Add option to forward the connection hostname over to the remote server (#2149)

Co-authored-by: Camotoy <20743703+Camotoy@users.noreply.github.com>
This commit is contained in:
rtm516 2021-04-21 19:55:08 +01:00 committed by GitHub
parent bb41c0f9ee
commit f0a002f0e3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 38 additions and 15 deletions

View file

@ -138,6 +138,8 @@ public interface GeyserConfiguration {
boolean isPasswordAuthentication(); boolean isPasswordAuthentication();
boolean isUseProxyProtocol(); boolean isUseProxyProtocol();
boolean isForwardHost();
} }
interface IUserAuthenticationInfo { interface IUserAuthenticationInfo {

View file

@ -197,6 +197,9 @@ public abstract class GeyserJacksonConfiguration implements GeyserConfiguration
@JsonProperty("use-proxy-protocol") @JsonProperty("use-proxy-protocol")
private boolean useProxyProtocol = false; private boolean useProxyProtocol = false;
@JsonProperty("forward-hostname")
private boolean forwardHost = false;
} }
@Getter @Getter

View file

@ -693,7 +693,9 @@ public class GeyserSession implements CommandSender {
@Override @Override
public void packetSending(PacketSendingEvent event) { public void packetSending(PacketSendingEvent event) {
//todo move this somewhere else //todo move this somewhere else
if (event.getPacket() instanceof HandshakePacket && floodgate) { if (event.getPacket() instanceof HandshakePacket) {
String addressSuffix;
if (floodgate) {
String encrypted = ""; String encrypted = "";
try { try {
encrypted = EncryptionUtil.encryptBedrockData(publicKey, new BedrockData( encrypted = EncryptionUtil.encryptBedrockData(publicKey, new BedrockData(
@ -709,10 +711,23 @@ public class GeyserSession implements CommandSender {
connector.getLogger().error(LanguageUtils.getLocaleStringLog("geyser.auth.floodgate.encrypt_fail"), e); connector.getLogger().error(LanguageUtils.getLocaleStringLog("geyser.auth.floodgate.encrypt_fail"), e);
} }
addressSuffix = '\0' + BedrockData.FLOODGATE_IDENTIFIER + '\0' + encrypted;
} else {
addressSuffix = "";
}
HandshakePacket handshakePacket = event.getPacket(); HandshakePacket handshakePacket = event.getPacket();
String address;
if (connector.getConfig().getRemote().isForwardHost()) {
address = clientData.getServerAddress().split(":")[0];
} else {
address = handshakePacket.getHostname();
}
event.setPacket(new HandshakePacket( event.setPacket(new HandshakePacket(
handshakePacket.getProtocolVersion(), handshakePacket.getProtocolVersion(),
handshakePacket.getHostname() + '\0' + BedrockData.FLOODGATE_IDENTIFIER + '\0' + encrypted, address + addressSuffix,
handshakePacket.getPort(), handshakePacket.getPort(),
handshakePacket.getIntent() handshakePacket.getIntent()
)); ));

View file

@ -53,6 +53,9 @@ remote:
# 2) You run Velocity or BungeeCord with the option enabled in the proxy's main config. # 2) You run Velocity or BungeeCord with the option enabled in the proxy's main config.
# IF YOU DON'T KNOW WHAT THIS IS, DON'T TOUCH IT! # IF YOU DON'T KNOW WHAT THIS IS, DON'T TOUCH IT!
use-proxy-protocol: false use-proxy-protocol: false
# Forward the hostname that the Bedrock client used to connect over to the Java server
# This is designed to be used for forced hosts on proxies
forward-hostname: false
# Floodgate uses encryption to ensure use from authorised sources. # Floodgate uses encryption to ensure use from authorised sources.
# This should point to the public key generated by Floodgate (Bungee or CraftBukkit) # This should point to the public key generated by Floodgate (Bungee or CraftBukkit)