From 429dbe3e0ceaf4995de2cc6be6e8ce55f112c427 Mon Sep 17 00:00:00 2001
From: Paul Chote <pchote@users.noreply.github.com>
Date: Wed, 15 Apr 2020 12:57:09 +0100
Subject: [PATCH] Block profiles with revoked keys from joining auth-only
 servers.

---
 OpenRA.Game/Server/Server.cs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/OpenRA.Game/Server/Server.cs b/OpenRA.Game/Server/Server.cs
index c09acbd3c9..0ef2a61156 100644
--- a/OpenRA.Game/Server/Server.cs
+++ b/OpenRA.Game/Server/Server.cs
@@ -499,10 +499,16 @@ namespace OpenRA.Server
 											profile.ProfileName, profile.ProfileID);
 									}
 									else if (profile.KeyRevoked)
+									{
+										profile = null;
 										Log.Write("server", "{0} failed to authenticate as {1} (key revoked)", newConn.Socket.RemoteEndPoint, handshake.Fingerprint);
+									}
 									else
+									{
+										profile = null;
 										Log.Write("server", "{0} failed to authenticate as {1} (signature verification failed)",
 											newConn.Socket.RemoteEndPoint, handshake.Fingerprint);
+									}
 								}
 								else
 									Log.Write("server", "{0} failed to authenticate as {1} (invalid server response: `{2}` is not `Player`)",