From 59703bac4e824d10dbf486d87d836ece560921c8 Mon Sep 17 00:00:00 2001 From: games647 Date: Fri, 13 May 2016 18:54:08 +0200 Subject: [PATCH] Fix race condition in BungeeCord --- CHANGELOG.md | 2 +- .../fastlogin/bukkit/ForceLoginTask.java | 4 ---- .../bukkit/listener/BukkitJoinListener.java | 6 ++++-- .../bukkit/listener/BungeeCordListener.java | 17 ++++++++++++----- .../fastlogin/bungee/ForceLoginTask.java | 5 +++-- .../bungee/PlayerConnectionListener.java | 9 ++++++++- 6 files changed, 28 insertions(+), 15 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2561ee28..d92966ad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ * Make the configuration options also work under BungeeCord (premiumUUID, forwardSkin) * Catch configuration loading exception if it's not spigot build -* Fix config loading for older PaperSpigot builds +* Fix config loading for older Spigot builds ######1.0 diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/ForceLoginTask.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/ForceLoginTask.java index b419d611..acfdd370 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/ForceLoginTask.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/ForceLoginTask.java @@ -12,7 +12,6 @@ import java.util.logging.Level; import org.bukkit.Bukkit; import org.bukkit.ChatColor; import org.bukkit.entity.Player; -import org.bukkit.metadata.FixedMetadataValue; public class ForceLoginTask implements Runnable { @@ -34,9 +33,6 @@ public class ForceLoginTask implements Runnable { String id = '/' + player.getAddress().getAddress().getHostAddress() + ':' + player.getAddress().getPort(); PlayerSession session = plugin.getSessions().get(id); - //blacklist this target player for BungeeCord Id brute force attacks - player.setMetadata(plugin.getName(), new FixedMetadataValue(plugin, true)); - BukkitAuthPlugin authPlugin = plugin.getAuthPlugin(); Storage storage = plugin.getStorage(); diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BukkitJoinListener.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BukkitJoinListener.java index a249be27..da8a99df 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BukkitJoinListener.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BukkitJoinListener.java @@ -41,8 +41,10 @@ public class BukkitJoinListener implements Listener { } } - //Wait before auth plugin and we received a message from BungeeCord initializes the player - Bukkit.getScheduler().runTaskLaterAsynchronously(plugin, new ForceLoginTask(plugin, player), DELAY_LOGIN); + if (!plugin.isBungeeCord()) { + //Wait before auth plugin and we received a message from BungeeCord initializes the player + Bukkit.getScheduler().runTaskLaterAsynchronously(plugin, new ForceLoginTask(plugin, player), DELAY_LOGIN); + } } @EventHandler diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BungeeCordListener.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BungeeCordListener.java index 8e29ce2c..86d89813 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BungeeCordListener.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BungeeCordListener.java @@ -1,6 +1,7 @@ package com.github.games647.fastlogin.bukkit.listener; import com.github.games647.fastlogin.bukkit.FastLoginBukkit; +import com.github.games647.fastlogin.bukkit.ForceLoginTask; import com.github.games647.fastlogin.bukkit.PlayerSession; import com.github.games647.fastlogin.bukkit.hooks.BukkitAuthPlugin; import com.google.common.base.Charsets; @@ -54,17 +55,24 @@ public class BungeeCordListener implements PluginMessageListener { final Player checkedPlayer = plugin.getServer().getPlayerExact(playerName); //fail if target player is blacklisted because already authed or wrong bungeecord id if (checkedPlayer != null && !checkedPlayer.hasMetadata(plugin.getName())) { + //blacklist this target player for BungeeCord Id brute force attacks + player.setMetadata(plugin.getName(), new FixedMetadataValue(plugin, true)); + //bungeecord UUID long mostSignificantBits = dataInput.readLong(); long leastSignificantBits = dataInput.readLong(); UUID sourceId = new UUID(mostSignificantBits, leastSignificantBits); + plugin.getLogger().log(Level.FINEST, "Received proxy id {0} from {1}", new