private static void HandleConnection(ConnectionRequest request) { NetDataWriter rejectData = new NetDataWriter(); try { byte result1; byte result2; int position = request.Data.Position; if (!request.Data.TryGetByte(out result1) || !request.Data.TryGetByte(out result2) || result1 != CustomNetworkManager.Major || result2 != CustomNetworkManager.Minor) { rejectData.Reset(); rejectData.Put(3); request.Reject(rejectData); } else { if (CustomLiteNetLib4MirrorTransport.IpRateLimiting) { if (CustomLiteNetLib4MirrorTransport.IpRateLimit.Contains(request.RemoteEndPoint.Address.ToString())) { ServerConsole.AddLog(string.Format("Incoming connection from endpoint {0} rejected due to exceeding the rate limit.", request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("Incoming connection from endpoint {0} rejected due to exceeding the rate limit.", request.RemoteEndPoint), ServerLogs.ServerLogType.RateLimit); rejectData.Reset(); rejectData.Put(12); request.Reject(rejectData); return; } CustomLiteNetLib4MirrorTransport.IpRateLimit.Add(request.RemoteEndPoint.Address.ToString()); } if (!CharacterClassManager.OnlineMode) { KeyValuePair <BanDetails, BanDetails> keyValuePair = BanHandler.QueryBan(null, request.RemoteEndPoint.Address.ToString()); if (keyValuePair.Value != null) { ServerConsole.AddLog(string.Format("Player tried to connect from banned endpoint {0}.", request.RemoteEndPoint)); rejectData.Reset(); rejectData.Put(6); rejectData.Put(keyValuePair.Value.Expires); rejectData.Put(keyValuePair.Value?.Reason ?? string.Empty); request.Reject(rejectData); } else { request.Accept(); } } else { string result3; if (!request.Data.TryGetString(out result3) || result3 == string.Empty) { rejectData.Reset(); rejectData.Put(5); request.Reject(rejectData); } else { ulong result4; byte result5; string result6; byte[] result7; if (!request.Data.TryGetULong(out result4) || !request.Data.TryGetByte(out result5) || !request.Data.TryGetString(out result6) || !request.Data.TryGetBytesWithLength(out result7)) { rejectData.Reset(); rejectData.Put(4); request.Reject(rejectData); } else { CentralAuthPreauthFlags flags = (CentralAuthPreauthFlags)result5; try { if (!ECDSA.VerifyBytes(string.Format("{0};{1};{2};{3}", result3, result5, result6, result4), result7, ServerConsole.PublicKey)) { ServerConsole.AddLog(string.Format("Player from endpoint {0} sent preauthentication token with invalid digital signature.", request.RemoteEndPoint)); rejectData.Reset(); rejectData.Put(2); request.Reject(rejectData); } else if (TimeBehaviour.CurrentUnixTimestamp > result4) { ServerConsole.AddLog(string.Format("Player from endpoint {0} sent expired preauthentication token.", request.RemoteEndPoint)); ServerConsole.AddLog("Make sure that time and timezone set on server is correct. We recommend synchronizing the time."); rejectData.Reset(); rejectData.Put(11); request.Reject(rejectData); } else { if (CustomLiteNetLib4MirrorTransport.UserRateLimiting) { if (CustomLiteNetLib4MirrorTransport.UserRateLimit.Contains(result3)) { ServerConsole.AddLog(string.Format("Incoming connection from {0} ({1}) rejected due to exceeding the rate limit.", result3, request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("Incoming connection from endpoint {0} ({1}) rejected due to exceeding the rate limit.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.RateLimit); rejectData.Reset(); rejectData.Put(12); request.Reject(rejectData); return; } CustomLiteNetLib4MirrorTransport.UserRateLimit.Add(result3); } if (!