.shields.io/badge/License-GPL%20v3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)
+# ReUnion [![C/C++ CI](https://github.com/rehlds/ReUnion/actions/workflows/build.yml/badge.svg)](https://github.com/rehlds/ReUnion/actions/workflows/build.yml) [![GitHub release (by tag)](https://img.shields.io/github/downloads/rehlds/ReUnion/latest/total)](https://github.com/rehlds/ReUnion/releases/latest) ![GitHub all releases](https://img.shields.io/github/downloads/rehlds/ReUnion/total) [![Percentage of issues still open](http://isitmaintained.com/badge/open/rehlds/reunion.svg)](http://isitmaintained.com/project/rehlds/reunion "Percentage of issues still open") [![GitHub license](https://img.shields.io/github/license/rehlds/reunion.svg?longCache=true&style=flat-square)](https://github.com/rehlds/ReUnion/blob/master/LICENSE) [![GitHub issues](https://img.shields.io/github/issues/rehlds/reunion.svg?longCache=true&style=flat-square)](https://github.com/rehlds/ReUnion/issues) [![GitHub forks](https://img.shields.io/github/forks/rehlds/reunion.svg?longCache=true&style=flat-square)](https://github.com/rehlds/ReUnion/network) [![GitHub stars](https://img.shields.io/github/stars/rehlds/reunion.svg?longCache=true&style=flat-square)](https://github.com/rehlds/ReUnion/stargazers)
 
-Metamod plugin that allows protocol 47 and 48 no-steam clients to connect to ReHLDS servers.<br/>
+
+Metamod plugin that allows protocol 47 and 48 non-steam clients to connect to ReHLDS servers.<br/>
 Reunion is a continuation of the DProto project adapted for ReHLDS.<br/>
 
 You can try playing on one of many servers that are using Reunion: [Game Tracker](http://www.gametracker.com/search/?search_by=server_variable&search_by2=reu_version)
 
 ## Downloads
-* [Release builds](https://github.com/s1lentq/reunion/releases)
+* [Release builds](https://github.com/rehlds/ReUnion/releases)
-* [Dev builds](https://github.com/s1lentq/reunion/actions/workflows/build.yml)
+* [Dev builds](https://github.com/rehlds/ReUnion/actions/workflows/build.yml)
 
 ## Environment requirement
-* ReHLDS API >= 3.10
+* ReHLDS API >= `3.10`
 
 ## Installation
 
 <details>
 <summary>Click to expand</summary>
 
-1. Go to `<gamedir>/addons/` and make new directory named reunion<br/>
+1. Go to `<gamedir>/addons/` and make new directory named `reunion`<br/>
-`<gamedir>` - its a game directory; cstrike for Counter-Strike, valve for Half-Life, etc
+`<gamedir>` - its a game directory (cstrike for Counter-Strike, valve for Half-Life, etc)
 
-2. Copy `reunion_mm.dll` or `reunion_mm_i386.so` to <gamedir>/addons/reunion/
+2. Copy `reunion_mm.dll` or `reunion_mm_i386.so` to `<gamedir>/addons/reunion/`
 
-3. Go to metamod installation directory (usually its <gamedir>/addons/metamod/) and edit plugins.ini:<br/>
+3. Go to metamod installation directory (usually its `<gamedir>/addons/metamod/`) and edit `plugins.ini`:<br/>
-add this line for windows<br/>
+add this line at the beginning of the file<br/>
+for windows<br/>
 `win32 addons\reunion\reunion_mm.dll`<br/>
-or this for linux<br/>
+for linux<br/>
 `linux addons/reunion/reunion_mm_i386.so`<br/>
-at the beginning of the file<br/>
 
