(banfil, authfil): Remove. Matching user is useless, because the

player can send whatever he wants.  Banning IPs is better done with a
packet filter.  That leaves restricting deity IPs.
(privip): New econfig key to restrict deity IPs.
(may_play): Implement it.
(match_user): Unused, remove.

doc/troubleshooting

@@ -1,13 +0,0 @@
-Here are some of the most common problems with solutions.  This file
-will probably grow over time.
-
-(Q) I try to log in as POGO, but the server says, "You're not a deity".  Why?
-
-(A) If you get a "You're not a deity!" message and logged off, check the
-    "data/server.log" file and look at the end for a "NON-AUTH" entry.
-    There should be a "user@host" message in there that failed to log in.
-    The user and host that your system is using may be different than the
-    one you put in your build.conf file.  So, enter this new user and host
-    in the auth file, and you should be able to log into the server as a
-    deity now.  Note that if you rebuild the server again, the auth file
-    will be overwritten.

include/econfig-spec.h

@@ -68,7 +68,7 @@ EMPCFBOTH((fvname), (vname), int, NSC_INT, KM_OPTION, (descr))
 
 EMPCF_COMMENT("\n### Server configuration and information")
 EMPCFBOTH("config_tables", config_tables, char *, NSC_STRING, KM_INTERNAL,
-    "Configuration table files, separated by space, relative to econfig's directory")
+    "Configuration table files, separated by space")
 EMPCFBOTH("data", gamedir, char *, NSC_STRING, KM_INTERNAL,
     "Directory where this game's data is stored")
 EMPCFBOTH("info", infodir, char *, NSC_STRING, KM_INTERNAL,
@@ -80,13 +80,16 @@ EMPCFBOTH("builtin", builtindir, char *, NSC_STRING, KM_INTERNAL,
 EMPCF_COMMENT("# Set this to your source tree's src/lib/global to run the server\n"
 	      "# without installing it, else leave it alone.")
 EMPCFBOTH("listen_addr", listen_addr, char *, NSC_STRING, KM_INTERNAL,
-    "Local IP address the server should listen on.  \"\" listens on all.")
+    "Local IP address the server should listen on.")
+EMPCF_COMMENT("# \"\" listens on all, localhost just on the loopback interface")
 EMPCFBOTH("port", loginport, char *, NSC_STRING, KM_INTERNAL,
     "TCP port the server will bind")
 EMPCFBOTH("privname", privname, char *, NSC_STRING, 0,
     "Name of the deity")
 EMPCFBOTH("privlog", privlog, char *, NSC_STRING, 0,
     "E-mail of the deity")
+EMPCFBOTH("privip", privip, char *, NSC_STRING, KM_INTERNAL,
+    "Deities may connect from these IPs or networks")
 EMPCFBOTH("WORLD_X", WORLD_X, int, NSC_INT, 0,
     "World size X dimension (enforced to be even by subtracting 1 if necessary)")
 EMPCFBOTH("WORLD_Y", WORLD_Y, int, NSC_INT, 0,

include/optlist.h

@@ -49,8 +49,6 @@ extern char *configdir;
 extern char *motdfil;
 extern char *downfil;
 extern char *disablefil;
-extern char *banfil;
-extern char *authfil;
 extern char *annfil;
 extern char *timestampfil;
 extern char *teldir;

include/prototypes.h

@@ -439,7 +439,6 @@ extern int natpass(int, s_char *);
 extern struct player *player;	/* current player's context */
 extern char *praddr(struct player *);
 extern void player_main(struct player *);
-extern int match_user(char *, struct player *);
 extern int command(void);
 /* more under Commands */
 /* recvclient.c */

src/lib/global/path.c.in

@@ -66,8 +66,6 @@ char *downfil	= "down";
 char *disablefil = "disable";
 char *telfil	= "tel/tel";
 char *annfil	= "ann";
-char *banfil	= "ban";
-char *authfil	= "auth";
 char *timestampfil = "timestamp";
 
 char *listen_addr = "";

src/lib/player/login.c

@@ -266,15 +266,12 @@ may_play(void)
 	pr_id(player, C_CMDERR, "need country and password\n");
 	return 0;
     }
-    if (match_user(banfil, player)) {
-	logerror("Attempted login by BANNED host %s", praddr(player));
-	pr_id(player, C_EXIT, "Your login has been banned from this game\n");
-	io_shutdown(player->iop, IO_READ);
-	return 0;
-    }
+    /* TODO strstr() cheesy, compare IP against IP/BITS ... */
     np = getnatp(player->cnum);
-    if (np->nat_stat == STAT_GOD && !match_user(authfil, player)) {
-	logerror("NON-AUTHed Login attempted by %s", praddr(player));
+    if (np->nat_stat == STAT_GOD && *privip
+	&& !strstr(privip, player->hostaddr)) {
+	logerror("Deity login from untrusted host attempted by %s",
+		 praddr(player));
 	pr_id(player, C_EXIT, "You're not a deity!\n");
 	return 0;
     }

src/lib/player/player.c

@@ -360,37 +360,6 @@ show_motd(void)
     return RET_OK;
 }
 
-int
-match_user(char *file, struct player *p)
-{
-    FILE *fp;
-    int match = 0;
-    char host[256];
-    char user[256];
-
-    if ((fp = fopen(file, "r")) == NULL) {
-	/*logerror("Cannot find file %s", file); */
-	return 0;
-    }
-    match = 0;
-    while (!feof(fp) && !match) {
-	if (fgets(host, sizeof(host), fp) == NULL)
-	    break;
-	if (host[0] == '#')
-	    continue;
-	if (fgets(user, sizeof(user), fp) == NULL)
-	    break;
-	host[strlen(host) - 1] = '\0';
-	user[strlen(user) - 1] = '\0';
-	if (strstr(p->userid, user) &&
-	    (strstr(p->hostaddr, host) ||
-	     strstr(p->hostname, host)))
-	    ++match;
-    }
-    fclose(fp);
-    return match;
-}
-
 int
 quit(void)
 {