Add region tld

Addresses https://github.com/BeamMP/BeamMP-Launcher/issues/185 by
handling incomplete TCP recv despite MSG_WAITALL

Fixes running the launcher inside of wine as well as the rare instances
where this happens natively.

```
       MSG_WAITALL (since Linux 2.2)
              This flag requests that the operation block until the full request is satisfied.
              However, the call may still return less data than requested if a signal is caught,
              an error or disconnect occurs, or the next data to  be  re‐ceived is of a different type
              than that returned.  This flag has no effect for datagram sockets.

```

---

By creating this pull request, I understand that code that is AI
generated or otherwise automatically generated may be rejected without
further discussion.
I declare that I fully understand all code I pushed into this PR, and
wrote all this code myself and own the rights to this code.

.github/workflows/cmake-linux.yml

@@ -20,7 +20,7 @@ jobs:
         with:
             vcpkgArguments: 'zlib nlohmann-json openssl cpp-httplib[openssl]'
             vcpkgDirectory: '${{ runner.workspace }}/b/vcpkg'
-            vcpkgGitCommitId: '40616a5e954f7be1077ef37db3fbddbd5dcd1ca6'
+            vcpkgGitCommitId: 'b5d1a94fb7f88fd835e360fd23a45a09ceedbf48'
 
       - name: Create Build Environment
         run: cmake -E make_directory ${{github.workspace}}/build-linux

.github/workflows/cmake-windows.yml

@@ -20,7 +20,7 @@ jobs:
         with:
             vcpkgArguments: 'discord-rpc zlib nlohmann-json openssl cpp-httplib[openssl]'
             vcpkgDirectory: '${{ runner.workspace }}/b/vcpkg'
-            vcpkgGitCommitId: '40616a5e954f7be1077ef37db3fbddbd5dcd1ca6'
+            vcpkgGitCommitId: 'b5d1a94fb7f88fd835e360fd23a45a09ceedbf48'
             vcpkgTriplet: 'x64-windows-static'
 
       - name: Create Build Environment

include/Network/network.hpp

@@ -42,7 +42,7 @@ extern std::string magic;
 int KillSocket(uint64_t Dead);
 void UUl(const std::string& R);
 void UDPSend(std::string Data);
-bool CheckBytes(int32_t Bytes);
+bool CheckBytes(int32_t Bytes, int32_t Expected = -1);
 void GameSend(std::string_view Data);
 void SendLarge(std::string Data);
 std::string TCPRcv(uint64_t Sock);
@@ -56,3 +56,4 @@ void UDPClientMain(const std::string& IP, int Port);
 void TCPGameServer(const std::string& IP, int Port);
 bool SecurityWarning();
 void CoreSend(std::string data);
+int RecvWaitAll(int sockfd, char *buf, int len);

include/Options.h

@@ -20,6 +20,7 @@ struct Options {
     bool no_update = false;
     bool no_launch = false;
     const char* user_path = nullptr;
+    std::string region;
     const char **game_arguments = nullptr;
     int game_arguments_length = 0;
     const char** argv = nullptr;

include/Utils.h

@@ -336,4 +336,14 @@ namespace Utils {
             throw std::runtime_error("Game disconnected");
         }
     }
+
+    inline std::string RegionToTopLevelDomain(const std::string region) {
+        if (region == "Restricted") {
+            return "beammp.ru";
+        }
+        else if (region == "Developer") {
+            return "beammp.dev";
+        }
+        return "beammp.com"; // Global
+    }
     };

src/Config.cpp

@@ -36,6 +36,10 @@ void ParseConfig(const nlohmann::json& d) {
         CachingDirectory = std::filesystem::path(d["CachingDirectory"].get<std::string>());
         info(beammp_wide("Mod caching directory: ") + beammp_fs_string(CachingDirectory.relative_path()));
     }
+    if (d.contains("Region") && d["Region"].is_string()) {
+        options.region = d["Region"].get<std::string>();
+        info("Set the region to: " + options.region);
+    }
 
     if (d.contains("Dev") && d["Dev"].is_boolean()) {
         bool dev = d["Dev"].get<bool>();
@@ -67,14 +71,18 @@ void ConfigInit() {
         } else
             fatal("Failed to open Launcher.cfg!");
     } else {
+        if (options.region.empty())
+        {
+            options.region = "Global";
+        }
         std::ofstream cfg("Launcher.cfg");
         if (cfg.is_open()) {
             cfg <<
                 R"({
     "Port": 4444,
     "Build": "Default",
-    "CachingDirectory": "./Resources"
+    "CachingDirectory": "./Resources",
-})";
+    "Region": ")" << options.region << "\"\n}";
             cfg.close();
         } else {
             fatal("Failed to write config on disk!");

src/Network/Core.cpp

@@ -143,29 +143,28 @@ void GetServerInfo(std::string Data) {
     const std::string buffer = ([&]() -> std::string {
         int32_t Header;
         std::vector<char> data(sizeof(Header));
-        int Temp = recv(ISock, data.data(), sizeof(Header), MSG_WAITALL);
+        int Temp = RecvWaitAll(ISock, data.data(), sizeof(Header));
 
