diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibListener.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibListener.java index 3c161b7e..d1f83a61 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibListener.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibListener.java @@ -30,6 +30,7 @@ import com.comphenix.protocol.ProtocolLibrary; import com.comphenix.protocol.events.PacketAdapter; import com.comphenix.protocol.events.PacketContainer; import com.comphenix.protocol.events.PacketEvent; +import com.github.games647.fastlogin.bukkit.BukkitLoginSession; import com.github.games647.fastlogin.bukkit.FastLoginBukkit; import com.github.games647.fastlogin.core.antibot.AntiBotService; import com.github.games647.fastlogin.core.antibot.AntiBotService.Action; @@ -124,9 +125,15 @@ public class ProtocolLibListener extends PacketAdapter { private void onEncryptionBegin(PacketEvent packetEvent, Player sender) { byte[] sharedSecret = packetEvent.getPacket().getByteArrays().read(0); - packetEvent.getAsyncMarker().incrementProcessingDelay(); - Runnable verifyTask = new VerifyResponseTask(plugin, packetEvent, sender, sharedSecret, keyPair); - plugin.getScheduler().runAsync(verifyTask); + BukkitLoginSession session = plugin.getSession(sender.getAddress()); + if (session == null) { + plugin.getLog().warn("GameProfile {} tried to send encryption response at invalid state", sender.getAddress()); + sender.kickPlayer(plugin.getCore().getMessage("invalid-request")); + } else { + packetEvent.getAsyncMarker().incrementProcessingDelay(); + Runnable verifyTask = new VerifyResponseTask(plugin, packetEvent, sender, session, sharedSecret, keyPair); + plugin.getScheduler().runAsync(verifyTask); + } } private void onLogin(PacketEvent packetEvent, Player player, String username) { diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java index 84409262..54d525c2 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java @@ -79,16 +79,20 @@ public class VerifyResponseTask implements Runnable { private final Player player; + private final BukkitLoginSession session; + private final byte[] sharedSecret; private static Method encryptMethod; private static Method cipherMethod; - public VerifyResponseTask(FastLoginBukkit plugin, PacketEvent packetEvent, Player player, + public VerifyResponseTask(FastLoginBukkit plugin, PacketEvent packetEvent, + Player player, BukkitLoginSession session, byte[] sharedSecret, KeyPair keyPair) { this.plugin = plugin; this.packetEvent = packetEvent; this.player = player; + this.session = session; this.sharedSecret = Arrays.copyOf(sharedSecret, sharedSecret.length); this.serverKey = keyPair; } @@ -96,14 +100,7 @@ public class VerifyResponseTask implements Runnable { @Override public void run() { try { - BukkitLoginSession session = plugin.getSession(player.getAddress()); - if (session == null) { - disconnect("invalid-request", - "GameProfile {0} tried to send encryption response at invalid state", - player.getAddress()); - } else { - verifyResponse(session); - } + verifyResponse(session); } finally { //this is a fake packet; it shouldn't be sent to the server synchronized (packetEvent.getAsyncMarker().getProcessingLock()) { @@ -143,25 +140,7 @@ public class VerifyResponseTask implements Runnable { InetAddress address = socketAddress.getAddress(); Optional response = resolver.hasJoined(requestedUsername, serverId, address); if (response.isPresent()) { - Verification verification = response.get(); - plugin.getLog().info("Profile {} has a verified premium account", requestedUsername); - String realUsername = verification.getName(); - if (realUsername == null) { - disconnect("invalid-session", "Username field null for {}", requestedUsername); - return; - } - - SkinProperty[] properties = verification.getProperties(); - if (properties.length > 0) { - session.setSkinProperty(properties[0]); - } - - session.setVerifiedUsername(realUsername); - session.setUuid(verification.getId()); - session.setVerified(true); - - setPremiumUUID(session.getUuid()); - receiveFakeStartPacket(realUsername); + encryptConnection(session, requestedUsername, response.get()); } else { //user tried to fake an authentication disconnect("invalid-session", "GameProfile {} ({}) tried to log in with an invalid session. ServerId: {}", session.getRequestUsername(), socketAddress, serverId); @@ -171,6 +150,27 @@ public class VerifyResponseTask implements Runnable { } } + private void encryptConnection(BukkitLoginSession session, String requestedUsername, Verification verification) { + plugin.getLog().info("Profile {} has a verified premium account", requestedUsername); + String realUsername = verification.getName(); + if (realUsername == null) { + disconnect("invalid-session", "Username field null for {}", requestedUsername); + return; + } + + SkinProperty[] properties = verification.getProperties(); + if (properties.length > 0) { + session.setSkinProperty(properties[0]); + } + + session.setVerifiedUsername(realUsername); + session.setUuid(verification.getId()); + session.setVerified(true); + + setPremiumUUID(session.getUuid()); + receiveFakeStartPacket(realUsername); + } + private void setPremiumUUID(UUID premiumUUID) { if (plugin.getConfig().getBoolean("premiumUuid") && premiumUUID != null) { try {