Replace the XOR obfuscation cipher with AES-128-CTR using the Windows
BCrypt API. Key material grows from 16 to 32 bytes (16 AES key + 16 IV).
All callers auto-adjust via StreamCipher::KEY_SIZE. No handshake or
protocol changes needed beyond the larger MC|CKey payload.
Comprehensive security system to protect against packet-sniffing attacks,
XUID harvesting, privilege escalation, bot flooding, and XUID impersonation.
- Stream cipher: per-session XOR cipher with 4-message handshake via
CustomPayloadPacket (MC|CKey, MC|CAck, MC|COn). Negotiated per-connection,
backwards compatible (old clients/servers fall back to plaintext).
- Security gate: buffers all game data until cipher handshake completes,
preventing unsecured clients from receiving any XUIDs or game state.
- Cipher handshake enforcer: kicks clients that don't complete the handshake
within 5 seconds (configurable via require-secure-client).
- Identity tokens: persistent per-XUID tokens in identity-tokens.json,
issued over the encrypted channel, verified on reconnect. Prevents XUID
replay attacks. Client stores server-specific tokens.
- PROXY protocol v1: parses real client IPs from playit.gg tunnel headers
so rate limiting, IP bans, and XUID spoof detection work per-player.
- Rate limiting: per-IP sliding window (default 5 connections/30s) with
pending connection cap (default 10).
- Privilege hardening: OP requires ops.json, live checks on every command
and privilege packet. Host-only server settings changes.
- XUID stripping: PreLoginPacket response sends INVALID_XUID placeholders.
- Packet validation: readUtf global string cap, reduced max packet size,
stream desync protection on oversized strings.
- OpManager: persistent ops.json with XUID-based OP list.
- Whitelist improvements: whitelist add accepts player names with ambiguity
detection, XUID cache from login attempts.
- revoketoken command: revoke identity tokens for players who lost theirs.
- server.log: persistent log file written alongside console output with
flush-per-write to survive crashes.
- CLI security logging: consolidated per-join security summary with cipher
status, token status, XUID, and real IP. Security warnings for kicks,
spoofing, and unauthorized commands.
* Fix game crashing if DLC has XMLVERSION paramater
* Better implementation of XMLVersion check
* Forgot to add type name to the list
* Removed extra newline
Players now appear in each other's Tab list immediately on join,
regardless of render distance. Previously, players only appeared when
they entered entity tracking range because AddPlayerPacket was only
sent through the TrackedEntity system.
On disconnect, a RemoveEntitiesPacket is broadcast to all clients so
players added via the join broadcast are properly cleaned up, not just
those within tracking range.
The tab player list and teleport menu now show the correct map marker
color for each player. The icon is computed using the same hash as the
map renderer (getRandomPlayerMapIcon) and stored by player name,
bypassing the unreliable small-ID lookup that produced wrong colors
on dedicated servers.
Dragon melee damage: reassign sub-entity IDs to be sequential from
the parent entity ID in ServerLevel::entityAdded(), so the client's
offset-based ID calculation matches the server. Previously the server's
smallId pool allocated non-sequential IDs, causing melee attacks to
target entity IDs the server didn't recognize.
End portal transition: ensure the player entity is always added to the
new level when transitioning from The End, not just for non-End
dimensions. The addEntity call was previously gated behind a
lastDimension != 1 check that also excluded it from End exits.
End Poem crash: bounds-check the WIN_GAME event's player index before
accessing localplayers[], with a fallback to prevent null dereference
when the server sends an out-of-range index.
Register remote players in the client's IQNet array when their
AddPlayerPacket arrives, so they appear in the Tab player list.
Previously only the host and local player were registered.
Also filter the dedicated server's phantom host entry (slot 0, empty
gamertag) from the UI, fix tick() to update entries by smallId instead
of sequential index, and fix player removal to use gamertag matching
since XUIDs are 0 on dedicated servers.
Resolve _minecraft._tcp.<hostname> SRV records before connecting,
matching Java Edition behavior. Players can connect using just a domain
name and the client will look up the actual server address and port
from DNS. Falls back to the original hostname/port if no SRV record
exists or the address is a numeric IP.
Replace the boolean-flag-based async join system with a clean state machine
(eJoinState enum) and move connection progress handling from UIScene_JoinMenu
into UIScene_ConnectingProgress as a dedicated UI class.
Combines the best of two approaches: non-blocking sockets with select()
timeout and SO_RCVTIMEO clearing (prevents random disconnects) with the
upstream's state enum, FinalizeJoin separation, and ConnectingProgress UI.
JoinGame() now returns JOINGAME_PENDING on Win64, and
PlatformNetworkManagerStub::DoWork() polls the join state to finalize
the connection when the background thread succeeds.