-        auto checkBytes = ([&](const int32_t bytes) -> bool {
+        auto checkBytes = ([&](const int32_t bytes, const int32_t expected = -1) -> bool {
             if (bytes == 0) {
                 return false;
             } else if (bytes < 0) {
                 return false;
             }
+            if (expected != -1 && bytes != expected) {
+                return false;
+            }
             return true;
         });
 
-        if (!checkBytes(Temp)) {
+        if (!checkBytes(Temp, sizeof(Header))) {
             return "";
         }
         memcpy(&Header, data.data(), sizeof(Header));
 
-        if (!checkBytes(Temp)) {
-            return "";
-        }
-
         data.resize(Header, 0);
-        Temp = recv(ISock, data.data(), Header, MSG_WAITALL);
+        Temp = RecvWaitAll(ISock, data.data(), Header);
-        if (!checkBytes(Temp)) {
+        if (!checkBytes(Temp, Header)) {
             return "";
         }
         return std::string(data.data(), Header);
@@ -227,7 +226,7 @@ void Parse(std::string Data, SOCKET CSocket) {
             TCPTerminate = true;
             Data.clear();
             futures.push_back(std::async(std::launch::async, []() {
-                // CoreSend("B" + HTTP::Get("https://backend.beammp.com/servers-info"));
+                CoreSend("B" + HTTP::Get("https://backend." + Utils::RegionToTopLevelDomain(options.region) + "/servers-info"));
             }));
         }
         break;

src/Network/GlobalHandler.cpp

@@ -50,17 +50,6 @@ int KillSocket(uint64_t Dead) {
     return a;
 }
 
-bool CheckBytes(uint32_t Bytes) {
-    if (Bytes == 0) {
-        debug("(Proxy) Connection closing");
-        return false;
-    } else if (Bytes < 0) {
-        debug("(Proxy) send failed with error: " + std::to_string(WSAGetLastError()));
-        return false;
-    }
-    return true;
-}
-
 void GameSend(std::string_view Data) {
     static std::mutex Lock;
     std::scoped_lock Guard(Lock);

src/Network/Http.cpp

@@ -6,6 +6,7 @@
 
 
 #include "Http.h"
+#include "Options.h"
 #include <Logger.h>
 #include <Network/network.hpp>
 #include <Startup.h>
@@ -20,45 +21,6 @@
 #include <mutex>
 #include <nlohmann/json.hpp>
 
-void WriteHttpDebug(const httplib::Client& client, const std::string& method, const std::string& target, const httplib::Result& result) try {
-    const std::filesystem::path folder = ".https_debug";
-    std::filesystem::create_directories(folder);
-    if (!std::filesystem::exists(folder / "WHAT IS THIS FOLDER.txt")) {
-        std::ofstream ignore { folder / "WHAT IS THIS FOLDER.txt" };
-        ignore << "This folder exists to help debug current issues with the backend. Do not share this folder with anyone but BeamMP staff. It contains detailed logs of any failed http requests." << std::endl;
-    }
-    const auto file = folder / (method + ".json");
-    // 1 MB limit
-    if (std::filesystem::exists(file) && std::filesystem::file_size(file) > 1'000'000) {
-        std::filesystem::rename(file, file.generic_string() + ".bak");
-    }
-
-    std::ofstream of { file, std::ios::app };
-    nlohmann::json js {
-        { "utc", std::chrono::system_clock::now().time_since_epoch().count() },
-        { "target", target },
-        { "client_info", {
-                             { "openssl_verify_result", client.get_openssl_verify_result() },
-                             { "host", client.host() },
-                             { "port", client.port() },
-                             { "socket_open", client.is_socket_open() },
-                             { "valid", client.is_valid() },
-                         } },
-    };
-    if (result) {
-        auto value = result.value();
-        js["result"] = {};
-        js["result"]["body"] = value.body;
-        js["result"]["status"] = value.status;
-        js["result"]["headers"] = value.headers;
-        js["result"]["version"] = value.version;
-        js["result"]["location"] = value.location;
-        js["result"]["reason"] = value.reason;
-    }
-    of << js.dump();
-} catch (const std::exception& e) {
-    error(e.what());
-}
 
 static size_t CurlWriteCallback(void* contents, size_t size, size_t nmemb, void* userp) {
     std::string* Result = reinterpret_cast<std::string*>(userp);
@@ -169,118 +131,118 @@ void set_headers(httplib::Response& res) {
 }
 
 void HTTP::StartProxy() {
-    // std::thread proxy([&]() {
+    std::thread proxy([&]() {
-    //     httplib::Server HTTPProxy;
+        httplib::Server HTTPProxy;
-    //     httplib::Headers headers = {
+        httplib::Headers headers = {
-    //         { "User-Agent", "BeamMP-Launcher/" + GetVer() + GetPatch() },
+            { "User-Agent", "BeamMP-Launcher/" + GetVer() + GetPatch() },
-    //         { "Accept", "*/*" }
+            { "Accept", "*/*" }
-    //     };
+        };
-    //     httplib::Client backend("https://backend.beammp.com");
+        httplib::Client backend("https://backend." + Utils::RegionToTopLevelDomain(options.region));
-    //     httplib::Client forum("https://forum.beammp.com");
+        httplib::Client forum("https://forum." + Utils::RegionToTopLevelDomain(options.region));
 
