private string UnbanCommand(string[] arg, JObject jObject)
{
if (arg.Count() < 3)
{
return($"```{arg[1]} [UserID/Ip]```");
}
bool validUID = arg[2].Contains('@');
bool validIP = IPAddress.TryParse(arg[2], out IPAddress ip);
BanDetails details;
if (!validIP && !validUID)
{
return($"```diff\n- Invalid UserID or IP given```");
}
if (validUID)
{
details = BanHandler.QueryBan(arg[2], null).Key;
}
else
{
details = BanHandler.QueryBan(null, arg[2]).Value;
}
if (details == null)
{
return($"No ban found for `{arg[2]}`.\nMake sure you have typed it correctly, and that it has the @domain prefix if it's a UserID");
}
BanHandler.RemoveBan(arg[2], (validUID ? BanHandler.BanType.UserId : BanHandler.BanType.IP));
return($"`{arg[2]}` has been unbanned.");
}
/// <summary>
/// Handle the player connection.
/// </summary>
/// <param name="request">The <see cref="ConnectionRequest"/> instance.</param>
private static void HandleConnection(ConnectionRequest request)
{
try
{
int position = request.Data.Position;
if (!request.Data.TryGetByte(out byte result1) || !request.Data.TryGetByte(out byte result2) || !request.Data.TryGetByte(out byte result3) || result1 != CustomNetworkManager.Major || result2 != CustomNetworkManager.Minor || result3 != CustomNetworkManager.SyncedRevision)
{
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)3);
request.RejectForce(CustomLiteNetLib4MirrorTransport.RequestWriter);
}
else
{
bool flag = request.Data.TryGetInt(out int result4);
if (!request.Data.TryGetBytesWithLength(out byte[] result5))
{
flag = false;
}
if (!flag)
{
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)15);
request.RejectForce(CustomLiteNetLib4MirrorTransport.RequestWriter);
}
else if (CustomLiteNetLib4MirrorTransport.DelayConnections)
{
CustomLiteNetLib4MirrorTransport.PreauthDisableIdleMode();
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)17);
CustomLiteNetLib4MirrorTransport.RequestWriter.Put(CustomLiteNetLib4MirrorTransport.DelayTime);
if (CustomLiteNetLib4MirrorTransport.DelayVolume < byte.MaxValue)
{
++CustomLiteNetLib4MirrorTransport.DelayVolume;
}
if (CustomLiteNetLib4MirrorTransport.DelayVolume < CustomLiteNetLib4MirrorTransport.DelayVolumeThreshold)
{
ServerConsole.AddLog(
$"Delayed connection incoming from endpoint {request.RemoteEndPoint} by {CustomLiteNetLib4MirrorTransport.DelayTime} seconds.");
request.Reject(CustomLiteNetLib4MirrorTransport.RequestWriter);
}
else
{
ServerConsole.AddLog(
$"Force delayed connection incoming from endpoint {request.RemoteEndPoint} by {CustomLiteNetLib4MirrorTransport.DelayTime} seconds.");
request.RejectForce(CustomLiteNetLib4MirrorTransport.RequestWriter);
}
}
else
{
if (CustomLiteNetLib4MirrorTransport.UseChallenge)
{
if (result4 == 0 || result5 == null || result5.Length == 0)
{
if (!CustomLiteNetLib4MirrorTransport.CheckIpRateLimit(request))
{
return;
}
int num = 0;
string key = string.Empty;
for (byte index = 0; index < 3; ++index)
{
num = RandomGenerator.GetInt32();
if (num == 0)
{
num = 1;
}
key = request.RemoteEndPoint.Address + "-" + num;
if (CustomLiteNetLib4MirrorTransport.Challenges.ContainsKey(key))
{
if (index == 2)
{
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)4);
request.RejectForce(CustomLiteNetLib4MirrorTransport.RequestWriter);
ServerConsole.AddLog(
$"Failed to generate ID for challenge for incoming connection from endpoint {request.RemoteEndPoint}.");
return;
}
}
else
{
break;
}
}
byte[] bytes = RandomGenerator.GetBytes(CustomLiteNetLib4MirrorTransport.ChallengeInitLen + CustomLiteNetLib4MirrorTransport.ChallengeSecretLen, true);
ServerConsole.AddLog(
$"Requested challenge for incoming connection from endpoint {request.RemoteEndPoint}.");
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)13);
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)CustomLiteNetLib4MirrorTransport.ChallengeMode);
CustomLiteNetLib4MirrorTransport.RequestWriter.Put(num);
switch (CustomLiteNetLib4MirrorTransport.ChallengeMode)
{
case ChallengeType.MD5:
