Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signed Message Chain fails to validate when proxy intercepts commands #1083

Closed
Joo200 opened this issue Sep 18, 2023 · 4 comments
Closed

Signed Message Chain fails to validate when proxy intercepts commands #1083

Joo200 opened this issue Sep 18, 2023 · 4 comments
Labels
type: bug Something isn't working

Comments

@Joo200
Copy link
Contributor

Joo200 commented Sep 18, 2023

This is a follow-up after some more testing and inspection of the source code from #1082

Test setup

I used the following test setup:

  1. Velocity:
    3.2.0-SNAPSHOT b265
    Configured with one backend server, `player-info-forwarding-mode = "modern"
  2. Paper:
    1.20.1 b194
    Configured as backend server with active velocity forwarding.

Test execution

  1. Join the server
  2. Write some chat message, e.g. test
  3. Write some proxy command, e.g. /server
  4. Write some chat message, e.g. test
  5. Receive a kick for Chat message validation failure

Logs from paper:

[17:14:21 INFO]: Joo200 joined the game
[17:14:21 INFO]: Joo200[/127.0.0.1:56728] logged in with entity id 245 at ([world]3.822689117283443, 67.0, -9.025347058973914)
[17:14:24 INFO]: <Joo200> test
// Proxy intercepted /server
// Player sent "test"
[17:14:29 WARN]: Failed to validate message acknowledgements from Joo200
[17:14:29 INFO]: Joo200 lost connection: Chat message validation failure
[17:14:29 INFO]: Joo200 left the game

Solution?

We could send a command package to the backend server with the command prefixed with some invalid chat character. That invalid chat message can be stopped by the backend and interpreted as "proxy already handled the command". That way we could handle chat messages too and let the backend server handle intercepted messages.

This workaround would require a config option in velocity and some changes in paper and other backend server such as fabric or forge. I only use Paper as backend server and can add a patch for paper.
@Nacioszeczek Nacioszeczek added the type: bug Something isn't working label Sep 18, 2023
@electronicboy
Copy link
Member

The idea is to add support for sending a message to the backend server which allows it to cycle the chain properly, this was the entire intent for supporting this stuff however it fell to the wayside due to mojang continually changing stuff early on

@electronicboy
Copy link
Member

Was resolved by #1100

@BurkenDev

This comment was marked as spam.

Sign in to view
@electronicboy
Copy link
Member

This specific instance was fixed by 1100. Any other instances would generally be irrelevant to this specific case, but, protocol hacks are generally unsupported, and this mechanism is fragile.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@electronicboy @Joo200 @Nacioszeczek @BurkenDev