16 files changed, 571 insertions, 333 deletions

diff --git a/src/Authenticator.cpp b/src/Authenticator.cpp
deleted file mode 100644
index bd6db1c11..000000000
--- a/src/Authenticator.cpp
+++ /dev/null
@@ -1,267 +0,0 @@
-
-#include "Globals.h"  // NOTE: MSVC stupidness requires this to be the same across all modules
-
-#include "Authenticator.h"
-#include "OSSupport/BlockingTCPLink.h"
-#include "Root.h"
-#include "Server.h"
-
-#include "inifile/iniFile.h"
-
-#include <sstream>
-
-
-
-
-
-#define DEFAULT_AUTH_SERVER "session.minecraft.net"
-#define DEFAULT_AUTH_ADDRESS "/game/checkserver.jsp?user=%USERNAME%&serverId=%SERVERID%"
-#define MAX_REDIRECTS 10
-
-
-
-
-
-cAuthenticator::cAuthenticator(void) :
-	super("cAuthenticator"),
-	m_Server(DEFAULT_AUTH_SERVER),
-	m_Address(DEFAULT_AUTH_ADDRESS),
-	m_ShouldAuthenticate(true)
-{
-}
-
-
-
-
-
-cAuthenticator::~cAuthenticator()
-{
-	Stop();
-}
-
-
-
-
-
-void cAuthenticator::ReadINI(cIniFile & IniFile)
-{
-	m_Server  = IniFile.GetValueSet("Authentication", "Server", DEFAULT_AUTH_SERVER);
-	m_Address = IniFile.GetValueSet("Authentication", "Address", DEFAULT_AUTH_ADDRESS);
-	m_ShouldAuthenticate = IniFile.GetValueSetB("Authentication", "Authenticate", true);
-}
-
-
-
-
-
-void cAuthenticator::Authenticate(int a_ClientID, const AString & a_UserName, const AString & a_ServerHash)
-{
-	if (!m_ShouldAuthenticate)
-	{
-		cRoot::Get()->AuthenticateUser(a_ClientID);
-		return;
-	}
-
-	cCSLock Lock(m_CS);
-	m_Queue.push_back(cUser(a_ClientID, a_UserName, a_ServerHash));
-	m_QueueNonempty.Set();
-}
-
-
-
-
-
-void cAuthenticator::Start(cIniFile & IniFile)
-{
-	ReadINI(IniFile);
-	m_ShouldTerminate = false;
-	super::Start();
-}
-
-
-
-
-
-void cAuthenticator::Stop(void)
-{
-	m_ShouldTerminate = true;
-	m_QueueNonempty.Set();
-	Wait();
-}
-
-
-
-
-
-void cAuthenticator::Execute(void)
-{
-	for (;;)
-	{
-		cCSLock Lock(m_CS);
-		while (!m_ShouldTerminate && (m_Queue.size() == 0))
-		{
-			cCSUnlock Unlock(Lock);
-			m_QueueNonempty.Wait();
-		}
-		if (m_ShouldTerminate)
-		{
-			return;
-		}
-		ASSERT(!m_Queue.empty());
-		
-		int ClientID = m_Queue.front().m_ClientID;
-		AString UserName = m_Queue.front().m_Name;
-		AString ActualAddress = m_Address;
-		ReplaceString(ActualAddress, "%USERNAME%", UserName);
-		ReplaceString(ActualAddress, "%SERVERID%", m_Queue.front().m_ServerID);
-		m_Queue.pop_front();
-		Lock.Unlock();
-
-		if (!AuthFromAddress(m_Server, ActualAddress, UserName))
-		{
-			cRoot::Get()->KickUser(ClientID, "Failed to authenticate account!");
-		}
-		else
-		{
-			cRoot::Get()->AuthenticateUser(ClientID);
-		}
-	}  // for (-ever)
-}
-
-
-
-
-
-bool cAuthenticator::AuthFromAddress(const AString & a_Server, const AString & a_Address, const AString & a_UserName, int a_Level /* = 1 */)
-{
-	// Returns true if the user authenticated okay, false on error; iLevel is the recursion deptht (bails out if too deep)
-
-	cBlockingTCPLink Link;
-	if (!Link.Connect(a_Server.c_str(), 80))
-	{
-		LOGWARNING("%s: cannot connect to auth server \"%s\", kicking user \"%s\"",
-			__FUNCTION__, a_Server.c_str(), a_UserName.c_str()
-		);
-		return false;
-	}
-	
-	Link.SendMessage( AString( "GET " + a_Address + " HTTP/1.1\r\n" ).c_str());
-	Link.SendMessage( AString( "User-Agent: MCServer\r\n" ).c_str());
-	Link.SendMessage( AString( "Host: " + a_Server + "\r\n" ).c_str());
-	//Link.SendMessage( AString( "Host: session.minecraft.net\r\n" ).c_str());
-	Link.SendMessage( AString( "Accept: */*\r\n" ).c_str());
-	Link.SendMessage( AString( "Connection: close\r\n" ).c_str());	//Close so we donīt have to mess with the Content-Length :)
-	Link.SendMessage( AString( "\r\n" ).c_str());
-	AString DataRecvd;
-	Link.ReceiveData(DataRecvd);
-	Link.CloseSocket();
-
-	std::stringstream ss(DataRecvd);
-
-	// Parse the data received:
-	std::string temp;
-	ss >> temp;
-	bool bRedirect = false;
-	bool bOK = false;
-	if ((temp.compare("HTTP/1.1") == 0) || (temp.compare("HTTP/1.0") == 0))
-	{
-		int code;
-		ss >> code;
-		if (code == 302)
-		{
-			// redirect blabla
-			LOGD("%s: Need to redirect, current level %d!", __FUNCTION__, a_Level);
-			if (a_Level > MAX_REDIRECTS)
-			{
-				LOGERROR("cAuthenticator: received too many levels of redirection from auth server \"%s\" for user \"%s\", bailing out and kicking the user", a_Server.c_str(), a_UserName.c_str());
-				return false;
-			}
-			bRedirect = true;
-		}
-		else if (code == 200)
-		{
-			LOGD("cAuthenticator: Received status 200 OK! :D");
-			bOK = true;
-		}
-	}
-	else
-	{
-		LOGERROR("cAuthenticator: cannot parse auth reply from server \"%s\" for user \"%s\", kicking the user.", a_Server.c_str(), a_UserName.c_str());
-		return false;
-	}
-
-	if( bRedirect )
-	{
-		AString Location;
-		// Search for "Location:"
-		bool bFoundLocation = false;
-		while( !bFoundLocation && ss.good() )
-		{
-			char c = 0;
-			while( c != '\n' )
-			{
-				ss.get( c );
-			}
-			AString Name;
-			ss >> Name;
-			if (Name.compare("Location:") == 0)
-			{
-				bFoundLocation = true;
-				ss >> Location;
-			}
-		}
-		if (!bFoundLocation)
-		{
-			LOGERROR("cAuthenticator: received invalid redirection from auth server \"%s\" for user \"%s\", kicking user.", a_Server.c_str(), a_UserName.c_str());
-			return false;
-		}
-
-		Location = Location.substr(strlen("http://"), std::string::npos); // Strip http://
-		std::string Server = Location.substr( 0, Location.find( "/" ) ); // Only leave server address
-		Location = Location.substr( Server.length(), std::string::npos);
-		return AuthFromAddress(Server, Location, a_UserName, a_Level + 1);
-	}
-
-	if (!bOK)
-	{
-		LOGERROR("cAuthenticator: received an error from auth server \"%s\" for user \"%s\", kicking user.", a_Server.c_str(), a_UserName.c_str());
-		return false;
-	}
-
-	// Header says OK, so receive the rest.
-	// Go past header, double \n means end of headers
-	char c = 0;
-	while (ss.good())
-	{
-		while (c != '\n')
-		{
-			ss.get(c);
-		}
-		ss.get(c);
-		if( c == '\n' || c == '\r' || ss.peek() == '\r' || ss.peek() == '\n' )
-			break;
-	}
-	if (!ss.good())
-	{
-		LOGERROR("cAuthenticator: error while parsing response body from auth server \"%s\" for user \"%s\", kicking user.", a_Server.c_str(), a_UserName.c_str());
-		return false;
-	}
-
-	std::string Result;
-	ss >> Result;
-	LOGD("cAuthenticator: Authentication result was %s", Result.c_str());
-
-	if (Result.compare("YES") == 0)	//Works well
-	{
-		LOGINFO("Authentication result \"YES\", player authentication success!");
-		return true;
-	}
-
-
-	LOGINFO("Authentication result was \"%s\", player authentication failure!", Result.c_str());
-	return false;
-}
-
-
-
-
diff --git a/src/ClientHandle.cpp b/src/ClientHandle.cpp
index 5876e55c7..79738ff0b 100644
--- a/src/ClientHandle.cpp
+++ b/src/ClientHandle.cpp
@@ -24,13 +24,15 @@
 
