Bump actions/cache from 4 to 5 (#59 )

Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump actions/upload-artifact from 5 to 6 (#58 )
2025-12-15 01:55:49 +00:00 · 2025-12-15 01:55:24 +00:00 · 2025-11-25 10:32:13 +01:00 · 2025-11-25 10:19:08 +01:00 · 2025-11-22 13:48:24 +01:00 · 2025-10-30 23:29:14 +01:00
7 changed files with 118 additions and 52 deletions
--- a/.github/workflows/build.sh
+++ b/.github/workflows/build.sh
@ -0,0 +1,24 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+cd "$(dirname $0)/../.."
+
+if [[ $PLATFORM == Linux* ]]; then
+	$CC --version
+	$CXX --version
+
+	apt install -y python3-pip
+
+	# buildbot/generate_header.py is ran by ambuild and we want git to not fail due to user-perms (because docker)
+	git config --global --add safe.directory $PWD
+else
+	python -m pip install --upgrade pip setuptools wheel
+fi
+
+python -m pip install $CACHE_PATH/ambuild
+
+mkdir build
+cd build
+python ../configure.py --enable-auto-versioning --enable-optimize --sdks="$SDKS" --mms-path="$CACHE_PATH/metamod-source" --hl2sdk-root="$CACHE_PATH" --sm-path="$CACHE_PATH/sourcemod"
+ambuild
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -11,9 +11,10 @@ jobs:
  build:
    strategy:
      matrix:
-        os: [ubuntu-22.04, windows-2022]
+        python-version: ['3.14']
+        os: [ubuntu-latest, windows-2022]
        include:
-          - os: ubuntu-22.04
+          - os: ubuntu-latest
            cc: clang-11
            cxx: clang++-11
          - os: windows-2022
@ -37,33 +38,20 @@ jobs:
          SDKS_VAR="${{env.SDKS}}"
          # This will be used in our cache key
          echo "SDKS_KEY=${SDKS_VAR//[[:blank:]]/}" >> $GITHUB_ENV
-
-      - name: Linux dependencies
-        if: startsWith(runner.os, 'Linux')
-        run: |
-          sudo dpkg --add-architecture i386
-          sudo apt-get update
-          sudo apt-get install -y --no-install-recommends \
-            gcc-multilib g++-multilib libstdc++6 lib32stdc++6 \
-            libc6-dev libc6-dev-i386 linux-libc-dev \
-            linux-libc-dev:i386 lib32z1-dev ${{ matrix.cc }}
    
-      - uses: actions/setup-python@v5
-        name: Setup Python 3.9
+      - uses: actions/setup-python@v6
+        if: startsWith(matrix.os, 'windows-')
+        name: Setup Python ${{ matrix.python-version }}
        with:
-          python-version: 3.9
+          python-version: ${{ matrix.python-version }}
      
-      - name: Install Python dependencies
-        run: |
-          python -m pip install --upgrade pip setuptools wheel
-          
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
        name: Repository checkout
        with:
          fetch-depth: 0
          path: extension
        
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        name: Cache dependencies
        env:
          cache-name: connect-cache
@ -105,31 +93,38 @@ jobs:
          # But maybe others aren't (also probably unnecessary because git actions but paranoia)
          git config --global advice.detachedHead true

-      - name: Setup AMBuild
-        shell: bash
-        run: |
-          cd "${{ env.CACHE_PATH }}"
-          python -m pip install ./ambuild
-
-      - name: Select clang compiler
-        if: startsWith(runner.os, 'Linux')
-        run: |
-          echo "CC=${{ matrix.cc }}" >> $GITHUB_ENV
-          echo "CXX=${{ matrix.cxx }}" >> $GITHUB_ENV
-          ${{ matrix.cc }} --version
-          ${{ matrix.cxx }} --version
-
      - name: Build
        shell: bash
        working-directory: extension
        run: |
-          mkdir build
-          cd build
-          python ../configure.py --enable-auto-versioning --enable-optimize --sdks="${{ env.SDKS }}" --mms-path="${{ env.CACHE_PATH }}/metamod-source" --hl2sdk-root="${{ env.CACHE_PATH }}" --sm-path="${{ env.CACHE_PATH }}/sourcemod"
-          ambuild
+          export PLATFORM="${{ runner.os }}"

