diff options
Diffstat (limited to '')
-rw-r--r-- | src/Protocol/Protocol17x.cpp | 2 | ||||
-rw-r--r-- | src/Server.cpp | 7 | ||||
-rw-r--r-- | src/Server.h | 8 |
3 files changed, 16 insertions, 1 deletions
diff --git a/src/Protocol/Protocol17x.cpp b/src/Protocol/Protocol17x.cpp index 4f71b53b0..7d80e79fb 100644 --- a/src/Protocol/Protocol17x.cpp +++ b/src/Protocol/Protocol17x.cpp @@ -104,7 +104,7 @@ cProtocol172::cProtocol172(cClientHandle * a_Client, const AString & a_ServerAdd // If BC is setup with ip_forward == true, it sends additional data in the login packet's ServerAddress field: // hostname\00ip-address\00uuid\00profile-properties-as-json AStringVector Params; - if (SplitZeroTerminatedStrings(a_ServerAddress, Params) && (Params.size() == 4)) + if (cRoot::Get()->GetServer()->ShouldAllowBungeeCord() && SplitZeroTerminatedStrings(a_ServerAddress, Params) && (Params.size() == 4)) { LOGD("Player at %s connected via BungeeCord", Params[1].c_str()); m_ServerAddress = Params[0]; diff --git a/src/Server.cpp b/src/Server.cpp index 069e2a169..969ffd693 100644 --- a/src/Server.cpp +++ b/src/Server.cpp @@ -259,6 +259,13 @@ bool cServer::InitServer(cIniFile & a_SettingsIni) m_ServerID = sid.str(); m_ServerID.resize(16, '0'); } + + // Check if both BungeeCord and online mode are on, if so, warn the admin: + m_ShouldAllowBungeeCord = a_SettingsIni.GetValueSetB("Authentication", "AllowBungeeCord", false); + if (m_ShouldAllowBungeeCord && m_ShouldAuthenticate) + { + LOGWARNING("WARNING: BungeeCord is allowed and server set to online mode. This is unsafe and will not work properly. Disable either authentication or BungeeCord in settings.ini."); + } m_ShouldLoadOfflinePlayerData = a_SettingsIni.GetValueSetB("PlayerData", "LoadOfflinePlayerData", false); m_ShouldLoadNamedPlayerData = a_SettingsIni.GetValueSetB("PlayerData", "LoadNamedPlayerData", true); diff --git a/src/Server.h b/src/Server.h index f20e6932f..6d659fa40 100644 --- a/src/Server.h +++ b/src/Server.h @@ -131,6 +131,11 @@ public: // tolua_export Loaded from the settings.ini [PlayerData].LoadNamedPlayerData setting. */ bool ShouldLoadNamedPlayerData(void) const { return m_ShouldLoadNamedPlayerData; } + /** Returns true if BungeeCord logins (that specify the player's UUID) are allowed. + Read from settings, admins should set this to true only when they chain to BungeeCord, + it makes the server vulnerable to identity theft through direct connections. */ + bool ShouldAllowBungeeCord(void) const { return m_ShouldAllowBungeeCord; } + private: friend class cRoot; // so cRoot can create and destroy cServer @@ -230,6 +235,9 @@ private: This allows a seamless transition from name-based to UUID-based player storage. Loaded from the settings.ini [PlayerData].LoadNamedPlayerData setting. */ bool m_ShouldLoadNamedPlayerData; + + /** True if BungeeCord handshake packets (with player UUID) should be accepted. */ + bool m_ShouldAllowBungeeCord; cServer(void); |