Commit graph

59 commits

Author SHA1 Message Date
Spottedleaf
74550736aa Do not accept invalid client settings 2022-05-07 14:58:53 -07:00
Aikar
2e3c775b68 Fix Per World Difficulty / Remembering Difficulty
Fixes per world difficulty with /difficulty command and also
makes it so that the server keeps the last difficulty used instead
of restoring the server.properties every single load.
2020-06-28 03:59:10 -04:00
Mariell Hoversholm
2a6962e59e Add permission for command blocks 2020-05-16 10:05:30 +02:00
JRoy
6a6851c040 Add PlayerRecipeBookClickEvent 2020-06-05 18:24:06 -04:00
Spottedleaf
4c32788db0 Prevent position desync causing tp exploit
Caused the server to revert to the player's overworld coordinates
after teleporting into the end.

Sidenote: The underlying issue is that the move call can teleport
entities and do other things like kill the entity. In the future,
to fix all exploits derieved from this usually unexpected
behaviour, we need to move all of this dangerous logic outside
of the move call and into an appropriate place in the tick method.
2020-06-12 16:51:39 -07:00
Shane Freeder
f5cfd89975 Prevent teleporting dead entities 2020-03-03 05:26:40 +00:00
Shane Freeder
35b7f788a9 misc debugging dumps 2021-02-18 20:23:28 +00:00
Shane Freeder
26c77784e5 Fix CB call to changed postToMainThread method 2019-05-10 18:38:19 +01:00
Aikar
04c783377e Limit Client Sign length more
modified clients can send more data from the client
to the server and it would get stored on the sign as sent.

Mojang has a limit of 384 which is much higher than reasonable.

the client can barely render around 16 characters as-is, but formatting
codes can get it to be more than 16 actual length.

Set a limit of 80 which should give an average of 16 characters 2
sets of legacy formatting codes which should be plenty for all uses.

This does not strip any existing data from the NBT as plugins
may use this for storing data out of the rendered area.

it only impacts data sent from the client.

Set -DPaper.maxSignLength=XX to change limit or -1 to disable
2019-02-27 22:18:40 -05:00
Aikar
05f977e3d1 Brigadier Mojang API
Adds AsyncPlayerSendCommandsEvent
  - Allows modifying on a per command basis what command data they see.

Adds CommandRegisteredEvent
  - Allows manipulating the CommandNode to add more children/metadata for the client
2020-04-19 18:15:29 -04:00
Spottedleaf
f5226d3739 Add PlayerConnectionCloseEvent
This event is invoked when a player has disconnected. It is guaranteed that,
if the server is in online-mode, that the provided uuid and username have been
validated.

The event is invoked for players who have not yet logged into the world, whereas
PlayerQuitEvent is only invoked on players who have logged into the world.

The event is invoked for players who have already logged into the world,
although whether or not the player exists in the world at the time of
firing is undefined. (That is, whether the plugin can retrieve a Player object
using the event parameters is undefined). However, it is guaranteed that this
event is invoked AFTER PlayerQuitEvent, if the player has already logged into
the world.

This event is guaranteed to never fire unless AsyncPlayerPreLoginEvent has
been called beforehand, and this event may not be called in parallel with
AsyncPlayerPreLoginEvent for the same connection.

Cancelling the AsyncPlayerPreLoginEvent guarantees the corresponding
PlayerConnectionCloseEvent is never called.

The event may be invoked asynchronously or synchronously. As it stands,
it is never invoked asynchronously. However, plugins should check
Event#isAsynchronous to be future-proof.

On purpose, the deprecated PlayerPreLoginEvent event is left out of the
API spec for this event. Plugins should not be using that event, and
how PlayerPreLoginEvent interacts with PlayerConnectionCloseEvent
is undefined.

== AT ==
public net.minecraft.server.network.ServerLoginPacketListenerImpl$State
public net.minecraft.server.network.ServerLoginPacketListenerImpl state
2018-10-07 12:05:28 -07:00
Aikar
a1a073eaae Book size limits
Puts some limits on the size of books.
2018-11-16 23:08:50 -05:00
Shane Freeder
4da5176b89 Don't allow digging into unloaded chunks 2018-11-11 21:01:09 +00:00
Gabriele C
7c062523e0 Add option to prevent players from moving into unloaded chunks #1551 2018-10-22 17:34:10 +02:00
Shane Freeder
fed1922643 Configurable connection throttle kick message 2018-10-02 09:57:50 +01:00
Shane Freeder
88409ad861 Break up and make tab spam limits configurable
Due to the changes in 1.13, clients will send a tab completion request
for all bukkit commands in order to factor in the lack of support for
brigadier and provide backwards support in the API.