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreBans) || !ServerStatic.GetPermissionsHandler().IsVerified) { KeyValuePair <BanDetails, BanDetails> keyValuePair = BanHandler.QueryBan(result3, request.RemoteEndPoint.Address.ToString()); if (keyValuePair.Key != null || keyValuePair.Value != null) { ServerConsole.AddLog(string.Format("{0} {1} tried to connect from {2} endpoint {3}.", keyValuePair.Key == null ? "Player" : "Banned player", result3, keyValuePair.Value == null ? "" : "banned ", request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("{0} {1} tried to connect from {2} endpoint {3}.", keyValuePair.Key == null ? "Player" : "Banned player", result3, keyValuePair.Value == null ? "" : "banned ", request.RemoteEndPoint), ServerLogs.ServerLogType.ConnectionUpdate); rejectData.Reset(); rejectData.Put(6); NetDataWriter netDataWriter1 = rejectData; BanDetails key = keyValuePair.Key; netDataWriter1.Put(key != null ? key.Expires : keyValuePair.Value.Expires); NetDataWriter netDataWriter2 = rejectData; string str; if ((str = keyValuePair.Key?.Reason) == null) { str = keyValuePair.Value?.Reason ?? string.Empty; } netDataWriter2.Put(str); request.Reject(rejectData); return; } } if (flags.HasFlagFast(CentralAuthPreauthFlags.GloballyBanned) && !ServerStatic.GetPermissionsHandler().IsVerified) { bool useGlobalBans = CustomLiteNetLib4MirrorTransport.UseGlobalBans; } if ((!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreWhitelist) || !ServerStatic.GetPermissionsHandler().IsVerified) && !WhiteList.IsWhitelisted(result3)) { ServerConsole.AddLog(string.Format("Player {0} tried joined from endpoint {1}, but is not whitelisted.", result3, request.RemoteEndPoint)); rejectData.Reset(); rejectData.Put(7); request.Reject(rejectData); } else if (CustomLiteNetLib4MirrorTransport.Geoblocking != GeoblockingMode.None && (!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreGeoblock) || !ServerStatic.GetPermissionsHandler().BanTeamBypassGeo) && (!CustomLiteNetLib4MirrorTransport.GeoblockIgnoreWhitelisted || !WhiteList.IsOnWhitelist(result3)) && (CustomLiteNetLib4MirrorTransport.Geoblocking == GeoblockingMode.Whitelist && !CustomLiteNetLib4MirrorTransport.GeoblockingList.Contains(result6.ToUpper()) || CustomLiteNetLib4MirrorTransport.Geoblocking == GeoblockingMode.Blacklist && CustomLiteNetLib4MirrorTransport.GeoblockingList.Contains(result6.ToUpper()))) { ServerConsole.AddLog(string.Format("Player {0} ({1}) tried joined from blocked country {2}.", result3, request.RemoteEndPoint, result6.ToUpper())); rejectData.Reset(); rejectData.Put(9); request.Reject(rejectData); } else { int num = CustomNetworkManager.slots; if (flags.HasFlagFast(CentralAuthPreauthFlags.ReservedSlot) && ServerStatic.GetPermissionsHandler().BanTeamSlots) { num = LiteNetLib4MirrorNetworkManager.singleton.maxConnections; } else if (ConfigFile.ServerConfig.GetBool("use_reserved_slots", true) && ReservedSlot.HasReservedSlot(result3)) { num += CustomNetworkManager.reservedSlots; } if (LiteNetLib4MirrorCore.Host.PeersCount < num) { if (CustomLiteNetLib4MirrorTransport.UserIds.ContainsKey(request.RemoteEndPoint)) { CustomLiteNetLib4MirrorTransport.UserIds[request.RemoteEndPoint].SetUserId(result3); } else { CustomLiteNetLib4MirrorTransport.UserIds.Add(request.RemoteEndPoint, new PreauthItem(result3)); } bool allow = true; Events.InvokePreAuth(result3, request, position, result5, result6, ref allow); if (allow) { request.Accept(); ServerConsole.AddLog(string.Format("Player {0} preauthenticated from endpoint {1}.", result3, request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("{0} preauthenticated from endpoint {1}.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.ConnectionUpdate); } else { ServerConsole.AddLog(string.Format("Player {0} tried to preauthenticate from endpoint {1}, but the request has been rejected by a plugin.", result3, request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("{0} tried to preauthenticate from endpoint {1}, but the request has been rejected by a plugin.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.ConnectionUpdate); } } else { rejectData.Reset(); rejectData.Put(1); request.Reject(rejectData); } } } } catch (Exception exception) { ServerConsole.AddLog(string.Format("Player from endpoint {0} sent an invalid preauthentication token. {1}", request.RemoteEndPoint, exception.Message)); rejectData.Reset(); rejectData.Put(2); request.Reject(rejectData); } } } } } } catch (Exception exception) { ServerConsole.AddLog(string.Format("Player from endpoint {0} failed to preauthenticate: {1}", request.RemoteEndPoint, exception.Message)); rejectData.Reset(); rejectData.Put(4); request.Reject(rejectData); } }
