summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormadmaxoft <github@xoft.cz>2014-09-17 20:55:46 +0200
committermadmaxoft <github@xoft.cz>2014-09-17 20:56:33 +0200
commit16e9deba8d61abad80ef8a1935db1207fd6c3a68 (patch)
tree299f12bda3da2c0931d9ca70103668e8c580cf3f
parentFixed wrong url in the debuggers plugin (diff)
downloadcuberite-16e9deba8d61abad80ef8a1935db1207fd6c3a68.tar
cuberite-16e9deba8d61abad80ef8a1935db1207fd6c3a68.tar.gz
cuberite-16e9deba8d61abad80ef8a1935db1207fd6c3a68.tar.bz2
cuberite-16e9deba8d61abad80ef8a1935db1207fd6c3a68.tar.lz
cuberite-16e9deba8d61abad80ef8a1935db1207fd6c3a68.tar.xz
cuberite-16e9deba8d61abad80ef8a1935db1207fd6c3a68.tar.zst
cuberite-16e9deba8d61abad80ef8a1935db1207fd6c3a68.zip
-rw-r--r--src/Protocol/Protocol17x.cpp2
-rw-r--r--src/Server.cpp7
-rw-r--r--src/Server.h8
3 files changed, 16 insertions, 1 deletions
diff --git a/src/Protocol/Protocol17x.cpp b/src/Protocol/Protocol17x.cpp
index 4f71b53b0..7d80e79fb 100644
--- a/src/Protocol/Protocol17x.cpp
+++ b/src/Protocol/Protocol17x.cpp
@@ -104,7 +104,7 @@ cProtocol172::cProtocol172(cClientHandle * a_Client, const AString & a_ServerAdd
// If BC is setup with ip_forward == true, it sends additional data in the login packet's ServerAddress field:
// hostname\00ip-address\00uuid\00profile-properties-as-json
AStringVector Params;
- if (SplitZeroTerminatedStrings(a_ServerAddress, Params) && (Params.size() == 4))
+ if (cRoot::Get()->GetServer()->ShouldAllowBungeeCord() && SplitZeroTerminatedStrings(a_ServerAddress, Params) && (Params.size() == 4))
{
LOGD("Player at %s connected via BungeeCord", Params[1].c_str());
m_ServerAddress = Params[0];
diff --git a/src/Server.cpp b/src/Server.cpp
index 069e2a169..969ffd693 100644
--- a/src/Server.cpp
+++ b/src/Server.cpp
@@ -259,6 +259,13 @@ bool cServer::InitServer(cIniFile & a_SettingsIni)
m_ServerID = sid.str();
m_ServerID.resize(16, '0');
}
+
+ // Check if both BungeeCord and online mode are on, if so, warn the admin:
+ m_ShouldAllowBungeeCord = a_SettingsIni.GetValueSetB("Authentication", "AllowBungeeCord", false);
+ if (m_ShouldAllowBungeeCord && m_ShouldAuthenticate)
+ {
+ LOGWARNING("WARNING: BungeeCord is allowed and server set to online mode. This is unsafe and will not work properly. Disable either authentication or BungeeCord in settings.ini.");
+ }
m_ShouldLoadOfflinePlayerData = a_SettingsIni.GetValueSetB("PlayerData", "LoadOfflinePlayerData", false);
m_ShouldLoadNamedPlayerData = a_SettingsIni.GetValueSetB("PlayerData", "LoadNamedPlayerData", true);
diff --git a/src/Server.h b/src/Server.h
index f20e6932f..6d659fa40 100644
--- a/src/Server.h
+++ b/src/Server.h
@@ -131,6 +131,11 @@ public: // tolua_export
Loaded from the settings.ini [PlayerData].LoadNamedPlayerData setting. */
bool ShouldLoadNamedPlayerData(void) const { return m_ShouldLoadNamedPlayerData; }
+ /** Returns true if BungeeCord logins (that specify the player's UUID) are allowed.
+ Read from settings, admins should set this to true only when they chain to BungeeCord,
+ it makes the server vulnerable to identity theft through direct connections. */
+ bool ShouldAllowBungeeCord(void) const { return m_ShouldAllowBungeeCord; }
+
private:
friend class cRoot; // so cRoot can create and destroy cServer
@@ -230,6 +235,9 @@ private:
This allows a seamless transition from name-based to UUID-based player storage.
Loaded from the settings.ini [PlayerData].LoadNamedPlayerData setting. */
bool m_ShouldLoadNamedPlayerData;
+
+ /** True if BungeeCord handshake packets (with player UUID) should be accepted. */
+ bool m_ShouldAllowBungeeCord;
cServer(void);