AstralTransRocketries/MCGalaxy
1
0
Fork 0
mirror of https://github.com/ClassiCube/MCGalaxy.git synced 2025-09-15 10:18:43 -04:00
Code Issues Packages Projects Releases Wiki Activity

Prevent login spamming from also spamming mojang auth attempts

Browse Source
This commit is contained in:
UnknownShadow200 2023-04-29 21:28:56 +10:00
parent 5685e75a35
commit 99a4e70e27
6 changed files with 42 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
MCGalaxy/Config/JSON.cs
View File

@ -296,6 +296,13 @@ namespace MCGalaxy.Config {
} }
public static class Json { public static class Json {
[Obsolete("Use JsonWriter instead", true)]
public static void Serialise(TextWriter dst, ConfigElement[] elems, object instance) {
JsonConfigWriter w = new JsonConfigWriter(dst, elems);
w.WriteObject(instance);
}
/// <summary> Shorthand for serialising an object to a JSON object </summary> /// <summary> Shorthand for serialising an object to a JSON object </summary>
public static string SerialiseObject(object obj) { public static string SerialiseObject(object obj) {
StringWriter dst = new StringWriter(); StringWriter dst = new StringWriter();

17
MCGalaxy/Server/Authentication/LoginAuthenticator.cs
View File

@ -21,6 +21,7 @@ using System.Net;
using System.Security.Cryptography; using System.Security.Cryptography;
using System.Text; using System.Text;
using MCGalaxy.Network; using MCGalaxy.Network;
using MCGalaxy.Util;
namespace MCGalaxy.Authentication namespace MCGalaxy.Authentication
{ {
@ -69,17 +70,23 @@ namespace MCGalaxy.Authentication
/// <summary> Authenticates a player using the Mojang session verification API </summary> /// <summary> Authenticates a player using the Mojang session verification API </summary>
public class MojangAuthenticator : LoginAuthenticator public class MojangAuthenticator : LoginAuthenticator
{ {
static ThreadSafeCache ip_cache = new ThreadSafeCache();
public override bool Verify(Player p, string mppass) { public override bool Verify(Player p, string mppass) {
foreach (AuthService auth in AuthService.Services) foreach (AuthService auth in AuthService.Services)
{ {
if (Authenticate(auth, p, mppass)) return true; if (!auth.Config.MojangAuth) continue;
if (Authenticate(auth, p)) return true;
} }
return false; return false;
} }
static bool Authenticate(AuthService auth, Player p, string mppass) { static bool Authenticate(AuthService auth, Player p) {
if (!auth.Config.MojangAuth) return false; object locker = ip_cache.GetLocker(p.ip);
// if a player from an IP is spamming login attempts,
// prevent that from spamming Mojang's authentication servers too
lock (locker) {
if (!HasJoined(p.truename)) return false; if (!HasJoined(p.truename)) return false;
}
auth.AcceptPlayer(p); auth.AcceptPlayer(p);
return true; return true;
@ -111,9 +118,7 @@ namespace MCGalaxy.Authentication
UpdateExternalIP(); UpdateExternalIP();
byte[] data = Encoding.UTF8.GetBytes(externalIP + ":" + Server.Config.Port); byte[] data = Encoding.UTF8.GetBytes(externalIP + ":" + Server.Config.Port);
byte[] hash = new SHA1Managed().ComputeHash(data); byte[] hash = new SHA1Managed().ComputeHash(data);
return Utils.ToHexString(hash);
// TODO this is bad, redo it
return hash.Join(b => b.ToString("x2"), "");
} }
static string externalIP; static string externalIP;

1
MCGalaxy/Server/Authentication/PassAuthenticator.cs
View File

@ -19,7 +19,6 @@ using System;
using System.IO; using System.IO;
using System.Security.Cryptography; using System.Security.Cryptography;
using System.Text; using System.Text;
using MCGalaxy.Network;
namespace MCGalaxy.Authentication namespace MCGalaxy.Authentication
{ {

2
MCGalaxy/Server/Server.cs
View File

@ -366,7 +366,7 @@ namespace MCGalaxy
public static string CalcMppass(string name, string salt) { public static string CalcMppass(string name, string salt) {
byte[] hash = null; byte[] hash = null;
lock (md5Lock) hash = md5.ComputeHash(enc.GetBytes(salt + name)); lock (md5Lock) hash = md5.ComputeHash(enc.GetBytes(salt + name));
return BitConverter.ToString(hash).Replace("-", ""); return Utils.ToHexString(hash);
} }
/// <summary> Converts a formatted username into its original username </summary> /// <summary> Converts a formatted username into its original username </summary>

6
MCGalaxy/util/Threading/ThreadSafeCache.cs
View File

@ -19,8 +19,10 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using MCGalaxy.Tasks; using MCGalaxy.Tasks;
namespace MCGalaxy.Util { namespace MCGalaxy.Util
public sealed class ThreadSafeCache { {
public sealed class ThreadSafeCache
{
public static ThreadSafeCache DBCache = new ThreadSafeCache(); public static ThreadSafeCache DBCache = new ThreadSafeCache();
readonly object locker = new object(); readonly object locker = new object();

17
MCGalaxy/util/Utils.cs
View File

@ -103,5 +103,22 @@ namespace MCGalaxy {
} }
return lines; return lines;
} }
public static string ToHexString(byte[] data) {
char[] hex = new char[data.Length * 2];
for (int i = 0; i < data.Length; i++)
{
int value = data[i];
hex[i * 2 + 0] = HexEncode(value >> 4);
hex[i * 2 + 1] = HexEncode(value & 0x0F);
}
return new string(hex);
}
static char HexEncode(int i) {
return i < 10 ? (char)(i + '0') : (char)((i - 10) + 'a');
}
} }
} }