Add login ratelimit configuration

proxy/src/main/java/com/velocitypowered/proxy/VelocityServer.java

@@ -72,7 +72,7 @@ public class VelocityServer implements ProxyServer {
             return true;
         }
     };
-    private final Ratelimiter ipAttemptLimiter = new Ratelimiter(3000); // TODO: Configurable.
+    private Ratelimiter ipAttemptLimiter;
 
     private VelocityServer() {
         commandManager.registerCommand("velocity", new VelocityCommand());
@@ -127,6 +127,8 @@ public class VelocityServer implements ProxyServer {
 
         serverKeyPair = EncryptionUtils.createRsaKeyPair(1024);
 
+        ipAttemptLimiter = new Ratelimiter(configuration.getLoginRatelimit());
+
         httpClient = new NettyHttpClient(this);
 
         this.cm.bind(configuration.getBind());

proxy/src/main/java/com/velocitypowered/proxy/config/VelocityConfiguration.java

@@ -34,6 +34,7 @@ public class VelocityConfiguration {
     private final List<String> attemptConnectionOrder;
     private final int compressionThreshold;
     private final int compressionLevel;
+    private final int loginRatelimit;
 
     private final boolean queryEnabled;
     private final int queryPort;
@@ -46,8 +47,8 @@ public class VelocityConfiguration {
     private VelocityConfiguration(String bind, String motd, int showMaxPlayers, boolean onlineMode,
                                   PlayerInfoForwarding playerInfoForwardingMode, Map<String, String> servers,
                                   List<String> attemptConnectionOrder, int compressionThreshold,
-                                  int compressionLevel, boolean queryEnabled, int queryPort,
+                                  int compressionLevel, int loginRatelimit, boolean queryEnabled,
-                                  byte[] forwardingSecret) {
+                                  int queryPort, byte[] forwardingSecret) {
         this.bind = bind;
         this.motd = motd;
         this.showMaxPlayers = showMaxPlayers;
@@ -57,6 +58,7 @@ public class VelocityConfiguration {
         this.attemptConnectionOrder = attemptConnectionOrder;
         this.compressionThreshold = compressionThreshold;
         this.compressionLevel = compressionLevel;
+        this.loginRatelimit = loginRatelimit;
         this.queryEnabled = queryEnabled;
         this.queryPort = queryPort;
         this.forwardingSecret = forwardingSecret;
@@ -138,6 +140,11 @@ public class VelocityConfiguration {
             logger.warn("ALL packets going through the proxy are going to be compressed. This may hurt performance.");
         }
 
+        if (loginRatelimit < 0) {
+            logger.error("Invalid login ratelimit {}", loginRatelimit);
+            valid = false;
+        }
+
         loadFavicon();
 
         return valid;
@@ -209,6 +216,10 @@ public class VelocityConfiguration {
         return compressionLevel;
     }
 
+    public int getLoginRatelimit() {
+        return loginRatelimit;
+    }
+
     public Favicon getFavicon() {
         return favicon;
     }
@@ -229,6 +240,7 @@ public class VelocityConfiguration {
                 ", attemptConnectionOrder=" + attemptConnectionOrder +
                 ", compressionThreshold=" + compressionThreshold +
                 ", compressionLevel=" + compressionLevel +
+                ", loginRatelimit=" + loginRatelimit +
                 ", queryEnabled=" + queryEnabled +
                 ", queryPort=" + queryPort +
                 ", motdAsComponent=" + motdAsComponent +
@@ -265,6 +277,7 @@ public class VelocityConfiguration {
                     toml.getTable("servers").getList("try"),
                     toml.getTable("advanced").getLong("compression-threshold", 1024L).intValue(),
                     toml.getTable("advanced").getLong("compression-level", -1L).intValue(),
+                    toml.getTable("advanced").getLong("login-ratelimit", 3000L).intValue(),
                     toml.getTable("query").getBoolean("enabled", false),
                     toml.getTable("query").getLong("port", 25577L).intValue(),
                     forwardingSecret);

proxy/src/main/java/com/velocitypowered/proxy/util/Ratelimiter.java

@@ -19,6 +19,10 @@ public class Ratelimiter {
 
     @VisibleForTesting
     Ratelimiter(long timeoutMs, Ticker ticker) {
+        if (timeoutMs == 0) {
+            this.timeoutNanos = timeoutMs;
+            this.expiringCache = null;
+        } else {
             this.timeoutNanos = TimeUnit.MILLISECONDS.toNanos(timeoutMs);
             this.expiringCache = CacheBuilder.newBuilder()
                     .ticker(ticker)
@@ -26,8 +30,10 @@ public class Ratelimiter {
                     .expireAfterWrite(timeoutMs, TimeUnit.MILLISECONDS)
                     .build();
         }
+    }
 
     public boolean attempt(InetAddress address) {
+        if (timeoutNanos == 0) return true;
         long expectedNewValue = System.nanoTime() + timeoutNanos;
         long last;
         try {

proxy/src/main/resources/velocity.toml

@@ -43,6 +43,10 @@ compression-threshold = 1024
 # How much compression should be done (from 0-9). The default is -1, which uses zlib's default level of 6.
 compression-level = -1
 
+# How fast (in miliseconds) are clients allowed to connect after the last connection? Default: 3000
+# Disable by setting to 0
+login-ratelimit = 3000
+
 [query]
 # Whether to enable responding to GameSpy 4 query responses or not
 enabled = false