* [s] Security vulnerability patch (#62568)
About The Pull Request
In my personal, subjective opinion; trialmins should not, in fact, be able to read and delete server/box configuration files on a whim.
cl
server: Patches multiple(?) arbitrary file related vulnerabilities
/cl
* [s] Security vulnerability patch
Co-authored-by: TheFakeElon <59686430+TheFakeElon@users.noreply.github.com>
* Tackles various problems with keyed_list config entries, fixing broken roundstart races and more! (#62359)
While helping RaveRadbury debug some issues with enabling Halloween species early via the brute force method of enabling them in the config rather than the gentleman's solution of testmerging a PR that changes the Halloween date, we discovered something dreadful.
Cloth golems cannot be enabled! Infact, any species with a space in the ID cannot be enabled.
It uses the splitter despite VALUE_MODE_FLAG being set. So a key entry like ROUNDSTART_RACES cloth golem would get parsed as cloth = golem, then entered into the config as cloth = TRUE
NEW AND IMPROVED PART HERE
I've re-written how keyed_list config entries are parsed, splitting it into a number of procs to do some discrete block of logic.
Based on feedback from MSO, he expected that VALUE_MODE_FLAG keyed_list entries could have elements overridden. However, this functionality was not present in the code.
I have implemented it. We now support 3 methods of setting VALUE_MODE_FLAGS.
Implicitly enable the config entry: CONFIG_ENTRY config_key_goes_here
Explicitly enable the config entry: CONFIG_ENTRY config_key_goes_here 1
Explicitly disable the config entry: CONFIG_ENTRY config_key_goes_here 0
There have been functionality changes too. Previously, everything before the first splitter was the key and everything after was the value. However, in ambiguous config entries (Such as ROUNDSTART_RACES cloth golem 0) it would be unclear if the intent was (cloth, golem 0) or (cloth golem, 0) or indeed if the intent was (cloth golem 0, 1).
As a result, there is now the following paradigm in place: Everything after the LAST splitter is the value, everything before is the key and a log_config warning is now given explaining the problem and showing how it was resolved.
[2021-10-27 19:48:12.840] WARNING: Multiple splitter characters (" ") found. Using "cloth golem" as config key and "1" as config value.
This warning will trigger if multiple splitters are present for any keyed_list config entry, and will trigger on implicit VALUE_MODE_FLAGS entries that have splitters. The example above is it triggering on ROUNDSTART_RACES cloth golem - It has detected that there is potential ambiguity between (cloth, golem) or (cloth golem, 1), has picked a sensible option for the data type and has warned about it.
The intent is that no config entry should be ambiguous. It should be clear what is key and what is value when dealing with keyed_list config entries.
There's probably more work to do on other config entries to bring them up to this standard, but this is the thing I'm hitting in this PR.
Similarly, I have improved the validation aspect of keyed_list config entries with additional logging in general.
[2021-10-27 19:47:53.135] ERROR: Invalid KEY_MODE_TYPE typepath. Is not a valid typepath: /mob/living/carbon/monkey
I have added a unit test to make sure species IDs do not contain splitters from the two keyed_list subtypes relating to species.
I have added sanity checking to the race config subtypes since we have a big dick global list of all races sorted by ID, so a race not existing will fail validation and output a meaningful config log entry.
I have removed /datum/config_entry/keyed_list/probability from the code as it is unused with the removal of all game modes except Dynamic.
The config change necessitated the renaming of all golem species IDs. Doing so and renaming the clothgolem.ts file to match has fixed the broken cloth golem page too.
* Tackles various problems with keyed_list config entries, fixing broken roundstart races and more!
Co-authored-by: Timberpoes <silent_insomnia_pp@hotmail.co.uk>
* Updated interactions
* Update interaction_menu.dm
* Colors
* Update interaction_menu.dm
* Update interaction_menu.dm
* Update interaction_menu.dm
* Better code for all.
* Update interaction_component.dm
* Removes support for TARGET SPEAK and USER SPEAK due to instability.
* Update interactions.dm
* Update interaction_component.dm
* Enables you to interact from a distance again.
* Fix word bounds on filters, where they would only be applied at the beginning (#61714)
* Fix word bounds on filters, where they would only be applied at the beginning
Co-authored-by: Mothblocks <35135081+Mothblocks@users.noreply.github.com>
* Change the word filter configuration to allow providing reasons, fix emotes not working in filters, and implement separate OOC/IC/PDA filters (#61606)
* Change the word filter configuration to allow providing reasons, fix emotes not working in filters, and implement separate OOC/IC/PDA filters
Co-authored-by: Mothblocks <35135081+Mothblocks@users.noreply.github.com>
* Add support for multiple MOTD in config (#61589)
## About The Pull Request
Changes "motd.txt" from being hardcoded to being a list of files which are read sequentially.
