Mirror von
https://github.com/PaperMC/Velocity.git
synchronisiert 2024-11-17 05:20:14 +01:00
Move timeout handler to after frame decoder
Mitigates attacks like the one described in SpigotMC/BungeeCord#3066. This cannot be considered a full protection, only a mitigation that expects full packets. The attack described is essentially the infamous Slowloris attack.
Dieser Commit ist enthalten in:
Ursprung
c51359e893
Commit
f1cb3eb1a2
@ -48,10 +48,10 @@ public class BackendChannelInitializer extends ChannelInitializer<Channel> {
|
|||||||
@Override
|
@Override
|
||||||
protected void initChannel(Channel ch) throws Exception {
|
protected void initChannel(Channel ch) throws Exception {
|
||||||
ch.pipeline()
|
ch.pipeline()
|
||||||
|
.addLast(FRAME_DECODER, new MinecraftVarintFrameDecoder())
|
||||||
.addLast(READ_TIMEOUT,
|
.addLast(READ_TIMEOUT,
|
||||||
new ReadTimeoutHandler(server.getConfiguration().getReadTimeout(),
|
new ReadTimeoutHandler(server.getConfiguration().getReadTimeout(),
|
||||||
TimeUnit.MILLISECONDS))
|
TimeUnit.MILLISECONDS))
|
||||||
.addLast(FRAME_DECODER, new MinecraftVarintFrameDecoder())
|
|
||||||
.addLast(FRAME_ENCODER, MinecraftVarintLengthEncoder.INSTANCE)
|
.addLast(FRAME_ENCODER, MinecraftVarintLengthEncoder.INSTANCE)
|
||||||
.addLast(MINECRAFT_DECODER,
|
.addLast(MINECRAFT_DECODER,
|
||||||
new MinecraftDecoder(ProtocolUtils.Direction.CLIENTBOUND))
|
new MinecraftDecoder(ProtocolUtils.Direction.CLIENTBOUND))
|
||||||
|
@ -53,11 +53,11 @@ public class ServerChannelInitializer extends ChannelInitializer<Channel> {
|
|||||||
@Override
|
@Override
|
||||||
protected void initChannel(final Channel ch) {
|
protected void initChannel(final Channel ch) {
|
||||||
ch.pipeline()
|
ch.pipeline()
|
||||||
|
.addLast(LEGACY_PING_DECODER, new LegacyPingDecoder())
|
||||||
|
.addLast(FRAME_DECODER, new MinecraftVarintFrameDecoder())
|
||||||
.addLast(READ_TIMEOUT,
|
.addLast(READ_TIMEOUT,
|
||||||
new ReadTimeoutHandler(this.server.getConfiguration().getReadTimeout(),
|
new ReadTimeoutHandler(this.server.getConfiguration().getReadTimeout(),
|
||||||
TimeUnit.MILLISECONDS))
|
TimeUnit.MILLISECONDS))
|
||||||
.addLast(LEGACY_PING_DECODER, new LegacyPingDecoder())
|
|
||||||
.addLast(FRAME_DECODER, new MinecraftVarintFrameDecoder())
|
|
||||||
.addLast(LEGACY_PING_ENCODER, LegacyPingEncoder.INSTANCE)
|
.addLast(LEGACY_PING_ENCODER, LegacyPingEncoder.INSTANCE)
|
||||||
.addLast(FRAME_ENCODER, MinecraftVarintLengthEncoder.INSTANCE)
|
.addLast(FRAME_ENCODER, MinecraftVarintLengthEncoder.INSTANCE)
|
||||||
.addLast(MINECRAFT_DECODER, new MinecraftDecoder(ProtocolUtils.Direction.SERVERBOUND))
|
.addLast(MINECRAFT_DECODER, new MinecraftDecoder(ProtocolUtils.Direction.SERVERBOUND))
|
||||||
|
@ -102,10 +102,10 @@ public class VelocityRegisteredServer implements RegisteredServer, ForwardingAud
|
|||||||
@Override
|
@Override
|
||||||
protected void initChannel(Channel ch) throws Exception {
|
protected void initChannel(Channel ch) throws Exception {
|
||||||
ch.pipeline()
|
ch.pipeline()
|
||||||
|
.addLast(FRAME_DECODER, new MinecraftVarintFrameDecoder())
|
||||||
.addLast(READ_TIMEOUT,
|
.addLast(READ_TIMEOUT,
|
||||||
new ReadTimeoutHandler(server.getConfiguration().getReadTimeout(),
|
new ReadTimeoutHandler(server.getConfiguration().getReadTimeout(),
|
||||||
TimeUnit.MILLISECONDS))
|
TimeUnit.MILLISECONDS))
|
||||||
.addLast(FRAME_DECODER, new MinecraftVarintFrameDecoder())
|
|
||||||
.addLast(FRAME_ENCODER, MinecraftVarintLengthEncoder.INSTANCE)
|
.addLast(FRAME_ENCODER, MinecraftVarintLengthEncoder.INSTANCE)
|
||||||
.addLast(MINECRAFT_DECODER,
|
.addLast(MINECRAFT_DECODER,
|
||||||
new MinecraftDecoder(ProtocolUtils.Direction.CLIENTBOUND))
|
new MinecraftDecoder(ProtocolUtils.Direction.CLIENTBOUND))
|
||||||
|
Laden…
In neuem Issue referenzieren
Einen Benutzer sperren