3
0
Mirror von https://github.com/PaperMC/Velocity.git synchronisiert 2024-11-17 05:20:14 +01:00

Fix potential UDP speculative reflection attack

Dieser Commit ist enthalten in:
Andrew Steinborn 2019-11-23 01:06:00 -05:00
Ursprung d2b8271eb4
Commit ae14eb8ccb

Datei anzeigen

@ -18,6 +18,7 @@ import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.channel.socket.DatagramPacket; import io.netty.channel.socket.DatagramPacket;
import java.net.InetAddress; import java.net.InetAddress;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.Collection; import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.Iterator; import java.util.Iterator;
@ -59,6 +60,7 @@ public class GS4QueryHandler extends SimpleChannelInboundHandler<DatagramPacket>
private final Cache<InetAddress, Integer> sessions = CacheBuilder.newBuilder() private final Cache<InetAddress, Integer> sessions = CacheBuilder.newBuilder()
.expireAfterWrite(30, TimeUnit.SECONDS) .expireAfterWrite(30, TimeUnit.SECONDS)
.build(); .build();
private final SecureRandom random;
private volatile @MonotonicNonNull List<QueryResponse.PluginInformation> pluginInformationList private volatile @MonotonicNonNull List<QueryResponse.PluginInformation> pluginInformationList
= null; = null;
@ -67,6 +69,7 @@ public class GS4QueryHandler extends SimpleChannelInboundHandler<DatagramPacket>
public GS4QueryHandler(VelocityServer server) { public GS4QueryHandler(VelocityServer server) {
this.server = server; this.server = server;
this.random = new SecureRandom();
} }
private QueryResponse createInitialResponse() { private QueryResponse createInitialResponse() {
@ -111,7 +114,7 @@ public class GS4QueryHandler extends SimpleChannelInboundHandler<DatagramPacket>
switch (type) { switch (type) {
case QUERY_TYPE_HANDSHAKE: { case QUERY_TYPE_HANDSHAKE: {
// Generate new challenge token and put it into the sessions cache // Generate new challenge token and put it into the sessions cache
int challengeToken = ThreadLocalRandom.current().nextInt(); int challengeToken = random.nextInt();
sessions.put(senderAddress, challengeToken); sessions.put(senderAddress, challengeToken);
// Respond with challenge token // Respond with challenge token