Skip to content

Commit

Permalink
Re-add support for Java 8
Browse files Browse the repository at this point in the history
  • Loading branch information
lucko committed Apr 19, 2021
1 parent 49866e6 commit 5569398
Show file tree
Hide file tree
Showing 10 changed files with 219 additions and 47 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,6 @@ See [INSTALLATION.md](INSTALLATION.md) for a detailed install guide.

## License

BungeeGuard is licensed and made available under the permissive MIT license. Please see [LICENSE.txt](LICENSE.md) for more information.
BungeeGuard is licensed and made available under the permissive MIT license. Please see [LICENSE.txt](LICENSE.txt) for more information.

Details about vulnerability reporting & security disclosures can be found in [SECURITY.md](SECURITY.md).
41 changes: 41 additions & 0 deletions bungeeguard-bungee-java9/pom.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>

<parent>
<groupId>me.lucko</groupId>
<artifactId>bungeeguard</artifactId>
<version>1.2-SNAPSHOT</version>
</parent>

<artifactId>bungeeguard-bungee-java9</artifactId>

<properties>
<maven.compiler.source>9</maven.compiler.source>
<maven.compiler.target>9</maven.compiler.target>
</properties>

<dependencies>
<dependency>
<groupId>me.lucko</groupId>
<artifactId>bungeeguard-bungee</artifactId>
<version>1.2-SNAPSHOT</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>net.md-5</groupId>
<artifactId>bungeecord-api</artifactId>
<version>${bungee.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>net.md-5</groupId>
<artifactId>bungeecord-proxy</artifactId>
<version>${bungee.version}</version>
<scope>provided</scope>
</dependency>
</dependencies>

</project>
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
/*
* This file is part of BungeeGuard, licensed under the MIT License.
*
* Copyright (c) lucko (Luck) <luck@lucko.me>
* Copyright (c) contributors
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/

package me.lucko.bungeeguard.bungee;

import net.md_5.bungee.ServerConnector;
import net.md_5.bungee.connection.LoginResult;

public class SpoofedLoginResultJava9 extends SpoofedLoginResult {
private static final StackWalker STACK_WALKER = StackWalker.getInstance(StackWalker.Option.RETAIN_CLASS_REFERENCE);

// online mode constructor
public SpoofedLoginResultJava9(LoginResult oldProfile, String extraToken) {
super(oldProfile, extraToken);
}

// offline mode constructor
public SpoofedLoginResultJava9(String extraToken) {
super(extraToken);
}

@Override
public LoginResult.Property[] getProperties() {
Class<?> caller = STACK_WALKER.getCallerClass();

// if the getProperties method is being called by the server connector, include our token in the properties
if (caller == ServerConnector.class) {
return addTokenProperty(super.getProperties());
} else {
return super.getProperties();
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,12 @@

package me.lucko.bungeeguard.bungee;

import net.md_5.bungee.ServerConnector;
import net.md_5.bungee.connection.InitialHandler;
import net.md_5.bungee.connection.LoginResult;

import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.util.Arrays;

/**
Expand All @@ -39,53 +40,77 @@
* To achieve this, the stack trace is analyzed. This is kinda crappy, but is the only way
* to modify the properties without leaking the token to other clients via the tablist.
*/
class SpoofedLoginResult extends LoginResult {
private static final StackWalker STACK_WALKER = StackWalker.getInstance(StackWalker.Option.RETAIN_CLASS_REFERENCE);

abstract class SpoofedLoginResult extends LoginResult {
private static final Field PROFILE_FIELD;
private static final Constructor<? extends SpoofedLoginResult> OFFLINE_MODE_IMPL;
private static final Constructor<? extends SpoofedLoginResult> ONLINE_MODE_IMPL;

static {
Class<? extends SpoofedLoginResult> implClass;
try {
// try to use stackwalker if running Java 9 or newer
Class.forName("java.lang.StackWalker");
implClass = Class.forName("me.lucko.bungeeguard.bungee.SpoofedLoginResultJava9").asSubclass(SpoofedLoginResult.class);
//System.out.println("[BungeeGuard] Using Java 9 (StackWalker) to spoof profile properties.");
} catch (ClassNotFoundException e) {
implClass = SpoofedLoginResultJava8.class;
//System.out.println("[BungeeGuard] Using Java 8 (Reflection/Stacktrace) to spoof profile properties.");
}

try {
PROFILE_FIELD = InitialHandler.class.getDeclaredField("loginProfile");
PROFILE_FIELD.setAccessible(true);
} catch (NoSuchFieldException e) {

OFFLINE_MODE_IMPL = implClass.getConstructor(String.class);
ONLINE_MODE_IMPL = implClass.getConstructor(LoginResult.class, String.class);
} catch (ReflectiveOperationException e) {
throw new ExceptionInInitializerError(e);
}
}

static void inject(InitialHandler handler, String token) {
LoginResult profile = handler.getLoginProfile();
LoginResult newProfile;

try {
// profile is null for offline mode servers
if (profile == null) {
newProfile = OFFLINE_MODE_IMPL.newInstance(token);
} else {
newProfile = ONLINE_MODE_IMPL.newInstance(profile, token);
}
} catch (ReflectiveOperationException e) {
throw new RuntimeException(e);
}

try {
PROFILE_FIELD.set(handler, newProfile);
} catch (IllegalAccessException e) {
throw new RuntimeException(e);
}
}

private final String extraToken;
private final Property[] justExtraToken;
private final boolean offline;

