papermc/patches/server/0820-Validate-usernames.patch
Nassim Jahnke ef0e5a642d
Updated Upstream (Bukkit/CraftBukkit/Spigot)
Upstream has released updates that appear to apply and compile correctly.
This update has not been tested by PaperMC and as with ANY update, please do your own testing

Bukkit Changes:
9ae3f10f SPIGOT-3842: Add Player#fireworkBoost() and expand Firework API
48c0c547 PR-786: Add methods to get sounds from entities

CraftBukkit Changes:
5cc9c022a SPIGOT-7152: Handle hand item changing during air interact event
4ffa1acf6 SPIGOT-7154: Players get kicked when interacting with a conversation
4daa21123 SPIGOT-3842: Add Player#fireworkBoost() and expand Firework API
e5d6a9bbf PR-1100: Add methods to get sounds from entities
b7e9f1c8b SPIGOT-7146: Reduce use of Material switch in ItemMeta

Spigot Changes:
4c157bb4 Rebuild patches
2022-09-12 13:31:45 +02:00

70 lines
3.8 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Spottedleaf <Spottedleaf@users.noreply.github.com>
Date: Sat, 1 Jan 2022 05:19:37 -0800
Subject: [PATCH] Validate usernames
diff --git a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
index acd581d14e0ef1fe5a6545ee67be00deff589879..553eb8e437b07376dbfc54b0018bcc3ff93e4461 100644
--- a/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
+++ b/src/main/java/net/minecraft/server/network/ServerLoginPacketListenerImpl.java
@@ -66,6 +66,7 @@ public class ServerLoginPacketListenerImpl implements TickablePacketListener, Se
@Nullable
private ProfilePublicKey.Data profilePublicKeyData;
public String hostname = ""; // CraftBukkit - add field
+ public boolean iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation = false; // Paper - username validation overriding
public ServerLoginPacketListenerImpl(MinecraftServer server, Connection connection) {
this.state = ServerLoginPacketListenerImpl.State.HELLO;
@@ -255,10 +256,38 @@ public class ServerLoginPacketListenerImpl implements TickablePacketListener, Se
}
}
+ // Paper start - validate usernames
+ public static boolean validateUsername(String in) {
+ if (in == null || in.isEmpty() || in.length() > 16) {
+ return false;
+ }
+
+ for (int i = 0, len = in.length(); i < len; ++i) {
+ char c = in.charAt(i);
+
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || (c == '_' || c == '.')) {
+ continue;
+ }
+
+ return false;
+ }
+
+ return true;
+ }
+ // Paper end - validate usernames
+
@Override
public void handleHello(ServerboundHelloPacket packet) {
Validate.validState(this.state == ServerLoginPacketListenerImpl.State.HELLO, "Unexpected hello packet", new Object[0]);
Validate.validState(ServerLoginPacketListenerImpl.isValidUsername(packet.name()), "Invalid characters in username", new Object[0]);
+ // Paper start - validate usernames
+ if (io.papermc.paper.configuration.GlobalConfiguration.get().proxies.isProxyOnlineMode() && io.papermc.paper.configuration.GlobalConfiguration.get().unsupportedSettings.performUsernameValidation) {
+ if (!this.iKnowThisMayNotBeTheBestIdeaButPleaseDisableUsernameValidation && !validateUsername(packet.name())) {
+ ServerLoginPacketListenerImpl.this.disconnect("Failed to verify username!");
+ return;
+ }
+ }
+ // Paper end - validate usernames
this.profilePublicKeyData = (ProfilePublicKey.Data) packet.publicKey().orElse(null); // CraftBukkit - decompile error
GameProfile gameprofile = this.server.getSingleplayerProfile();
diff --git a/src/main/java/net/minecraft/server/players/PlayerList.java b/src/main/java/net/minecraft/server/players/PlayerList.java
index 70d648bc5e795355d28579cc2fda43c3c9eb255d..67f90c75aa4858bf1575bf7b0a62b8113de7c2ea 100644
--- a/src/main/java/net/minecraft/server/players/PlayerList.java
+++ b/src/main/java/net/minecraft/server/players/PlayerList.java
@@ -714,7 +714,7 @@ public abstract class PlayerList {
for (int i = 0; i < this.players.size(); ++i) {
entityplayer = (ServerPlayer) this.players.get(i);
- if (entityplayer.getUUID().equals(uuid)) {
+ if (entityplayer.getUUID().equals(uuid) || (io.papermc.paper.configuration.GlobalConfiguration.get().proxies.isProxyOnlineMode() && entityplayer.getGameProfile().getName().equalsIgnoreCase(gameprofile.getName()))) { // Paper - validate usernames
list.add(entityplayer);
}
}