mirror of
https://github.com/PaperMC/Paper.git
synced 2024-11-22 02:25:28 +01:00
Clean up username validation logic
This commit is contained in:
parent
b277feb448
commit
9227a9648c
@ -5,7 +5,7 @@ Subject: [PATCH] Validate usernames
|
|||||||
|
|
||||||
|
|
||||||
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
index 0c4fb4a7d4fcdc6d724beb13a16bd729a3c525cd..20ba13c06edf125ba216d1ca8794868abcd8f916 100644
|
index 0c4fb4a7d4fcdc6d724beb13a16bd729a3c525cd..fa6c77391ac40f86e1b679ef21f4ee43177857c8 100644
|
||||||
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
@@ -63,6 +63,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
@@ -63,6 +63,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
||||||
@ -16,42 +16,12 @@ index 0c4fb4a7d4fcdc6d724beb13a16bd729a3c525cd..20ba13c06edf125ba216d1ca8794868a
|
|||||||
|
|
||||||
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
|
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
|
||||||
this.state = ServerLoginPacketListenerImpl.State.HELLO;
|
this.state = ServerLoginPacketListenerImpl.State.HELLO;
|
||||||
@@ -134,10 +135,38 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
@@ -137,7 +138,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
||||||
return this.requestedUsername != null ? this.requestedUsername + " (" + s + ")" : s;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ // Paper start - validate usernames
|
|
||||||
+ public static boolean validateUsername(String in) {
|
|
||||||
+ if (in == null || in.isEmpty() || in.length() > 16) {
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ for (int i = 0, len = in.length(); i < len; ++i) {
|
|
||||||
+ char c = in.charAt(i);
|
|
||||||
+
|
|
||||||
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || (c == '_' || c == '.')) {
|
|
||||||
+ continue;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ return true;
|
|
||||||
+ }
|
|
||||||
+ // Paper end - validate usernames
|
|
||||||
+
|
|
||||||
@Override
|
@Override
|
||||||
public void handleHello(ServerboundHelloPacket packet) {
|
public void handleHello(ServerboundHelloPacket packet) {
|
||||||
Validate.validState(this.state == ServerLoginPacketListenerImpl.State.HELLO, "Unexpected hello packet", new Object[0]);
|
Validate.validState(this.state == ServerLoginPacketListenerImpl.State.HELLO, "Unexpected hello packet", new Object[0]);
|
||||||
Validate.validState(Player.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]);
|
- Validate.validState(Player.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]);
|
||||||
+ // Paper start - validate usernames -- TODO: Do we need this?
|
+ if (io.papermc.paper.configuration.GlobalConfiguration.get().proxies.isProxyOnlineMode() && io.papermc.paper.configuration.GlobalConfiguration.get().unsupportedSettings.performUsernameValidation && !this.iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation) Validate.validState(Player.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]); // Paper - config username validation
|
||||||
+ if (io.papermc.paper.configuration.GlobalConfiguration.get().proxies.isProxyOnlineMode() && io.papermc.paper.configuration.GlobalConfiguration.get().unsupportedSettings.performUsernameValidation) {
|
|
||||||
+ if (!this.iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation && !validateUsername(packet.name())) {
|
|
||||||
+ ServerLoginPacketListenerImpl.this.disconnect("Failed to verify username!");
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ // Paper end - validate usernames
|
|
||||||
this.requestedUsername = packet.name();
|
this.requestedUsername = packet.name();
|
||||||
GameProfile gameprofile = this.server.getSingleplayerProfile();
|
GameProfile gameprofile = this.server.getSingleplayerProfile();
|
||||||
|
|
||||||
@ -68,3 +38,34 @@ index 30ad9f878d0b76c6bef594448c3122d614a7aa8c..147fed3b3f0b052bc2892eaf001f0fb5
|
|||||||
list.add(entityplayer);
|
list.add(entityplayer);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
diff --git a/src/main/java/net/minecraft/world/entity/player/Player.java b/src/main/java/net/minecraft/world/entity/player/Player.java
|
||||||
|
index bce494bb7bc1ce20809ac7d355f04aa7aad78308..7a984f531d3ebb6e055f07227b2ef8247fb3a842 100644
|
||||||
|
--- a/src/main/java/net/minecraft/world/entity/player/Player.java
|
||||||
|
+++ b/src/main/java/net/minecraft/world/entity/player/Player.java
|
||||||
|
@@ -2340,9 +2340,23 @@ public abstract class Player extends LivingEntity {
|
||||||
|
}
|
||||||
|
|
||||||
|
public static boolean isValidUsername(String name) {
|
||||||
|
- return name.length() > 16 ? false : name.chars().filter((i) -> {
|
||||||
|
- return i <= 32 || i >= 127;
|
||||||
|
- }).findAny().isEmpty();
|
||||||
|
+ // Paper start
|
||||||
|
+ if (name == null || name.isEmpty() || name.length() > 16) {
|
||||||
|
+ return false;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ for (int i = 0, len = name.length(); i < len; ++i) {
|
||||||
|
+ char c = name.charAt(i);
|
||||||
|
+
|
||||||
|