// online mode constructor
private SpoofedLoginResult(LoginResult oldProfile, String extraToken) {
protected SpoofedLoginResult(LoginResult oldProfile, String extraToken) {
super(oldProfile.getId(), oldProfile.getName(), oldProfile.getProperties());
this.extraToken = extraToken;
this.justExtraToken = new Property[]{new Property("bungeeguard-token", this.extraToken, "")};
this.offline = false;
}

// offline mode constructor
private SpoofedLoginResult(String extraToken) {
protected SpoofedLoginResult(String extraToken) {
super(null, null, new Property[0]);
this.extraToken = extraToken;
this.justExtraToken = new Property[]{new Property("bungeeguard-token", this.extraToken, "")};
this.offline = true;
}

@Override
public Property[] getProperties() {
// there's no way this is the best way to do this, but idfk
Class<?> caller = STACK_WALKER.getCallerClass();

// if the getProperties method is being called by the server connector, include our token in the properties
if (caller == ServerConnector.class) {
return addTokenProperty(super.getProperties());
} else {
return super.getProperties();
}
}

private Property[] addTokenProperty(Property[] properties) {
protected Property[] addTokenProperty(Property[] properties) {
if (properties.length == 0) {
return this.justExtraToken;
}
Expand All @@ -110,22 +135,4 @@ public String getName() {
}
return super.getId();
}

static void inject(InitialHandler handler, String token) {
LoginResult profile = handler.getLoginProfile();
LoginResult newProfile;

// profile is null for offline mode servers
if (profile == null) {
newProfile = new SpoofedLoginResult(token); // offline mode constructor
} else {
newProfile = new SpoofedLoginResult(profile, token); // online mode constructor
}

try {
PROFILE_FIELD.set(handler, newProfile);
} catch (IllegalAccessException e) {
throw new RuntimeException(e);
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
/*
* This file is part of BungeeGuard, licensed under the MIT License.
*
* Copyright (c) lucko (Luck) <luck@lucko.me>
* Copyright (c) contributors
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/

package me.lucko.bungeeguard.bungee;

import net.md_5.bungee.connection.LoginResult;

public class SpoofedLoginResultJava8 extends SpoofedLoginResult {
private static final String SERVER_CONNECTOR = "net.md_5.bungee.ServerConnector";
private static final String SERVER_CONNECTOR_CONNECTED = "connected";

// online mode constructor
public SpoofedLoginResultJava8(LoginResult oldProfile, String extraToken) {
super(oldProfile, extraToken);
}

// offline mode constructor
public SpoofedLoginResultJava8(String extraToken) {
super(extraToken);
}

@Override
public Property[] getProperties() {
// there's no way this is the best way to do this, but idfk
StackTraceElement[] trace = new Exception().getStackTrace();

if (trace.length < 2) {
return super.getProperties();
}

StackTraceElement callLocation = trace[1];

// if the getProperties method is being called by the server connector, include our token in the properties
if (callLocation.getClassName().equals(SERVER_CONNECTOR) && callLocation.getMethodName().equals(SERVER_CONNECTOR_CONNECTED)) {
return addTokenProperty(super.getProperties());
} else {
return super.getProperties();
}
}
}
2 changes: 1 addition & 1 deletion bungeeguard-bungee/src/main/resources/bungee.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: BungeeGuard
version: ${project.version}
description: Plugin which adds a security token to the BungeeCord handshaking protocol
description: A plugin-based security/firewall solution for BungeeCord and Velocity proxies.
author: Luck
main: me.lucko.bungeeguard.bungee.BungeeGuardProxyPlugin
6 changes: 3 additions & 3 deletions bungeeguard-spigot/src/main/resources/config.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
# BungeeGuard Configuration

# Allowed authentication tokens.
allowed-tokens: []
# - "the token generated by the proxy goes here"
# - "you can add as many as you like."
allowed-tokens:
- "the token generated by the proxy goes here"
- "you can add as many as you like."


# Messages
Expand Down
2 changes: 1 addition & 1 deletion bungeeguard-spigot/src/main/resources/plugin.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: BungeeGuard
version: ${project.version}
description: Plugin which adds a security token to the BungeeCord handshaking protocol
description: A plugin-based security/firewall solution for BungeeCord and Velocity proxies.
author: Luck

main: me.lucko.bungeeguard.spigot.BungeeGuardBackendPlugin
Expand Down
6 changes: 6 additions & 0 deletions bungeeguard-universal/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,12 @@
<version>1.2-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>me.lucko</groupId>
<artifactId>bungeeguard-bungee-java9</artifactId>
<version>1.2-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>me.lucko</groupId>
<artifactId>bungeeguard-spigot</artifactId>
Expand Down
5 changes: 3 additions & 2 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@

<modules>
<module>bungeeguard-bungee</module>
<module>bungeeguard-bungee-java9</module>
<module>bungeeguard-spigot</module>
<module>bungeeguard-universal</module>
</modules>
Expand All @@ -19,8 +20,8 @@

<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>9</maven.compiler.source>
<maven.compiler.target>9</maven.compiler.target>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>

<paper.version>1.15.2-R0.1-SNAPSHOT</paper.version>
<bungee.version>1.15-SNAPSHOT</bungee.version>
Expand Down

0 comments on commit 5569398

Please sign in to comment.