CC @ MrStonedOne for config changes
## Why It's Good For The Game
On production, our MOTDs contain several individual sections:
- Active Trial Admin threads
- General game information
- MRP specific information
I want to automate number 1, I want number 2 to be shared among all servers, and I want number 3 to be shared among all MRP servers.
* Add support for multiple MOTD in config
Co-authored-by: Mothblocks <35135081+Mothblocks@users.noreply.github.com>
* tgui Preferences Menu + total rewrite of the preferences backend
* nah, we dont need to ping those people
* trying to remove the funny stuff
* unmodularizing this
* prefs reset
* this may need to be reverted, who knows
* okay, this part
* perhaps
* EEEEEEEEE
* unsanitary
* E
* Stage 1 + loadout system
* more fixes
* E
* I mean, it launches?
* More fixes and reorganisation
* E
* customisation code is spaget.
* disable ERP prefs
* Update erp_preferences.dm
* Update erp_preferences.dm
* E
* Slowly getting there
* It may be time for help :)
* tri...colors... help
* preferences now pass preferences
* Update dna.dm
* Fuck this man
* missing savefile return, set_species works, removed dumb stuff from updateappearance
* https://github.com/Skyrat-SS13/Skyrat-tg/pull/8199
* https://github.com/Skyrat-SS13/Skyrat-tg/pull/8224
* https://github.com/tgstation/tgstation/pull/61519
* https://github.com/Skyrat-SS13/Skyrat-tg/pull/8278
* e
* le butonAZARAK HELLO
* hhh
* Proper recognition where it's due, MrMelbert!
* EEEE
* examine block
* Better gen hit sounds from whitedream
* final loadout touches, more bug fixes im sure to come
* i said there would be bugfixes
* Update LoadoutManager.js
* Missing preferences in the html menu
* LIVE TESTING PHASE BABY
* Update LoadoutManager.js
* EEE
* LAUNCH TEST FIRE
* Update job.dm
* Update new_player.dm
* 50gb DAY ONE PATCH
* EEE
* Update preferences.dm
* buggle fixes
* Update examine.dm
* >LOOC starts on
Co-authored-by: Mothblocks <35135081+Mothblocks@users.noreply.github.com>
Co-authored-by: jjpark-kb <55967837+jjpark-kb@users.noreply.github.com>
Co-authored-by: Gandalf <jzo123@hotmail.com>
Co-authored-by: Azarak <azarak10@gmail.com>
* Give admins the ability to put a popup notice for players in tickets (#61010)
Admins can now give players a popup if they are not responding to tickets.
Popup is cleared when player replies or ticket is resolved/closed.
As more and more of the chat screen is made irrelevant, new players read it less and less.
This means that a lot of new players are ignoring ahelps, which is something I've encountered myself.
* Give admins the ability to put a popup notice for players in tickets
Co-authored-by: Mothblocks <35135081+Mothblocks@users.noreply.github.com>
Added a lowercase variable to string, string lists and keyed list configs.
Currently lowercase is only TRUE for keyed lists because they have been working like that since 2018. It might be changed to be FALSE by default but it'll take a while looking at the parsed logs for the config entries.
Co-authored-by: Ghom <42542238+Ghommie@users.noreply.github.com>
* Adds new config flag to mirror logging of suspicious failed logins to its own file.
* Update IsBanned.dm
Co-authored-by: Timberpoes <silent_insomnia_pp@hotmail.co.uk>
Co-authored-by: Gandalf <jzo123@hotmail.com>
* Drastic Lag Mitigation Subsystem: SSlag_switch (#59717)
Requested by oranges and inspired by the upcoming event. A new subsyetem, non-processing (for now), aimed at providing some toggle switches that can be flipped as a last ditch effort to save some CPU cycles by sacrificing some non-critical mechanics. Below you can see each individual toggle.
Screenshot of the admin panel:
image
Surely there are more opportunities for toggles I missed, but adding new ones is not very difficult at all.
Why It's Good For The Game
Better performance during extreme pop, I hope.