 4. Copy `reunion.cfg` to server root or gamedir.
 
@@ -41,23 +42,25 @@ at the beginning of the file<br/>
 ```
 6. Ready to use
 
-If reunion doesn't work, meta list says this:
+If reunion doesn't work, meta list says this:<br/>
+```
 Currently loaded plugins:
       description      stat pend  file              vers      src   load  unlod
  [ 1] Reunion          fail load  reunion_mm_i386.  v0.1.65   ini   Start Never
-
+```
-Start server with `-console +log on +mp_logecho 1` parameters and look through console output. You'll find the reason there.
+Start server with `-console +log on +mp_logecho 1` parameters and look through console output.<br/>
+You'll find the reason there.
 </details>
 
 ## FAQ
 <details>
 <summary>Click to expand</summary>
 
-* `Q` I configured SteamIdHashSalt as well as in the dproto, but players get a different steamids. Why?<br/>
+* `Q` I configured `SteamIdHashSalt` as well as in the dproto, but players get a different steamids. Why?<br/>
-  `A` Reunion uses an another hashing algorythm with improved security. Knowing of someones's steamid before enabling SteamIdHashSalt doesn't help to get same id after hashing.
+  `A` Reunion uses an another hashing algorythm with improved security. Knowing of someones's steamid before enabling `SteamIdHashSalt` doesn't help to get same id after hashing.
 
 * `Q` Is it possible to do something against steamid changers?<br/>
-  `A` No, idchangers generates a correct authorization tickets and it's impossible on serverside identify that steamid was changed. You can only set a SteamIdHashSalt option to prevent a substitution to specific steamid of another player.
+  `A` No, idchangers generates a correct authorization tickets and it's impossible on serverside identify that steamid was changed. You can only set a `SteamIdHashSalt` option to prevent a substitution to specific steamid of another player.
 
 * `Q` Why some server monitorings can't receive the players list from server?<br/>
   `A` They use an incorrect query format and must be rewritten using latest <a href="https://github.com/xPaw/PHP-Source-Query">PHP-Source-Query</a> script or equivalent.
@@ -65,7 +68,7 @@ Start server with `-console +log on +mp_logecho 1` parameters and look through c
 * `Q` In dproto was option Game_Name, but in reunion it has not. How to change the game name?<br/>
   `A` Use plugin.
 
-* `Q` Why has SmartSteamEmu3 support been removed?<br/>
+* `Q` Why has `SmartSteamEmu3` support been removed?<br/>
   `A` To open-source the Reunion project, we had to remove some sensitive components.<br/>
    This includes the `SmartSteamEmu3` emulator's authorization code.
    Removing it won't significantly affect server online activity since this emulator is rare among non-steam clients.
@@ -140,7 +143,7 @@ Select the preferred C/C++ Compiler installation
 
 ### Credits
 * [@Crock](https://github.com/theCrock), [@Lev](https://github.com/LevShisterov), and other people such as [@PRoSToTeM@](https://github.com/WPMGPRoSToTeMa) who participated or helped with the development of [DProto](https://cs.rin.ru/forum/viewtopic.php?f=29&t=55986)
