Upstream/Advanced-Portals
1
0
Fork 0
mirror of https://github.com/sekwah41/Advanced-Portals.git synced 2024-11-21 18:16:03 +01:00
Code Issues Projects Releases Wiki Activity

fix!: disable proxy detection to avoid vulnerabilities (see full commit for more info)

Browse Source 
If you are using 1.12 or lower you are unaffected as the features causing this issue were not implemented back then.

Thanks to rooter.rs for notifying me of these issues as well as helping code and test a fix for this.

Velocity was unaffected by this issue if you had the plugin on the proxy though due to the likelihood that may not be the case I have decided to disable this for everyone by default

If you are on bungee you will 100% want to update to this version right away.

For a full writeup by roote.rs see https://roote.rs/posts/advancedportals/
This commit is contained in:
Sekwah 2024-07-27 23:39:33 +01:00
parent 8fd11f85c4
commit 8f29d203e2
6 changed files with 60 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
build.gradle
View File

@ -17,6 +17,12 @@ import org.apache.http.impl.client.HttpClients
import java.util.regex.Matcher
import java.util.regex.Pattern
import java.nio.file.Files
import java.nio.file.Paths
import java.nio.file.StandardCopyOption
import java.nio.file.StandardOpenOption
buildscript {
repositories {
maven { url "https://plugins.gradle.org/m2/" }
@ -298,24 +304,29 @@ task curseforge {
// releaseType = 'release'
}
task copyPlugin {
/**
* Will build then copy it to the minecraft server folder for use with the launch task and dev tools plugin
*/
tasks.register('copyPlugin') {
dependsOn(build)
doLast {
copy {
if (System.env.MC_SERVER_LOC == null) {
throw new Exception('You must set the server location and jar to use')
def sourceFilePath = Paths.get("$buildDir/libs/Advanced-Portals-${getVersion()}.jar")
def destinationFilePath = Paths.get("$buildDir/MinecraftServer/plugins/Advanced-Portals.jar")
println "Handling file: $destinationFilePath"
byte[] newContent = Files.readAllBytes(sourceFilePath)
if (Files.exists(destinationFilePath)) {
println "File exists. Overwriting with new binary content."
Files.write(destinationFilePath, newContent, StandardOpenOption.TRUNCATE_EXISTING)
} else {
println "File does not exist. Copying from source."
Files.copy(sourceFilePath, destinationFilePath, StandardCopyOption.REPLACE_EXISTING)
}
println "$buildDir/libs/Advanced-Portals-${version}.jar"
println "${System.env.MC_SERVER_LOC}/plugins/Advanced-Portals-${version}.jar"
try {
delete fileTree("${System.env.MC_SERVER_LOC}/plugins/") {
include "*.jar"
}
}
catch (RuntimeException e) {
println e.getLocalizedMessage()
}
from file("$buildDir/libs/Advanced-Portals-${version}.jar")
into file("${System.env.MC_SERVER_LOC}/plugins/")
}
}
}

14
src/main/java/com/sekwah/advancedportals/bukkit/AdvancedPortalsPlugin.java
View File

@ -25,9 +25,7 @@ public class AdvancedPortalsPlugin extends JavaPlugin {
private Settings settings;
protected boolean isProxyPluginEnabled = false;
protected boolean forceRegisterProxyChannels = false;
protected boolean registerProxyChannels = false;
protected boolean disableProxyWarning = false;
private boolean worldEditActive = false;
@ -51,7 +49,7 @@ public class AdvancedPortalsPlugin extends JavaPlugin {
config.saveConfig();
FileConfiguration pluginConfig = config.getConfig();
forceRegisterProxyChannels = pluginConfig.getBoolean(ConfigHelper.FORCE_ENABLE_PROXY_SUPPORT, false);
registerProxyChannels = pluginConfig.getBoolean(ConfigHelper.ENABLE_PROXY_SUPPORT, false);
disableProxyWarning = pluginConfig.getBoolean(ConfigHelper.DISABLE_PROXY_WARNING, false);
ConfigAccessor portalConfig = new ConfigAccessor(this, "portals.yml");
@ -118,15 +116,11 @@ public class AdvancedPortalsPlugin extends JavaPlugin {
private void setupBungee() {
// Enables very basic bungee support if not setup right
this.getServer().getMessenger().registerOutgoingPluginChannel(this, "BungeeCord");
if(forceRegisterProxyChannels || this.checkIfBungee()) {
if(registerProxyChannels || this.checkIfBungee()) {
this.getServer().getMessenger().registerIncomingPluginChannel(this, "BungeeCord", new BungeeListener(this));
this.getServer().getMessenger().registerOutgoingPluginChannel(this, BungeeMessages.CHANNEL_NAME);
this.getServer().getMessenger().registerIncomingPluginChannel(this, BungeeMessages.CHANNEL_NAME, new PluginMessageReceiver(this));
isProxyPluginEnabled = true;
}
else {
isProxyPluginEnabled = false;
}
}
@ -135,7 +129,7 @@ public class AdvancedPortalsPlugin extends JavaPlugin {
}
public boolean isProxyPluginEnabled() {
return isProxyPluginEnabled;
return registerProxyChannels;
}
private boolean checkIfBungee()

6
src/main/java/com/sekwah/advancedportals/bukkit/config/ConfigHelper.java
View File