Changelog
cl
code: Introduces the Lag Switch subsystem for when a smoother experience is worth trading a few bells and whistles for. Performance enhancement measures can be togged by admins with the Show Lag Switches admin verb or enabled automatically at a pop amount set via config.
config: Added a new config var: number/auto_lag_switch_pop
* Drastic Lag Mitigation Subsystem: SSlag_switch
* mirrored the changes to the modular file
Co-authored-by: Wayland-Smithy <64715958+Wayland-Smithy@users.noreply.github.com>
Co-authored-by: Useroth <37159550+Useroth@users.noreply.github.com>
* Add $reset directive to config processor for setting a config entry to default value
* Update game_options.dm
Co-authored-by: Bobbahbrown <bobbahbrown@gmail.com>
Co-authored-by: Gandalf <jzo123@hotmail.com>
* Port: fixes of SStimer subsystem from RU SS220 Paradise (#59718)
Unobvious problem spot
#define BUCKET_POS(timer) (((round((timer.timeToRun - SStimer.head_offset) / world.tick_lag)+1) % BUCKET_LEN)||BUCKET_LEN)
With tick_lag equal to 0.1, 0.25, 0.5, rounding of division is normal. But at other values it may be shifted either more or less due to the specifics of floating-point storage and processing. Numbers 0.1, 0.25, 0.5 have blank mantissa, unlike others which lead to numbers such as 245.0000004 when divided.
PS: tick_lag is rounded to the first two decimal places.
Fixes
Rewrote the circular doubly linked list to a regular doubly linked list, because it could cause timers to loop infinitely.
Fixed re-creation of a bucket if the timer does not have a callback.
Added debug stat indicator RST to MC SStimer.
Added optional ability to log dump all timers on crash.
Fixed subsystem logic when a bucket position is misplaced due to division and rounding inaccuracy. The system now captures such rounding errors and restores the correct timer position.
References
[RU] SS220 Paradise port process from TGstation and fixes:
ss220-space/Paradise#5ss220-space/Paradise#10ss220-space/Paradise#26ss220-space/Paradise#32ss220-space/Paradise#37
Contributors
@ semoro: fixes
@ Bizzonium: port
Changelog
cl Semoro and azizonkg
fix: Ported fixes of SStimer subsystem from RU SS220 Paradise
config: Added a new config var: flag/log_timers_on_bucket_reset
/cl
* Port: fixes of SStimer subsystem from RU SS220 Paradise
Co-authored-by: Aziz Chynaliev <azizonkg@gmail.com>
* Refactors dbcore and limits the maximum amount of concurrent async queries to a variable amount (#59676)
Refactors dbcore to work off a subsystem if executed async and limits the maximum amount of concurrent async queries to 25.
This has been tested locally on a mysql docker image and there were no crashes (as long as you didn't run it with debug extools) + data was getting recorded fine.
Why It's Good For The Game
May or may not resolve terry crashes, however, each query creates a new thread which takes up 2mb, preventing the game from using that 2mb. This can lead to ooms if they stack up, e.g. due to poor connectivity. This solves that issue.
maintainer note: this did not actually resolve the crashes, but has value anyway. Crashes were sidestepped fixed by finding out Large Address Awareness works
cl
refactor: Refactors dbcore.dm to possibly resolve the crashes that happen on Terry.
/cl
* Refactors dbcore and limits the maximum amount of concurrent async queries to a variable amount
Co-authored-by: Watermelon914 <37270891+Watermelon914@users.noreply.github.com>
* SDQL Spells & Menu to Give Them to Players (#58118)
SDQL spells are spells that execute an SDQL query. This requires a config flag to be enabled in game_options.txt. When enabled, admins with debug verbs have the ability to open a menu allowing them to define all the relevant vars for the spell, including icons and spell requirements.
It also fixes a bug with superuser SDQL queries always runtime if they try to call a proc.
Co-authored-by: Emmett Gaines <ninjanomnom@ gmail.com>
Co-authored-by: Aleksej Komarov <stylemistake@ gmail.com>
* Adds SDQL Spells & a Menu to Give Them to Players - Take 2: Commit Cleanup
Co-authored-by: Y0SH1M4S73R <legoboyo@earthlink.net>
Co-authored-by: Emmett Gaines <ninjanomnom@ gmail.com>
Co-authored-by: Aleksej Komarov <stylemistake@ gmail.com>
* Renews Maintenance Drones
* And these have conflicts too, but you can't see them
* Skyrat Map Updates (Adding Supermatter Room Area)
Co-authored-by: Jonathan Rubenstein <jrubcop@gmail.com>
Co-authored-by: Funce <funce.973@gmail.com>
* Implements a new auto-tagging system for ID card which adds a config to auto-flag them as an intern. (#58236)
About The Pull Request
ID cards when equipped will check the player's living hours if the USE_LOW_LIVING_HOUR_INTERN flag is set. If their living hours is less than the first of the following (checked in order from 1st to 3rd until a valid value is found):
Config USE_LOW_LIVING_HOUR_INTERN_HOURS
Config USE_EXP_RESTRICTIONS_HEADS_HOURS
Hardcoded 15 hours
Then their ID card is tagged as Intern Assignment, unless they're a Head of Staff in which case they become an Assignment-in-Training.