 #include "Root.h"
 
-#include "Authenticator.h"
+#include "Protocol/Authenticator.h"
 #include "MersenneTwister.h"
 
 #include "Protocol/ProtocolRecognizer.h"
 #include "CompositeChat.h"
 #include "Items/ItemSword.h"
 
+#include "md5/md5.h"
+
 
 
 /** Maximum number of explosions to send this tick, server will start dropping if exceeded */
@@ -175,6 +177,39 @@ void cClientHandle::Destroy(void)
 
 
 
+void cClientHandle::GenerateOfflineUUID(void)
+{
+	m_UUID = GenerateOfflineUUID(m_Username);
+}
+
+
+
+
+
+AString cClientHandle::GenerateOfflineUUID(const AString & a_Username)
+{
+	// Proper format for a version 3 UUID is:
+	// xxxxxxxx-xxxx-3xxx-yxxx-xxxxxxxxxxxx where x is any hexadecimal digit and y is one of 8, 9, A, or B
+	
+	// Generate an md5 checksum, and use it as base for the ID:
+	MD5 Checksum(a_Username);
+	AString UUID = Checksum.hexdigest();
+	UUID[12] = '3';  // Version 3 UUID
+	UUID[16] = '8';  // Variant 1 UUID
+	
+	// Now the digest doesn't have the UUID slashes, but the client requires them, so add them into the appropriate positions:
+	UUID.insert(8, "-");
+	UUID.insert(13, "-");
+	UUID.insert(18, "-");
+	UUID.insert(23, "-");
+	
+	return UUID;
+}
+
+
+
+
+
 void cClientHandle::Kick(const AString & a_Reason)
 {
 	if (m_State >= csAuthenticating)  // Don't log pings
@@ -188,7 +223,7 @@ void cClientHandle::Kick(const AString & a_Reason)
 
 
 
-void cClientHandle::Authenticate(void)
+void cClientHandle::Authenticate(const AString & a_Name, const AString & a_UUID)
 {
 	if (m_State != csAuthenticating)
 	{
@@ -197,6 +232,12 @@ void cClientHandle::Authenticate(void)
 	
 	ASSERT( m_Player == NULL );
 
+	m_Username = a_Name;
+	m_UUID = a_UUID;
+	
+	// Send login success (if the protocol supports it):
+	m_Protocol->SendLoginSuccess();
+
 	// Spawn player (only serversided, so data is loaded)
 	m_Player = new cPlayer(this, GetUsername());
 
diff --git a/src/ClientHandle.h b/src/ClientHandle.h
index 0c367ec7d..12e0256de 100644
--- a/src/ClientHandle.h
+++ b/src/ClientHandle.h
@@ -62,8 +62,22 @@ public:
 	
 	cPlayer* GetPlayer() { return m_Player; }	// tolua_export
 
+	const AString & GetUUID(void) const { return m_UUID; } // tolua_export
+	void SetUUID(const AString & a_UUID) { m_UUID = a_UUID; }
+	
+	/** Generates an UUID based on the username stored for this client, and stores it in the m_UUID member.
+	This is used for the offline (non-auth) mode, when there's no UUID source.
+	Each username generates a unique and constant UUID, so that when the player reconnects with the same name, their UUID is the same.
+	Internally calls the GenerateOfflineUUID static function. */
+	void GenerateOfflineUUID(void);
+	
+	/** Generates an UUID based on the player name provided.
+	This is used for the offline (non-auth) mode, when there's no UUID source.
+	Each username generates a unique and constant UUID, so that when the player reconnects with the same name, their UUID is the same. */
+	static AString GenerateOfflineUUID(const AString & a_Username);  // tolua_export
+
 	void Kick(const AString & a_Reason);		// tolua_export
-	void Authenticate(void);  // Called by cAuthenticator when the user passes authentication
+	void Authenticate(const AString & a_Name, const AString & a_UUID);  // Called by cAuthenticator when the user passes authentication
 
 	void StreamChunks(void);
 	
