Security changes: placement verification, banning, unfinished admins

2018-02-25 22:32:12 -05:00
parent 9985a19e6a
commit 9f5f6ae382
33 changed files with 1038 additions and 520 deletions
--- a/kryonet/src/io/anuke/kryonet/KryoClient.java
+++ b/kryonet/src/io/anuke/kryonet/KryoClient.java
@@ -35,7 +35,7 @@ public class KryoClient implements ClientProvider{
        handler = new ClientDiscoveryHandler() {
            @Override
            public DatagramPacket onRequestNewDatagramPacket() {
-                return new DatagramPacket(new byte[32], 32);
+                return new DatagramPacket(new byte[128], 128);
            }

            @Override
--- a/kryonet/src/io/anuke/kryonet/KryoRegistrator.java
+++ b/kryonet/src/io/anuke/kryonet/KryoRegistrator.java
@@ -2,7 +2,6 @@ package io.anuke.kryonet;

 import com.esotericsoftware.minlog.Log;
 import com.esotericsoftware.minlog.Log.Logger;
-import io.anuke.mindustry.Vars;
 import io.anuke.mindustry.net.Host;
 import io.anuke.ucore.util.ColorCodes;

@@ -11,8 +10,7 @@ import java.io.StringWriter;
 import java.net.InetAddress;
 import java.nio.ByteBuffer;

-import static io.anuke.mindustry.Vars.headless;
-import static io.anuke.mindustry.Vars.playerGroup;
+import static io.anuke.mindustry.Vars.*;

 public class KryoRegistrator {
    public static boolean fakeLag = false;
@@ -49,24 +47,44 @@ public class KryoRegistrator {
    }

    public static ByteBuffer writeServerData(){
-        String host = headless ? "Server" : Vars.player.name;
+        int maxlen = 32;
+
+        String host = (headless ? "Server" : player.name);
+        String map = world.getMap().name;
+
+        host = host.substring(0, Math.min(host.length(), maxlen));
+        map = map.substring(0, Math.min(map.length(), maxlen));
+
+        ByteBuffer buffer = ByteBuffer.allocate(128);

-        ByteBuffer buffer = ByteBuffer.allocate(1 + host.getBytes().length + 4);
        buffer.put((byte)host.getBytes().length);
        buffer.put(host.getBytes());
+
+        buffer.put((byte)map.getBytes().length);
+        buffer.put(map.getBytes());
+
        buffer.putInt(playerGroup.size());
+        buffer.putInt(state.wave);
        return buffer;
    }

    public static Host readServerData(InetAddress ia, ByteBuffer buffer){
-        //old version address.
-        if(buffer.capacity() == 4) return null;
+        if(buffer.capacity() < 128) return null; //old version address.
+
+        byte hlength = buffer.get();
+        byte[] hb = new byte[hlength];
+        buffer.get(hb);
+
+        byte mlength = buffer.get();
+        byte[] mb = new byte[mlength];
+        buffer.get(mb);
+
+        String host = new String(hb);
+        String map = new String(mb);

-        byte length = buffer.get();
-        byte[] sname = new byte[length];
-        buffer.get(sname);
        int players = buffer.getInt();
+        int wave = buffer.getInt();

-        return new Host(new String(sname), ia.getHostAddress(), players);
+        return new Host(host, ia.getHostAddress(), map, wave, players);
    }
 }
--- a/kryonet/src/io/anuke/kryonet/KryoServer.java
+++ b/kryonet/src/io/anuke/kryonet/KryoServer.java
@@ -14,10 +14,7 @@ import io.anuke.mindustry.net.Net;
 import io.anuke.mindustry.net.Net.SendMode;
 import io.anuke.mindustry.net.Net.ServerProvider;
 import io.anuke.mindustry.net.NetConnection;
-import io.anuke.mindustry.net.Packets.Connect;
-import io.anuke.mindustry.net.Packets.Disconnect;
-import io.anuke.mindustry.net.Packets.KickPacket;
-import io.anuke.mindustry.net.Packets.KickReason;
+import io.anuke.mindustry.net.Packets.*;
 import io.anuke.mindustry.net.Registrator;
 import io.anuke.mindustry.net.Streamable;
 import io.anuke.mindustry.net.Streamable.StreamBegin;
@@ -25,6 +22,7 @@ import io.anuke.mindustry.net.Streamable.StreamChunk;
 import io.anuke.ucore.UCore;
 import io.anuke.ucore.core.Timers;
 import io.anuke.ucore.util.Log;
+import io.anuke.ucore.util.Strings;
 import org.java_websocket.WebSocket;
 import org.java_websocket.exceptions.WebsocketNotConnectedException;
 import org.java_websocket.handshake.ClientHandshake;
@@ -66,13 +64,15 @@ public class KryoServer implements ServerProvider {

            @Override
            public void connected (Connection connection) {
-                KryoConnection kn = new KryoConnection(lastconnection ++, connection.getRemoteAddressTCP().toString(), connection);
+                String ip = connection.getRemoteAddressTCP().getAddress().getHostAddress();
+
+                KryoConnection kn = new KryoConnection(lastconnection ++, ip, connection);

                Connect c = new Connect();
                c.id = kn.id;
-                c.addressTCP = connection.getRemoteAddressTCP().toString();
+                c.addressTCP = ip;

-                Log.info("&bRecieved connection: {0} {1}", c.id, c.addressTCP);
+                Log.info("&bRecieved connection: {0} / {1}", c.id, c.addressTCP);

                connections.add(kn);
                Gdx.app.postRunnable(() ->  Net.handleServerReceived(kn.id, c));
@@ -141,12 +141,15 @@ public class KryoServer implements ServerProvider {
        if(con == null){
            Log.err("Cannot kick unknown player!");
            return;
+        }else{
+            Log.info("Kicking connection #{0} / IP: {1}. Reason: {2}", connection, con.address, reason);
        }

        KickPacket p = new KickPacket();
        p.reason = reason;

        con.send(p, SendMode.tcp);
+        Timers.runTask(2f, con::close);
    }

    @Override
@@ -371,9 +374,21 @@ public class KryoServer implements ServerProvider {
                        connection.sendUDP(object);
                    }
                }catch (Exception e){
-                    e.printStackTrace();
+                    Log.err(e);
                    Log.info("Disconnecting invalid client!");
+                    try{
+                        NetErrorPacket packet = new NetErrorPacket();
+                        packet.message = Strings.parseException(e, true);
+                        Timers.runTask(5f, connection::close);
+                    }catch (Exception e2){
+                        Log.err(e2);
+                        connection.close();
+                    }
                    connection.close();
+
+                    KryoConnection k = getByKryoID(connection.getID());
+                    if(k != null) connections.remove(k);
+                    Log.info("Connection removed {0}", k);
                }
            }
        }
@@ -389,6 +404,8 @@ public class KryoServer implements ServerProvider {

    }

+
+
    class SocketServer extends WebSocketServer {

        public SocketServer(int port) {