3
0
Mirror von https://github.com/PaperMC/Paper.git synchronisiert 2024-11-14 12:00:06 +01:00

Clean up username validation logic

Dieser Commit ist enthalten in:
Owen1212055 2023-12-06 20:26:58 -05:00
Ursprung b277feb448
Commit 9227a9648c
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: 2133292072886A30
3 geänderte Dateien mit 41 neuen und 40 gelöschten Zeilen

Datei anzeigen

@ -5,7 +5,7 @@ Subject: [PATCH] Validate usernames
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
index 0c4fb4a7d4fcdc6d724beb13a16bd729a3c525cd..20ba13c06edf125ba216d1ca8794868abcd8f916 100644
index 0c4fb4a7d4fcdc6d724beb13a16bd729a3c525cd..fa6c77391ac40f86e1b679ef21f4ee43177857c8 100644
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
@@ -63,6 +63,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
@ -16,42 +16,12 @@ index 0c4fb4a7d4fcdc6d724beb13a16bd729a3c525cd..20ba13c06edf125ba216d1ca8794868a
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
this.state = ServerLoginPacketListenerImpl.State.HELLO;
@@ -134,10 +135,38 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
return this.requestedUsername != null ? this.requestedUsername + " (" + s + ")" : s;
}
+ // Paper start - validate usernames
+ public static boolean validateUsername(String in) {
+ if (in == null || in.isEmpty() || in.length() > 16) {
+ return false;
+ }
+
+ for (int i = 0, len = in.length(); i < len; ++i) {
+ char c = in.charAt(i);
+
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || (c == '_' || c == '.')) {
+ continue;
+ }
+
+ return false;
+ }
+
+ return true;
+ }
+ // Paper end - validate usernames
+
@@ -137,7 +138,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
@Override
public void handleHello(ServerboundHelloPacket packet) {
Validate.validState(this.state == ServerLoginPacketListenerImpl.State.HELLO, "Unexpected hello packet", new Object[0]);
Validate.validState(Player.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]);
+ // Paper start - validate usernames -- TODO: Do we need this?
+ if (io.papermc.paper.configuration.GlobalConfiguration.get().proxies.isProxyOnlineMode() && io.papermc.paper.configuration.GlobalConfiguration.get().unsupportedSettings.performUsernameValidation) {
+ if (!this.iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation && !validateUsername(packet.name())) {
+ ServerLoginPacketListenerImpl.this.disconnect("Failed to verify username!");
+ return;
+ }
+ }
+ // Paper end - validate usernames
- Validate.validState(Player.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]);
+ if (io.papermc.paper.configuration.GlobalConfiguration.get().proxies.isProxyOnlineMode() && io.papermc.paper.configuration.GlobalConfiguration.get().unsupportedSettings.performUsernameValidation && !this.iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation) Validate.validState(Player.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]); // Paper - config username validation
this.requestedUsername = packet.name();
GameProfile gameprofile = this.server.getSingleplayerProfile();
@ -68,3 +38,34 @@ index 30ad9f878d0b76c6bef594448c3122d614a7aa8c..147fed3b3f0b052bc2892eaf001f0fb5
list.add(entityplayer);
}
}
diff --git a/src/main/java/net/minecraft/world/entity/player/Player.java b/src/main/java/net/minecraft/world/entity/player/Player.java
index bce494bb7bc1ce20809ac7d355f04aa7aad78308..7a984f531d3ebb6e055f07227b2ef8247fb3a842 100644
--- a/src/main/java/net/minecraft/world/entity/player/Player.java
+++ b/src/main/java/net/minecraft/world/entity/player/Player.java
@@ -2340,9 +2340,23 @@ public abstract class Player extends LivingEntity {
}
public static boolean isValidUsername(String name) {
- return name.length() > 16 ? false : name.chars().filter((i) -> {
- return i <= 32 || i >= 127;
- }).findAny().isEmpty();
+ // Paper start
+ if (name == null || name.isEmpty() || name.length() > 16) {
+ return false;
+ }
+
+ for (int i = 0, len = name.length(); i < len; ++i) {
+ char c = name.charAt(i);
+
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || (c == '_' || c == '.')) {
+ continue;
+ }
+
+ return false;
+ }
+
+ return true;
+ // Paper end
}
public static float getPickRange(boolean creative) {

Datei anzeigen

@ -5,10 +5,10 @@ Subject: [PATCH] Added getHostname to AsyncPlayerPreLoginEvent
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
index 20ba13c06edf125ba216d1ca8794868abcd8f916..5c767318ff3f589ecebb9608ce173fa578e330a5 100644
index fa6c77391ac40f86e1b679ef21f4ee43177857c8..d52d3808a058b6eef57639f1d455986b9681f645 100644
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
@@ -322,7 +322,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
@@ -294,7 +294,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
// Paper start
com.destroystokyo.paper.profile.PlayerProfile profile = com.destroystokyo.paper.profile.CraftPlayerProfile.asBukkitMirror(gameprofile);

Datei anzeigen

@ -123,7 +123,7 @@ index 5264235c1547c78b8123e2efb07dcb77486cc5bf..db363bca264e37c29fda58291246aba0
DedicatedServer.LOGGER.warn("While this makes the game possible to play without internet access, it also opens up the ability for hackers to connect with any username they choose.");
}
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
index 5c767318ff3f589ecebb9608ce173fa578e330a5..83605748ca8cf68c0fc6d99c34f3091183c7a059 100644
index d52d3808a058b6eef57639f1d455986b9681f645..89b3184be952fd0803520dd0f717f3acfc3cb496 100644
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
@@ -64,6 +64,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
@ -134,7 +134,7 @@ index 5c767318ff3f589ecebb9608ce173fa578e330a5..83605748ca8cf68c0fc6d99c34f30911
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
this.state = ServerLoginPacketListenerImpl.State.HELLO;
@@ -177,6 +178,16 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
@@ -149,6 +150,16 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
this.state = ServerLoginPacketListenerImpl.State.KEY;
this.connection.send(new ClientboundHelloPacket("", this.server.getKeyPair().getPublic().getEncoded(), this.challenge));
} else {
@ -151,7 +151,7 @@ index 5c767318ff3f589ecebb9608ce173fa578e330a5..83605748ca8cf68c0fc6d99c34f30911
// Spigot start
// Paper start - Cache authenticator threads
authenticatorPool.execute(new Runnable() {
@@ -314,6 +325,12 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
@@ -286,6 +297,12 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
public class LoginHandler {
public void fireEvents(GameProfile gameprofile) throws Exception {
@ -164,7 +164,7 @@ index 5c767318ff3f589ecebb9608ce173fa578e330a5..83605748ca8cf68c0fc6d99c34f30911
String playerName = gameprofile.getName();
java.net.InetAddress address = ((java.net.InetSocketAddress) ServerLoginPacketListenerImpl.this.connection.getRemoteAddress()).getAddress();
java.net.InetAddress rawAddress = ((java.net.InetSocketAddress) ServerLoginPacketListenerImpl.this.connection.channel.remoteAddress()).getAddress(); // Paper
@@ -363,6 +380,49 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
@@ -335,6 +352,49 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener,
@Override
public void handleCustomQueryPacket(ServerboundCustomQueryAnswerPacket packet) {