mirror of
https://git.huckle.dev/Huckles-Minecraft-Archive/LCE-Revelations.git
synced 2026-05-22 18:47:03 +00:00
ba3ebe666c
Comprehensive security system to protect against packet-sniffing attacks, XUID harvesting, privilege escalation, bot flooding, and XUID impersonation. - Stream cipher: per-session XOR cipher with 4-message handshake via CustomPayloadPacket (MC|CKey, MC|CAck, MC|COn). Negotiated per-connection, backwards compatible (old clients/servers fall back to plaintext). - Security gate: buffers all game data until cipher handshake completes, preventing unsecured clients from receiving any XUIDs or game state. - Cipher handshake enforcer: kicks clients that don't complete the handshake within 5 seconds (configurable via require-secure-client). - Identity tokens: persistent per-XUID tokens in identity-tokens.json, issued over the encrypted channel, verified on reconnect. Prevents XUID replay attacks. Client stores server-specific tokens. - PROXY protocol v1: parses real client IPs from playit.gg tunnel headers so rate limiting, IP bans, and XUID spoof detection work per-player. - Rate limiting: per-IP sliding window (default 5 connections/30s) with pending connection cap (default 10). - Privilege hardening: OP requires ops.json, live checks on every command and privilege packet. Host-only server settings changes. - XUID stripping: PreLoginPacket response sends INVALID_XUID placeholders. - Packet validation: readUtf global string cap, reduced max packet size, stream desync protection on oversized strings. - OpManager: persistent ops.json with XUID-based OP list. - Whitelist improvements: whitelist add accepts player names with ambiguity detection, XUID cache from login attempts. - revoketoken command: revoke identity tokens for players who lost theirs. - server.log: persistent log file written alongside console output with flush-per-write to survive crashes. - CLI security logging: consolidated per-join security summary with cipher status, token status, XUID, and real IP. Security warnings for kicks, spoofing, and unauthorized commands.
65 lines
1.8 KiB
C++
65 lines
1.8 KiB
C++
#pragma once
|
|
|
|
#ifdef _WINDOWS64
|
|
#include <Windows.h>
|
|
#endif
|
|
|
|
#include <vector>
|
|
|
|
namespace ServerRuntime
|
|
{
|
|
namespace Security
|
|
{
|
|
/**
|
|
* Tracks pending cipher handshakes and kicks clients that don't complete
|
|
* within the grace period.
|
|
*
|
|
* When require-secure-client is enabled, old/unpatched clients that ignore
|
|
* MC|CKey are disconnected before they receive any PlayerInfoPacket data
|
|
* containing other players' XUIDs.
|
|
*
|
|
* Called from the main tick thread only (PlayerList::tick).
|
|
*/
|
|
class CipherHandshakeEnforcer
|
|
{
|
|
public:
|
|
// 5 seconds at 20 TPS. The security gate buffers all game data until
|
|
// cipher completes, so no data leaks regardless of grace period length.
|
|
// 5 seconds accommodates high-latency connections.
|
|
static const int kGraceTicks = 100;
|
|
|
|
CipherHandshakeEnforcer();
|
|
~CipherHandshakeEnforcer();
|
|
|
|
CipherHandshakeEnforcer(const CipherHandshakeEnforcer &) = delete;
|
|
CipherHandshakeEnforcer &operator=(const CipherHandshakeEnforcer &) = delete;
|
|
|
|
/**
|
|
* Register that MC|CKey was sent to this smallId at the given tick.
|
|
*/
|
|
void OnCipherKeySent(unsigned char smallId, unsigned int currentTick);
|
|
|
|
/**
|
|
* Check for timed-out handshakes. Returns smallIds that exceeded the
|
|
* grace period without the cipher becoming active. Also returns
|
|
* smallIds that just completed (cipher became active) in outCompleted.
|
|
*/
|
|
void CheckTimeouts(unsigned int currentTick,
|
|
std::vector<unsigned char> &outExpired,
|
|
std::vector<unsigned char> &outCompleted);
|
|
|
|
/**
|
|
* Clean up tracking for a disconnected connection.
|
|
*/
|
|
void OnDisconnected(unsigned char smallId);
|
|
|
|
private:
|
|
static const int MAX_CONNECTIONS = 256;
|
|
unsigned int m_sentTick[MAX_CONNECTIONS]; // 0 = not tracked
|
|
bool m_tracked[MAX_CONNECTIONS];
|
|
};
|
|
|
|
CipherHandshakeEnforcer &GetHandshakeEnforcer();
|
|
}
|
|
}
|