@@ -326,6 +340,7 @@ private:
 	
 	static int s_ClientCount;
 	int m_UniqueID;
+	AString m_UUID;
 	
 	/** Set to true when the chunk where the player is is sent to the client. Used for spawning the player */
 	bool m_HasSentPlayerChunk;
diff --git a/src/Protocol/Authenticator.cpp b/src/Protocol/Authenticator.cpp
new file mode 100644
index 000000000..a30131b36
--- /dev/null
+++ b/src/Protocol/Authenticator.cpp
@@ -0,0 +1,313 @@
+
+#include "Globals.h"  // NOTE: MSVC stupidness requires this to be the same across all modules
+
+#include "Authenticator.h"
+#include "../OSSupport/BlockingTCPLink.h"
+#include "../Root.h"
+#include "../Server.h"
+#include "../ClientHandle.h"
+
+#include "inifile/iniFile.h"
+#include "json/json.h"
+
+#include "polarssl/config.h"
+#include "polarssl/net.h"
+#include "polarssl/ssl.h"
+#include "polarssl/entropy.h"
+#include "polarssl/ctr_drbg.h"
+#include "polarssl/error.h"
+#include "polarssl/certs.h"
+
+#include <sstream>
+#include <iomanip>
+
+
+
+
+
+#define DEFAULT_AUTH_SERVER "sessionserver.mojang.com"
+#define DEFAULT_AUTH_ADDRESS "/session/minecraft/hasJoined?username=%USERNAME%&serverId=%SERVERID%"
+
+
+
+
+
+cAuthenticator::cAuthenticator(void) :
+	super("cAuthenticator"),
+	m_Server(DEFAULT_AUTH_SERVER),
+	m_Address(DEFAULT_AUTH_ADDRESS),
+	m_ShouldAuthenticate(true)
+{
+}
+
+
+
+
+
+cAuthenticator::~cAuthenticator()
+{
+	Stop();
+}
+
+
+
+
+
+void cAuthenticator::ReadINI(cIniFile & IniFile)
+{
+	m_Server = IniFile.GetValueSet("Authentication", "Server", DEFAULT_AUTH_SERVER);
+	m_Address = IniFile.GetValueSet("Authentication", "Address", DEFAULT_AUTH_ADDRESS);
+	m_ShouldAuthenticate = IniFile.GetValueSetB("Authentication", "Authenticate", true);
+}
+
+
+
+
+
+void cAuthenticator::Authenticate(int a_ClientID, const AString & a_UserName, const AString & a_ServerHash)
+{
+	if (!m_ShouldAuthenticate)
+	{
+		cRoot::Get()->AuthenticateUser(a_ClientID, a_UserName, cClientHandle::GenerateOfflineUUID(a_UserName));
+		return;
+	}
+
+	cCSLock LOCK(m_CS);
+	m_Queue.push_back(cUser(a_ClientID, a_UserName, a_ServerHash));
+	m_QueueNonempty.Set();
+}
+
+
+
+
+
+void cAuthenticator::Start(cIniFile & IniFile)
+{
+	ReadINI(IniFile);
+	m_ShouldTerminate = false;
+	super::Start();
+}
+
+
+
+
+
+void cAuthenticator::Stop(void)
+{
+	m_ShouldTerminate = true;
+	m_QueueNonempty.Set();
+	Wait();
+}
+
+
+
+
+
+void cAuthenticator::Execute(void)
+{
+	for (;;)
+	{
+		cCSLock Lock(m_CS);
+		while (!m_ShouldTerminate && (m_Queue.size() == 0))
+		{
+			cCSUnlock Unlock(Lock);
+			m_QueueNonempty.Wait();
+		}
+		if (m_ShouldTerminate)
+		{
+			return;
+		}
+		ASSERT(!m_Queue.empty());
+
+		int ClientID = m_Queue.front().m_ClientID;
+		AString UserName = m_Queue.front().m_Name;
+		AString ServerID = m_Queue.front().m_ServerID;
+		m_Queue.pop_front();
+		Lock.Unlock();
+
+		AString NewUserName = UserName;
+		AString UUID;
+		if (AuthWithYggdrasil(NewUserName, ServerID, UUID))
+		{
+			LOGINFO("User %s authenticated with UUID '%s'", NewUserName.c_str(), UUID.c_str());
+			cRoot::Get()->AuthenticateUser(ClientID, NewUserName, UUID);
+		}
+		else
+		{
+			cRoot::Get()->KickUser(ClientID, "Failed to authenticate account!");
+		}
+	}  // for (-ever)
+}
+
+
+
+
+
+bool cAuthenticator::AuthWithYggdrasil(AString & a_UserName, const AString & a_ServerId, AString & a_UUID)
+{
+	LOGD("Trying to auth user %s", a_UserName.c_str());
+	
+	int ret, server_fd = -1;
+	unsigned char buf[1024];
+	const char *pers = "cAuthenticator";
+
+	entropy_context entropy;
+	ctr_drbg_context ctr_drbg;
+	ssl_context ssl;
+	x509_crt cacert;
+
+	/* Initialize the RNG and the session data */
+	memset(&ssl, 0, sizeof(ssl_context));
+	x509_crt_init(&cacert);
+
+	entropy_init(&entropy);
+	if ((ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, (const unsigned char *)pers, strlen(pers))) != 0)
+	{
+		LOGWARNING("cAuthenticator: ctr_drbg_init returned %d", ret);
+		return false;
+	}
+
+	/* Initialize certificates */
+	// TODO: Grab the sessionserver's root CA and any intermediates and hard-code them here, instead of test_ca_list
+	ret = x509_crt_parse(&cacert, (const unsigned char *)test_ca_list, strlen(test_ca_list));
+
+	if (ret < 0)
+	{
+		LOGWARNING("cAuthenticator: x509_crt_parse returned -0x%x", -ret);
+		return false;
+	}
+
+	/* Connect */
+	if ((ret = net_connect(&server_fd, m_Server.c_str(), 443)) != 0)
