From f0a002f0e349ef1d3feb0e04f9816fd7762eb08c Mon Sep 17 00:00:00 2001
From: rtm516 <rtm516@users.noreply.github.com>
Date: Wed, 21 Apr 2021 19:55:08 +0100
Subject: [PATCH] Add option to forward the connection hostname over to the
 remote server (#2149)

Co-authored-by: Camotoy <20743703+Camotoy@users.noreply.github.com>
---
 .../configuration/GeyserConfiguration.java    |  2 +
 .../GeyserJacksonConfiguration.java           |  3 ++
 .../network/session/GeyserSession.java        | 45 ++++++++++++-------
 connector/src/main/resources/config.yml       |  3 ++
 4 files changed, 38 insertions(+), 15 deletions(-)

diff --git a/connector/src/main/java/org/geysermc/connector/configuration/GeyserConfiguration.java b/connector/src/main/java/org/geysermc/connector/configuration/GeyserConfiguration.java
index b6af30fed..d1d40ea9c 100644
--- a/connector/src/main/java/org/geysermc/connector/configuration/GeyserConfiguration.java
+++ b/connector/src/main/java/org/geysermc/connector/configuration/GeyserConfiguration.java
@@ -138,6 +138,8 @@ public interface GeyserConfiguration {
         boolean isPasswordAuthentication();
 
         boolean isUseProxyProtocol();
+
+        boolean isForwardHost();
     }
 
     interface IUserAuthenticationInfo {
diff --git a/connector/src/main/java/org/geysermc/connector/configuration/GeyserJacksonConfiguration.java b/connector/src/main/java/org/geysermc/connector/configuration/GeyserJacksonConfiguration.java
index f8b652e53..9a400031d 100644
--- a/connector/src/main/java/org/geysermc/connector/configuration/GeyserJacksonConfiguration.java
+++ b/connector/src/main/java/org/geysermc/connector/configuration/GeyserJacksonConfiguration.java
@@ -197,6 +197,9 @@ public abstract class GeyserJacksonConfiguration implements GeyserConfiguration
 
         @JsonProperty("use-proxy-protocol")
         private boolean useProxyProtocol = false;
+
+        @JsonProperty("forward-hostname")
+        private boolean forwardHost = false;
     }
 
     @Getter
diff --git a/connector/src/main/java/org/geysermc/connector/network/session/GeyserSession.java b/connector/src/main/java/org/geysermc/connector/network/session/GeyserSession.java
index e521673e2..5d68dd55d 100644
--- a/connector/src/main/java/org/geysermc/connector/network/session/GeyserSession.java
+++ b/connector/src/main/java/org/geysermc/connector/network/session/GeyserSession.java
@@ -693,26 +693,41 @@ public class GeyserSession implements CommandSender {
             @Override
             public void packetSending(PacketSendingEvent event) {
                 //todo move this somewhere else
-                if (event.getPacket() instanceof HandshakePacket && floodgate) {
-                    String encrypted = "";
-                    try {
-                        encrypted = EncryptionUtil.encryptBedrockData(publicKey, new BedrockData(
-                                clientData.getGameVersion(),
-                                authData.getName(),
-                                authData.getXboxUUID(),
-                                clientData.getDeviceOS().ordinal(),
-                                clientData.getLanguageCode(),
-                                clientData.getCurrentInputMode().ordinal(),
-                                upstream.getAddress().getAddress().getHostAddress()
-                        ));
-                    } catch (Exception e) {
-                        connector.getLogger().error(LanguageUtils.getLocaleStringLog("geyser.auth.floodgate.encrypt_fail"), e);
+                if (event.getPacket() instanceof HandshakePacket) {
+                    String addressSuffix;
+                    if (floodgate) {
+                        String encrypted = "";
+                        try {
+                            encrypted = EncryptionUtil.encryptBedrockData(publicKey, new BedrockData(
+                                    clientData.getGameVersion(),
+                                    authData.getName(),
+                                    authData.getXboxUUID(),
+                                    clientData.getDeviceOS().ordinal(),
+                                    clientData.getLanguageCode(),
+                                    clientData.getCurrentInputMode().ordinal(),
+                                    upstream.getAddress().getAddress().getHostAddress()
+                            ));
+                        } catch (Exception e) {
+                            connector.getLogger().error(LanguageUtils.getLocaleStringLog("geyser.auth.floodgate.encrypt_fail"), e);
+                        }
+
+                        addressSuffix = '\0' + BedrockData.FLOODGATE_IDENTIFIER + '\0' + encrypted;
+                    } else {
+                        addressSuffix = "";
                     }
 
                     HandshakePacket handshakePacket = event.getPacket();
+
+                    String address;
+                    if (connector.getConfig().getRemote().isForwardHost()) {
+                        address = clientData.getServerAddress().split(":")[0];
+                    } else {
+                        address = handshakePacket.getHostname();
+                    }
+
                     event.setPacket(new HandshakePacket(
                             handshakePacket.getProtocolVersion(),
-                            handshakePacket.getHostname() + '\0' + BedrockData.FLOODGATE_IDENTIFIER + '\0' + encrypted,
+                            address + addressSuffix,
                             handshakePacket.getPort(),
                             handshakePacket.getIntent()
                     ));
diff --git a/connector/src/main/resources/config.yml b/connector/src/main/resources/config.yml
index c81bfc675..7133ec88d 100644
--- a/connector/src/main/resources/config.yml
+++ b/connector/src/main/resources/config.yml
@@ -53,6 +53,9 @@ remote:
   # 2) You run Velocity or BungeeCord with the option enabled in the proxy's main config.
   # IF YOU DON'T KNOW WHAT THIS IS, DON'T TOUCH IT!
   use-proxy-protocol: false
+  # Forward the hostname that the Bedrock client used to connect over to the Java server
+  # This is designed to be used for forced hosts on proxies
+  forward-hostname: false
 
 # Floodgate uses encryption to ensure use from authorised sources.
 # This should point to the public key generated by Floodgate (Bungee or CraftBukkit)