CustomLiteNetLib4MirrorTransport.RequestWriter.PutBytesWithLength(bytes, 0, CustomLiteNetLib4MirrorTransport.ChallengeInitLen);
CustomLiteNetLib4MirrorTransport.RequestWriter.Put(CustomLiteNetLib4MirrorTransport.ChallengeSecretLen);
CustomLiteNetLib4MirrorTransport.RequestWriter.PutBytesWithLength(Md.Md5(bytes));
CustomLiteNetLib4MirrorTransport.Challenges.Add(key, new PreauthChallengeItem(new ArraySegment <byte>(bytes, CustomLiteNetLib4MirrorTransport.ChallengeInitLen, CustomLiteNetLib4MirrorTransport.ChallengeSecretLen)));
break;
case ChallengeType.SHA1:
CustomLiteNetLib4MirrorTransport.RequestWriter.PutBytesWithLength(bytes, 0, CustomLiteNetLib4MirrorTransport.ChallengeInitLen);
CustomLiteNetLib4MirrorTransport.RequestWriter.Put(CustomLiteNetLib4MirrorTransport.ChallengeSecretLen);
CustomLiteNetLib4MirrorTransport.RequestWriter.PutBytesWithLength(Sha.Sha1(bytes));
CustomLiteNetLib4MirrorTransport.Challenges.Add(key, new PreauthChallengeItem(new ArraySegment <byte>(bytes, CustomLiteNetLib4MirrorTransport.ChallengeInitLen, CustomLiteNetLib4MirrorTransport.ChallengeSecretLen)));
break;
default:
CustomLiteNetLib4MirrorTransport.RequestWriter.PutBytesWithLength(bytes);
CustomLiteNetLib4MirrorTransport.Challenges.Add(key, new PreauthChallengeItem(new ArraySegment <byte>(bytes)));
break;
}
request.Reject(CustomLiteNetLib4MirrorTransport.RequestWriter);
CustomLiteNetLib4MirrorTransport.PreauthDisableIdleMode();
return;
}
string key1 = request.RemoteEndPoint.Address + "-" + result4;
if (!CustomLiteNetLib4MirrorTransport.Challenges.ContainsKey(key1))
{
ServerConsole.AddLog(
$"Security challenge response of incoming connection from endpoint {request.RemoteEndPoint} has been REJECTED (invalid Challenge ID).");
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)14);
request.RejectForce(CustomLiteNetLib4MirrorTransport.RequestWriter);
return;
}
ArraySegment <byte> validResponse = CustomLiteNetLib4MirrorTransport.Challenges[key1].ValidResponse;
if (!result5.SequenceEqual(validResponse))
{
ServerConsole.AddLog(
$"Security challenge response of incoming connection from endpoint {request.RemoteEndPoint} has been REJECTED (invalid response).");
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)15);
request.RejectForce(CustomLiteNetLib4MirrorTransport.RequestWriter);
return;
}
CustomLiteNetLib4MirrorTransport.Challenges.Remove(key1);
CustomLiteNetLib4MirrorTransport.PreauthDisableIdleMode();
ServerConsole.AddLog(
$"Security challenge response of incoming connection from endpoint {request.RemoteEndPoint} has been accepted.");
}
else if (!CustomLiteNetLib4MirrorTransport.CheckIpRateLimit(request))
{
return;
}
if (!CharacterClassManager.OnlineMode)
{
KeyValuePair <BanDetails, BanDetails> keyValuePair = BanHandler.QueryBan(null, request.RemoteEndPoint.Address.ToString());
if (keyValuePair.Value != null)
{
ServerConsole.AddLog($"Player tried to connect from banned endpoint {request.RemoteEndPoint}.");
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)6);
CustomLiteNetLib4MirrorTransport.RequestWriter.Put(keyValuePair.Value.Expires);
CustomLiteNetLib4MirrorTransport.RequestWriter.Put(keyValuePair.Value?.Reason ?? string.Empty);
request.RejectForce(CustomLiteNetLib4MirrorTransport.RequestWriter);
}
else
{
request.Accept();
CustomLiteNetLib4MirrorTransport.PreauthDisableIdleMode();
}
}
else
{
if (!request.Data.TryGetString(out string result6) || result6 == string.Empty)
{
CustomLiteNetLib4MirrorTransport.RequestWriter.Reset();
CustomLiteNetLib4MirrorTransport.RequestWriter.Put((byte)5);
request.RejectForce(CustomLiteNetLib4MirrorTransport.RequestWriter);
}
private static void HandleConnection(ConnectionRequest request)
{
NetDataWriter rejectData = new NetDataWriter();
try
{
byte result1;
byte result2;
int position = request.Data.Position;
if (!request.Data.TryGetByte(out result1) || !request.Data.TryGetByte(out result2) || result1 != CustomNetworkManager.Major || result2 != CustomNetworkManager.Minor)
{