@ -8,6 +8,7 @@ public class ConfigHelper {
public static final String COMMAND_LOGS = "CommandLogs";
public static final String ENABLE_PROXY_SUPPORT = "EnableProxySupport";
public static final String FORCE_ENABLE_PROXY_SUPPORT = "ForceEnableProxySupport";
public static final String DISABLE_PROXY_WARNING = "DisableProxyWarning";
@ -40,6 +41,11 @@ public class ConfigHelper {
config.set(ConfigHelper.CONFIG_VERSION, "0.5.13");
config.set(ConfigHelper.FORCE_ENABLE_PROXY_SUPPORT, false);
config.set(ConfigHelper.PROXY_TELEPORT_DELAY, 0);
update();
} else if(configVersion.equals("0.5.13")) {
config.set(ConfigHelper.CONFIG_VERSION, "0.5.14");
config.set(ConfigHelper.FORCE_ENABLE_PROXY_SUPPORT, null);
config.set(ConfigHelper.ENABLE_PROXY_SUPPORT, config.getBoolean(ConfigHelper.FORCE_ENABLE_PROXY_SUPPORT));
}
}
}

2
src/main/java/com/sekwah/advancedportals/bukkit/destinations/Destination.java
View File

@ -164,8 +164,6 @@ public class Destination {
WarpEffects.activateSound(player);
}
System.out.println(PORTAL_MESSAGE_DISPLAY);
if (PORTAL_MESSAGE_DISPLAY == 1) {
player.sendMessage("");
player.sendMessage(PluginMessages.customPrefix + PluginMessages.getWarpMessage(dest));

40
src/main/java/com/sekwah/advancedportals/bukkit/listeners/PluginMessageReceiver.java
View File

@ -6,21 +6,29 @@ import com.sekwah.advancedportals.bukkit.AdvancedPortalsPlugin;
import com.sekwah.advancedportals.bukkit.config.ConfigAccessor;
import com.sekwah.advancedportals.bukkit.config.ConfigHelper;
import com.sekwah.advancedportals.bukkit.destinations.Destination;
import com.sekwah.advancedportals.bukkit.PluginMessages;
import com.sekwah.advancedportals.bungee.BungeeMessages;
import org.bukkit.entity.Player;
import org.bukkit.plugin.messaging.PluginMessageListener;
import org.bukkit.Bukkit;
import java.util.UUID;
public class PluginMessageReceiver implements PluginMessageListener {
public static final String ENABLE_MESSAGE = PluginMessages.customPrefixFail + "§c Warning! To avoid vulnerabilities we have disabled proxy messages by default. To enable full proxy features, please change §eEnableProxySupport §cin the config.yml and ensure you have the plugin installed on the proxy.";
public static final String WARNING_MESSAGE = PluginMessages.customPrefixFail + "§c Warning! A proxy message was received but proxy plugin support is not enabled. To enable it, please set §eEnableProxySupport §cto true and install the plugin on the proxy. If you do not remember having the proxy plugin, please ignore this message as it may be someone trying to attack your server.";
private final AdvancedPortalsPlugin plugin;
private final int teleportDelay;
private boolean isNotifiedAboutEnabling = false;
public PluginMessageReceiver(AdvancedPortalsPlugin plugin) {
this.plugin = plugin;
ConfigAccessor config = new ConfigAccessor(plugin, "config.yml");
teleportDelay = config.getConfig().getInt(ConfigHelper.PROXY_TELEPORT_DELAY, 0);
if(!plugin.isProxyPluginEnabled()) {
Bukkit.getConsoleSender().sendMessage(ENABLE_MESSAGE);
}
}
@Override
@ -30,6 +38,19 @@ public class PluginMessageReceiver implements PluginMessageListener {
return;
}
if(!plugin.isProxyPluginEnabled()) {
if(!isNotifiedAboutEnabling) {
for (Player p : Bukkit.getOnlinePlayers()) {
if (!p.isOp()) continue;
p.sendMessage(WARNING_MESSAGE);
}
Bukkit.getConsoleSender().sendMessage(WARNING_MESSAGE);
isNotifiedAboutEnabling = true;
}
return;
}
ByteArrayDataInput in = ByteStreams.newDataInput(message);
String subchannel = in.readUTF();
@ -65,23 +86,4 @@ public class PluginMessageReceiver implements PluginMessageListener {
);
}
}
/**
* Example forward packet.
*
* Construct like the forge packets.
*
* out.writeUTF("Forward"); // So BungeeCord knows to forward it
out.writeUTF("ALL");
out.writeUTF("MyChannel"); // The channel name to check if this your data
ByteArrayOutputStream msgbytes = new ByteArrayOutputStream();
DataOutputStream msgout = new DataOutputStream(msgbytes);
msgout.writeUTF("Some kind of data here"); // You can do anything you want with msgout
msgout.writeShort(123);
out.writeShort(msgbytes.toByteArray().length);
out.write(msgbytes.toByteArray());
*
*/
}

6
src/main/resources/config.yml
View File

@ -3,7 +3,7 @@
# To set this file back to its default state just delete it and reload the server or restart it!
# Will update whenever there is a config update from an older version so may not be the latest plugin version
ConfigVersion: 0.5.13
ConfigVersion: 0.5.14
# Set to true if you want the normal axes to work normally but the ones given with /portals selector or wand will still work though
# It can be useful if people with permission want to use an iron axe on a survival server
@ -76,8 +76,8 @@ CommandLevels: opcb
# Should the commands being triggered log in the console? (If you have an active server it may cause a bit of spam)
CommandLogs: true
# If you want to use bungee or velocity, and it is not automatically detected (make sure you have advanced portals on the proxy, especially with velocity)
ForceEnableProxySupport: false
# If you want to use bungee or velocity features
EnableProxySupport: false
# How many seconds after the proxy event fires should the player be teleported (should help with on spawn plugins and such)
# 0 is disabled and anything higher causes a delay.