-* [@theAsmodai](https://github.com/theAsmodai) for contributions as Reunion project former maintainer
+* [@Asmodai](https://github.com/theAsmodai) for contributions as Reunion project former maintainer
 * [@dreamstalker](https://github.com/dreamstalker) for the rehlds project, as well as the contributors involved in this project
 * [@NordicWarrior](https://github.com/Nord1cWarr1or) for testing and feedback
 * [@kazakh758](https://github.com/kazakh758) for testing a fix of issue related to the client hanging on connect

reunion/dist/reunion.cfg

@@ -90,7 +90,11 @@ AuthVersion = 3
 
 # SteamIdHashSalt (string)
 # Salt string for SteamIDs hashing. Irreversibly changes SteamIDs. Prevents SteamID stealing.
-# Should be more than 31 chars length. If string is empty, hashing is not applied (AuthVersion < 3) or Reunion init will be failed (AuthVersion >= 3).
+# Should be more than or equal to 16 chars length.
+# AuthVersion <  3: If string is empty, hashing is not applied
+# AuthVersion >= 3: If string is empty, init will be failed
+# Recommended length is 32 chars or more
+# Specify 0 to explicitly disable hashing (not recommended)
 SteamIdHashSalt =
 
 # SC2009_RevCompatMode (0 / 1)
@@ -173,11 +177,6 @@ Setti_Prefix1 = 5;
 # first prefix (a) for authids assigned for sXeI clients
 SXEI_Prefix1 = 6;
 
-# SSE3_Prefix1 (int)
-# STEAM_a:b:c
-# first prefix (a) for authids assigned for SSE3
-SSE3_Prefix1 = 7;
-
 # Note that banid will use steamid WITHOUT any prefixes!
 
 

reunion/src/client_auth.cpp

@@ -64,7 +64,7 @@ void SaltSteamId(authdata_t* authdata) {
 	if (g_ReunionConfig->getAuthVersion() < av_reunion2018)
 		szbuf.WriteLong(authdata->steamId);
 	if (g_ReunionConfig->getAuthVersion() > av_dproto)
-		szbuf.Write(authdata->authKey, authdata->authKeyLen);
+		szbuf.Write(authdata->authKey, Reunion_AuthKeyMaxLen(authdata));
 
 	szbuf.Write(g_ReunionConfig->getSteamIdSalt(), g_ReunionConfig->getSteamIdSaltLen());
 
@@ -97,6 +97,7 @@ uint64_t SteamByIp(uint32_t ip)
 bool Reunion_FinishClientAuth(CReunionPlayer* reunionPlr, USERID_t* userid, client_auth_context_t* ctx)
 {
 	client_auth_kind authkind;
+	client_id_kind idkind = CI_UNKNOWN;
 
 	if (!ctx->authentificatedInSteam) {
 		// native auth failed, try authorize by emulators
@@ -125,6 +126,10 @@ bool Reunion_FinishClientAuth(CReunionPlayer* reunionPlr, USERID_t* userid, clie
 				authkind = CA_STEAM_PENDING;
 			}
 			else {
+				// check for bad authkey
+				if (!IsValidHddsnNumber(authdata.authKey, authdata.authKeyLen))
+					idkind = CI_VALVE_BY_IP;
+
 				// salt steamid
 				if (g_ReunionConfig->getSteamIdSaltLen()) {
 					SaltSteamId(&authdata);
@@ -162,7 +167,9 @@ bool Reunion_FinishClientAuth(CReunionPlayer* reunionPlr, USERID_t* userid, clie
 	}
 
 	// add prefix
-	client_id_kind idkind = g_ReunionConfig->getIdGenOptions(authkind)->id_kind;
+	if (idkind == CI_UNKNOWN)