rejectData.Reset();
rejectData.Put(3);
request.Reject(rejectData);
}
else
{
if (CustomLiteNetLib4MirrorTransport.IpRateLimiting)
{
if (CustomLiteNetLib4MirrorTransport.IpRateLimit.Contains(request.RemoteEndPoint.Address.ToString()))
{
ServerConsole.AddLog(string.Format("Incoming connection from endpoint {0} rejected due to exceeding the rate limit.", request.RemoteEndPoint));
ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("Incoming connection from endpoint {0} rejected due to exceeding the rate limit.", request.RemoteEndPoint), ServerLogs.ServerLogType.RateLimit);
rejectData.Reset();
rejectData.Put(12);
request.Reject(rejectData);
return;
}
CustomLiteNetLib4MirrorTransport.IpRateLimit.Add(request.RemoteEndPoint.Address.ToString());
}
if (!CharacterClassManager.OnlineMode)
{
KeyValuePair <BanDetails, BanDetails> keyValuePair = BanHandler.QueryBan(null, request.RemoteEndPoint.Address.ToString());
if (keyValuePair.Value != null)
{
ServerConsole.AddLog(string.Format("Player tried to connect from banned endpoint {0}.", request.RemoteEndPoint));
rejectData.Reset();
rejectData.Put(6);
rejectData.Put(keyValuePair.Value.Expires);
rejectData.Put(keyValuePair.Value?.Reason ?? string.Empty);
request.Reject(rejectData);
}
else
{
request.Accept();
}
}
else
{
string result3;
if (!request.Data.TryGetString(out result3) || result3 == string.Empty)
{
rejectData.Reset();
rejectData.Put(5);
request.Reject(rejectData);
}
else
{
ulong result4;
byte result5;
string result6;
byte[] result7;
if (!request.Data.TryGetULong(out result4) || !request.Data.TryGetByte(out result5) || !request.Data.TryGetString(out result6) || !request.Data.TryGetBytesWithLength(out result7))
{
rejectData.Reset();
rejectData.Put(4);
request.Reject(rejectData);
}
else
{
CentralAuthPreauthFlags flags = (CentralAuthPreauthFlags)result5;
try
{
if (!ECDSA.VerifyBytes(string.Format("{0};{1};{2};{3}", result3, result5, result6, result4), result7, ServerConsole.PublicKey))
{
ServerConsole.AddLog(string.Format("Player from endpoint {0} sent preauthentication token with invalid digital signature.", request.RemoteEndPoint));
rejectData.Reset();
rejectData.Put(2);
request.Reject(rejectData);
}
else if (TimeBehaviour.CurrentUnixTimestamp > result4)
{
ServerConsole.AddLog(string.Format("Player from endpoint {0} sent expired preauthentication token.", request.RemoteEndPoint));
ServerConsole.AddLog("Make sure that time and timezone set on server is correct. We recommend synchronizing the time.");
rejectData.Reset();
rejectData.Put(11);
request.Reject(rejectData);
}
else
{
if (CustomLiteNetLib4MirrorTransport.UserRateLimiting)
{
if (CustomLiteNetLib4MirrorTransport.UserRateLimit.Contains(result3))
{
ServerConsole.AddLog(string.Format("Incoming connection from {0} ({1}) rejected due to exceeding the rate limit.", result3, request.RemoteEndPoint));
ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("Incoming connection from endpoint {0} ({1}) rejected due to exceeding the rate limit.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.RateLimit);
rejectData.Reset();
rejectData.Put(12);
request.Reject(rejectData);
return;
}
CustomLiteNetLib4MirrorTransport.UserRateLimit.Add(result3);
}
if (!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreBans) || !ServerStatic.GetPermissionsHandler().IsVerified)
{
KeyValuePair <BanDetails, BanDetails> keyValuePair = BanHandler.QueryBan(result3, request.RemoteEndPoint.Address.ToString());
if (keyValuePair.Key != null || keyValuePair.Value != null)
{
ServerConsole.AddLog(string.Format("{0} {1} tried to connect from {2} endpoint {3}.", keyValuePair.Key == null ? "Player" : "Banned player", result3, keyValuePair.Value == null ? "" : "banned ", request.RemoteEndPoint));
ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("{0} {1} tried to connect from {2} endpoint {3}.", keyValuePair.Key == null ? "Player" : "Banned player", result3, keyValuePair.Value == null ? "" : "banned ", request.RemoteEndPoint), ServerLogs.ServerLogType.ConnectionUpdate);
