From 99a4e70e27fc1d2499d24e56eeabaf72de1f016b Mon Sep 17 00:00:00 2001 From: UnknownShadow200 Date: Sat, 29 Apr 2023 21:28:56 +1000 Subject: [PATCH] Prevent login spamming from also spamming mojang auth attempts --- MCGalaxy/Config/JSON.cs | 7 +++++++ .../Authentication/LoginAuthenticator.cs | 19 ++++++++++++------- .../Authentication/PassAuthenticator.cs | 1 - MCGalaxy/Server/Server.cs | 2 +- MCGalaxy/util/Threading/ThreadSafeCache.cs | 8 +++++--- MCGalaxy/util/Utils.cs | 17 +++++++++++++++++ 6 files changed, 42 insertions(+), 12 deletions(-) diff --git a/MCGalaxy/Config/JSON.cs b/MCGalaxy/Config/JSON.cs index 9b37c5d25..cd43b71d6 100644 --- a/MCGalaxy/Config/JSON.cs +++ b/MCGalaxy/Config/JSON.cs @@ -296,6 +296,13 @@ namespace MCGalaxy.Config { } public static class Json { + + [Obsolete("Use JsonWriter instead", true)] + public static void Serialise(TextWriter dst, ConfigElement[] elems, object instance) { + JsonConfigWriter w = new JsonConfigWriter(dst, elems); + w.WriteObject(instance); + } + /// Shorthand for serialising an object to a JSON object public static string SerialiseObject(object obj) { StringWriter dst = new StringWriter(); diff --git a/MCGalaxy/Server/Authentication/LoginAuthenticator.cs b/MCGalaxy/Server/Authentication/LoginAuthenticator.cs index 741ca03ff..6304bcceb 100644 --- a/MCGalaxy/Server/Authentication/LoginAuthenticator.cs +++ b/MCGalaxy/Server/Authentication/LoginAuthenticator.cs @@ -21,6 +21,7 @@ using System.Net; using System.Security.Cryptography; using System.Text; using MCGalaxy.Network; +using MCGalaxy.Util; namespace MCGalaxy.Authentication { @@ -69,17 +70,23 @@ namespace MCGalaxy.Authentication /// Authenticates a player using the Mojang session verification API public class MojangAuthenticator : LoginAuthenticator { + static ThreadSafeCache ip_cache = new ThreadSafeCache(); public override bool Verify(Player p, string mppass) { foreach (AuthService auth in AuthService.Services) { - if (Authenticate(auth, p, mppass)) return true; + if (!auth.Config.MojangAuth) continue; + if (Authenticate(auth, p)) return true; } return false; } - static bool Authenticate(AuthService auth, Player p, string mppass) { - if (!auth.Config.MojangAuth) return false; - if (!HasJoined(p.truename)) return false; + static bool Authenticate(AuthService auth, Player p) { + object locker = ip_cache.GetLocker(p.ip); + // if a player from an IP is spamming login attempts, + // prevent that from spamming Mojang's authentication servers too + lock (locker) { + if (!HasJoined(p.truename)) return false; + } auth.AcceptPlayer(p); return true; @@ -111,9 +118,7 @@ namespace MCGalaxy.Authentication UpdateExternalIP(); byte[] data = Encoding.UTF8.GetBytes(externalIP + ":" + Server.Config.Port); byte[] hash = new SHA1Managed().ComputeHash(data); - - // TODO this is bad, redo it - return hash.Join(b => b.ToString("x2"), ""); + return Utils.ToHexString(hash); } static string externalIP; diff --git a/MCGalaxy/Server/Authentication/PassAuthenticator.cs b/MCGalaxy/Server/Authentication/PassAuthenticator.cs index 808d34e6b..4b60229e5 100644 --- a/MCGalaxy/Server/Authentication/PassAuthenticator.cs +++ b/MCGalaxy/Server/Authentication/PassAuthenticator.cs @@ -19,7 +19,6 @@ using System; using System.IO; using System.Security.Cryptography; using System.Text; -using MCGalaxy.Network; namespace MCGalaxy.Authentication { diff --git a/MCGalaxy/Server/Server.cs b/MCGalaxy/Server/Server.cs index e1c5e01b8..2b8774e1f 100644 --- a/MCGalaxy/Server/Server.cs +++ b/MCGalaxy/Server/Server.cs @@ -366,7 +366,7 @@ namespace MCGalaxy public static string CalcMppass(string name, string salt) { byte[] hash = null; lock (md5Lock) hash = md5.ComputeHash(enc.GetBytes(salt + name)); - return BitConverter.ToString(hash).Replace("-", ""); + return Utils.ToHexString(hash); } /// Converts a formatted username into its original username diff --git a/MCGalaxy/util/Threading/ThreadSafeCache.cs b/MCGalaxy/util/Threading/ThreadSafeCache.cs index e4a10e8d2..cdf4b1c46 100644 --- a/MCGalaxy/util/Threading/ThreadSafeCache.cs +++ b/MCGalaxy/util/Threading/ThreadSafeCache.cs @@ -19,12 +19,14 @@ using System; using System.Collections.Generic; using MCGalaxy.Tasks; -namespace MCGalaxy.Util { - public sealed class ThreadSafeCache { +namespace MCGalaxy.Util +{ + public sealed class ThreadSafeCache + { public static ThreadSafeCache DBCache = new ThreadSafeCache(); readonly object locker = new object(); - readonly Dictionary items = new Dictionary(); + readonly Dictionary items = new Dictionary(); readonly Dictionary access = new Dictionary(); public object GetLocker(string key) { diff --git a/MCGalaxy/util/Utils.cs b/MCGalaxy/util/Utils.cs index 83720b78a..b40cdea24 100644 --- a/MCGalaxy/util/Utils.cs +++ b/MCGalaxy/util/Utils.cs @@ -103,5 +103,22 @@ namespace MCGalaxy { } return lines; } + + + public static string ToHexString(byte[] data) { + char[] hex = new char[data.Length * 2]; + + for (int i = 0; i < data.Length; i++) + { + int value = data[i]; + hex[i * 2 + 0] = HexEncode(value >> 4); + hex[i * 2 + 1] = HexEncode(value & 0x0F); + } + return new string(hex); + } + + static char HexEncode(int i) { + return i < 10 ? (char)(i + '0') : (char)((i - 10) + 'a'); + } } }