+	{
+		LOGWARNING("cAuthenticator: Can't connect to %s: %d", m_Server.c_str(), ret);
+		return false;
+	}
+
+	/* Setup */
+	if ((ret = ssl_init(&ssl)) != 0)
+	{
+		LOGWARNING("cAuthenticator: ssl_init returned %d", ret);
+		return false;
+	}
+	ssl_set_endpoint(&ssl, SSL_IS_CLIENT);
+	ssl_set_authmode(&ssl, SSL_VERIFY_OPTIONAL);
+	ssl_set_ca_chain(&ssl, &cacert, NULL, "PolarSSL Server 1");
+	ssl_set_rng(&ssl, ctr_drbg_random, &ctr_drbg);
+	ssl_set_bio(&ssl, net_recv, &server_fd, net_send, &server_fd);
+
+	/* Handshake */
+	while ((ret = ssl_handshake(&ssl)) != 0)
+	{
+		if ((ret != POLARSSL_ERR_NET_WANT_READ) && (ret != POLARSSL_ERR_NET_WANT_WRITE))
+		{
+			LOGWARNING("cAuthenticator: ssl_handshake returned -0x%x", -ret);
+			return false;
+		}
+	}
+
+	/* Write the GET request */
+	AString ActualAddress = m_Address;
+	ReplaceString(ActualAddress, "%USERNAME%", a_UserName);
+	ReplaceString(ActualAddress, "%SERVERID%", a_ServerId);
+
+	AString Request;
+	Request += "GET " + ActualAddress + " HTTP/1.1\r\n";
+	Request += "Host: " + m_Server + "\r\n";
+	Request += "User-Agent: MCServer\r\n";
+	Request += "Connection: close\r\n";
+	Request += "\r\n";
+
+	ret = ssl_write(&ssl, (const unsigned char *)Request.c_str(), Request.size());
+	if (ret <= 0)
+	{
+		LOGWARNING("cAuthenticator: ssl_write returned %d", ret);
+		return false;
+	}
+
+	/* Read the HTTP response */
+	std::string Response;
+	for (;;)
+	{
+		memset(buf, 0, sizeof(buf));
+		ret = ssl_read(&ssl, buf, sizeof(buf));
+
+		if ((ret == POLARSSL_ERR_NET_WANT_READ) || (ret == POLARSSL_ERR_NET_WANT_WRITE))
+		{
+			continue;
+		}
+		if (ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY)
+		{
+			break;
+		}
+		if (ret < 0)
+		{
+			LOGWARNING("cAuthenticator: ssl_read returned %d", ret);
+			break;
+		}
+		if (ret == 0)
+		{
+			LOGWARNING("cAuthenticator: EOF");
+			break;
+		}
+
+		Response.append((const char *)buf, ret);
+	} 
+
+	ssl_close_notify(&ssl);
+	x509_crt_free(&cacert);
+	net_close(server_fd);
+	ssl_free(&ssl);
+	entropy_free(&entropy);
+	memset(&ssl, 0, sizeof(ssl));
+
+	// Check the HTTP status line:
+	AString prefix("HTTP/1.1 200 OK");
+	AString HexDump;
+	if (Response.compare(0, prefix.size(), prefix))
+	{
+		LOGINFO("User \"%s\" failed to auth, bad http status line received", a_UserName.c_str());
+		LOG("Response: \n%s", CreateHexDump(HexDump, Response.data(), Response.size(), 16).c_str());
+		return false;
+	}
+
+	// Erase the HTTP headers from the response:
+	size_t idxHeadersEnd = Response.find("\r\n\r\n");
+	if (idxHeadersEnd == AString::npos)
+	{
+		LOGINFO("User \"%s\" failed to authenticate, bad http response header received", a_UserName.c_str());
+		LOG("Response: \n%s", CreateHexDump(HexDump, Response.data(), Response.size(), 16).c_str());
+		return false;
+	}
+	Response.erase(0, idxHeadersEnd + 4);
+
+	// Parse the Json response:
+	if (Response.empty())
+	{
+		return false;
+	}
+	Json::Value root;
+	Json::Reader reader;
+	if (!reader.parse(Response, root, false))
+	{
+		LOGWARNING("cAuthenticator: Cannot parse Received Data to json!");
+		return false;
+	}
+	a_UserName = root.get("name", "Unknown").asString();
+	a_UUID = root.get("id", "").asString();
+	
+	// If the UUID doesn't contain the hashes, insert them at the proper places:
+	if (a_UUID.size() == 32)
+	{
+		a_UUID.insert(8, "-");
+		a_UUID.insert(13, "-");
+		a_UUID.insert(18, "-");
+		a_UUID.insert(23, "-");
+	}
+	return true;
+}
+
+
+
+
+
diff --git a/src/Authenticator.h b/src/Protocol/Authenticator.h
index 02cd6f4c5..211f51394 100644
--- a/src/Authenticator.h
+++ b/src/Protocol/Authenticator.h
@@ -14,7 +14,7 @@
 #ifndef CAUTHENTICATOR_H_INCLUDED
 #define CAUTHENTICATOR_H_INCLUDED
 
-#include "OSSupport/IsThread.h"
+#include "../OSSupport/IsThread.h"
 
 
 
@@ -31,23 +31,23 @@ class cAuthenticator :
 	public cIsThread
 {
 	typedef cIsThread super;
-	
+
 public:
 	cAuthenticator(void);
 	~cAuthenticator();
 
-	/// (Re-)read server and address from INI:
+	/** (Re-)read server and address from INI: */
 	void ReadINI(cIniFile & IniFile);
 
-	/// Queues a request for authenticating a user. If the auth fails, the user is kicked
+	/** Queues a request for authenticating a user. If the auth fails, the user will be kicked */
 	void Authenticate(int a_ClientID, const AString & a_UserName, const AString & a_ServerHash);
 