rejectData.Reset();
rejectData.Put(6);
NetDataWriter netDataWriter1 = rejectData;
BanDetails key = keyValuePair.Key;
netDataWriter1.Put(key != null ? key.Expires : keyValuePair.Value.Expires);
NetDataWriter netDataWriter2 = rejectData;
string str;
if ((str = keyValuePair.Key?.Reason) == null)
{
str = keyValuePair.Value?.Reason ?? string.Empty;
}
netDataWriter2.Put(str);
request.Reject(rejectData);
return;
}
}
if (flags.HasFlagFast(CentralAuthPreauthFlags.GloballyBanned) && !ServerStatic.GetPermissionsHandler().IsVerified)
{
bool useGlobalBans = CustomLiteNetLib4MirrorTransport.UseGlobalBans;
}
if ((!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreWhitelist) || !ServerStatic.GetPermissionsHandler().IsVerified) && !WhiteList.IsWhitelisted(result3))
{
ServerConsole.AddLog(string.Format("Player {0} tried joined from endpoint {1}, but is not whitelisted.", result3, request.RemoteEndPoint));
rejectData.Reset();
rejectData.Put(7);
request.Reject(rejectData);
}
else if (CustomLiteNetLib4MirrorTransport.Geoblocking != GeoblockingMode.None && (!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreGeoblock) || !ServerStatic.GetPermissionsHandler().BanTeamBypassGeo) && (!CustomLiteNetLib4MirrorTransport.GeoblockIgnoreWhitelisted || !WhiteList.IsOnWhitelist(result3)) && (CustomLiteNetLib4MirrorTransport.Geoblocking == GeoblockingMode.Whitelist && !CustomLiteNetLib4MirrorTransport.GeoblockingList.Contains(result6.ToUpper()) || CustomLiteNetLib4MirrorTransport.Geoblocking == GeoblockingMode.Blacklist && CustomLiteNetLib4MirrorTransport.GeoblockingList.Contains(result6.ToUpper())))
{
ServerConsole.AddLog(string.Format("Player {0} ({1}) tried joined from blocked country {2}.", result3, request.RemoteEndPoint, result6.ToUpper()));
rejectData.Reset();
rejectData.Put(9);
request.Reject(rejectData);
}
else
{
int num = CustomNetworkManager.slots;
if (flags.HasFlagFast(CentralAuthPreauthFlags.ReservedSlot) && ServerStatic.GetPermissionsHandler().BanTeamSlots)
{
num = LiteNetLib4MirrorNetworkManager.singleton.maxConnections;
}
else if (ConfigFile.ServerConfig.GetBool("use_reserved_slots", true) && ReservedSlot.HasReservedSlot(result3))
{
num += CustomNetworkManager.reservedSlots;
}
if (LiteNetLib4MirrorCore.Host.PeersCount < num)
{
if (CustomLiteNetLib4MirrorTransport.UserIds.ContainsKey(request.RemoteEndPoint))
{
CustomLiteNetLib4MirrorTransport.UserIds[request.RemoteEndPoint].SetUserId(result3);
}
else
{
CustomLiteNetLib4MirrorTransport.UserIds.Add(request.RemoteEndPoint, new PreauthItem(result3));
}
bool allow = true;
Events.InvokePreAuth(result3, request, position, result5, result6, ref allow);
if (allow)
{
request.Accept();
ServerConsole.AddLog(string.Format("Player {0} preauthenticated from endpoint {1}.", result3, request.RemoteEndPoint));
ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("{0} preauthenticated from endpoint {1}.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.ConnectionUpdate);
}
else
{
ServerConsole.AddLog(string.Format("Player {0} tried to preauthenticate from endpoint {1}, but the request has been rejected by a plugin.", result3, request.RemoteEndPoint));
ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("{0} tried to preauthenticate from endpoint {1}, but the request has been rejected by a plugin.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.ConnectionUpdate);
}
}
else
{
rejectData.Reset();
rejectData.Put(1);
request.Reject(rejectData);
}
}
}
}
catch (Exception exception)
{
ServerConsole.AddLog(string.Format("Player from endpoint {0} sent an invalid preauthentication token. {1}", request.RemoteEndPoint, exception.Message));
rejectData.Reset();
rejectData.Put(2);
request.Reject(rejectData);
}
}
}
}
}
}
catch (Exception exception)
{
ServerConsole.AddLog(string.Format("Player from endpoint {0} failed to preauthenticate: {1}", request.RemoteEndPoint, exception.Message));
rejectData.Reset();
rejectData.Put(4);
request.Reject(rejectData);
}
}