-    //     const std::string pattern = ".*";
+        const std::string pattern = ".*";
 
-    //     auto handle_request = [&](const httplib::Request& req, httplib::Response& res) {
+        auto handle_request = [&](const httplib::Request& req, httplib::Response& res) {
-    //         set_headers(res);
+            set_headers(res);
-    //         if (req.has_header("X-BMP-Authentication")) {
+            if (req.has_header("X-BMP-Authentication")) {
-    //             headers.emplace("X-BMP-Authentication", PrivateKey);
+                headers.emplace("X-BMP-Authentication", PrivateKey);
-    //         }
+            }
-    //         if (req.has_header("X-API-Version")) {
+            if (req.has_header("X-API-Version")) {
-    //             headers.emplace("X-API-Version", req.get_header_value("X-API-Version"));
+                headers.emplace("X-API-Version", req.get_header_value("X-API-Version"));
-    //         }
+            }
-
+
-    //         const std::vector<std::string> path = Utils::Split(req.path, "/");
+            const std::vector<std::string> path = Utils::Split(req.path, "/");
-
+
-    //         httplib::Result cli_res;
+            httplib::Result cli_res;
-    //         const std::string method = req.method;
+            const std::string method = req.method;
-    //         std::string host = "";
+            std::string host = "";
-
+
-    //         if (!path.empty())
+            if (!path.empty())
-    //             host = path[0];
+                host = path[0];
-
+
-    //         if (host == "backend") {
+            if (host == "backend") {
-    //             std::string remaining_path = req.path.substr(std::strlen("/backend"));
+                std::string remaining_path = req.path.substr(std::strlen("/backend"));
-
+
-    //             if (method == "GET")
+                if (method == "GET")
-    //                 cli_res = backend.Get(remaining_path, headers);
+                    cli_res = backend.Get(remaining_path, headers);
-    //             else if (method == "POST")
+                else if (method == "POST")
-    //                 cli_res = backend.Post(remaining_path, headers);
+                    cli_res = backend.Post(remaining_path, headers);
-
+
-    //         } else if (host == "avatar") {
+            } else if (host == "avatar") {
-    //             bool error = false;
+                bool error = false;
-    //             std::string username;
+                std::string username;
-    //             std::string avatar_size = "100";
+                std::string avatar_size = "100";
-
+
-    //             if (path.size() > 1) {
+                if (path.size() > 1) {
-    //                 username = path[1];
+                    username = path[1];
-    //             } else {
+                } else {
-    //                 error = true;
+                    error = true;
-    //             }
+                }
-
+
-    //             if (path.size() > 2) {
+                if (path.size() > 2) {
-    //                 try {
+                    try {
-    //                     if (std::stoi(path[2]) > 0)
+                        if (std::stoi(path[2]) > 0)
-    //                         avatar_size = path[2];
+                            avatar_size = path[2];
-
+
-    //                 } catch (std::exception&) { }
+                    } catch (std::exception&) { }
-    //             }
+                }
-
+
-    //             httplib::Result summary_res;
+                httplib::Result summary_res;
-
+
-    //             if (!error) {
+                if (!error) {
-    //                 summary_res = forum.Get("/u/" + username + ".json", headers);
+                    summary_res = forum.Get("/u/" + username + ".json", headers);
-
+
-    //                 if (!summary_res || summary_res->status != 200) {
+                    if (!summary_res || summary_res->status != 200) {
-    //                     error = true;
+                        error = true;
-    //                 }
+                    }
-    //             }
+                }
-
+
-    //             if (!error) {
+                if (!error) {
-    //                 try {
+                    try {
-    //                     nlohmann::json d = nlohmann::json::parse(summary_res->body, nullptr, false); // can fail with parse_error
+                        nlohmann::json d = nlohmann::json::parse(summary_res->body, nullptr, false); // can fail with parse_error
-
+
-    //                     auto user = d.at("user"); // can fail with out_of_range
+                        auto user = d.at("user"); // can fail with out_of_range
-    //                     auto avatar_link_json = user.at("avatar_template"); // can fail with out_of_range
+                        auto avatar_link_json = user.at("avatar_template"); // can fail with out_of_range
-
+
-    //                     auto avatar_link = avatar_link_json.get<std::string>();
+                        auto avatar_link = avatar_link_json.get<std::string>();
-    //                     size_t start_pos = avatar_link.find("{size}");
+                        size_t start_pos = avatar_link.find("{size}");
-    //                     if (start_pos != std::string::npos)
+                        if (start_pos != std::string::npos)
-    //                         avatar_link.replace(start_pos, std::strlen("{size}"), avatar_size);
+                            avatar_link.replace(start_pos, std::strlen("{size}"), avatar_size);
-
+
-    //                     cli_res = forum.Get(avatar_link, headers);
+                        cli_res = forum.Get(avatar_link, headers);
-
+
-    //                 } catch (std::exception&) {
+                    } catch (std::exception&) {
-    //                     error = true;
+                        error = true;
-    //                 }
+                    }
-    //             }
+                }
-
+
-    //             if (error) {
+                if (error) {
-    //                 cli_res = forum.Get("/user_avatar/forum.beammp.com/user/0/0.png", headers);
+                    cli_res = forum.Get("/user_avatar/forum." + Utils::RegionToTopLevelDomain(options.region) + "/user/0/0.png", headers);
-    //             }
+                }
-
+
-    //         } else {
+            } else {
-    //             res.set_content("Host not found", "text/plain");
+                res.set_content("Host not found", "text/plain");
-    //             return;
+                return;
-    //         }
+            }
-
+
-    //         if (cli_res) {
+            if (cli_res) {
-    //             res.set_content(cli_res->body, cli_res->get_header_value("Content-Type"));
+                res.set_content(cli_res->body, cli_res->get_header_value("Content-Type"));
-    //         } else {
+            } else {
-    //             res.set_content(to_string(cli_res.error()), "text/plain");
+                res.set_content(to_string(cli_res.error()), "text/plain");
-    //         }
+            }
-    //     };
+        };
-
+
-    //     HTTPProxy.Get(pattern, [&](const httplib::Request& req, httplib::Response& res) {
+        HTTPProxy.Get(pattern, [&](const httplib::Request& req, httplib::Response& res) {
-    //         handle_request(req, res);
+            handle_request(req, res);
-    //     });
+        });
-
+
-    //     HTTPProxy.Post(pattern, [&](const httplib::Request& req, httplib::Response& res) {
+        HTTPProxy.Post(pattern, [&](const httplib::Request& req, httplib::Response& res) {
-    //         handle_request(req, res);
+            handle_request(req, res);
-    //     });
+        });
-
+
-    //     ProxyPort = HTTPProxy.bind_to_any_port("127.0.0.1");
+        ProxyPort = HTTPProxy.bind_to_any_port("127.0.0.1");
-    //     debug("HTTP Proxy listening on port " + std::to_string(ProxyPort));
+        debug("HTTP Proxy listening on port " + std::to_string(ProxyPort));
-    //     HTTPProxy.listen_after_bind();
+        HTTPProxy.listen_after_bind();
-    // });
+    });
-    // proxy.detach();
+    proxy.detach();
 }

