From 8c514d9feb8c024d5bc0186a6bb11fb4af0aff98 Mon Sep 17 00:00:00 2001 From: Camotoy <20743703+DoctorMacc@users.noreply.github.com> Date: Mon, 17 Aug 2020 12:04:09 -0400 Subject: [PATCH] Fix Xbox authentication and add support for proxies (#1162) Waterdog and ProxyPass will work when `enable-proxy-connections` is set to true at the expense of security. --- .../platform/sponge/GeyserSpongeConfiguration.java | 5 +++++ .../connector/configuration/GeyserConfiguration.java | 5 ++++- .../configuration/GeyserJacksonConfiguration.java | 3 +++ .../geysermc/connector/utils/LoginEncryptionUtils.java | 4 ++-- connector/src/main/resources/config.yml | 9 +++++++-- connector/src/main/resources/mappings | 2 +- 6 files changed, 22 insertions(+), 6 deletions(-) diff --git a/bootstrap/sponge/src/main/java/org/geysermc/platform/sponge/GeyserSpongeConfiguration.java b/bootstrap/sponge/src/main/java/org/geysermc/platform/sponge/GeyserSpongeConfiguration.java index 734fcca67..40fe106ce 100644 --- a/bootstrap/sponge/src/main/java/org/geysermc/platform/sponge/GeyserSpongeConfiguration.java +++ b/bootstrap/sponge/src/main/java/org/geysermc/platform/sponge/GeyserSpongeConfiguration.java @@ -258,6 +258,11 @@ public class GeyserSpongeConfiguration implements GeyserConfiguration { } } + @Override + public boolean isEnableProxyConnections() { + return node.getNode("enable-proxy-connections").getBoolean(false); + } + @Override public int getMtu() { return node.getNode("mtu").getInt(1400); diff --git a/connector/src/main/java/org/geysermc/connector/configuration/GeyserConfiguration.java b/connector/src/main/java/org/geysermc/connector/configuration/GeyserConfiguration.java index 4d9933ff5..be4182306 100644 --- a/connector/src/main/java/org/geysermc/connector/configuration/GeyserConfiguration.java +++ b/connector/src/main/java/org/geysermc/connector/configuration/GeyserConfiguration.java @@ -36,7 +36,7 @@ import java.util.Map; public interface GeyserConfiguration { // Modify this when you update the config - int CURRENT_CONFIG_VERSION = 3; + int CURRENT_CONFIG_VERSION = 4; IBedrockConfiguration getBedrock(); @@ -120,6 +120,9 @@ public interface GeyserConfiguration { String getUniqueId(); } + // if u have offline mode enabled pls be safe + boolean isEnableProxyConnections(); + int getMtu(); int getConfigVersion(); diff --git a/connector/src/main/java/org/geysermc/connector/configuration/GeyserJacksonConfiguration.java b/connector/src/main/java/org/geysermc/connector/configuration/GeyserJacksonConfiguration.java index 7f2dafa01..1a22b0357 100644 --- a/connector/src/main/java/org/geysermc/connector/configuration/GeyserJacksonConfiguration.java +++ b/connector/src/main/java/org/geysermc/connector/configuration/GeyserJacksonConfiguration.java @@ -143,6 +143,9 @@ public abstract class GeyserJacksonConfiguration implements GeyserConfiguration private String uniqueId; } + @JsonProperty("enable-proxy-connections") + private boolean enableProxyConnections = false; + @JsonProperty("mtu") private int mtu = 1400; diff --git a/connector/src/main/java/org/geysermc/connector/utils/LoginEncryptionUtils.java b/connector/src/main/java/org/geysermc/connector/utils/LoginEncryptionUtils.java index 7b41ae3de..4bc997bdf 100644 --- a/connector/src/main/java/org/geysermc/connector/utils/LoginEncryptionUtils.java +++ b/connector/src/main/java/org/geysermc/connector/utils/LoginEncryptionUtils.java @@ -72,7 +72,7 @@ public class LoginEncryptionUtils { } if (lastKey != null) { - EncryptionUtils.verifyJwt(jwt, lastKey); + if (!EncryptionUtils.verifyJwt(jwt, lastKey)) return false; } JsonNode payloadNode = JSON_MAPPER.readTree(jwt.getPayload().toString()); @@ -105,7 +105,7 @@ public class LoginEncryptionUtils { connector.getLogger().debug(String.format("Is player data valid? %s", validChain)); - if (!validChain) { + if (!validChain && !session.getConnector().getConfig().isEnableProxyConnections()) { session.disconnect(LanguageUtils.getLocaleStringLog("geyser.network.remote.invalid_xbox_account")); return; } diff --git a/connector/src/main/resources/config.yml b/connector/src/main/resources/config.yml index b4d437276..d2bca8234 100644 --- a/connector/src/main/resources/config.yml +++ b/connector/src/main/resources/config.yml @@ -117,9 +117,14 @@ metrics: # UUID of server, don't change! uuid: generateduuid -# ADVANCED OPTIONS - DO NOT TOUCH UNLESS YOU KNOW WHAT YOU ARE DOING! +# ADVANCED OPTIONS - DO NOT TOUCH UNLESS YOU KNOW WHAT YOU ARE DOING! + +# Allow connections from ProxyPass and Waterdog. +# See https://www.spigotmc.org/wiki/firewall-guide/ for assistance - use UDP instead of TCP. +enable-proxy-connections: false + # The internet supports a maximum MTU of 1492 but could cause issues with packet fragmentation. # 1400 is the default. # mtu: 1400 -config-version: 3 +config-version: 4 diff --git a/connector/src/main/resources/mappings b/connector/src/main/resources/mappings index 94d30c1c6..88678e69b 160000 --- a/connector/src/main/resources/mappings +++ b/connector/src/main/resources/mappings @@ -1 +1 @@ -Subproject commit 94d30c1c6c4518932b813826bfcef680575a3c9c +Subproject commit 88678e69bf358cd562bd410a2459384aeb7ba482