-	/// Starts the authenticator thread. The thread may be started and stopped repeatedly
+	/** Starts the authenticator thread. The thread may be started and stopped repeatedly */
 	void Start(cIniFile & IniFile);
-	
-	/// Stops the authenticator thread. The thread may be started and stopped repeatedly
+
+	/** Stops the authenticator thread. The thread may be started and stopped repeatedly */
 	void Stop(void);
-	
+
 private:
 
 	class cUser
@@ -56,30 +56,30 @@ private:
 		int     m_ClientID;
 		AString m_Name;
 		AString m_ServerID;
-		
+
 		cUser(int a_ClientID, const AString & a_Name, const AString & a_ServerID) :
 			m_ClientID(a_ClientID),
 			m_Name(a_Name),
 			m_ServerID(a_ServerID)
 		{
 		}
-	} ;
-	
+	};
+
 	typedef std::deque<cUser> cUserList;
-	
+
 	cCriticalSection m_CS;
 	cUserList        m_Queue;
 	cEvent           m_QueueNonempty;
-	
+
 	AString m_Server;
 	AString m_Address;
 	bool    m_ShouldAuthenticate;
-	
-	// cIsThread override:
+
+	/** cIsThread override: */
 	virtual void Execute(void) override;
-	
-	// Returns true if the user authenticated okay, false on error; iLevel is the recursion deptht (bails out if too deep)
-	bool AuthFromAddress(const AString & a_Server, const AString & a_Address, const AString & a_UserName, int a_Level = 1);
+
+	/** Returns true if the user authenticated okay, false on error; iLevel is the recursion deptht (bails out if too deep) */
+	bool AuthWithYggdrasil(AString & a_UserName, const AString & a_ServerId, AString & a_UUID);
 };
 
 
diff --git a/src/Protocol/Protocol.h b/src/Protocol/Protocol.h
index 939170f0e..2fbeef0fa 100644
--- a/src/Protocol/Protocol.h
+++ b/src/Protocol/Protocol.h
@@ -83,6 +83,7 @@ public:
 	virtual void SendInventorySlot       (char a_WindowID, short a_SlotNum, const cItem & a_Item) = 0;
 	virtual void SendKeepAlive           (int a_PingID) = 0;
 	virtual void SendLogin               (const cPlayer & a_Player, const cWorld & a_World) = 0;
+	virtual void SendLoginSuccess        (void) = 0;
 	virtual void SendMapColumn           (int a_ID, int a_X, int a_Y, const Byte * a_Colors, unsigned int a_Length) = 0;
 	virtual void SendMapDecorators       (int a_ID, const cMapDecoratorList & a_Decorators) = 0;
 	virtual void SendMapInfo             (int a_ID, unsigned int a_Scale) = 0;
diff --git a/src/Protocol/Protocol125.cpp b/src/Protocol/Protocol125.cpp
index bf946ef19..af1b1c604 100644
--- a/src/Protocol/Protocol125.cpp
+++ b/src/Protocol/Protocol125.cpp
@@ -594,6 +594,15 @@ void cProtocol125::SendLogin(const cPlayer & a_Player, const cWorld & a_World)
 
 
 
+void cProtocol125::SendLoginSuccess(void)
+{
+	// Not supported in this protocol version
+}
+
+
+
+
+
 void cProtocol125::SendMapColumn(int a_ID, int a_X, int a_Y, const Byte * a_Colors, unsigned int a_Length)
 {
 	cCSLock Lock(m_CSPacket);
@@ -642,6 +651,17 @@ void cProtocol125::SendMapDecorators(int a_ID, const cMapDecoratorList & a_Decor
 
 
 
+void cProtocol125::SendMapInfo(int a_ID, unsigned int a_Scale)
+{
+	// This protocol doesn't support such message
+	UNUSED(a_ID);
+	UNUSED(a_Scale);
+}
+
+
+
+
+
 void cProtocol125::SendPickupSpawn(const cPickup & a_Pickup)
 {
 	cCSLock Lock(m_CSPacket);
@@ -683,6 +703,16 @@ void cProtocol125::SendParticleEffect(const AString & a_ParticleName, float a_Sr
 
 
 
+void cProtocol125::SendPaintingSpawn(const cPainting & a_Painting)
+{
+	// Not implemented in this protocol version
+	UNUSED(a_Painting);
+}
+
+
+
+
+
 void cProtocol125::SendPlayerListItem(const cPlayer & a_Player, bool a_IsOnline)
 {
 	cCSLock Lock(m_CSPacket);
@@ -842,6 +872,18 @@ void cProtocol125::SendExperienceOrb(const cExpOrb & a_ExpOrb)
 
 
 