Object[]{sourceId, player}); + //fail if BungeeCord support is disabled (id = null) if (sourceId.equals(proxyId)) { final PlayerSession playerSession = new PlayerSession(playerName); + final String id = '/' + checkedPlayer.getAddress().getAddress().getHostAddress() + ':' + + checkedPlayer.getAddress().getPort(); if ("AUTO_LOGIN".equalsIgnoreCase(subchannel)) { playerSession.setVerified(true); playerSession.setRegistered(true); - plugin.getSessions().put(checkedPlayer.getAddress().toString(), playerSession); + plugin.getSessions().put(id, playerSession); } else if ("AUTO_REGISTER".equalsIgnoreCase(subchannel)) { playerSession.setVerified(true); @@ -75,7 +83,7 @@ public class BungeeCordListener implements PluginMessageListener { try { //we need to check if the player is registered on Bukkit too if (authPlugin != null && !authPlugin.isRegistered(playerName)) { - plugin.getSessions().put(checkedPlayer.getAddress().toString(), playerSession); + plugin.getSessions().put(id, playerSession); } } catch (Exception ex) { plugin.getLogger().log(Level.SEVERE, "Failed to query isRegistered", ex); @@ -83,9 +91,8 @@ public class BungeeCordListener implements PluginMessageListener { } }); } - } else { - //blacklist target for the current login - checkedPlayer.setMetadata(plugin.getName(), new FixedMetadataValue(plugin, true)); + + Bukkit.getScheduler().runTaskAsynchronously(plugin, new ForceLoginTask(plugin, player)); } } } diff --git a/bungee/src/main/java/com/github/games647/fastlogin/bungee/ForceLoginTask.java b/bungee/src/main/java/com/github/games647/fastlogin/bungee/ForceLoginTask.java index ceb4b2d9..d66d21cf 100644 --- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/ForceLoginTask.java +++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/ForceLoginTask.java @@ -13,10 +13,12 @@ public class ForceLoginTask implements Runnable { private final FastLoginBungee plugin; private final ProxiedPlayer player; + private final Server server; - public ForceLoginTask(FastLoginBungee plugin, ProxiedPlayer player) { + public ForceLoginTask(FastLoginBungee plugin, ProxiedPlayer player, Server server) { this.plugin = plugin; this.player = player; + this.server = server; } @Override @@ -65,7 +67,6 @@ public class ForceLoginTask implements Runnable { dataOutput.writeLong(proxyId.getMostSignificantBits()); dataOutput.writeLong(proxyId.getLeastSignificantBits()); - Server server = player.getServer(); if (server != null) { server.sendData(plugin.getDescription().getName(), dataOutput.toByteArray()); } diff --git a/bungee/src/main/java/com/github/games647/fastlogin/bungee/PlayerConnectionListener.java b/bungee/src/main/java/com/github/games647/fastlogin/bungee/PlayerConnectionListener.java index 10a89b47..7c302cbf 100644 --- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/PlayerConnectionListener.java +++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/PlayerConnectionListener.java @@ -119,7 +119,8 @@ public class PlayerConnectionListener implements Listener { @EventHandler public void onServerConnected(ServerConnectedEvent serverConnectedEvent) { ProxiedPlayer player = serverConnectedEvent.getPlayer(); - ProxyServer.getInstance().getScheduler().runAsync(plugin, new ForceLoginTask(plugin, player)); + ForceLoginTask loginTask = new ForceLoginTask(plugin, player, serverConnectedEvent.getServer()); + ProxyServer.getInstance().getScheduler().runAsync(plugin, loginTask); } @EventHandler @@ -179,6 +180,9 @@ public class PlayerConnectionListener implements Listener { playerProfile.setUuid(null); //todo: set uuid plugin.getStorage().save(playerProfile); + TextComponent textComponent = new TextComponent("Added to the list of premium players"); + textComponent.setColor(ChatColor.DARK_GREEN); + forPlayer.sendMessage(textComponent); } }); } else if ("SUCCESS".equals(subchannel)) { @@ -190,6 +194,9 @@ public class PlayerConnectionListener implements Listener { //we override this in the loginevent // playerProfile.setUuid(forPlayer.getUniqueId()); plugin.getStorage().save(playerProfile); + TextComponent textComponent = new TextComponent("Removed to the list of premium players"); + textComponent.setColor(ChatColor.DARK_GREEN); + forPlayer.sendMessage(textComponent); } } }