src/Network/Resources.cpp

@@ -164,7 +164,7 @@ std::vector<char> TCPRcvRaw(SOCKET Sock, uint64_t& GRcv, uint64_t Size) {
     do {
         // receive at most some MB at a time
         int Len = std::min(int(Size - Rcv), 1 * 1024 * 1024);
-        int Temp = recv(Sock, &File[Rcv], Len, MSG_WAITALL);
+        int Temp = RecvWaitAll(Sock, &File[Rcv], Len);
         if (Temp == -1 || Temp == 0) {
             debug("Recv returned: " + std::to_string(Temp));
             if (Temp == -1) {

src/Network/VehicleData.cpp

@@ -94,6 +94,7 @@ void UDPClientMain(const std::string& IP, int Port) {
     inet_pton(AF_INET, IP.c_str(), &ToServer->sin_addr);
     UDPSock = socket(AF_INET, SOCK_DGRAM, 0);
     if (!magic.empty())
+        for (int i = 0; i < 10; i++)
             UDPSend(magic);
     GameSend("P" + std::to_string(ClientID));
     TCPSend("H", TCPSock);

src/Network/VehicleEvent.cpp

@@ -28,9 +28,9 @@ int LastPort;
 std::string LastIP;
 SOCKET TCPSock = -1;
 
-bool CheckBytes(int32_t Bytes) {
+bool CheckBytes(int32_t Bytes, int32_t Expected) {
     if (Bytes == 0) {
-        debug("(TCP) Connection closing... CheckBytes(16)");
+        debug("(TCP) Connection closing...");
         Terminate = true;
         return false;
     } else if (Bytes < 0) {
@@ -39,6 +39,11 @@ bool CheckBytes(int32_t Bytes) {
         Terminate = true;
         return false;
     }
+    if (Expected != -1 && Bytes != Expected) {
+        debug(std::format("(TCP) Short recv detected, expected {} bytes, got {} bytes", Expected, Bytes));
+        Terminate = true;
+        return false;
+    }
     return true;
 }
 void UUl(const std::string& R) {
@@ -75,6 +80,24 @@ void TCPSend(const std::string& Data, uint64_t Sock) {
     } while (Sent < Size);
 }
 