+void cProtocol125::SendScoreboardObjective(const AString & a_Name, const AString & a_DisplayName, Byte a_Mode)
+{
+	// This protocol version doesn't support such message
+	UNUSED(a_Name);
+	UNUSED(a_DisplayName);
+	UNUSED(a_Mode);
+}
+
+
+
+
+
 void cProtocol125::SendSoundEffect(const AString & a_SoundName, int a_SrcX, int a_SrcY, int a_SrcZ, float a_Volume, float a_Pitch)
 {
 	// Not needed in this protocol version
diff --git a/src/Protocol/Protocol125.h b/src/Protocol/Protocol125.h
index 08d3ebbe9..16f31bd0e 100644
--- a/src/Protocol/Protocol125.h
+++ b/src/Protocol/Protocol125.h
@@ -56,19 +56,12 @@ public:
 	virtual void SendInventorySlot       (char a_WindowID, short a_SlotNum, const cItem & a_Item) override;
 	virtual void SendKeepAlive           (int a_PingID) override;
 	virtual void SendLogin               (const cPlayer & a_Player, const cWorld & a_World) override;
+	virtual void SendLoginSuccess        (void) override;
 	virtual void SendMapColumn           (int a_ID, int a_X, int a_Y, const Byte * a_Colors, unsigned int a_Length) override;
 	virtual void SendMapDecorators       (int a_ID, const cMapDecoratorList & a_Decorators) override;
-	virtual void SendMapInfo             (int a_ID, unsigned int a_Scale) override 
-	{
-		// This protocol doesn't support such message
-		UNUSED(a_ID);
-		UNUSED(a_Scale);
-	} 
+	virtual void SendMapInfo             (int a_ID, unsigned int a_Scale) override;
 	virtual void SendParticleEffect      (const AString & a_ParticleName, float a_SrcX, float a_SrcY, float a_SrcZ, float a_OffsetX, float a_OffsetY, float a_OffsetZ, float a_ParticleData, int a_ParticleAmmount) override;
-	virtual void SendPaintingSpawn       (const cPainting & a_Painting) override 
-	{
-		UNUSED(a_Painting);
-	};
+	virtual void SendPaintingSpawn       (const cPainting & a_Painting) override;
 	virtual void SendPickupSpawn         (const cPickup & a_Pickup) override;
 	virtual void SendPlayerAbilities     (void) override {}  // This protocol doesn't support such message
 	virtual void SendEntityAnimation     (const cEntity & a_Entity, char a_Animation) override;
@@ -82,12 +75,7 @@ public:
 	virtual void SendRespawn             (void) override;
 	virtual void SendExperience          (void) override;
 	virtual void SendExperienceOrb       (const cExpOrb &  a_ExpOrb) override;
-	virtual void SendScoreboardObjective (const AString & a_Name, const AString & a_DisplayName, Byte a_Mode)                            override 
-	{
-		UNUSED(a_Name);
-		UNUSED(a_DisplayName);
-		UNUSED(a_Mode);
-	} // This protocol doesn't support such message
+	virtual void SendScoreboardObjective (const AString & a_Name, const AString & a_DisplayName, Byte a_Mode) override;
 	virtual void SendScoreUpdate         (const AString & a_Objective, const AString & a_Player, cObjective::Score a_Score, Byte a_Mode) override {} // This protocol doesn't support such message
 	virtual void SendDisplayObjective    (const AString & a_Objective, cScoreboard::eDisplaySlot a_Display)                              override {} // This protocol doesn't support such message
 	virtual void SendSoundEffect         (const AString & a_SoundName, int a_SrcX, int a_SrcY, int a_SrcZ, float a_Volume, float a_Pitch) override;  // a_Src coords are Block * 8
diff --git a/src/Protocol/Protocol17x.cpp b/src/Protocol/Protocol17x.cpp
index a4319df37..c8105c03a 100644
--- a/src/Protocol/Protocol17x.cpp
+++ b/src/Protocol/Protocol17x.cpp
@@ -88,8 +88,9 @@ cProtocol172::cProtocol172(cClientHandle * a_Client, const AString & a_ServerAdd
 	// Create the comm log file, if so requested:
 	if (g_ShouldLogCommIn || g_ShouldLogCommOut)
 	{
+		static int sCounter = 0;
 		cFile::CreateFolder("CommLogs");
-		AString FileName = Printf("CommLogs/%x__%s.log", (unsigned)time(NULL), a_Client->GetIPString().c_str());
+		AString FileName = Printf("CommLogs/%x_%d__%s.log", (unsigned)time(NULL), sCounter++, a_Client->GetIPString().c_str());
 		m_CommLogFile.Open(FileName, cFile::fmWrite);
 	}
 }
@@ -573,6 +574,21 @@ void cProtocol172::SendLogin(const cPlayer & a_Player, const cWorld & a_World)
 
 
 
+void cProtocol172::SendLoginSuccess(void)
+{
+	ASSERT(m_State == 2);  // State: login?
+	
+	cPacketizer Pkt(*this, 0x02);  // Login success packet
+	Pkt.WriteString(m_Client->GetUUID());
+	Pkt.WriteString(m_Client->GetUsername());
+
+	m_State = 3;  // State = Game
+}
+
+
+
+
+
 void cProtocol172::SendPaintingSpawn(const cPainting & a_Painting)
 {
 	cPacketizer Pkt(*this, 0x10);  // Spawn Painting packet
@@ -796,7 +812,7 @@ void cProtocol172::SendPlayerSpawn(const cPlayer & a_Player)
 	// Called to spawn another player for the client
 	cPacketizer Pkt(*this, 0x0c);  // Spawn Player packet
 	Pkt.WriteVarInt(a_Player.GetUniqueID());
-	Pkt.WriteString(Printf("%d", a_Player.GetUniqueID()));  // TODO: Proper UUID
+	Pkt.WriteString(a_Player.GetClientHandle()->GetUUID());
 	Pkt.WriteString(a_Player.GetName());
 	Pkt.WriteFPInt(a_Player.GetPosX());
 	Pkt.WriteFPInt(a_Player.GetPosY());
@@ -1555,15 +1571,6 @@ void cProtocol172::HandlePacketLoginEncryptionResponse(cByteBuffer & a_ByteBuffe
 	}
 	
 	StartEncryption(DecryptedKey);
-
-	// Send login success:
-	{
-		cPacketizer Pkt(*this, 0x02);  // Login success packet
-		Pkt.WriteString(Printf("%d", m_Client->GetUniqueID()));  // TODO: proper UUID
-		Pkt.WriteString(m_Client->GetUsername());
-	}
-
-	m_State = 3;  // State = Game
 	m_Client->HandleLogin(4, m_Client->GetUsername());
 }
 
@@ -1596,14 +1603,6 @@ void cProtocol172::HandlePacketLoginStart(cByteBuffer & a_ByteBuffer)
 		return;
 	}
 	
-	// Send login success:
-	{
-		cPacketizer Pkt(*this, 0x02);  // Login success packet
-		Pkt.WriteString(Printf("%d", m_Client->GetUniqueID()));  // TODO: proper UUID
-		Pkt.WriteString(Username);
-	}
-
-	m_State = 3;  // State = Game
 	m_Client->HandleLogin(4, Username);
 }
 
@@ -2755,3 +2754,64 @@ void cProtocol172::cPacketizer::WriteEntityProperties(const cEntity & a_Entity)
 
 
 
