geforkt von Mirrors/Paper
basic hostname validation
Dieser Commit ist enthalten in:
Ursprung
0fb8bdf0e0
Commit
23afda1795
54
Spigot-Server-Patches/0703-Validate-bungee-forwarded-hostname.patch
Normale Datei
54
Spigot-Server-Patches/0703-Validate-bungee-forwarded-hostname.patch
Normale Datei
@ -0,0 +1,54 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Shane Freeder <theboyetronic@gmail.com>
|
||||||
|
Date: Sun, 18 Apr 2021 21:27:01 +0100
|
||||||
|
Subject: [PATCH] Validate bungee forwarded hostname
|
||||||
|
|
||||||
|
Seriously, fix your firewalls. -.-
|
||||||
|
|
||||||
|
diff --git a/src/main/java/net/minecraft/server/network/HandshakeListener.java b/src/main/java/net/minecraft/server/network/HandshakeListener.java
|
||||||
|
index b97d289afdff81d9959e238639f4e3e186f8e9c8..e13ed3a17866ce3ef0b2ac1dbcb17fb726c89fa8 100644
|
||||||
|
--- a/src/main/java/net/minecraft/server/network/HandshakeListener.java
|
||||||
|
+++ b/src/main/java/net/minecraft/server/network/HandshakeListener.java
|
||||||
|
@@ -1,5 +1,8 @@
|
||||||
|
package net.minecraft.server.network;
|
||||||
|
|
||||||
|
+import com.google.common.net.InetAddresses;
|
||||||
|
+import com.google.common.net.InternetDomainName;
|
||||||
|
+
|
||||||
|
import net.minecraft.SharedConstants;
|
||||||
|
import net.minecraft.network.EnumProtocol;
|
||||||
|
import net.minecraft.network.NetworkManager;
|
||||||
|
@@ -26,6 +29,7 @@ public class HandshakeListener implements PacketHandshakingInListener {
|
||||||
|
private static final IChatBaseComponent a = new ChatComponentText("Ignoring status request");
|
||||||
|
private final MinecraftServer b;
|
||||||
|
private final NetworkManager c; final NetworkManager getNetworkManager() { return this.c; } // Paper - OBFHELPER
|
||||||
|
+ private static final boolean BYPASS_HOSTCHECK = Boolean.getBoolean("Paper.bypassHostCheck"); // Paper
|
||||||
|
|
||||||
|
public HandshakeListener(MinecraftServer minecraftserver, NetworkManager networkmanager) {
|
||||||
|
this.b = minecraftserver;
|
||||||
|
@@ -114,6 +118,14 @@ public class HandshakeListener implements PacketHandshakingInListener {
|
||||||
|
//if (org.spigotmc.SpigotConfig.bungee) { // Paper - comment out, we check above!
|
||||||
|
String[] split = packethandshakinginsetprotocol.hostname.split("\00");
|
||||||
|
if ( split.length == 3 || split.length == 4 ) {
|
||||||
|
+ // Paper start
|
||||||
|
+ if (!BYPASS_HOSTCHECK && !validate(split[0])) {
|
||||||
|
+ final ChatMessage message = new ChatMessage("Invalid hostname");
|
||||||
|
+ this.c.sendPacket(new PacketLoginOutDisconnect(message));
|
||||||
|
+ this.c.close(message);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+ // Paper end
|
||||||
|
packethandshakinginsetprotocol.hostname = split[0];
|
||||||
|
c.socketAddress = new java.net.InetSocketAddress(split[1], ((java.net.InetSocketAddress) c.getSocketAddress()).getPort());
|
||||||
|
c.spoofedUUID = com.mojang.util.UUIDTypeAdapter.fromString( split[2] );
|
||||||
|
@@ -158,4 +170,10 @@ public class HandshakeListener implements PacketHandshakingInListener {
|
||||||
|
public NetworkManager a() {
|
||||||
|
return this.c;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ // Paper start - https://stackoverflow.com/questions/9954140/check-if-a-string-is-a-hostname-or-an-ip-address-in-java
|
||||||
|
+ public static boolean validate(final String hostname) {
|
||||||
|
+ //noinspection UnstableApiUsage
|
||||||
|
+ return InetAddresses.isUriInetAddress(hostname);
|
||||||
|
+ }
|
||||||
|
}
|
Laden…
In neuem Issue referenzieren
Einen Benutzer sperren