private static void HandleConnection(ConnectionRequest request) { NetDataWriter rejectData = new NetDataWriter(); try { byte result1; byte result2; if (!request.Data.TryGetByte(out result1) || !request.Data.TryGetByte(out result2) || result1 != CustomNetworkManager.Major || result2 != CustomNetworkManager.Minor) { rejectData.Reset(); rejectData.Put(3); request.Reject(rejectData); } else { if (CustomLiteNetLib4MirrorTransport.IpRateLimiting) { if (CustomLiteNetLib4MirrorTransport.IpRateLimit.Contains(request.RemoteEndPoint.Address.ToString())) { ServerConsole.AddLog(string.Format("Connexion entrante à partir de l'IP {0} rejetée en raison d'un dépassement du taux limite.", request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("Connexion entrante à partir de l'IP {0} rejetée en raison d'un dépassement du taux limite.", request.RemoteEndPoint), ServerLogs.ServerLogType.RateLimit); rejectData.Reset(); rejectData.Put(12); request.Reject(rejectData); return; } CustomLiteNetLib4MirrorTransport.IpRateLimit.Add(request.RemoteEndPoint.Address.ToString()); } string result3; if (!request.Data.TryGetString(out result3) || result3 == string.Empty) { rejectData.Reset(); rejectData.Put(5); request.Reject(rejectData); } else { ulong result4; byte result5; string result6; byte[] result7; if (!request.Data.TryGetULong(out result4) || !request.Data.TryGetByte(out result5) || !request.Data.TryGetString(out result6) || !request.Data.TryGetBytesWithLength(out result7)) { rejectData.Reset(); rejectData.Put(4); request.Reject(rejectData); } else { CentralAuthPreauthFlags flags = (CentralAuthPreauthFlags)result5; try { String steamID = result3; Login LoginJSON = new Login(); LoginJSON.Steamid64 = steamID; LoginJSON.Ip = request.RemoteEndPoint.Address.ToString(); String JSON = Serialize.ToJson(LoginJSON); String JsonResponse = Methods.Post(Plugin.LoginURL, JSON); try { JSON.Success.SuccessResponseJSON APIResponse = AtlasUserAPI.JSON.Success.SuccessResponseJSON.FromJson(JsonResponse); if (!ECDSA.VerifyBytes(string.Format("{0};{1};{2};{3}", result3, result5, result6, result4), result7, ServerConsole.PublicKey)) { ServerConsole.AddLog(string.Format("Joueur avec l'IP {0} a envoyé un jeton de préauthentification avec une signature numérique non valide.", request.RemoteEndPoint)); rejectData.Reset(); rejectData.Put(2); request.Reject(rejectData); } else if (TimeBehaviour.CurrentUnixTimestamp > result4) { ServerConsole.AddLog(string.Format("Joueur avec l'IP {0} a envoyé un jeton de préauthentification périmé.", request.RemoteEndPoint)); ServerConsole.AddLog("Assurez-vous que l'heure et le fuseau horaire définis sur le serveur sont corrects. Nous recommandons de synchroniser l'heure."); rejectData.Reset(); rejectData.Put(11); request.Reject(rejectData); } else { if (CustomLiteNetLib4MirrorTransport.UserRateLimiting) { if (CustomLiteNetLib4MirrorTransport.UserRateLimit.Contains(result3)) { ServerConsole.AddLog(string.Format("Connexion entrante de {0} ({1}) rejetée en raison d'un dépassement du taux limite.", result3, request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("Connexion entrante à partir de l'IP {0} ({1}) rejetée en raison d'un dépassement du taux limite.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.RateLimit); rejectData.Reset(); rejectData.Put(12); request.Reject(rejectData); return; } CustomLiteNetLib4MirrorTransport.UserRateLimit.Add(result3); } if (!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreBans) || !ServerStatic.GetPermissionsHandler().IsVerified) { // API Check BAN. if (APIResponse.IsBanned) { ServerConsole.AddLog(string.Format("Le joueur {0} a essayé de se connecter avec l'IP {1}, mais l'API répond qu'il est banni.", result3, request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("Le joueur {0} a essayé de se connecter avec l'IP {1}, mais l'API répond qu'il est banni.