-          PLATFORM="${{ runner.os }}"
-          FILENAME="$(cat ./includes/filename_versioning.txt)"
+          if [[ $PLATFORM == Linux* ]]; then
+            # docker instead of podman because:
+            # - we don't need a job to `sudo apt install podman`
+            # - `sudo apt install -y python3-pip` didn't work inside podman for me?
+            docker run \
+              -e PLATFORM="$PLATFORM" \
+              -e PROJECT=${{ env.PROJECT }} \
+              -e SDKS="${{ env.SDKS }}" \
+              -e MMSOURCE_VERSION=${{ env.MMSOURCE_VERSION }} \
+              -e SOURCEMOD_VERSION=${{ env.MMSOURCE_SOURCEMOD_VERSION }} \
+              -e CACHE_PATH=${{ env.CACHE_PATH }} \
+              -e SDKS_KEY=${{ env.SDKS_KEY }} \
+              -e CC=${{ matrix.cc }} \
+              -e CXX=${{ matrix.cxx }} \
+              --mount type=bind,source=${{ env.CACHE_PATH }},target=${{ env.CACHE_PATH }} \
+              --mount type=bind,source=$PWD,target=$PWD \
+              "registry.gitlab.steamos.cloud/steamrt/sniper/sdk:latest" \
+              "$PWD/.github/workflows/build.sh"
+
+            # need to fix the owner because docker root-ed stuff?
+            sudo chown -R $USER .
+          else
+            bash ./.github/workflows/build.sh
+          fi
+
+          FILENAME="$(cat build/includes/filename_versioning.txt)"
          ZIP_FILENAME="${{ env.PROJECT }}-${FILENAME}-${PLATFORM,}.zip"

          echo "ZIP_FILENAME=${ZIP_FILENAME}" >> $GITHUB_ENV
@ -165,7 +160,7 @@ jobs:
          echo "Upload successful!"

      - name: Upload a Build Artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          # Artifact name
          name: ${{ matrix.os }}_${{ matrix.cc }}_${{ env.ZIP_FILENAME }}
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,4 @@ build
 Containerfile
 .venv
 safetyhook
+.env
--- a/README.md
+++ b/README.md
@ -0,0 +1,33 @@
+# Connect - A safer OnClientPreConnect forward
+
+This extension provides a OnClientPreConnect forward (similar to CBaseServer's), but does proper checking to prevent malicious people spoofing SteamIDs.
+
+If you are currently using CBaseServer for reserved slots, it's possible for a client to spoof an admin's SteamID and cause someone to be kicked from the server (although they would be later denied, so they couldn't actually join the game).
+This extension does these checks before OnClientPreConnect is fired, so this isn't possible.
+
+There are some additional features such as being able to change the password provided before it's checked (see included example plugin) and the ability to reject the client with a reason (like SourceMod's later OnClientConnect forward).
+
+Only the Source 2009 engine is supported, as it's the only one that's been updated to use the new authentication system.
+
+# Provided forwards
+
+```
+public bool OnClientPreConnectEx
+(
+  const char[] name,
+  char password[255],
+  const char[] ip,
+  const char[] steamID,
+  char rejectReason[255]
+)
+{
+    // ...
+}
+```
+
+`return false;` to disallow the client from joining, and change `rejectReason` to what you want them to be shown when denied.
+
+Note that this function is called before the client has a client index on the server.
+
+
+# [Builds](https://builds.limetech.io/?project=connect)
--- a/configure.py
+++ b/configure.py
@ -20,7 +20,7 @@ parser.options.add_argument('--enable-auto-versioning', action='store_false', de
                       default=True, help='Enables the auto versioning script')
 parser.options.add_argument('-s', '--sdks', default='all', dest='sdks',
                       help='Build against specified SDKs; valid args are "all", "present", or '
-                            'space-delimited list of engine names (default: %default)')
+                            'space-delimited list of engine names (default: %(default)s)')
 parser.options.add_argument('--targets', type=str, dest='targets', default=None,
 		                      help="Override the target architecture (use commas to separate multiple targets).")
-parser.Configure()
+parser.Configure()
--- a/connect.games.txt
+++ b/connect.games.txt
@ -64,10 +64,24 @@