+		idkind = g_ReunionConfig->getIdGenOptions(authkind)->id_kind;
+
 	switch (idkind) {
 	// check for deprecation
 	case CI_DEPRECATED:
@@ -249,11 +256,9 @@ void SV_ConnectClient_hook(IRehldsHook_SV_ConnectClient* chain) {
 	}
 #endif
 
-	client_auth_context_t ctx;
-
-	if (!g_ISteamGameServer)
 	g_ISteamGameServer = g_RehldsApi->GetServerData()->GetSteamGameServer();
 
+	client_auth_context_t ctx;
 	g_CurrentAuthContext = &ctx;
 	chain->callNext();
 	g_CurrentAuthContext = nullptr;

reunion/src/query_limiter.cpp

@@ -8,6 +8,7 @@ CQueryLimiter::CQueryLimiter()
 	m_uniqueQueries = 0;
 	m_useGlobalRateLimit = false;
 	m_lastAdded = -1;
+	m_lastFloodLog = 0;
 	memset(m_lastQueries, 0, sizeof m_lastQueries);
 
 	if ((MAX_STORED_QUERIES & (MAX_STORED_QUERIES - 1)) != 0)

reunion/src/reunion_authorizers.cpp

@@ -37,35 +37,45 @@ int g_NumClientAuthorizers = 0;
 const char *g_RevEmuCryptKey = "_YOU_SERIOUSLY_NEED_TO_GET_LAID_";
 const uint32_t g_SteamEmuHashKey = 0xC9710266;
 
-static uint32_t revHash(const char* str)
+static uint32_t revHash(const char* str, int n = -1)
 {
 	uint32_t hash = 0x4E67C6A7;
 
-	for (int cc = *str; cc; cc = *++str) {
+	for (int cc = *str; cc && n != 0; cc = *++str, --n) {
 		hash ^= (hash >> 2) + cc + 32 * hash;
 	}
 
 	return hash;
 }
 
-void RevEmuFinishAuthorization(authdata_t* authdata, const char* authStr, bool stripSpecialChars)
+// deprecated auth version reunion2015 has a truncated ticket buffer
+size_t Reunion_AuthKeyMaxLen(authdata_t* authdata)
+{
+	const uint32_t MAX_RAWAUTHDATA_TRUNCATED = 16;
+	uint32_t authKeyMaxLen = (g_ReunionConfig->getAuthVersion() == av_reunion2015)
+		? min(authdata->authKeyLen, MAX_RAWAUTHDATA_TRUNCATED) : authdata->authKeyLen;
+
+	return authKeyMaxLen;
+}
+
+void RevEmuFinishAuthorization(authdata_t* authdata, const char* authStr, size_t authKeyMaxLen, bool stripSpecialChars)
 {
-	size_t authKeyMaxLen = g_ReunionConfig->getAuthVersion() >= av_reunion2018 ? MAX_AUTHKEY_LEN : MAX_AUTHKEY_LEN_OLD;
 	uint32_t volumeId;
 	char hddsn[256];
 
-	bool authVolumeId = false;
 	if (IsHddsnNumber(authStr)) {
 		authdata->authKeyKind = AK_HDDSN;
 
-		LCPrintf(false, "RevEmu raw auth string: '%s' (HDDSN)\n", authStr);
-
 		if (stripSpecialChars) {
 			authdata->authKeyLen = strecpy(hddsn, authStr, authKeyMaxLen, " \\/-");
 			authStr = hddsn;
 		}
 		else
 			authdata->authKeyLen = min(strlen(authStr), authKeyMaxLen);
+
+		LCPrintf(false, "RevEmu raw auth string: '%s' (HDDSN)%s\n", authStr,
+			IsValidHddsnNumber(authStr, authdata->authKeyLen) ? "" : " (INVALID)"
+		);
 	}
 	else {
 		authdata->authKeyKind = AK_VOLUMEID;
@@ -75,7 +85,6 @@ void RevEmuFinishAuthorization(authdata_t* authdata, const char* authStr, bool s
 			volumeId = strtoul(authStr, nullptr, 10) & 0x7FFFFFFF;
 			authdata->authKeyLen = volumeId ? sizeof(volumeId) : 0; // can't be zero
 			authStr = (char *)&volumeId;
-			authVolumeId = true;
 		}
 		else
 			authdata->authKeyLen = min(strlen(authStr), authKeyMaxLen);
@@ -89,7 +98,7 @@ void RevEmuFinishAuthorization(authdata_t* authdata, const char* authStr, bool s
 