+
+///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+// cProtocol176:
+
+cProtocol176::cProtocol176(cClientHandle * a_Client, const AString &a_ServerAddress, UInt16 a_ServerPort, UInt32 a_State) :
+	super(a_Client, a_ServerAddress, a_ServerPort, a_State)
+{
+}
+
+
+
+
+
+void cProtocol176::SendPlayerSpawn(const cPlayer & a_Player)
+{
+	// Called to spawn another player for the client
+	cPacketizer Pkt(*this, 0x0c);  // Spawn Player packet
+	Pkt.WriteVarInt(a_Player.GetUniqueID());
+	Pkt.WriteString(a_Player.GetClientHandle()->GetUUID());
+	Pkt.WriteString(a_Player.GetName());
+	Pkt.WriteVarInt(0);  // We have no data to send here
+	Pkt.WriteFPInt(a_Player.GetPosX());
+	Pkt.WriteFPInt(a_Player.GetPosY());
+	Pkt.WriteFPInt(a_Player.GetPosZ());
+	Pkt.WriteByteAngle(a_Player.GetYaw());
+	Pkt.WriteByteAngle(a_Player.GetPitch());
+	short ItemType = a_Player.GetEquippedItem().IsEmpty() ? 0 : a_Player.GetEquippedItem().m_ItemType;
+	Pkt.WriteShort(ItemType);
+	Pkt.WriteByte((3 << 5) | 6);  // Metadata: float + index 6
+	Pkt.WriteFloat((float)a_Player.GetHealth());
+	Pkt.WriteByte(0x7f);  // Metadata: end
+}
+
+
+
+
+
+void cProtocol176::HandlePacketStatusRequest(cByteBuffer & a_ByteBuffer)
+{
+	// Send the response:
+	AString Response = "{\"version\":{\"name\":\"1.7.6\",\"protocol\":5},\"players\":{";
+	AppendPrintf(Response, "\"max\":%u,\"online\":%u,\"sample\":[]},",
+		cRoot::Get()->GetServer()->GetMaxPlayers(),
+		cRoot::Get()->GetServer()->GetNumPlayers()
+	);
+	AppendPrintf(Response, "\"description\":{\"text\":\"%s\"},",
+		cRoot::Get()->GetServer()->GetDescription().c_str()
+	);
+	AppendPrintf(Response, "\"favicon\":\"data:image/png;base64,%s\"",
+		cRoot::Get()->GetServer()->GetFaviconData().c_str()
+	);
+	Response.append("}");
+	
+	cPacketizer Pkt(*this, 0x00);  // Response packet
+	Pkt.WriteString(Response);
+}
+
+
+
+
+
diff --git a/src/Protocol/Protocol17x.h b/src/Protocol/Protocol17x.h
index 91186b270..5cafc4722 100644
--- a/src/Protocol/Protocol17x.h
+++ b/src/Protocol/Protocol17x.h
@@ -87,6 +87,7 @@ public:
 	virtual void SendInventorySlot       (char a_WindowID, short a_SlotNum, const cItem & a_Item) override;
 	virtual void SendKeepAlive           (int a_PingID) override;
 	virtual void SendLogin               (const cPlayer & a_Player, const cWorld & a_World) override;
+	virtual void SendLoginSuccess        (void) override;
 	virtual void SendMapColumn           (int a_ID, int a_X, int a_Y, const Byte * a_Colors, unsigned int a_Length) override;
 	virtual void SendMapDecorators       (int a_ID, const cMapDecoratorList & a_Decorators) override;
 	virtual void SendMapInfo             (int a_ID, unsigned int a_Scale) override;
@@ -252,7 +253,7 @@ protected:
 	
 	// Packet handlers while in the Status state (m_State == 1):
 	void HandlePacketStatusPing   (cByteBuffer & a_ByteBuffer);
-	void HandlePacketStatusRequest(cByteBuffer & a_ByteBuffer);
+	virtual void HandlePacketStatusRequest(cByteBuffer & a_ByteBuffer);
 	
 	// Packet handlers while in the Login state (m_State == 2):
 	void HandlePacketLoginEncryptionResponse(cByteBuffer & a_ByteBuffer);
@@ -306,3 +307,22 @@ protected:
 
 
 
+
+/** The version 5 lengthed protocol, used by 1.7.6 through 1.7.9. */
+class cProtocol176 :
+	public cProtocol172
+{
+	typedef cProtocol172 super;
+	
+public:
+	cProtocol176(cClientHandle * a_Client, const AString & a_ServerAddress, UInt16 a_ServerPort, UInt32 a_State);
+	
+	// cProtocol172 overrides:
+	virtual void SendPlayerSpawn(const cPlayer & a_Player) override;
+	virtual void HandlePacketStatusRequest(cByteBuffer & a_ByteBuffer) override;
+
+} ;
+
+
+
+
diff --git a/src/Protocol/ProtocolRecognizer.cpp b/src/Protocol/ProtocolRecognizer.cpp
index 3f7d7b254..8a97b9713 100644
--- a/src/Protocol/ProtocolRecognizer.cpp
+++ b/src/Protocol/ProtocolRecognizer.cpp
@@ -59,6 +59,7 @@ AString cProtocolRecognizer::GetVersionTextFromInt(int a_ProtocolVersion)
 		case PROTO_VERSION_1_6_3: return "1.6.3";
 		case PROTO_VERSION_1_6_4: return "1.6.4";
 		case PROTO_VERSION_1_7_2: return "1.7.2";
+		case PROTO_VERSION_1_7_6: return "1.7.6";
 	}
 	ASSERT(!"Unknown protocol version");
 	return Printf("Unknown protocol (%d)", a_ProtocolVersion);
@@ -396,6 +397,16 @@ void cProtocolRecognizer::SendLogin(const cPlayer & a_Player, const cWorld & a_W
 
 
 