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.ConnectionUpdate); rejectData.Reset(); rejectData.Put(6); request.Reject(rejectData); return; } } if (flags.HasFlagFast(CentralAuthPreauthFlags.GloballyBanned) && !ServerStatic.GetPermissionsHandler().IsVerified) { bool useGlobalBans = CustomLiteNetLib4MirrorTransport.UseGlobalBans; } if ((!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreWhitelist) || !ServerStatic.GetPermissionsHandler().IsVerified) && !WhiteList.IsWhitelisted(result3)) { ServerConsole.AddLog(string.Format("Le joueur {0} a essayé de joindre à partir de l'IP {1}, mais n'est pas sur la liste blanche.", result3, request.RemoteEndPoint)); rejectData.Reset(); rejectData.Put(7); request.Reject(rejectData); } else if (CustomLiteNetLib4MirrorTransport.Geoblocking != GeoblockingMode.None && (!flags.HasFlagFast(CentralAuthPreauthFlags.IgnoreGeoblock) || !ServerStatic.GetPermissionsHandler().BanTeamBypassGeo) && (!CustomLiteNetLib4MirrorTransport.GeoblockIgnoreWhitelisted || !WhiteList.IsOnWhitelist(result3)) && (CustomLiteNetLib4MirrorTransport.Geoblocking == GeoblockingMode.Whitelist && !CustomLiteNetLib4MirrorTransport.GeoblockingList.Contains(result6.ToUpper()) || CustomLiteNetLib4MirrorTransport.Geoblocking == GeoblockingMode.Blacklist && CustomLiteNetLib4MirrorTransport.GeoblockingList.Contains(result6.ToUpper()))) { ServerConsole.AddLog(string.Format("Le joueur {0} ({1}) a tenté de rejoindre depuis le pays bloqué {2}.", result3, request.RemoteEndPoint, result6.ToUpper())); rejectData.Reset(); rejectData.Put(9); request.Reject(rejectData); } else { // API Role & Slots string role; if (Plugin.role.TryGetValue(steamID, out role)) { Plugin.role.Remove(steamID); } if (!String.IsNullOrEmpty(APIResponse.Role)) { Plugin.role.Add(steamID, APIResponse.Role); } else { if (ServerStatic.GetPermissionsHandler()._members.ContainsKey(steamID)) { ServerStatic.GetPermissionsHandler()._members.Remove(steamID); } } int num = CustomNetworkManager.slots; if (flags.HasFlagFast(CentralAuthPreauthFlags.ReservedSlot) && ServerStatic.GetPermissionsHandler().BanTeamSlots) { num = LiteNetLib4MirrorNetworkManager.singleton.maxConnections; } else if (ConfigFile.ServerConfig.GetBool("use_reserved_slots", true)) { // API Slots if (!String.IsNullOrEmpty(APIResponse.Role)) { List <string> RoleRSRead = File.ReadAllLines(Plugin.RoleRSFilePath).ToList(); if (RoleRSRead.Contains(APIResponse.Role)) { num = CustomNetworkManager.singleton.maxConnections; } } } if (LiteNetLib4MirrorCore.Host.PeersCount < num) { if (CustomLiteNetLib4MirrorTransport.UserIds.ContainsKey(request.RemoteEndPoint)) { CustomLiteNetLib4MirrorTransport.UserIds[request.RemoteEndPoint].SetUserId(result3); } else { CustomLiteNetLib4MirrorTransport.UserIds.Add(request.RemoteEndPoint, new PreauthItem(result3)); } bool allow = true; Events.InvokePreAuth(ref result3, request, ref allow); if (allow) { request.Accept(); ServerConsole.AddLog(string.Format("Le joueur {0} est préauthentifié à partir de l'IP {1}.", result3, request.RemoteEndPoint)); ServerLogs.AddLog(ServerLogs.Modules.Networking, string.Format("{0} préauthentifié à partir de l'IP {1}.", result3, request.RemoteEndPoint), ServerLogs.ServerLogType.ConnectionUpdate); } } else { ServerConsole.AddLog(string.Format("Le joueur {0} ({1}) a essayé de se connecter, mais le serveur est plein.", result3, request.RemoteEndPoint)); rejectData.Reset(); rejectData.Put(1); request.Reject(rejectData); } } } } catch (Exception exception) { ServerConsole.AddLog(string.Format("Le joueur avec l'IP {0} a envoyé un jeton de préauthentification non valable. {1}", request.RemoteEndPoint, exception.Message)); rejectData.Reset(); rejectData.Put(2); request.Reject(rejectData); } } catch (Exception exception) { ServerConsole.AddLog(string.Format("Le joueur avec l'IP {0} a subi une erreur avec l'API. {1}", request.RemoteEndPoint, exception.Message)); rejectData.Reset(); rejectData.Put(2); request.Reject(rejectData); } } } } } catch (Exception exception) { ServerConsole.AddLog(string.Format("Joueur avec l'IP {0} n'a pas réussi à se préauthentifier : {1}", request.RemoteEndPoint, exception.Message)); rejectData.Reset(); rejectData.Put(4); request.Reject(rejectData); } }