Since local servers and local favorites have no ping value (these
are only provided by the server) we shouldn't load a broken
image filename.
Fixes#5238
Disable the ability to connect to old servers by default to
improve password security.
If people still want to connect to old (0.4.12 and earlier)
servers, they can flip the send_pre_v25_init setting.
Add the ability to detect if we've tried to connect
to a server which only supports the pre v25 init protocol,
and show an apropriate error message. Most times the error
will already be catched at the serverlist level, the
detection mechanism only acts as last resort, because the
"Connection timed out" error message that would be shown
otherwise would be very confusing.
Automatic "fixing" of this condition is not desired,
as it would allow for downgrade attacks.
As already 161 of the 167 servers on the serverlist
support the new srp based auth protocol (> 96%),
the breakage should be minimal.
Follow up of commit
af30183124 "Add option to not send pre v25 init packet"
Also change the pessimistic assumption of masterlist
server versions to optimistic, in order to avoid buggy
behaviour (favourites not in the serverlist would be
denied to connect to, etc).
@SmallJoker has noted a bug that servers from the (local) main menu
favorites list can't be opened.
This commit fixes the bug by disabling any main menu based protocol
checks for servers from the favorite list.
Also, it fixes a second bug that happens when a server from the
public serverlist doesn't send its supported protocol versions,
most likely because its running a minetest older than commit [1].
Then we have shown an error msg that the server has enforced
one specific protocol version. This was most likely not the case.
Of course, we can't do anything better than do an assumption on
the protocol versions if they are not known. That assumption
should however be closest to the most often occuring case as
possible.
Also, some little cleanups.
[1]: 5a0ed780f5 "Server: announce MIN/MAX protocol version supported to serverlist. Client: check serverlist"
The legacy init packet (pre v25) sends information about the client's
password that a server could use to log in to other servers if the
username and password are the same. All the other benefits of SRP of
protocol v25 are missed if the legacy init packet is still sent during
connection creation.
This patch adds an option to not send the v25 init packet. Not sending
the v25 packet means breaking compat with pre v25 servers, but as the
option is not enabled by default, no servers are affected unless the
user explicitly flips the switch. More than 90% of the servers on the
serverlist support post v25 protocols.
The patch also fixes a bug with greying out of non compliant servers
being done wrongly, the min and max params were mixed.
Client now informs about incompatible servers from the list, this permits to prevent the protocol movements.
Server announces its supported protocol versions to master server