+void cProtocolRecognizer::SendLoginSuccess(void)
+{
+	ASSERT(m_Protocol != NULL);
+	m_Protocol->SendLoginSuccess();
+}
+
+
+
+
+
 void cProtocolRecognizer::SendMapColumn(int a_ID, int a_X, int a_Y, const Byte * a_Colors, unsigned int a_Length)
 {
 	ASSERT(m_Protocol != NULL);
@@ -965,6 +976,18 @@ bool cProtocolRecognizer::TryRecognizeLengthedProtocol(UInt32 a_PacketLengthRema
 			m_Protocol = new cProtocol172(m_Client, ServerAddress, (UInt16)ServerPort, NextState);
 			return true;
 		}
+		case PROTO_VERSION_1_7_6:
+		{
+			AString ServerAddress;
+			short ServerPort;
+			UInt32 NextState;
+			m_Buffer.ReadVarUTF8String(ServerAddress);
+			m_Buffer.ReadBEShort(ServerPort);
+			m_Buffer.ReadVarInt(NextState);
+			m_Buffer.CommitRead();
+			m_Protocol = new cProtocol176(m_Client, ServerAddress, (UInt16)ServerPort, NextState);
+			return true;
+		}
 	}
 	LOGINFO("Client \"%s\" uses an unsupported protocol (lengthed, version %u)",
 		m_Client->GetIPString().c_str(), ProtocolVersion
diff --git a/src/Protocol/ProtocolRecognizer.h b/src/Protocol/ProtocolRecognizer.h
index 072d7c2d2..408109ef4 100644
--- a/src/Protocol/ProtocolRecognizer.h
+++ b/src/Protocol/ProtocolRecognizer.h
@@ -18,8 +18,8 @@
 
 
 // Adjust these if a new protocol is added or an old one is removed:
-#define MCS_CLIENT_VERSIONS "1.2.4, 1.2.5, 1.3.1, 1.3.2, 1.4.2, 1.4.4, 1.4.5, 1.4.6, 1.4.7, 1.5, 1.5.1, 1.5.2, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.7.2, 1.7.4"
-#define MCS_PROTOCOL_VERSIONS "29, 39, 47, 49, 51, 60, 61, 73, 74, 77, 78, 4"
+#define MCS_CLIENT_VERSIONS "1.2.4, 1.2.5, 1.3.1, 1.3.2, 1.4.2, 1.4.4, 1.4.5, 1.4.6, 1.4.7, 1.5, 1.5.1, 1.5.2, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.7.2, 1.7.4, 1.7.5, 1.7.6, 1.7.7, 1.7.8, 1.7.9"
+#define MCS_PROTOCOL_VERSIONS "29, 39, 47, 49, 51, 60, 61, 73, 74, 77, 78, 4, 5"
 
 
 
@@ -50,6 +50,7 @@ public:
 
 		// These will be kept "under" the next / latest, because the next and latest are only needed for previous protocols
 		PROTO_VERSION_1_7_2 = 4,
+		PROTO_VERSION_1_7_6 = 5,
 	} ;
 
 	cProtocolRecognizer(cClientHandle * a_Client);
@@ -90,6 +91,7 @@ public:
 	virtual void SendInventorySlot       (char a_WindowID, short a_SlotNum, const cItem & a_Item) override;
 	virtual void SendKeepAlive           (int a_PingID) override;
 	virtual void SendLogin               (const cPlayer & a_Player, const cWorld & a_World) override;
+	virtual void SendLoginSuccess        (void) override;
 	virtual void SendMapColumn           (int a_ID, int a_X, int a_Y, const Byte * a_Colors, unsigned int a_Length) override;
 	virtual void SendMapDecorators       (int a_ID, const cMapDecoratorList & a_Decorators) override;
 	virtual void SendMapInfo             (int a_ID, unsigned int a_Scale) override;
diff --git a/src/Root.cpp b/src/Root.cpp
index ba4398b35..5d32bdd87 100644
--- a/src/Root.cpp
+++ b/src/Root.cpp
@@ -499,9 +499,9 @@ void cRoot::KickUser(int a_ClientID, const AString & a_Reason)
 
 
 
-void cRoot::AuthenticateUser(int a_ClientID)
+void cRoot::AuthenticateUser(int a_ClientID, const AString & a_Name, const AString & a_UUID)
 {
-	m_Server->AuthenticateUser(a_ClientID);
+	m_Server->AuthenticateUser(a_ClientID, a_Name, a_UUID);
 }
 
 
diff --git a/src/Root.h b/src/Root.h
index 4bbd7586f..d2a4d1eed 100644
--- a/src/Root.h
+++ b/src/Root.h
@@ -1,7 +1,7 @@
 
 #pragma once
 
-#include "Authenticator.h"
+#include "Protocol/Authenticator.h"
 #include "HTTPServer/HTTPServer.h"
 #include "Defines.h"
 
@@ -89,7 +89,7 @@ public:
 	void KickUser(int a_ClientID, const AString & a_Reason);
 	
 	/// Called by cAuthenticator to auth the specified user
-	void AuthenticateUser(int a_ClientID);
+	void AuthenticateUser(int a_ClientID, const AString & a_Name, const AString & a_UUID);
 	
 	/// Executes commands queued in the command queue
 	void TickCommands(void);
diff --git a/src/Server.cpp b/src/Server.cpp
index d1e53bfff..e0feaf0d8 100644
--- a/src/Server.cpp
+++ b/src/Server.cpp
@@ -615,14 +615,14 @@ void cServer::KickUser(int a_ClientID, const AString & a_Reason)
 
 
 
-void cServer::AuthenticateUser(int a_ClientID)
+void cServer::AuthenticateUser(int a_ClientID, const AString & a_Name, const AString & a_UUID)
 {
 	cCSLock Lock(m_CSClients);
 	for (ClientList::iterator itr = m_Clients.begin(); itr != m_Clients.end(); ++itr)
 	{
 		if ((*itr)->GetUniqueID() == a_ClientID)
 		{
-			(*itr)->Authenticate();
+			(*itr)->Authenticate(a_Name, a_UUID);
 			return;
 		}
 	}  // for itr - m_Clients[]
diff --git a/src/Server.h b/src/Server.h
index b5280c59d..b5c384a44 100644
--- a/src/Server.h
+++ b/src/Server.h
@@ -83,7 +83,7 @@ public:												// tolua_export
 	void Shutdown(void);
 
 	void KickUser(int a_ClientID, const AString & a_Reason);
-	void AuthenticateUser(int a_ClientID);  // Called by cAuthenticator to auth the specified user
+	void AuthenticateUser(int a_ClientID, const AString & a_Name, const AString & a_UUID);  // Called by cAuthenticator to auth the specified user
 
 	const AString & GetServerID(void) const { return m_ServerID; }  // tolua_export