Archiviert
1
0

Fix IP sanitizing impacts

Signed-off-by: Lixfel <agga-games@gmx.de>
Dieser Commit ist enthalten in:
Lixfel 2024-03-04 12:44:33 +01:00
Ursprung 437d1c055c
Commit 1e40decc9e
5 geänderte Dateien mit 27 neuen und 19 gelöschten Zeilen

Datei anzeigen

@ -23,6 +23,7 @@ import com.google.gson.JsonParser;
import de.steamwar.bungeecore.BungeeCore;
import de.steamwar.bungeecore.Message;
import de.steamwar.bungeecore.listeners.ConnectionListener;
import de.steamwar.bungeecore.listeners.IPSanitizer;
import de.steamwar.command.PreviousArguments;
import de.steamwar.command.SWCommand;
import de.steamwar.command.TypeMapper;
@ -96,14 +97,15 @@ public class PunishmentCommand {
ProxiedPlayer player = ProxyServer.getInstance().getPlayer(user.getUUID());
if (player != null) {
String ip = IPSanitizer.getTrueAddress(player.getPendingConnection()).getHostAddress();
ChatSender.disconnect(player).system(punishmentMessage(user, Punishment.PunishmentType.Ban));
for (BannedUserIPs banned : BannedUserIPs.get(player.getAddress().getAddress().getHostAddress())) {
for (BannedUserIPs banned : BannedUserIPs.get(ip)) {
SteamwarUser bannedUser = SteamwarUser.get(banned.getUserID());
if (bannedUser.isPunished(Punishment.PunishmentType.Ban) && bannedUser.getPunishment(Punishment.PunishmentType.Ban).getEndTime().before(time)) {
bannedUser.punish(Punishment.PunishmentType.Ban, time, banReason, punisher.getId(), perma);
}
}
BannedUserIPs.banIP(user.getId(), player.getAddress().getAddress().getHostAddress());
BannedUserIPs.banIP(user.getId(), ip);
}
}

Datei anzeigen

@ -46,15 +46,16 @@ public class BanListener extends BasicListener {
ProxyServer.getInstance().getScheduler().runAsync(BungeeCore.get(), () -> {
PendingConnection connection = event.getConnection();
SteamwarUser user = SteamwarUser.getOrCreate(connection.getUniqueId(), connection.getName(), ConnectionListener::newPlayer, WebpasswordCommand::changeUsername);
String ip = IPSanitizer.getTrueAddress(connection).getHostAddress();
if (user.isPunished(Punishment.PunishmentType.Ban)) {
event.setCancelled(true);
BannedUserIPs.banIP(user.getId(), connection.getAddress().getAddress().getHostAddress());
BannedUserIPs.banIP(user.getId(), ip);
ChatSender.of(event).system(PunishmentCommand.punishmentMessage(user, Punishment.PunishmentType.Ban));
event.completeIntent(BungeeCore.get());
return;
}
List<BannedUserIPs> ips = BannedUserIPs.get(connection.getAddress().getAddress().getHostAddress());
List<BannedUserIPs> ips = BannedUserIPs.get(ip);
if(!ips.isEmpty()){
Timestamp highestBan = ips.get(0).getTimestamp();
boolean perma = false;

Datei anzeigen

@ -20,12 +20,14 @@
package de.steamwar.bungeecore.listeners;
import de.steamwar.bungeecore.BungeeCore;
import net.md_5.bungee.api.connection.PendingConnection;
import net.md_5.bungee.api.event.LoginEvent;
import net.md_5.bungee.connection.InitialHandler;
import net.md_5.bungee.event.EventHandler;
import net.md_5.bungee.netty.ChannelWrapper;
import java.lang.reflect.Field;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.util.logging.Level;
@ -41,19 +43,24 @@ public class IPSanitizer extends BasicListener {
initialHandlerCh.setAccessible(true);
}
public static ChannelWrapper getChannelWrapper(InitialHandler handler) {
public static ChannelWrapper getChannelWrapper(PendingConnection connection) {
try {
return (ChannelWrapper) initialHandlerCh.get(handler);
return (ChannelWrapper) initialHandlerCh.get(connection);
} catch (IllegalAccessException e) {
throw new SecurityException("Could not get channel wrapper", e);
}
}
public static InetAddress getTrueAddress(PendingConnection connection) {
return ((InetSocketAddress) getChannelWrapper(connection).getHandle().remoteAddress()).getAddress();
}
private final InetSocketAddress inetSocketAddress = new InetSocketAddress("127.127.127.127", 25565);
@EventHandler
public void loginEvent(LoginEvent e) {
BungeeCore.get().getLogger().log(Level.INFO, e.getConnection().getSocketAddress() + " has logged in with user name " + e.getConnection().getName());
getChannelWrapper((InitialHandler) e.getConnection()).setRemoteAddress(inetSocketAddress);
getChannelWrapper(e.getConnection()).setRemoteAddress(inetSocketAddress);
}
}

