Introduce server query padding

For compatibility with security patches to future game servers versions this adds a 1200 byte padding to all requests packets as defined in the following HLDS mailing list post: https://www.mail-archive.com/[email protected]/msg01194.html See koraktor/steam-condenser#331
koraktor · Nov 22, 2020 · 9e26560 · 9e26560
1 parent 92dde9e
commit 9e26560
Show file tree

Hide file tree

Showing 6 changed files with 64 additions and 37 deletions.
diff --git a/lib/SteamCondenser/Servers/Packets/A2SINFOPacket.php b/lib/SteamCondenser/Servers/Packets/A2SINFOPacket.php
@@ -3,7 +3,7 @@
  * This code is free software; you can redistribute it and/or modify it under
  * the terms of the new BSD License.
  *
- * Copyright (c) 2008-2014, Sebastian Staudt
+ * Copyright (c) 2008-2020, Sebastian Staudt
  *
  * @license http://www.opensource.org/licenses/bsd-license.php New BSD License
  */
@@ -21,7 +21,7 @@
  * @subpackage packets
  * @see        GameServer::updateServerInfo()
  */
-class A2SINFOPacket extends SteamPacket {
+class A2SINFOPacket extends QueryPacket {
 
     /**
      * Creates a new A2S_INFO request object

diff --git a/lib/SteamCondenser/Servers/Packets/A2SPLAYERPacket.php b/lib/SteamCondenser/Servers/Packets/A2SPLAYERPacket.php
@@ -3,7 +3,7 @@
  * This code is free software; you can redistribute it and/or modify it under
  * the terms of the new BSD License.
  *
- * Copyright (c) 2008-2014, Sebastian Staudt
+ * Copyright (c) 2008-2020, Sebastian Staudt
  *
  * @license http://www.opensource.org/licenses/bsd-license.php New BSD License
  */
@@ -23,7 +23,7 @@
  * @subpackage packets
  * @see        GameServer::updatePlayerInfo()
  */
-class A2SPLAYERPacket extends RequestPacketWithChallenge {
+class A2SPLAYERPacket extends QueryPacket {
 
     /**
      * Creates a new A2S_PLAYER request object including the challenge number
@@ -32,6 +32,6 @@ class A2SPLAYERPacket extends RequestPacketWithChallenge {
      *        server
      */
     public function __construct($challengeNumber = 0xFFFFFFFF) {
-        parent::__construct(SteamPacket::A2S_PLAYER_HEADER, $challengeNumber);
+        parent::__construct(SteamPacket::A2S_PLAYER_HEADER, pack('V', $challengeNumber));
     }
 }
diff --git a/lib/SteamCondenser/Servers/Packets/A2SRULESPacket.php b/lib/SteamCondenser/Servers/Packets/A2SRULESPacket.php
@@ -3,7 +3,7 @@
  * This code is free software; you can redistribute it and/or modify it under
  * the terms of the new BSD License.
  *
- * Copyright (c) 2008-2014, Sebastian Staudt
+ * Copyright (c) 2008-2020, Sebastian Staudt
  *
  * @license http://www.opensource.org/licenses/bsd-license.php New BSD License
  */
@@ -24,7 +24,7 @@
  * @subpackage packets
  * @see        GameServer::updateRulesInfo()
  */
-class A2SRULESPacket extends RequestPacketWithChallenge {
+class A2SRULESPacket extends QueryPacket {
     /**
      * Creates a new A2S_RULES request object including the challenge number
      *
@@ -33,6 +33,6 @@ class A2SRULESPacket extends RequestPacketWithChallenge {
      */
     public function __construct($challengeNumber = 0xFFFFFFFF)
     {
-        parent::__construct(SteamPacket::A2S_RULES_HEADER, $challengeNumber);
+        parent::__construct(SteamPacket::A2S_RULES_HEADER, pack('V', $challengeNumber));
     }
 }
diff --git a/lib/SteamCondenser/Servers/Packets/QueryPacket.php b/lib/SteamCondenser/Servers/Packets/QueryPacket.php
@@ -0,0 +1,35 @@
+<?php
+/**
+ * This code is free software; you can redistribute it and/or modify it under
+ * the terms of the new BSD License.
+ *
+ * Copyright (c) 2020, Sebastian Staudt
+ *
+ * @license http://www.opensource.org/licenses/bsd-license.php New BSD License
+ */
+
+namespace SteamCondenser\Servers\Packets;
+
+/**
+ * This is used as a wrapper to create padding of request packets to a minimum
+ * size of 1200 bytes. This was introduced in November 2020 as a
+ * counter-measure to DoS attacks on game servers.
+ *
+ * @author     Sebastian Staudt
+ * @package    steam-condenser
+ * @subpackage packets
+ */
+abstract class QueryPacket extends SteamPacket {
+
+    // The minimum package size as defined by Valve
+    const STEAM_GAMESERVER_MIN_CONNECTIONLESS_PACKET_SIZE = 1200;
+
+    /**
+     * Creates a new query packet including data padding
+     *
+     * @param string $data The data of the original query
+     */
+    public function __construct($header, $data = null) {
+        parent::__construct($header, str_pad($data, self::STEAM_GAMESERVER_MIN_CONNECTIONLESS_PACKET_SIZE, "\0"));
+    }
+}
diff --git a/lib/SteamCondenser/Servers/Packets/RequestPacketWithChallenge.php b/lib/SteamCondenser/Servers/Packets/RequestPacketWithChallenge.php
diff --git a/tests/SteamCondenser/servers/packets/QueryPacketTest.php b/tests/SteamCondenser/servers/packets/QueryPacketTest.php
@@ -0,0 +1,21 @@
+<?php
+/**
+ * This code is free software; you can redistribute it and/or modify it under
+ * the terms of the new BSD License.
+ *
+ * Copyright (c) 2020, Sebastian Staudt
+ *
+ * @license http://www.opensource.org/licenses/bsd-license.php New BSD License
+ */
+
+class QueryPacketTest extends PHPUnit_Framework_TestCase {
+
+    public function setUp() {
+        $this->packet = $this->getMockForAbstractClass('\SteamCondenser\Servers\Packets\QueryPacket', array(0x61, 'test'));
+    }
+
+    public function testPadding() {
+        $this->assertEquals(str_pad("\xFF\xFF\xFF\xFFatest", 1200, "\0"), $this->packet->__toString());
+    }
+
+}