1358d1e914
Upstream has released updates that appear to apply and compile correctly. This update has not been tested by PaperMC and as with ANY update, please do your own testing Bukkit Changes: 881e06e5 PR-725: Add Item Unlimited Lifetime APIs CraftBukkit Changes: 74c08312 SPIGOT-6962: Call EntityChangeBlockEvent when when FallingBlockEntity starts to fall 64db5126 SPIGOT-6959: Make /loot command ignore empty items for spawn 2d760831 Increase outdated build delay 9ed7e4fb SPIGOT-6138, SPIGOT-6415: Don't call CreatureSpawnEvent after cross-dimensional travel fc4ad813 SPIGOT-6895: Trees grown with applyBoneMeal() don't fire the StructureGrowthEvent 59733a2e SPIGOT-6961: Actually return a copy of the ItemMeta Spigot Changes: ffceeae3 SPIGOT-6956: Drop unload queue patch as attempt at fixing stop issue e19ddabd PR-1011: Add Item Unlimited Lifetime APIs 34d40b0e SPIGOT-2942: give command fires PlayerDropItemEvent, cancelling it causes Item Duplication
88 lines
4.8 KiB
Diff
88 lines
4.8 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Spottedleaf <Spottedleaf@users.noreply.github.com>
|
|
Date: Sat, 1 Jan 2022 05:19:37 -0800
|
|
Subject: [PATCH] Validate usernames
|
|
|
|
|
|
diff --git a/src/main/java/com/destroystokyo/paper/PaperConfig.java b/src/main/java/com/destroystokyo/paper/PaperConfig.java
|
|
index 24ddf8cfdbe6ed2fb148f57f0d7dd98446b07bbc..da6346cacf08e12f7f1fabe2d5b1c66c82fab679 100644
|
|
--- a/src/main/java/com/destroystokyo/paper/PaperConfig.java
|
|
+++ b/src/main/java/com/destroystokyo/paper/PaperConfig.java
|
|
@@ -495,6 +495,12 @@ public class PaperConfig {
|
|
set("settings.unsupported-settings.allow-tnt-duplication", null);
|
|
}
|
|
|
|
+ public static boolean performUsernameValidation;
|
|
+ private static void performUsernameValidation() {
|
|
+ performUsernameValidation = getBoolean("settings.unsupported-settings.perform-username-validation", true);
|
|
+ }
|
|
+
|
|
+
|
|
public static int playerAutoSaveRate = -1;
|
|
public static int maxPlayerAutoSavePerTick = 10;
|
|
private static void playerAutoSaveRate() {
|
|
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
|
index f5c1dff1d571e89f960f11400edbcbbea0620575..7065aa4522431d08018fec8e591ba7c255398140 100644
|
|
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
|
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
|
|
@@ -61,6 +61,7 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener
|
|
private ServerPlayer delayedAcceptPlayer;
|
|
public String hostname = ""; // CraftBukkit - add field
|
|
private int velocityLoginMessageId = -1; // Paper - Velocity support
|
|
+ public boolean iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation = false; // Paper - username validation overriding
|
|
|
|
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
|
|
this.state = ServerLoginPacketListenerImpl.State.HELLO;
|
|
@@ -226,11 +227,39 @@ public class ServerLoginPacketListenerImpl implements ServerLoginPacketListener
|
|
// Paper end
|
|
}
|
|
|
|
+ // Paper start - validate usernames
|
|
+ public static boolean validateUsername(String in) {
|
|
+ if (in == null || in.isEmpty() || in.length() > 16) {
|
|
+ return false;
|
|
+ }
|
|
+
|
|
+ for (int i = 0, len = in.length(); i < len; ++i) {
|
|
+ char c = in.charAt(i);
|
|
+
|
|
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || (c == '_' || c == '.')) {
|
|
+ continue;
|
|
+ }
|
|
+
|
|
+ return false;
|
|
+ }
|
|
+
|
|
+ return true;
|
|
+ }
|
|
+ // Paper end - validate usernames
|
|
+
|
|
@Override
|
|
public void handleHello(ServerboundHelloPacket packet) {
|
|
Validate.validState(this.state == ServerLoginPacketListenerImpl.State.HELLO, "Unexpected hello packet", new Object[0]);
|
|
this.gameProfile = packet.getGameProfile();
|
|
Validate.validState(ServerLoginPacketListenerImpl.isValidUsername(this.gameProfile.getName()), "Invalid characters in username", new Object[0]);
|
|
+ // Paper start - validate usernames
|
|
+ if (com.destroystokyo.paper.PaperConfig.isProxyOnlineMode() && com.destroystokyo.paper.PaperConfig.performUsernameValidation) {
|
|
+ if (!this.iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation && !validateUsername(this.gameProfile.getName())) {
|
|
+ ServerLoginPacketListenerImpl.this.disconnect("Failed to verify username!");
|
|
+ return;
|
|
+ }
|
|
+ }
|
|
+ // Paper end - validate usernames
|
|
if (this.server.usesAuthentication() && !this.connection.isMemoryConnection()) {
|
|
this.state = ServerLoginPacketListenerImpl.State.KEY;
|
|
this.connection.send(new ClientboundHelloPacket("", this.server.getKeyPair().getPublic().getEncoded(), this.nonce));
|
|
diff --git a/src/main/java/net/minecraft/server/players/PlayerList.java b/src/main/java/net/minecraft/server/players/PlayerList.java
|
|
index 6a3d444fcac8c7d561dcadb02f64eaa3c3d7b1cd..fae67931849eb0c19598def9f538c7971c36c575 100644
|
|
--- a/src/main/java/net/minecraft/server/players/PlayerList.java
|
|
+++ b/src/main/java/net/minecraft/server/players/PlayerList.java
|
|
@@ -707,7 +707,7 @@ public abstract class PlayerList {
|
|
|
|
for (int i = 0; i < this.players.size(); ++i) {
|
|
entityplayer = (ServerPlayer) this.players.get(i);
|
|
- if (entityplayer.getUUID().equals(uuid)) {
|
|
+ if (entityplayer.getUUID().equals(uuid) || (com.destroystokyo.paper.PaperConfig.isProxyOnlineMode() && entityplayer.getGameProfile().getName().equalsIgnoreCase(gameprofile.getName()))) { // Paper - validate usernames
|
|
list.add(entityplayer);
|
|
}
|
|
}
|