Paper/patches/server/0760-Validate-usernames.patch
Nassim Jahnke 275173e538
Updated Upstream (Bukkit/CraftBukkit)
Upstream has released updates that appear to apply and compile correctly.
This update has not been tested by PaperMC and as with ANY update, please do your own testing

Bukkit Changes:
0c5d8709 SPIGOT-7400: Downgrade maven-resolver due to issues resolving certain depends
255c4fdb SPIGOT-7380: Add PlayerInteractEvent#getClickedPosition and ChiseledBookshelf#getSlot

CraftBukkit Changes:
b6b514b7e SPIGOT-7400: Downgrade maven-resolver due to issues resolving certain depends
fcff84de9 SPIGOT-7399: Revert null check in CraftMetaItem#safelyAdd
44a4b5649 SPIGOT-7380: Add PlayerInteractEvent#getClickedPosition and ChiseledBookshelf#getSlot
676969d01 SPIGOT-7389: Handle setting null items in ChiseledBookshelf Inventory
2023-06-18 13:18:11 +02:00

71 lines
3.7 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Spottedleaf <Spottedleaf@users.noreply.github.com>
Date: Sat, 1 Jan 2022 05:19:37 -0800
Subject: [PATCH] Validate usernames
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
index ed3af916dfa875dd0a5f1e730d20d11efd6419c6..cd4e76fe5b79c7d9e615b4886a568c74db757436 100644
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
@@ -60,6 +60,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
private final String serverId;
@Nullable
private ServerPlayer delayedAcceptPlayer;
+ public boolean iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation = false; // Paper - username validation overriding
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
this.state = ServerLoginPacketListenerImpl.State.HELLO;
@@ -212,10 +213,38 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
// Paper end
}
+ // Paper start - validate usernames
+ public static boolean validateUsername(String in) {
+ if (in == null || in.isEmpty() || in.length() > 16) {
+ return false;
+ }
+
+ for (int i = 0, len = in.length(); i < len; ++i) {
+ char c = in.charAt(i);
+
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || (c == '_' || c == '.')) {
+ continue;
+ }
+
+ return false;
+ }
+
+ return true;
+ }
+ // Paper end - validate usernames
+
@Override
public void handleHello(ServerboundHelloPacket packet) {
Validate.validState(this.state == ServerLoginPacketListenerImpl.State.HELLO, "Unexpected hello packet", new Object[0]);
Validate.validState(ServerLoginPacketListenerImpl.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]);
+ // Paper start - validate usernames
+ if (io.papermc.paper.configuration.GlobalConfiguration.get().proxies.isProxyOnlineMode() && io.papermc.paper.configuration.GlobalConfiguration.get().unsupportedSettings.performUsernameValidation) {
+ if (!this.iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation && !validateUsername(packet.name())) {
+ ServerLoginPacketListenerImpl.this.disconnect("Failed to verify username!");
+ return;
+ }
+ }
+ // Paper end - validate usernames
GameProfile gameprofile = this.server.getSingleplayerProfile();
if (gameprofile != null && packet.name().equalsIgnoreCase(gameprofile.getName())) {
diff --git a/src/main/java/net/minecraft/server/players/PlayerList.java b/src/main/java/net/minecraft/server/players/PlayerList.java
index 64e40e3caa85bff9382a483237301a8f231d1991..d25aa54689360e89b18535da54ce2c90ab21f819 100644
--- a/src/main/java/net/minecraft/server/players/PlayerList.java
+++ b/src/main/java/net/minecraft/server/players/PlayerList.java
@@ -673,7 +673,7 @@ public abstract class PlayerList {
for (int i = 0; i < this.players.size(); ++i) {
entityplayer = (ServerPlayer) this.players.get(i);
- if (entityplayer.getUUID().equals(uuid)) {
+ if (entityplayer.getUUID().equals(uuid) || (io.papermc.paper.configuration.GlobalConfiguration.get().proxies.isProxyOnlineMode() && entityplayer.getGameProfile().getName().equalsIgnoreCase(gameprofile.getName()))) { // Paper - validate usernames
list.add(entityplayer);
}
}