Craftbukkit, however; has moved the chat spam limiter to also interact
with the tab completion request, which while good for avoiding abuse,
causes 1.13 clients to easilly be kicked from a server in bukkit due
to this. Removing the spam limit could cause issues for servers, however,
there is no way for servers to manipulate this without blindly cancelling
kick events, which only causes additional complications. This also causes
issues in that the tab spam limit and chat share the same field but different
limits, meaning that a player having typed a long command may be kicked from
the server.

Splitting the field up and making it configurable allows for server owners
to take the burden of this into their own hand without having to rely on
plugins doing unsafe things.
2018-07-29 05:02:15 +01:00
Aikar
3430a002d1 InventoryCloseEvent Reason API
Allows you to determine why an inventory was closed, enabling plugin developers
to "confirm" things based on if it was player triggered close or not.
2018-07-03 21:56:23 -04:00
Minecrell
0511551203 Call PaperServerListPingEvent for legacy pings 2017-10-11 19:30:51 +02:00
Minecrell
361fc3ab43 Make legacy ping handler more reliable
The Minecraft server often fails to respond to old ("legacy") pings
from old Minecraft versions using the protocol used before the switch
to Netty in Minecraft 1.7.

Due to packet fragmentation[1], we might not have all needed bytes
available when the LegacyPingHandler is called. In this case, it will
run into an error, remove the handler and continue using the modern
protocol.

This is unlikely to happen for the first two revisions of the legacy
ping protocol (used in Minecraft 1.5.x and older) since the request
consists of only one or two bytes, but happens frequently for the
last/third revision introduced in Minecraft 1.6.

It has much larger, variable packet sizes due to the inclusion of
the virtual host (the hostname/port used to connect to the server).

The solution[2] is simple: If we find more than two matching bytes,
we buffer the remaining bytes until we have enough to fully read and
respond to the request.

[1]: https://netty.io/wiki/user-guide-for-4.x.html#wiki-h3-11
[2]: https://netty.io/wiki/user-guide-for-4.x.html#wiki-h4-13
2017-10-11 18:22:50 +02:00
Aikar
d0d0b1a21e Player.setPlayerProfile API
This can be useful for changing name or skins after a player has logged in.

== AT ==
public-f net.minecraft.world.entity.player.Player gameProfile
2018-03-18 12:29:48 -04:00
Aikar
5fb78725e4 Add more fields to AsyncPreLoginEvent
Co-authored-by: Connor Linfoot <connorlinfoot@me.com>
Co-authored-by: MCMDEV <john-m.1@gmx.de>
2018-03-18 11:45:57 -04:00
Minecrell
ac0c06a72f Implement extended PaperServerListPingEvent 2017-10-11 15:56:26 +02:00
Jason Penilla
ed76af5637 AsyncTabCompleteEvent
Let plugins be able to control tab completion of commands and chat async.

This will be useful for frameworks like ACF so we can define async safe completion handlers,
and avoid going to main for tab completions.

Especially useful if you need to query a database in order to obtain the results for tab
completion, such as offline players.

Also adds isCommand and getLocation to the sync TabCompleteEvent

Co-authored-by: Aikar <aikar@aikar.co>
2017-11-26 13:19:58 -05:00
killme
3ce6b37e05 Prevent logins from being processed when the player has disconnected 2017-11-12 19:40:01 +01:00
Shane Freeder
2c11c3e2bb revert serverside behavior of keepalives
This patch intends to bump up the time that a client has to reply to the
server back to 30 seconds as per pre 1.12.2, which allowed clients
more than enough time to reply potentially allowing them to be less
tempermental due to lag spikes on the network thread, e.g. that caused
by plugins that are interacting with netty.

We also add a system property to allow people to tweak how long the server
will wait for a reply. There is a compromise here between lower and higher
values, lower values will mean that dead connections can be closed sooner,
whereas higher values will make this less sensitive to issues such as spikes
from networking or during connections flood of chunk packets on slower clients,
 at the cost of dead connections being kept open for longer.
2017-10-15 00:29:07 +01:00
Minecrell
8838089321 Expose client protocol version and virtual host 2017-10-10 18:45:20 +02:00
Shane Freeder
70e24c1b60 handle ServerboundKeepAlivePacket async
In 1.12.2, Mojang moved the processing of ServerboundKeepAlivePacket off the main
thread, while entirely correct for the server, this causes issues with
plugins which are expecting the PlayerQuitEvent on the main thread.

In order to counteract some bad behavior, we will post handling of the
disconnection to the main thread, but leave the actual processing of the packet
off the main thread.

also adding some additional logging in order to help work out what is causing
random disconnections for clients.
2017-10-05 01:54:07 +01:00
Zach Brown
8c951e13df Add PlayerJumpEvent 2017-09-28 17:21:44 -04:00
Riley Park
ebbb3ee8b5 Allow specifying a custom "authentication servers down" kick message 2017-08-17 16:08:20 -07:00
Zach Brown
3edcdeaf22 Block player logins during server shutdown 2017-07-02 21:35:56 -05:00
Zach Brown
49fbdd7336 Add option to make parrots stay on shoulders despite movement
Makes parrots not fall off whenever the player changes height, or touches water, or gets hit by a passing leaf.
Instead, switches the behavior so that players have to sneak to make the birds leave.

