mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-06-30 23:29:54 +00:00
Code Issues Projects Releases Wiki Activity

Query token now depends on the source IP

Browse Source
This commit is contained in:
Shoghi Cervantes 2014-02-20 09:00:17 +01:00
parent d12ce8fd6c
commit 772fa2b9e3
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/network/query/QueryHandler.php
View File

@ -91,7 +91,11 @@ class QueryHandler{
public function regenerateToken(){
$this->lastToken = $this->token;
$this->token = Utils::readInt("\x00".Utils::getRandomBytes(3, false));
$this->token = Utils::getRandomBytes(16, false);
}
public static function getTokenString($token, $salt){
return Utils::readInt(substr(hash("sha512", $salt . ":". $token, true), 7, 4));
}
public function handle(QueryPacket $packet){
@ -103,13 +107,13 @@ class QueryHandler{
$pk->port = $packet->port;
$pk->packetType = QueryPacket::HANDSHAKE;
$pk->sessionID = $packet->sessionID;
$pk->payload = $this->token."\x00";
$pk->payload = self::getTokenString($this->token, $packet->ip)."\x00";
$pk->encode();
$this->server->send($pk);
break;
case QueryPacket::STATISTICS: //Stat
$token = Utils::readInt(substr($packet->payload, 0, 4));
if($token !== $this->token and $token !== $this->lastToken){
if($token !== self::getTokenString($this->token, $packet->ip) and $token !== self::getTokenString($this->lastToken, $packet->ip)){
break;
}
$pk = new QueryPacket;
@ -131,4 +135,4 @@ class QueryHandler{
}
}
}
}