Clear the 5-second SO_RCVTIMEO that was set during the connection
handshake but never removed. The timeout persisted into the game
session, causing the client to disconnect whenever the server paused
for longer than 5 seconds (e.g. autosave, chunk I/O).
Also update README with chunk unloading and connection stability fixes.
Commit a24318ee changed drop() to immediately remove chunks from cache,
bypassing the deferred m_toDrop save/unload pipeline. This caused missing
chunks on dedicated servers, iterator invalidation in dropAll() and
ServerLevel::save(), and entity duplication (item frames) from chunks
being reloaded without their entities first being removed from the level.
- ServerChunkCache::drop(): restore m_toDrop queue instead of immediate
cache removal, so tick() can save/unload/move to unloadedCache safely
- MultiPlayerChunkCache::drop(): restore soft-unload (keep chunk in cache
with loaded=true) instead of nulling cache and hasData
- PlayerChunkMap::setRadius(): remove dropAll() call when reducing radius,
the per-chunk removal loop already handles out-of-range chunks
The dedicated server previously picked a completely random seed with no
biome diversity checks (the client validates but the server skipped it).
On top of that, the client's findSeed() was hardcoded to only check a
54-chunk (Classic) area, so Large worlds had no diversity guarantee
beyond the center.
New server worlds now use findSeed() scaled to the full target world
size. Added override-seed in server.properties to fix existing worlds
without deleting them.
Server list: edits and deletions now update the UI immediately by
calling SearchForGames() in ForceFriendsSessionRefresh() and
UpdateGamesList() on nav-back to LoadOrJoinMenu.
Connection: moved WinsockNetLayer::JoinGame() to a background thread
with non-blocking sockets (5s timeout, 3 retries). Users can cancel
with B/Escape during the attempt. Failed connections always show an
error dialog.
The upstream font color fix (commit be7e2ca9) switched from glColor4f to
per-vertex t->color() but renderUnicodeCharacter() still relied on glColor4f.
Set glColor4f to currentColor before rendering unicode glyphs and restore
white after, and re-apply t->color() when resuming the batched draw.
Cherry-picked upstream sign fix (SignEntryMenu720 restored) and re-applied
VSync and ExclusiveFullscreen checkbox patches to all SettingsGraphicsMenu SWFs
using the ffdec_lib Java tools.
* Added Stained Glass
i found out that stained glass was not accessible in survival, then i saw they disabled it in the code
* Grouping glass correctly in crafting table
I removed the #if/endif from the ClothDyeRecipes.cpp and added a different one in StructureRecipies.cpp
also changed the Tile definition giving it the same
setBaseItemTypeAndMaterial of stained glass to group it correctly inside the crafting table UI.
also aincremented the Vertical Slot for crafting table to include many more craftings in the same group
Previously paste only worked in the chat screen. Wire Screen::getClipboard() into the two remaining text input paths so Ctrl+V works for sign editing, seed entry, server IP/port, and world name fields.
* Fix "Colormatic" splash text rendering as single color
Signed-off-by: Ayush Thoren <ayushthoren@gmail.com>
* Use per-vertex coloring in a single batch
Signed-off-by: Ayush Thoren <ayushthoren@gmail.com>
* Fix font rendering for color and formatting codes
Signed-off-by: Ayush Thoren <ayushthoren@gmail.com>
---------
Signed-off-by: Ayush Thoren <ayushthoren@gmail.com>
fix for the sign's interface.
SignEntryMenu720 was being replaced by an older version of SkinWinHD.
SignEntryMenu720 was is now replaced with it's original version.
Menu music (menu1-4) now plays only on the title screen, creative
music (creative1-6) only plays in creative mode, and survival mode
correctly plays only calm/hal/nuance/piano tracks. Reordered the
eMUSICFILES enum so piano tracks are contiguous with the survival
range, added game-mode-aware track selection via getOverworldMusicID,
and re-enabled the playStreaming call in setLevel to stop menu music
when entering gameplay. Added debug logging for track selection.
Modified the conditional check in `ResizeD3D` to use
`(IDXGISwapChain*)&g_swapChainProxy` instead of `g_pSwapChain`.
This change ensures the correct proxy is validated. Updated
the debug print statement for clearer output regarding
the render manager's device and swap chain pointers.
- Add VSync and Exclusive Fullscreen toggles to the graphics settings menu
- Rewrite D3D11 swap chain to use DXGI flip model with tearing support
- Fix black screen on resize by creating new swap chain instead of ResizeBuffers
- Revert conditional lighting optimization in Level::setTileAndData back to unconditional checkLight
- Revert deferred lightGaps flagging in LevelChunk::recalcHeight back to immediate lightGap calls
- Add SWF/ARC editing tools used to add new UI checkboxes
