mirror of
https://git.neolegacy.dev/neoStudiosLCE/neoLegacy.git
synced 2026-07-17 19:40:45 +00:00
feat: dedicated server security hardening
Comprehensive security system to protect against packet-sniffing attacks, XUID harvesting, privilege escalation, bot flooding, and XUID impersonation. - Stream cipher: per-session XOR cipher with 4-message handshake via CustomPayloadPacket (MC|CKey, MC|CAck, MC|COn). Negotiated per-connection, backwards compatible (old clients/servers fall back to plaintext). - Security gate: buffers all game data until cipher handshake completes, preventing unsecured clients from receiving any XUIDs or game state. - Cipher handshake enforcer: kicks clients that don't complete the handshake within 5 seconds (configurable via require-secure-client). - Identity tokens: persistent per-XUID tokens in identity-tokens.json, issued over the encrypted channel, verified on reconnect. Prevents XUID replay attacks. Client stores server-specific tokens. - PROXY protocol v1: parses real client IPs from playit.gg tunnel headers so rate limiting, IP bans, and XUID spoof detection work per-player. - Rate limiting: per-IP sliding window (default 5 connections/30s) with pending connection cap (default 10). - Privilege hardening: OP requires ops.json, live checks on every command and privilege packet. Host-only server settings changes. - XUID stripping: PreLoginPacket response sends INVALID_XUID placeholders. - Packet validation: readUtf global string cap, reduced max packet size, stream desync protection on oversized strings. - OpManager: persistent ops.json with XUID-based OP list. - Whitelist improvements: whitelist add accepts player names with ambiguity detection, XUID cache from login attempts. - revoketoken command: revoke identity tokens for players who lost theirs. - server.log: persistent log file written alongside console output with flush-per-write to survive crashes. - CLI security logging: consolidated per-join security summary with cipher status, token status, XUID, and real IP. Security warnings for kicks, spoofing, and unauthorized commands.
This commit is contained in:
@@ -196,9 +196,29 @@ void IQNetPlayer::SendData(IQNetPlayer * player, const void* pvData, DWORD dwDat
|
||||
{
|
||||
if (!WinsockNetLayer::IsHosting() && !m_isRemote)
|
||||
{
|
||||
// Client sending to server via local socket (bypasses SendToSmallId)
|
||||
SOCKET sock = WinsockNetLayer::GetLocalSocket(m_smallId);
|
||||
if (sock != INVALID_SOCKET)
|
||||
WinsockNetLayer::SendOnSocket(sock, pvData, dwDataSize);
|
||||
{
|
||||
// Encrypt if client send cipher is active
|
||||
if (dwDataSize > 0)
|
||||
{
|
||||
std::vector<BYTE> buf(static_cast<const BYTE*>(pvData),
|
||||
static_cast<const BYTE*>(pvData) + dwDataSize);
|
||||
if (WinsockNetLayer::TryEncryptClientOutgoing(buf.data(), static_cast<int>(dwDataSize)))
|
||||
{
|
||||
WinsockNetLayer::SendOnSocket(sock, buf.data(), static_cast<int>(dwDataSize));
|
||||
}
|
||||
else
|
||||
{
|
||||
WinsockNetLayer::SendOnSocket(sock, pvData, dwDataSize);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
WinsockNetLayer::SendOnSocket(sock, pvData, dwDataSize);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user