88 lines
4.6 KiB
Diff
88 lines
4.6 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Spottedleaf <Spottedleaf@users.noreply.github.com>
|
|
Date: Sat, 1 Jan 2022 05:19:37 -0800
|
|
Subject: [PATCH] Validate usernames
|
|
|
|
|
|
diff --git a/src/main/java/com/destroystokyo/paper/PaperConfig.java b/src/main/java/com/destroystokyo/paper/PaperConfig.java
|
|
index a1e36435187a51d2fe100945b90f409b8f9305c1..6706e502a068766e2eff3f790bbca004698932d1 100644
|
|
--- a/src/main/java/com/destroystokyo/paper/PaperConfig.java
|
|
+++ b/src/main/java/com/destroystokyo/paper/PaperConfig.java
|
|
@@ -491,6 +491,12 @@ public class PaperConfig {
|
|
set("settings.unsupported-settings.allow-tnt-duplication", null);
|
|
}
|
|
|
|
+ public static boolean performUsernameValidation;
|
|
+ private static void performUsernameValidation() {
|
|
+ performUsernameValidation = getBoolean("settings.unsupported-settings.perform-username-validation", true);
|
|
+ }
|
|
+
|
|
+
|
|
public static int playerAutoSaveRate = -1;
|
|
public static int maxPlayerAutoSavePerTick = 10;
|
|
private static void playerAutoSaveRate() {
|
|
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
|
index 38521660c6fa7c1a19c5268dac05928b5ec983f4..221f32e034ccb57907f79bae4ecec324e9cdb14e 100644
|
|
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
|
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
|
@@ -71,6 +71,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener
|
|
private ProfilePublicKey playerProfilePublicKey;
|
|
public String hostname = ""; // CraftBukkit - add field
|
|
private int velocityLoginMessageId = -1; // Paper - Velocity support
|
|
+ public boolean iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation = false; // Paper - username validation overriding
|
|
|
|
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
|
|
this.state = ServerLoginPacketListenerImpl.State.HELLO;
|
|
@@ -263,10 +264,38 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener
|
|
}
|
|
}
|
|
|
|
+ // Paper start - validate usernames
|
|
+ public static boolean validateUsername(String in) {
|
|
+ if (in == null || in.isEmpty() || in.length() > 16) {
|
|
+ return false;
|
|
+ }
|
|
+
|
|
+ for (int i = 0, len = in.length(); i < len; ++i) {
|
|
+ char c = in.charAt(i);
|
|
+
|
|
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || (c == '_' || c == '.')) {
|
|
+ continue;
|
|
+ }
|
|
+
|
|
+ return false;
|
|
+ }
|
|
+
|
|
+ return true;
|
|
+ }
|
|
+ // Paper end - validate usernames
|
|
+
|
|
@Override
|
|
public void handleHello(ServerboundHelloPacket packet) {
|
|
Validate.validState(this.state == ServerLoginPacketListenerImpl.State.HELLO, "Unexpected hello packet", new Object[0]);
|
|
Validate.validState(ServerLoginPacketListenerImpl.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]);
|
|
+ // Paper start - validate usernames
|
|
+ if (com.destroystokyo.paper.PaperConfig.isProxyOnlineMode() && com.destroystokyo.paper.PaperConfig.performUsernameValidation) {
|
|
+ if (!this.iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation && !validateUsername(packet.name())) {
|
|
+ ServerLoginPacketListenerImpl.this.disconnect("Failed to verify username!");
|
|
+ return;
|
|
+ }
|
|
+ }
|
|
+ // Paper end - validate usernames
|
|
|
|
try {
|
|
this.playerProfilePublicKey = ServerLoginPacketListenerImpl.validatePublicKey(packet, this.server.getServiceSignatureValidator(), this.server.enforceSecureProfile());
|
|
diff --git a/src/main/java/net/minecraft/server/players/PlayerList.java b/src/main/java/net/minecraft/server/players/PlayerList.java
|
|
index ac9ee7f574f9b6c5e9c9368e54928e47ca62fb24..6951b8e320dcea2c2ce4271ed03a20c729ff503b 100644
|
|
--- a/src/main/java/net/minecraft/server/players/PlayerList.java
|
|
+++ b/src/main/java/net/minecraft/server/players/PlayerList.java
|
|
@@ -707,7 +707,7 @@ public abstract class PlayerList {
|
|
|
|
for (int i = 0; i < this.players.size(); ++i) {
|
|
entityplayer = (ServerPlayer) this.players.get(i);
|
|
- if (entityplayer.getUUID().equals(uuid)) {
|
|
+ if (entityplayer.getUUID().equals(uuid) || (com.destroystokyo.paper.PaperConfig.isProxyOnlineMode() && entityplayer.getGameProfile().getName().equalsIgnoreCase(gameprofile.getName()))) { // Paper - validate usernames
|
|
list.add(entityplayer);
|
|
}
|
|
}
|