TuxCoding/FastLogin
1
0
Fork 1
mirror of https://github.com/TuxCoding/FastLogin.git synced 2025-07-30 18:57:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rephrase invalid session warning to make it more clear

Browse Source
This commit is contained in:
games647
2023-07-17 10:10:03 +02:00
parent 6ab81b1a2f
commit ee465e381c
1 changed files with 23 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java
View File

@ -72,6 +72,13 @@ public class VerifyResponseTask implements Runnable {
private static final String ENCRYPTION_CLASS_NAME = "MinecraftEncryption"; private static final String ENCRYPTION_CLASS_NAME = "MinecraftEncryption";
private static final Class<?> ENCRYPTION_CLASS; private static final Class<?> ENCRYPTION_CLASS;
private static final String ADDRESS_VERIFY_WARNING = "This indicates the use of reverse-proxy like HAProxy, "
+ "TCPShield, BungeeCord, Velocity, etc. "
+ "By default (configurable in the config) this plugin requests Mojang to verify the connecting IP "
+ "to this server with the one used to log into Minecraft to prevent MITM attacks. In "
+ "order to work this security feature, the actual client IP needs to be forwarding "
+ "(keyword IP forwarding). This process will also be useful for other server "
+ "features like IP banning, so that it doesn't ban the proxy IP.";
static { static {
ENCRYPTION_CLASS = MinecraftReflection.getMinecraftClass( ENCRYPTION_CLASS = MinecraftReflection.getMinecraftClass(
@ -151,18 +158,25 @@ public class VerifyResponseTask implements Runnable {
//user tried to fake an authentication //user tried to fake an authentication
disconnect( disconnect(
"invalid-session", "invalid-session",
"GameProfile {} ({}) tried to log in with an invalid session. ServerId: {}", "Session server rejected incoming connection for GameProfile {} ({}). Possible reasons are"
requestedUsername, address, serverId + "1) Client IP address contacting Mojang and server during server join were different "
+ "(Do you use a reverse proxy? -> Enable IP forwarding, "
+ "or disable the feature in the config). "
+ "2) Player is offline, but tried to bypass the authentication"
+ "3) Client uses an outdated username for connecting (Fix: Restart client)",
requestedUsername, address
); );
if (InetUtils.isLocalAddress(address)) { if (InetUtils.isLocalAddress(address)) {
plugin.getLog().warn("The incoming request for player {} uses a local IP address. " plugin.getLog().warn(
+ "This indicates the use of reverse-proxy like HAProxy, TCPShield, BungeeCord, Velocity, " "The incoming request for player {} uses a local IP address",
+ "etc. By default, configurable, this plugin requests Mojang to verify the connecting IP " requestedUsername
+ "to this server with the one used to log into Minecraft to prevent MITM attacks. In " );
+ "order to work this security feature, the actual client IP needs to be forwarding " plugin.getLog().warn(ADDRESS_VERIFY_WARNING);
+ "(keyword IP forwarding). This process will also be useful for other server " } else {
+ "features like IP banning, so that it doesn't ban the proxy IP", requestedUsername); plugin.getLog().warn("If you think this is an error, please verify that the incoming "
+ "IP address {} is not associated with a server hosting company.", address);
plugin.getLog().warn(ADDRESS_VERIFY_WARNING);
} }
} }
} catch (IOException ioEx) { } catch (IOException ioEx) {