+int RecvWaitAll(int sockfd, char *buf, int len) {
+    // handle MSG_WAITALL not actually filling the whole buffer
+    // happens frequently in wine, and can also happen natively when the OS pauses the execution for various reasons
+    int offset = 0;
+    while (offset < len) {
+        int recv_status = recv(sockfd, &buf[offset], len - offset, MSG_WAITALL);
+        if (recv_status == 0) {
+            // do not discard received data when the other side closes the socket cleanly
+            return offset;
+        }
+        if (recv_status == -1) {
+            return -1;
+        }
+        offset += recv_status;
+    }
+    return offset;
+}
+
 std::string TCPRcv(SOCKET Sock) {
     if (Sock == -1) {
         Terminate = true;
@@ -84,8 +107,8 @@ std::string TCPRcv(SOCKET Sock) {
     int32_t Header;
     int Temp;
     std::vector<char> Data(sizeof(Header));
-    Temp = recv(Sock, Data.data(), sizeof(Header), MSG_WAITALL);
+    Temp = RecvWaitAll(Sock, Data.data(), sizeof(Header));
-    if (!CheckBytes(Temp)) {
+    if (!CheckBytes(Temp, sizeof(Header))) {
         UUl("Socket Closed Code 3");
         return "";
     }
@@ -97,8 +120,8 @@ std::string TCPRcv(SOCKET Sock) {
     }
 
     Data.resize(Header, 0);
-    Temp = recv(Sock, Data.data(), Header, MSG_WAITALL);
+    Temp = RecvWaitAll(Sock, Data.data(), Header);
-    if (!CheckBytes(Temp)) {
+    if (!CheckBytes(Temp, Header)) {
         UUl("Socket Closed Code 5");
         return "";
     }

src/Options.cpp

@@ -92,6 +92,13 @@ void InitOptions(int argc, const char *argv[], Options &options) {
             }
             options.user_path = argv[i + 1];
             i++;
+        } else if (argument == "--region") {
+            if (i + 1 >= argc) {
+                error("You must specify a region after the `--region` argument");
+            }
+            options.region = argv[i + 1];
+            info("Set the region to: " + options.region);
+            i++;
         } else if (argument == "--" || argument == "--game") {
             options.game_arguments = &argv[i + 1];
             options.game_arguments_length = argc - i - 1;
@@ -108,6 +115,7 @@ void InitOptions(int argc, const char *argv[], Options &options) {
                 "\t--no-launch          Skip launching the game (you must launch the game manually)\n"
                 "\t--dev                Developer mode, same as --verbose --no-download --no-launch --no-update\n"
                 "\t--user-path <path>   Path to BeamNG's User Path\n"
+                "\t--region <region>    Sets a custom region, options are 'Global', and 'Restricted'\n"
                 "\t--game <args...>     Passes ALL following arguments to the game, see also `--`\n"
                 << std::flush;
             exit(0);

src/Security/BeamNG.cpp

@@ -268,7 +268,7 @@ void LegitimacyCheck() {
     std::ifstream libraryFolders(libraryFoldersPath);
     auto root = tyti::vdf::read(libraryFolders);
     for (auto folderInfo : root.childs) {
-        if (std::filesystem::exists(folderInfo.second->attribs["path"] + "/steamapps/common/BeamNG.drive/integrity.json")){
+        if ((folderInfo.second->childs["apps"]->attribs).contains("284160") && std::filesystem::exists(folderInfo.second->attribs["path"] + "/steamapps/common/BeamNG.drive/integrity.json")){
             GameDir = folderInfo.second->attribs["path"] + "/steamapps/common/BeamNG.drive/";
             break;
         }

src/Security/Login.cpp

@@ -6,6 +6,7 @@
 
 
 #include "Http.h"
+#include "Options.h"
 #include "Logger.h"
 #include <filesystem>
 #include <fstream>
@@ -55,7 +56,7 @@ std::string Login(const std::string& fields) {
     }
     info("Attempting to authenticate...");
     try {
-        std::string Buffer = HTTP::Post("https://auth.beammp.com/userlogin", fields);
+        std::string Buffer = HTTP::Post("https://auth." + Utils::RegionToTopLevelDomain(options.region) + "/userlogin", fields);
 
         if (Buffer.empty()) {
             return GetFail("Failed to communicate with the auth system!");
@@ -115,7 +116,7 @@ void CheckLocalKey() {
                 }
             }
 
-            Buffer = HTTP::Post("https://auth.beammp.com/userlogin", R"({"pk":")" + Buffer + "\"}");
+            Buffer = HTTP::Post("https://auth." + Utils::RegionToTopLevelDomain(options.region) + "/userlogin", R"({"pk":")" + Buffer + "\"}");
 
             nlohmann::json d = nlohmann::json::parse(Buffer, nullptr, false);
 

src/Startup.cpp

@@ -4,7 +4,6 @@
  SPDX-License-Identifier: AGPL-3.0-or-later
 */
 
-
 #include "zip_file.h"
 #include <charconv>
 #include <cstring>
@@ -15,8 +14,8 @@
 #elif defined(__linux__)
 #include <unistd.h>
 #elif defined(__APPLE__)
-#include <unistd.h>
 #include <libproc.h>
+#include <unistd.h>
 #endif // __APPLE__
 #include "Http.h"
 #include "Logger.h"
@@ -84,7 +83,7 @@ beammp_fs_string GetEN() {
 }
 
 std::string GetVer() {
-    return "2.7";
+    return "2.8";
 }
 std::string GetPatch() {
     return ".0";
@@ -194,47 +193,214 @@ void CheckName() {
     }
 }
 
