Paper/patches/server/0535-Add-bypass-host-check.patch
Owen 89d51d5f29
Allow enabling sand duping (#10191)
Because this exploit has been widely known for years and has not been fixed by Mojang, we decided that it was worth allowing people to toggle it on/off due to how easy it is to make it configurable.

It should be noted that this decision does not promise all future exploits will be configurable.
2024-03-03 17:05:34 -05:00

31 Zeilen
2.3 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Shane Freeder <theboyetronic@gmail.com>
Date: Sun, 18 Apr 2021 21:27:01 +0100
Subject: [PATCH] Add bypass host check
Paper.bypassHostCheck
Seriously, fix your firewalls. -.-
diff --git a/src/main/java/net/minecraft/server/network/ServerHandshakePacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerHandshakePacketListenerImpl.java
index 9b611fc277baf99a5d24b30a11f0efa77b22693f..0c6d172c8b723d2ceff7443dfe50ae280cb6dc2d 100644
--- a/src/main/java/net/minecraft/server/network/ServerHandshakePacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerHandshakePacketListenerImpl.java
@@ -30,6 +30,7 @@ public class ServerHandshakePacketListenerImpl implements ServerHandshakePacketL
private static final Component IGNORE_STATUS_REASON = Component.translatable("disconnect.ignoring_status_request");
private final MinecraftServer server;
private final Connection connection;
+ private static final boolean BYPASS_HOSTCHECK = Boolean.getBoolean("Paper.bypassHostCheck"); // Paper
public ServerHandshakePacketListenerImpl(MinecraftServer server, Connection connection) {
this.server = server;
@@ -129,7 +130,7 @@ public class ServerHandshakePacketListenerImpl implements ServerHandshakePacketL
if (!handledByEvent && proxyLogicEnabled) {
// Paper end - PlayerHandshakeEvent
// if (org.spigotmc.SpigotConfig.bungee) { // Paper - comment out, we check above!
- if ( ( split.length == 3 || split.length == 4 ) && ( ServerHandshakePacketListenerImpl.HOST_PATTERN.matcher( split[1] ).matches() ) ) {
+ if ( ( split.length == 3 || split.length == 4 ) && ( ServerHandshakePacketListenerImpl.BYPASS_HOSTCHECK || ServerHandshakePacketListenerImpl.HOST_PATTERN.matcher( split[1] ).matches() ) ) { // Paper - Add bypass host check
this.connection.hostname = split[0];
this.connection.address = new java.net.InetSocketAddress(split[1], ((java.net.InetSocketAddress) this.connection.getRemoteAddress()).getPort());
this.connection.spoofedUUID = com.mojang.util.UndashedUuid.fromStringLenient( split[2] );