Datei anzeigen

@ -30,6 +30,7 @@ import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufAllocator;
import io.netty.buffer.Unpooled;
import net.md_5.bungee.api.ProxyServer;
import net.md_5.bungee.api.connection.Connection;
import net.md_5.bungee.api.connection.ProxiedPlayer;
import net.md_5.bungee.api.connection.Server;
import net.md_5.bungee.api.event.PluginMessageEvent;
@ -37,7 +38,6 @@ import net.md_5.bungee.connection.InitialHandler;
import net.md_5.bungee.event.EventHandler;
import net.md_5.bungee.protocol.DefinedPacket;
import java.net.InetSocketAddress;
import java.util.*;
import java.util.logging.Level;
@ -53,8 +53,7 @@ public class PluginMessage extends BasicListener {
player.sendData(channel, data);
}
//TODO change to warning level
private static final Parser UNKNOWN = event -> BungeeCore.get().getLogger().log(Level.INFO, () -> "Undefined PluginMessage on channel " + event.getTag() + " from " + event.getSender() + " received.\n" + Arrays.toString(event.getData()));
private static final Parser UNKNOWN = event -> BungeeCore.get().getLogger().log(Level.WARNING, () -> "Undefined PluginMessage on channel " + event.getTag() + " from " + event.getSender() + " received.\n" + Arrays.toString(event.getData()));
private static final Parser PASS_THROUGH = event -> event.setCancelled(false);
private static final Parser DROP = event -> {};
@ -98,8 +97,8 @@ public class PluginMessage extends BasicListener {
register("BungeeCord", false, onlySWSource(PASS_THROUGH));
register("bungeecord:main", false, onlySWSource(PASS_THROUGH));
register("MC|Brand", true, directional(this::steamWarBrand, this::userBrand));
register("minecraft:brand", true, directional(this::steamWarBrand, this::userBrand));
register("MC|Brand", false, directional(this::steamWarBrand, this::userBrand));
register("minecraft:brand", false, directional(this::steamWarBrand, this::userBrand));
register("sw:script_syntax", false, directional(onlySWSource(PASS_THROUGH), UNKNOWN));
register("sw:bridge", false, directional(onlySWSource(async(event -> NetworkPacket.handle(new ServerMetaInfo(((Server) event.getSender()).getInfo()), event.getData()))), UNKNOWN));
@ -146,8 +145,7 @@ public class PluginMessage extends BasicListener {
lunar.sendRestrictions(player);
if(!knownChannels.contains(channel))
//TODO change to warning level
BungeeCore.get().getLogger().log(Level.INFO, () -> player.getName() + " registered unknown channel " + channel);
BungeeCore.get().getLogger().log(Level.WARNING, () -> player.getName() + " registered unknown channel " + channel);
}
PASS_THROUGH.handle(event);
@ -169,8 +167,7 @@ public class PluginMessage extends BasicListener {
if(brand.startsWith("lunarclient:")) {
lunar.sendRestrictions(player);
} else if(!knownBrands.contains(brand)) {
//TODO change to warning level
BungeeCore.get().getLogger().log(Level.INFO, () -> player.getName() + " joined with unknown brand " + brand);
BungeeCore.get().getLogger().log(Level.WARNING, () -> player.getName() + " joined with unknown brand " + brand);
}
PASS_THROUGH.handle(event);
@ -196,9 +193,11 @@ public class PluginMessage extends BasicListener {
};
}
@SuppressWarnings("deprecation")
private Parser onlySWSource(Parser parser) {
return event -> {
if(TeamCommand.isLocalhost(((InetSocketAddress) event.getSender().getSocketAddress()).getAddress()))
Connection sender = event.getSender();
if(TeamCommand.isLocalhost(sender instanceof ProxiedPlayer ? IPSanitizer.getTrueAddress(((ProxiedPlayer) sender).getPendingConnection()) : sender.getAddress().getAddress()))
parser.handle(event);
else
UNKNOWN.handle(event);

Datei anzeigen

@ -28,7 +28,6 @@ import io.netty.buffer.Unpooled;
import net.md_5.bungee.api.chat.TextComponent;
import net.md_5.bungee.api.connection.PendingConnection;
import net.md_5.bungee.api.event.LoginEvent;
import net.md_5.bungee.connection.InitialHandler;
import net.md_5.bungee.event.EventHandler;
import net.md_5.bungee.netty.HandlerBoss;
import net.md_5.bungee.netty.PacketHandler;
@ -81,7 +80,7 @@ public class FML2 extends BasicListener {
if(!fml2 && !fml3 && !forge)
return;
IPSanitizer.getChannelWrapper((InitialHandler) connection).getHandle().pipeline().get(HandlerBoss.class).setHandler(new FML2LoginHandler(event));
IPSanitizer.getChannelWrapper(connection).getHandle().pipeline().get(HandlerBoss.class).setHandler(new FML2LoginHandler(event));
event.registerIntent(BungeeCore.get());
if(forge)