 		authdata->steamId = revHash(authdata->authKey) << 1;
 
-		if (authVolumeId)
+		if (authStr == (char *)&volumeId)
 			LCPrintf(false, "RevEmu auth key: '%u' steamid: %u\n", (uint32_t)authStr, authdata->steamId);
 		else
 			LCPrintf(false, "RevEmu auth key: '%s' steamid: %u\n", authStr, authdata->steamId);
@@ -145,7 +154,7 @@ bool RevEmu2009to2013Authorize(ticket_t* ticket, authdata_t* authdata)
 		return false;
 	}
 
-	RevEmuFinishAuthorization(authdata, DecryptedAuthData, g_ReunionConfig->isSC2009RevEmuCompat() || g_ReunionConfig->getAuthVersion() >= av_reunion2018);
+	RevEmuFinishAuthorization(authdata, DecryptedAuthData, sizeof DecryptedAuthData - 1, g_ReunionConfig->isSC2009RevEmuCompat() || g_ReunionConfig->getAuthVersion() >= av_reunion2018);
 
 	return true;
 }
@@ -237,7 +246,7 @@ client_auth_kind CRevEmuAuthorizer::authorize(authdata_t* authdata)
 		return CA_UNKNOWN;
 	}
 
-	RevEmuFinishAuthorization(authdata, ticket->TicketBuf, g_ReunionConfig->getAuthVersion() >= av_reunion2018);
+	RevEmuFinishAuthorization(authdata, ticket->TicketBuf, sizeof ticket->TicketBuf - 1, g_ReunionConfig->getAuthVersion() >= av_reunion2018);
 
 	return CA_REVEMU;
 }

reunion/src/reunion_authorizers.h

@@ -85,3 +85,4 @@ class CNoSteam48Authorizer : public IClientAuthorizer {
 extern void Reunion_Init_Authorizers();
 extern client_auth_kind Reunion_Authorize_Client(authdata_t* authdata);
 extern const char* Reunion_GetAuthorizerName(client_auth_kind authKind);
+extern size_t Reunion_AuthKeyMaxLen(authdata_t* authdata);

reunion/src/reunion_cfg.cpp

@@ -138,6 +138,7 @@ CReunionConfig* CReunionConfig::createDefault()
 	cfg->m_bFixBuggedQuery = true;
 
 	cfg->m_HLTVExceptIP = 0;
+	cfg->m_bEnableQueryLimiter = true;
 	cfg->m_queriesBanLevel = 400;
 	cfg->m_floodBanTime = QUERY_FLOOD_DEFAULT_BANTIME;
 	cfg->m_allowSplitPackets = false;
@@ -319,8 +320,15 @@ bool CReunionConfig::parseCfgParam()
 	if (m_AuthVersion == av_dproto)
 		m_bEnableGenPrefix2 = false;
 
-	if (m_AuthVersion >= av_reunion2018) {
+	if (m_AuthVersion >= av_reunion2018)
-		if (m_SteamIdHashSaltLen < 16) {
+	{
+		// check logical negation value to disable salt hashing
+		bool bSteamIdNoHashSalt = (m_SteamIdHashSalt[0] == '0'
+			|| !Q_stricmp(m_SteamIdHashSalt, "no")
+			|| !Q_stricmp(m_SteamIdHashSalt, "false"));
+
+		if (!bSteamIdNoHashSalt && m_SteamIdHashSaltLen < 16)
+		{
 			LCPrintf(true, "SteamIdHashSalt is not set or too short\n");
 			return false;
 		}

reunion/src/reunion_player.cpp

@@ -11,6 +11,8 @@ CReunionPlayer::CReunionPlayer(IGameClient* cl) {
 void CReunionPlayer::clear() {
 	m_IdKind = CI_UNKNOWN;
 	m_AuthKind = CA_UNKNOWN;
+	m_authKeyKind = AK_OTHER;
+	m_idString[0] = 0;
 	m_Protocol = 0;
 	m_ConnectionTime = 0.0;
 	m_UnauthenticatedSteamId = 0;
@@ -49,20 +51,29 @@ void CReunionPlayer::authenticated(int proto, client_id_kind idkind, client_auth
 	const client_id_gen_opts_t* idGenOpts = g_ReunionConfig->getIdGenOptions(m_AuthKind);