I suspect Mojang may switch to this behavior before full release.

To be converted into a Paper-API event at some point in the future?

== AT ==
public net.minecraft.world.entity.player.Player removeEntitiesOnShoulder()V
2017-05-16 21:29:08 -05:00
Alfie Cleveland
26ff64cadc Properly fix item duplication bug
Credit to prplz for figuring out the real issue
2016-12-27 01:57:57 +00:00
Alfie Cleveland
3e9512a6fc Cache user authenticator threads 2016-11-25 13:22:40 +00:00
Riley Park
8141041554 Configurable flying kick messages 2016-09-20 00:58:01 +00:00
Zach Brown
72bc20c589 Configurable packet in spam threshold 2016-09-11 14:30:57 -05:00
Aikar
d072c2d5fb Avoid blocking on Network Manager creation
Per Paper issue 294
2016-05-16 23:19:16 -04:00
Riley Park
d743b03fb6 Add handshake event to allow plugins to handle client handshaking logic themselves 2016-04-13 20:21:38 -07:00
Jedediah Smith
e2263633d4 Add PlayerUseUnknownEntityEvent
Adds the PlayerUseUnknownEntityEvent to be used by plugins dealing with
virtual entities/entities that are not actually known to the server.

Co-authored-by: Nassim Jahnke <nassim@njahnke.dev>
2016-04-02 05:09:16 -04:00
Jedediah Smith
f55b057ffb Complete resource pack API 2015-04-04 23:17:52 -04:00
Aikar
bcc07d07b6 Improve Player chat API handling
Properly split up the chat and command handling to reflect the server now
having separate packets for both, and the client always using the correct packet. Text
from a chat packet should never be parsed into a command, even if it starts with the `/`
character.

Add a missing async catcher and improve Spigot's async catcher error message.

== AT ==
public net.minecraft.server.network.ServerGamePacketListenerImpl isChatMessageIllegal(Ljava/lang/String;)Z

Co-authored-by: Jake Potrebic <jake.m.potrebic@gmail.com>
Co-authored-by: SoSeDiK <mrsosedik@gmail.com>
2016-03-03 01:17:12 -06:00
Aikar
770ee3eebd Remove Spigot timings 2016-03-03 04:00:11 -06:00
Jason Penilla
34407fe880 Deobfuscate stacktraces in log messages, crash reports, and etc. 2021-06-20 18:19:09 -07:00
Riley Park
66779f5c86 Adventure
== AT ==
public net.minecraft.network.chat.HoverEvent$ItemStackInfo item
public net.minecraft.network.chat.HoverEvent$ItemStackInfo count
public net.minecraft.network.chat.HoverEvent$ItemStackInfo components
public net.minecraft.network.chat.contents.TranslatableContents filterAllowedArguments(Ljava/lang/Object;)Lcom/mojang/serialization/DataResult;

Co-authored-by: zml <zml@stellardrift.ca>
Co-authored-by: Jake Potrebic <jake.m.potrebic@gmail.com>
2021-01-29 17:54:03 +01:00
CraftBukkit/Spigot
6fcc9cce6d Add creative mode NBT permissions
By: md_5 <git@md-5.net>
2019-02-25 19:26:56 +11:00
CraftBukkit/Spigot
93fea68749 Clear Packet Queue on Disconnect
By: md_5 <git@md-5.net>
2015-07-22 19:04:37 +10:00
CraftBukkit/Spigot
f972379105 Make "moved too quickly" limit configurable
By: Jonas Konrad <me@yawk.at>
2014-07-22 15:59:01 +02:00
CraftBukkit/Spigot
7b951a7ec6 Make "moved wrongly" limit configurable
By: Jonas Konrad <me@yawk.at>
2014-07-04 23:03:13 +02:00
CraftBukkit/Spigot
804b118219 Limit block placement/interaction packets
By: Thinkofdeath <thinkofdeath@spigotmc.org>
2014-06-29 21:10:34 +01:00
CraftBukkit/Spigot
05f3042755 Fix race condition that could kill connections before they were initiated
Because NetworkManagers are registered before they get their channel in
channelActive, the ServerConnection would remove them sometimes because
it thought they were disconnected. This commit fixes this by introducing
a 'preparing' variable that is true while the NetworkManager is not
initialized. The ServerConnection does not remove NetworkManagers with
this flag.

By: Jonas Konrad <me@yawk.at>
2014-04-25 23:46:46 +02:00
CraftBukkit/Spigot
ff6d4b2d90 Spam Filter Exclusions
By: md_5 <git@md-5.net>
2014-02-08 08:13:40 +00:00