-void CheckForUpdates(const std::string& CV) {
+#if defined(_WIN32)
-//     std::string LatestHash = HTTP::Get("https://backend.beammp.com/sha/launcher?branch=" + Branch + "&pk=" + PublicKey);
+#include <wincrypt.h>
-//     std::string LatestVersion = HTTP::Get(
+#include <wintrust.h>
-//         "https://backend.beammp.com/version/launcher?branch=" + Branch + "&pk=" + PublicKey);
+#include <softpub.h>
+#include <iostream>
 
-//     transform(LatestHash.begin(), LatestHash.end(), LatestHash.begin(), ::tolower);
+#pragma comment(lib, "wintrust.lib")
-//     beammp_fs_string BP(GetBP() / GetEN()), Back(GetBP() / beammp_wide("BeamMP-Launcher.back"));
+#pragma comment(lib, "crypt32.lib")
 
-//     std::string FileHash = Utils::GetSha256HashReallyFastFile(BP);
+bool CheckThumbprint(std::filesystem::path filepath)
+{
+    HCERTSTORE hStore = NULL;
+    HCRYPTMSG hMsg = NULL;
 
-//     if (FileHash != LatestHash && IsOutdated(Version(VersionStrToInts(GetVer() + GetPatch())), Version(VersionStrToInts(LatestVersion)))) {
+    if (!CryptQueryObject(
-//         if (!options.no_update) {
+        CERT_QUERY_OBJECT_FILE,
-//             info("Launcher update " + LatestVersion + " found!");
+        filepath.wstring().c_str(),
-// #if defined(__linux__)
+        CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
-//             error("Auto update is NOT implemented for the Linux version. Please update manually ASAP as updates contain security patches.");
+        CERT_QUERY_FORMAT_FLAG_BINARY,
-// #else
+        0,
-//             info("Downloading Launcher update " + LatestHash);
+        NULL, NULL, NULL,
-//             HTTP::Download(
+        &hStore,
-//                 "https://backend.beammp.com/builds/launcher?download=true"
+        &hMsg,
-//                 "&pk="
+        NULL))
-//                     + PublicKey + "&branch=" + Branch,
+    {
-//                 GetBP() / (beammp_wide("new_") + GetEN()), LatestHash);
+        return false;
-//             std::error_code ec;
-//             fs::remove(Back, ec);
-//             if (ec == std::errc::permission_denied) {
-//                 error("Failed to remove old backup file: " + ec.message() + ". Using alternative name.");
-//                 fs::rename(BP, Back + beammp_wide(".") + Utils::ToWString(FileHash.substr(0, 8)));
-//             } else {
-//                 fs::rename(BP, Back);
-//             }
-//             fs::rename(GetBP() / (beammp_wide("new_") + GetEN()), BP);
-//             URelaunch();
-// #endif
-//         } else {
-//             warn("Launcher update was found, but not updating because --no-update or --dev was specified.");
-//         }
-//     } else
-//         info("Launcher version is up to date. Latest version: " + LatestVersion);
-//     TraceBack++;
     }
 