 	const client_id_gen_opts_t* idByIpGenOpts = g_ReunionConfig->getIdByIpGenOpts();
 
+	// use auth key type prefixes
+	bool akPrefixes = g_ReunionConfig->getAuthVersion() == av_reunion2018;
+
 	switch (m_IdKind) {
 	case CI_REAL_STEAM:
-		sprintf(m_idString, "STEAM_%u:%u:%u", idGenOpts->prefix1, accId & 1, accId >> 1);
+		sprintf(m_idString, "STEAM_%u:%u:%u", akPrefixes ? m_authKeyKind : idGenOpts->prefix1, accId & 1, accId >> 1);
 		break;
 
 	case CI_REAL_VALVE:
-		sprintf(m_idString, "VALVE_%u:%u:%u", idGenOpts->prefix1, accId & 1, accId >> 1);
+		sprintf(m_idString, "VALVE_%u:%u:%u", akPrefixes ? m_authKeyKind : idGenOpts->prefix1, accId & 1, accId >> 1);
 		break;
 
 	case CI_STEAM_BY_IP:
+		if (akPrefixes)
+			sprintf(m_idString, "STEAM_%u:%u:%u", AK_MAX, accId & 1, accId >> 1);
+		else
 			sprintf(m_idString, "STEAM_%u:%u:%u", idByIpGenOpts->prefix1, idByIpGenOpts->prefix2, accId >> 1);
 		break;
 
 	case CI_VALVE_BY_IP:
+		if (akPrefixes)
+			sprintf(m_idString, "VALVE_%u:%u:%u", AK_MAX, accId & 1, accId >> 1);
+		else
 			sprintf(m_idString, "VALVE_%u:%u:%u", idByIpGenOpts->prefix1, idByIpGenOpts->prefix2, accId >> 1);
 		break;
 

reunion/src/reunion_shared.h

@@ -9,10 +9,8 @@
 #define STEAM_ID_LAN				0
 #define STEAM_ID_PENDING			1
 #define MAX_STEAMIDSALTLEN			64
-#define MAX_AUTHKEY_LEN				31
+#define MAX_AUTHKEY_LEN				128
-#define MAX_AUTHKEY_LEN_OLD			16
 #define MAX_HASHDATA_LEN			(4 + MAX_STEAMIDSALTLEN + MAX_AUTHKEY_LEN)
-//#define MAX_HASHDATA_LEN_OLD			(4 + MAX_STEAMIDSALTLEN + MAX_AUTHKEY_LEN_OLD)
 #define IPGEN_KEY					0xA95CE2B9
 
 #define LOG_PREFIX					"[REUNION]: "

reunion/src/reunion_utils.cpp

@@ -145,6 +145,19 @@ bool IsHddsnNumber(const char* authstring)
 	return strtoull(authstring, nullptr, 10) >= UINT32_MAX; // SSD
 }
 
+// This serial number is actually not a valid serial number
+// it is a system bug that provides an incorrect serial number for NVMe solid-state drives (Netac NVMe SSD),
+// retrieved from the Storage Descriptor instead of reading it from the driver.
+// Therefore, obtaining the serial number from the Storage Descriptor means we should not generate a SteamID based on such serial numbers,
+// as it increases the risk of SteamID collisions.
+// Instead, it is better to generate a SteamID based on the client's IP.
+const char *BadHddsnNumber = "0000_0000_0000_0000_0000_0100_0";
+
+bool IsValidHddsnNumber(const void* data, size_t maxlen)
+{
+	return memcmp(data, BadHddsnNumber, min(strlen(BadHddsnNumber), maxlen)) != 0;
+}
+
 void util_console_print(const char* fmt, ...)
 {
 	char buf[1024];

reunion/src/reunion_utils.h

@@ -16,6 +16,7 @@ extern bool IsUniqueIdKind(client_id_kind idkind);
 extern bool IsValidId(uint32 authId);
 extern bool IsValidSteamTicket(const uint8 *pvSteam2Key, size_t ucbSteam2Key);
 extern bool IsHddsnNumber(const char* authstring);
+extern bool IsValidHddsnNumber(const void* data, size_t maxlen);
 
 extern void util_console_print(const char* fmt, ...);
 extern void util_syserror(const char* fmt, ...);