PDAs, Wallets and Tablets also update any ID cards they hold, so equipping a PDA, Tablet or Wallet will also update any ID cards inside it.
This occurs automatically, even if the card does not belong to the owner. This only occurs when the user's assigned_role is a station job.
* Implements a new auto-tagging system for ID card which adds a config to auto-flag them as an intern.
Co-authored-by: Timberpoes <silent_insomnia_pp@hotmail.co.uk>
* Sets up ambition logging baseline framework
* That's one line, how did I write it
* Have to rewrite all the logs!
* I don't know what I'm doing anymore
* I think this is the last thing
* Log ambition is now added to config
* Ambition flag now correctly checks for the ambition flag
* Okay /here/ we go
* No more lowercase ckeys in admin chat
* Admin actions are now logged too
* Changed the population scaling coefficients minimal values to 0. (#56522)
## About The Pull Request
So, there on the downstream we've encountered a problem with the security officer slots jumping to 12 every time the round starts, regardless of what we set them to in the configs.
In the configs it says that you can set the coefficients to 0 to disable scaling, and upon investigation, it seems that all the scaling coefficients suffer from similar problem.
https://github.com/tgstation/tgstation/blob/master/config/game_options.txt#L198
the `min_val` in the config entry datums is 1 on each of them, leading to unexpected behaviour
## Why It's Good For The Game
It fixes certain config values leading to unexpected and unwanted behaviour
* Changed the population scaling coefficients minimal values to 0.
Co-authored-by: Useroth <37159550+Useroth@users.noreply.github.com>
* Adds logging to uplinks, spellbooks, and the codex ciatrix (#56450)
* Initial logging
* Bugfix and adds uplink logging to config file
* Another bugfix
* Adds logging to uplinks, spellbooks, and the codex ciatrix
Co-authored-by: TemporalOroboros <TemporalOroboros@gmail.com>
* Added the SQL logging.. waf
* I dont know why CI does not like my sql......
* I think i fixed the sql....
* Attempt #1 to make linter happy
* Shhh linter, it will be over soon
Just breath into this cloth... ignore the chloroform smell.
(Add a Preprocesser statement, to make the SpacemanDMM linter ignore the SQL code in a mob atom obj, that causes it to trigger its hard coded test for stoplag.
This only does not trigger on other SQL, as there is hard coded exception in SpacemanDMM that ignores the other objects. the better fix would be to update SpacemanDMM to add this into the exclusion. but this change at least allows the PR to be merged finally)
Co-authored-by: MissFox <github@aesir.org.uk>
* Fix startup double runtimes again (#56047)
Prevents runtimes that occur before /world/New is called from runtiming in /world/Error due to lack of the config being loaded.
* Fix startup double runtimes again
Co-authored-by: Jordan Brown <Cyberboss@users.noreply.github.com>
* Add config for discord bot prefix (#55400)
This allows you to set this in config, save having to hardcode it
I also fixed a mistake where only one message was changed in the
messaging from the account linking system
* Add config for discord bot prefix
Co-authored-by: oranges <email@oranges.net.nz>
* Remove the hyphen from the default value of the github url string (no longer -tg-station) (#55136)
* Remove the hyphen from the default value of the github url string (no longer -tg-station)
Co-authored-by: Bobbahbrown <bobbahbrown@gmail.com>
* Fixes and a little cleanup.
* False by default.
* Apply suggestions from code review
Co-authored-by: Azarak <azarak10@gmail.com>
* Modularization and comments.
* #include
Co-authored-by: Azarak <azarak10@gmail.com>
* Fix erroneous logging of config errors for str_list configuration type (#54676)
Fixed issue brought up by @ Cyberboss wherein the new ``str_list`` config type doesn't properly return true after setting the values and as a result has an erroneous error pop up in the config error log.
* Fix erroneous logging of config errors for str_list configuration type
Co-authored-by: Bobbahbrown <bobbahbrown@gmail.com>
* Adds a living time config to the panic bunker (#54341)
* Adds a living time value to the panic bunker, so you can keep people out based on time spent playing the game
* updates the admin verb, and enables %minutes% as an option
* Makes a proc call more clear
Co-authored-by: Jared-Fogle <35135081+Jared-Fogle@ users.noreply.github.com>
* than
Co-authored-by: Jared-Fogle <35135081+Jared-Fogle@ users.noreply.github.com>
* Adds a living time config to the panic bunker
Co-authored-by: LemonInTheDark <58055496+LemonInTheDark@users.noreply.github.com>
Co-authored-by: Jared-Fogle <35135081+Jared-Fogle@ users.noreply.github.com>