+    DWORD dwSignerInfo = 0;
+    if (!CryptMsgGetParam(hMsg, CMSG_SIGNER_INFO_PARAM, 0, NULL, &dwSignerInfo) || dwSignerInfo == 0)
+        return false;
+
+    PCMSG_SIGNER_INFO pSignerInfo = (PCMSG_SIGNER_INFO)LocalAlloc(LPTR, dwSignerInfo);
+    if (!CryptMsgGetParam(hMsg, CMSG_SIGNER_INFO_PARAM, 0, pSignerInfo, &dwSignerInfo))
+    {
+        LocalFree(pSignerInfo);
+        return false;
+    }
+
+    CERT_INFO certInfo = {};
+    certInfo.Issuer = pSignerInfo->Issuer;
+    certInfo.SerialNumber = pSignerInfo->SerialNumber;
+
+    PCCERT_CONTEXT pCertContext = CertFindCertificateInStore(
+        hStore,
+        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+        0,
+        CERT_FIND_SUBJECT_CERT,
+        &certInfo,
+        NULL);
+
+    if (!pCertContext)
+    {
+        LocalFree(pSignerInfo);
+        return false;
+    }
+
+    BYTE hash[64];
+    DWORD hashSize = sizeof(hash);
+
+    bool match = false;
+    if (CertGetCertificateContextProperty(pCertContext, CERT_SHA256_HASH_PROP_ID, hash, &hashSize))
+    {
+        std::string pubKeyData(
+            reinterpret_cast<const char*>(pCertContext->pCertInfo->SubjectPublicKeyInfo.PublicKey.pbData),
+            pCertContext->pCertInfo->SubjectPublicKeyInfo.PublicKey.cbData
+        );
+
+        std::string pubKeyHash = Utils::GetSha256HashReallyFast(pubKeyData, L"PubKey");
+        debug("pub key hash: " + pubKeyHash);
+
+        std::string fileThumbprint;
+        for (DWORD i = 0; i < hashSize; i++)
+        {
+            char buf[3];
+            sprintf_s(buf, "%02x", hash[i]);
+            fileThumbprint += buf;
+        }
+
+        debug("File thumbprint: " +fileThumbprint);
+        debug(filepath);
+
+        if (fileThumbprint == "937f055b713de69416926ed4651d65219a0a0e77d7a78c1932c007e14326da33" && pubKeyHash == "2afad4a5773b0ac449f48350ce0d09c372be0d5bcbaa6d01332ce000baffde99"){
+            match = true;
+        }
+    }
+
+    CertFreeCertificateContext(pCertContext);
+    CertCloseStore(hStore, 0);
+    LocalFree(pSignerInfo);
+
+    return match;
+}
+#include <windows.h>
+#include <wintrust.h>
+#include <Softpub.h>
+#include <filesystem>
+#include <string>
+
+#pragma comment(lib, "wintrust")
+
+bool VerifySignature(const std::filesystem::path& filePath)
+{
+    std::wstring path = filePath.wstring();
+
+    WINTRUST_FILE_INFO fileInfo = {};
+    fileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO);
+    fileInfo.pcwszFilePath = path.c_str();
+    fileInfo.hFile = NULL;
+    fileInfo.pgKnownSubject = NULL;
+
+    WINTRUST_DATA winTrustData = {};
+    winTrustData.cbStruct = sizeof(WINTRUST_DATA);
+    winTrustData.dwUIChoice = WTD_UI_NONE;
+    winTrustData.dwUnionChoice = WTD_CHOICE_FILE;
+    winTrustData.pFile = &fileInfo;
+
+    winTrustData.dwStateAction = WTD_STATEACTION_VERIFY;
+
+    GUID policyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
+
+    LONG status = WinVerifyTrust(
+        NULL,
+        &policyGUID,
+        &winTrustData
+    );
+
+    debug(filePath);
+    debug("Signature check code: " + std::to_string(status));
+
+    winTrustData.dwStateAction = WTD_STATEACTION_CLOSE;
+    WinVerifyTrust(NULL, &policyGUID, &winTrustData);
+
+    return (status == CERT_E_UNTRUSTEDROOT);
+}
+#endif
+
+void CheckForUpdates(const std::string& CV) {
+    std::string LatestHash = HTTP::Get("https://backend." + Utils::RegionToTopLevelDomain(options.region) + "/sha/launcher?branch=" + Branch + "&pk=" + PublicKey);
+    std::string LatestVersion = HTTP::Get(
+        "https://backend." + Utils::RegionToTopLevelDomain(options.region) + "/version/launcher?branch=" + Branch + "&pk=" + PublicKey);
+
+    std::regex sha256_pattern(R"(^[a-fA-F0-9]{64}$)");
+    std::smatch match;
+
+    if (LatestHash.length() != 64 || !std::regex_match(LatestHash, match, sha256_pattern)) {
+        error("Invalid hash from backend, skipping update check.");
+        debug("Launcher hash in question: " + LatestHash);
+        return;
+    }
+
+    transform(LatestHash.begin(), LatestHash.end(), LatestHash.begin(), ::tolower);
+    beammp_fs_string BP(GetBP() / GetEN()), Back(GetBP() / beammp_wide("BeamMP-Launcher.back"));
+
+    std::string FileHash = Utils::GetSha256HashReallyFastFile(BP);
+
+    if (FileHash != LatestHash && IsOutdated(Version(VersionStrToInts(GetVer() + GetPatch())), Version(VersionStrToInts(LatestVersion)))) {
+        if (!options.no_update) {
+            info("Launcher update " + LatestVersion + " found!");
+#if defined(__linux__)
+            error("Auto update is NOT implemented for the Linux version. Please update manually ASAP as updates contain security patches.");
+#else
+            info("Downloading Launcher update " + LatestHash);
+            std::wstring DownloadLocation = GetBP() / (beammp_wide("new_") + GetEN());
+            if (HTTP::Download(
+                    "https://backend." + Utils::RegionToTopLevelDomain(options.region) + "/builds/launcher?download=true"
+                    "&pk="
+                        + PublicKey + "&branch=" + Branch,
+                    DownloadLocation, LatestHash)) {
+                if (!VerifySignature(DownloadLocation) || !CheckThumbprint(DownloadLocation)) {
+                    std::error_code ec;
+                    fs::remove(DownloadLocation, ec);
+                    if (ec) {
+                        error("Failed to remove broken launcher update");
+                    }
+                    throw std::runtime_error("The authenticity of the updated launcher could not be verified, it was corrupted or tampered with.");
+                }
+
+                info("Update signature is valid");
+
+                std::error_code ec;
+                fs::remove(Back, ec);
+                if (ec == std::errc::permission_denied) {
+                    error("Failed to remove old backup file: " + ec.message() + ". Using alternative name.");
+                    fs::rename(BP, Back + beammp_wide(".") + Utils::ToWString(FileHash.substr(0, 8)));
+                } else {
+                    fs::rename(BP, Back);
+                }
+                fs::rename(GetBP() / (beammp_wide("new_") + GetEN()), BP);
+                URelaunch();
+            } else {
+                if (fs::exists(DownloadLocation)) {
+                    std::error_code error_code;
+                    fs::remove(DownloadLocation, error_code);
+                    if (error_code) {
+                        error("Failed to remove broken launcher update");
+                    }
+                }
+                throw std::runtime_error("Failed to download the launcher update! Please try manually updating it, https://docs.beammp.com/FAQ/Update-launcher/");
+            }
+#endif
+        } else {
+            warn("Launcher update was found, but not updating because --no-update or --dev was specified.");
+        }
+    } else
+        info("Launcher version is up to date. Latest version: " + LatestVersion);
+    TraceBack++;
+}
 