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || (c == '_' || c == '.')) {
|
||||||
|
+ continue;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return false;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return true;
|
||||||
|
+ // Paper end
|
||||||
|
}
|
||||||
|
|
||||||
|
public static float getPickRange(boolean creative) {
|
||||||
|
@ -5,10 +5,10 @@ Subject: [PATCH] Added getHostname to AsyncPlayerPreLoginEvent
|
|||||||
|
|
||||||
|
|
||||||
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
index 20ba13c06edf125ba216d1ca8794868abcd8f916..5c767318ff3f589ecebb9608ce173fa578e330a5 100644
|
index fa6c77391ac40f86e1b679ef21f4ee43177857c8..d52d3808a058b6eef57639f1d455986b9681f645 100644
|
||||||
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
@@ -322,7 +322,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
@@ -294,7 +294,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
||||||
|
|
||||||
// Paper start
|
// Paper start
|
||||||
com.destroystokyo.paper.profile.PlayerProfile profile = com.destroystokyo.paper.profile.CraftPlayerProfile.asBukkitMirror(gameprofile);
|
com.destroystokyo.paper.profile.PlayerProfile profile = com.destroystokyo.paper.profile.CraftPlayerProfile.asBukkitMirror(gameprofile);
|
||||||
|
@ -123,7 +123,7 @@ index 5264235c1547c78b8123e2efb07dcb77486cc5bf..db363bca264e37c29fda58291246aba0
|
|||||||
DedicatedServer.LOGGER.warn("While this makes the game possible to play without internet access, it also opens up the ability for hackers to connect with any username they choose.");
|
DedicatedServer.LOGGER.warn("While this makes the game possible to play without internet access, it also opens up the ability for hackers to connect with any username they choose.");
|
||||||
}
|
}
|
||||||
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
index 5c767318ff3f589ecebb9608ce173fa578e330a5..83605748ca8cf68c0fc6d99c34f3091183c7a059 100644
|
index d52d3808a058b6eef57639f1d455986b9681f645..89b3184be952fd0803520dd0f717f3acfc3cb496 100644
|
||||||
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
||||||
@@ -64,6 +64,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
@@ -64,6 +64,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
||||||
@ -134,7 +134,7 @@ index 5c767318ff3f589ecebb9608ce173fa578e330a5..83605748ca8cf68c0fc6d99c34f30911
|
|||||||
|
|
||||||
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
|
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
|
||||||
this.state = ServerLoginPacketListenerImpl.State.HELLO;
|
this.state = ServerLoginPacketListenerImpl.State.HELLO;
|
||||||
@@ -177,6 +178,16 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
@@ -149,6 +150,16 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
||||||
this.state = ServerLoginPacketListenerImpl.State.KEY;
|
this.state = ServerLoginPacketListenerImpl.State.KEY;
|
||||||
this.connection.send(new ClientboundHelloPacket("", this.server.getKeyPair().getPublic().getEncoded(), this.challenge));
|
this.connection.send(new ClientboundHelloPacket("", this.server.getKeyPair().getPublic().getEncoded(), this.challenge));
|
||||||
} else {
|
} else {
|
||||||
@ -151,7 +151,7 @@ index 5c767318ff3f589ecebb9608ce173fa578e330a5..83605748ca8cf68c0fc6d99c34f30911
|
|||||||
// Spigot start
|
// Spigot start
|
||||||
// Paper start - Cache authenticator threads
|
// Paper start - Cache authenticator threads
|
||||||
authenticatorPool.execute(new Runnable() {
|
authenticatorPool.execute(new Runnable() {
|
||||||
@@ -314,6 +325,12 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
@@ -286,6 +297,12 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
||||||
public class LoginHandler {
|
public class LoginHandler {
|
||||||
|
|
||||||
public void fireEvents(GameProfile gameprofile) throws Exception {
|
public void fireEvents(GameProfile gameprofile) throws Exception {
|
||||||
@ -164,7 +164,7 @@ index 5c767318ff3f589ecebb9608ce173fa578e330a5..83605748ca8cf68c0fc6d99c34f30911
|
|||||||
String playerName = gameprofile.getName();
|
String playerName = gameprofile.getName();
|
||||||
java.net.InetAddress address = ((java.net.InetSocketAddress) ServerLoginPacketListenerImpl.this.connection.getRemoteAddress()).getAddress();
|
java.net.InetAddress address = ((java.net.InetSocketAddress) ServerLoginPacketListenerImpl.this.connection.getRemoteAddress()).getAddress();
|
||||||
java.net.InetAddress rawAddress = ((java.net.InetSocketAddress) ServerLoginPacketListenerImpl.this.connection.channel.remoteAddress()).getAddress(); // Paper
|
java.net.InetAddress rawAddress = ((java.net.InetSocketAddress) ServerLoginPacketListenerImpl.this.connection.channel.remoteAddress()).getAddress(); // Paper
|
||||||
@@ -363,6 +380,49 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
@@ -335,6 +352,49 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void handleCustomQueryPacket(ServerboundCustomQueryAnswerPacket packet) {
|
public void handleCustomQueryPacket(ServerboundCustomQueryAnswerPacket packet) {
|
||||||
|
Loading…
Reference in New Issue
Block a user