 			"CBaseServer__CheckMasterServerRequestRestart"
 			{
+				// "%cMasterRequestRestart"
 				"library"       "engine"
 				"windows"       "\x55\x8B\xEC\x83\xEC\x1C\x53\x57\x33\xD2"
 				"windows64"     "\x4C\x8B\xDC\x49\x89\x5B\x2A\x49\x89\x6B\x2A\x56\x57\x41\x54\x41\x56\x41\x57\x48\x83\xEC\x60\x48\x8B\x05\x2A\x2A\x2A\x2A\x48\x8D\x1D"
 			}
 		}
 	}
+	"tf"
+	{
+		"Signatures"
+		{
+			"CBaseServer__CheckMasterServerRequestRestart"
+			{
+				"library"       "engine"
+				// "%cMasterRequestRestart"
+				"windows"       "\x55\x8B\xEC\x83\xEC\x18\x53\x57\x33\xD2\x8B\xF9\x8B\x0D\x2A\x2A\x2A\x2A\x89\x55\xE8\x89\x55\xEC\x89\x55\xF4\x8B\x41\x08"
+				"windows64"     "\x4C\x8B\xDC\x49\x89\x5B\x10\x49\x89\x6B\x18\x56\x57\x41\x54\x41\x56\x41\x57\x48\x83\xEC\x60\x48\x8B\x05\x2A\x83\x20\x00"
+			}
+		}
+	}
 }
--- a/extension/extension.cpp
+++ b/extension/extension.cpp
@ -327,7 +327,6 @@ bool Connect::SDK_OnLoad(char *error, size_t maxlen, bool late)
 	/*
 	META_CONPRINTF("ISteamGameServer: %p\n", g_pSteam3Server->m_pSteamGameServer);
 	META_CONPRINTF("ISteamUtils: %p\n", g_pSteam3Server->m_pSteamGameServerUtils);
-	META_CONPRINTF("ISteamMasterServerUpdater: %p\n", g_pSteam3Server->m_pSteamMasterServerUpdater);
 	META_CONPRINTF("ISteamNetworking: %p\n", g_pSteam3Server->m_pSteamGameServerNetworking);
 	META_CONPRINTF("ISteamGameServerStats: %p\n", g_pSteam3Server->m_pSteamGameServerStats);
 	*/
@ -341,6 +340,13 @@ bool Connect::SDK_OnLoad(char *error, size_t maxlen, bool late)
 	}
 	g_pBeginAuthSession.SetAddress(vtable[offset]);

+	SH_MANUALHOOK_RECONFIGURE(MHook_BeginAuthSession, offset, 0, 0);
+	if (SH_ADD_MANUALHOOK(MHook_BeginAuthSession, g_pSteam3Server->m_pSteamGameServer, SH_STATIC(Hook_BeginAuthSession), true) == 0)
+	{
+		snprintf(error, maxlen, "Failed to setup ISteamGameServer__BeginAuthSession hook.\n");
+		return false;
+	}
+
 	offset = 0;
 	if (!g_pGameConf->GetOffset("ISteamGameServer__EndAuthSession", &offset) || offset == 0)
 	{
@ -349,13 +355,6 @@ bool Connect::SDK_OnLoad(char *error, size_t maxlen, bool late)
 	}
 	g_pEndAuthSession.SetAddress(vtable[offset]);

-	SH_MANUALHOOK_RECONFIGURE(MHook_BeginAuthSession, offset, 0, 0);
-	if (SH_ADD_MANUALHOOK(MHook_BeginAuthSession, g_pSteam3Server->m_pSteamGameServer, SH_STATIC(Hook_BeginAuthSession), true) == 0)
-	{
-		snprintf(error, maxlen, "Failed to setup ISteamGameServer__BeginAuthSession hook.\n");
-		return false;
-	}
-
 	CDetourManager::Init(g_pSM->GetScriptingEngine(), g_pGameConf);

 	detourCBaseServer__ConnectClient = DETOUR_CREATE_MEMBER(CBaseServer__ConnectClient, "CBaseServer__ConnectClient");
Author	SHA1	Message	Date
dependabot[bot]	8d83d5ecca	Bump actions/cache from 4 to 5 (#59 ) Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-15 01:55:49 +00:00
dependabot[bot]	58a4c9df84	Bump actions/upload-artifact from 5 to 6 (#58 ) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-15 01:55:24 +00:00
dependabot[bot]	ddf6e96660	Bump actions/upload-artifact from 4 to 5 (#55 )	2025-11-25 10:32:13 +01:00
dependabot[bot]	2711a463a2	Bump actions/checkout from 4 to 6 (#57 )	2025-11-25 10:19:08 +01:00
rtldg	736afc5d1f	Rework the CI to build inside the valve sniper sdk container thing (#56 )	2025-11-22 13:48:24 +01:00
dependabot[bot]	9aa1fb0474	Bump actions/setup-python from 5 to 6 (#54 ) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-10-30 23:29:14 +01:00
rtldg	670c7c5b02	fix offset usage for BeginAuthSession from #45 (resolves #49 ) (#52 )	2025-05-23 19:07:06 -04:00
sappho	a1fd39932a	Update for May 2025 tf2 updates	2025-05-15 23:12:03 -04:00
sappho	db47788db9	Update README.md	2025-05-15 22:54:42 -04:00
sappho	1c172cbfc7	Create README.md	2025-05-15 22:51:23 -04:00