 #ifdef _WIN32
 void LinuxPatch() {
@@ -347,42 +513,51 @@ void PreGame(const beammp_fs_string& GamePath) {
     CheckMP(GetGamePath() / beammp_wide("mods/multiplayer"));
     info(beammp_wide("Game user path: ") + beammp_fs_string(GetGamePath()));
 
-//     if (!options.no_download) {
+    if (!options.no_download) {
-//         std::string LatestHash = HTTP::Get("https://backend.beammp.com/sha/mod?branch=" + Branch + "&pk=" + PublicKey);
+        std::string LatestHash = HTTP::Get("https://backend." + Utils::RegionToTopLevelDomain(options.region) + "/sha/mod?branch=" + Branch + "&pk=" + PublicKey);
-//         transform(LatestHash.begin(), LatestHash.end(), LatestHash.begin(), ::tolower);
+        transform(LatestHash.begin(), LatestHash.end(), LatestHash.begin(), ::tolower);
-//         LatestHash.erase(std::remove_if(LatestHash.begin(), LatestHash.end(),
+        LatestHash.erase(std::remove_if(LatestHash.begin(), LatestHash.end(),
-//                              [](auto const& c) -> bool { return !std::isalnum(c); }),
+                             [](auto const& c) -> bool { return !std::isalnum(c); }),
-//             LatestHash.end());
+            LatestHash.end());
 
-//         try {
+        std::regex sha256_pattern(R"(^[a-fA-F0-9]{64}$)");
-//             if (!fs::exists(GetGamePath() / beammp_wide("mods/multiplayer"))) {
+        std::smatch match;
-//                 fs::create_directories(GetGamePath() / beammp_wide("mods/multiplayer"));
-//             }
-//             EnableMP();
-//         } catch (std::exception& e) {
-//             fatal(e.what());
-//         }
-// #if defined(_WIN32)
-//         std::wstring ZipPath(GetGamePath() / LR"(mods\multiplayer\BeamMP.zip)");
-// #elif defined(__linux__)
-//         // Linux version of the game cant handle mods with uppercase names
-//         std::string ZipPath(GetGamePath() / R"(mods/multiplayer/beammp.zip)");
-// #endif
 
-//         std::string FileHash = fs::exists(ZipPath) ? Utils::GetSha256HashReallyFastFile(ZipPath) : "";
+        if (LatestHash.length() != 64 || !std::regex_match(LatestHash, match, sha256_pattern)) {
-
+            error("Invalid hash from backend, skipping mod update check.");
-//         if (FileHash != LatestHash) {
+            debug("Mod hash in question: " + LatestHash);
-//             info("Downloading BeamMP Update " + LatestHash);
+            return;
-//             HTTP::Download("https://backend.beammp.com/builds/client?download=true"
+        }
-//                            "&pk="
+
-//                     + PublicKey + "&branch=" + Branch,
+        try {
-//                 ZipPath, LatestHash);
+            if (!fs::exists(GetGamePath() / beammp_wide("mods/multiplayer"))) {
-//         }
+                fs::create_directories(GetGamePath() / beammp_wide("mods/multiplayer"));
-
+            }
-//         beammp_fs_string Target(GetGamePath() / beammp_wide("mods/unpacked/beammp"));
+            EnableMP();
-
+        } catch (std::exception& e) {
-//         if (fs::is_directory(Target) && !fs::is_directory(Target + beammp_wide("/.git"))) {
+            fatal(e.what());
-//             fs::remove_all(Target);
+        }
-//         }
+#if defined(_WIN32)
-//     }
+        std::wstring ZipPath(GetGamePath() / LR"(mods\multiplayer\BeamMP.zip)");
+#elif defined(__linux__)
+        // Linux version of the game cant handle mods with uppercase names
+        std::string ZipPath(GetGamePath() / R"(mods/multiplayer/beammp.zip)");
+#endif
+
+        std::string FileHash = fs::exists(ZipPath) ? Utils::GetSha256HashReallyFastFile(ZipPath) : "";
+
+        if (FileHash != LatestHash) {
+            info("Downloading BeamMP Update " + LatestHash);
+            HTTP::Download("https://backend." + Utils::RegionToTopLevelDomain(options.region) + "/builds/client?download=true"
+                           "&pk="
+                    + PublicKey + "&branch=" + Branch,
+                ZipPath, LatestHash);
+        }
+
+        beammp_fs_string Target(GetGamePath() / beammp_wide("mods/unpacked/beammp"));
+
+        if (fs::is_directory(Target) && !fs::is_directory(Target + beammp_wide("/.git"))) {
+            fs::remove_all(Target);
+        }
+    }
 }