mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-05-12 16:59:44 +00:00
Code Issues Projects Releases Wiki Activity

disallow logins from players with phony XUIDs

Browse Source 
this simplifies XUID handling.
This commit is contained in:
Dylan K. Taylor 2019-07-03 16:47:02 +01:00
parent e07523056d
commit 85051554c4
2 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/pocketmine/network/mcpe/NetworkSession.php
View File

@ -533,6 +533,8 @@ class NetworkSession{
}
if($authenticated and $this->info->getXuid() === ""){
$error = "Expected XUID but none found";
}elseif(!$authenticated and $this->info->getXuid() !== ""){
$error = "Unexpected XUID for non-XBOX-authenticated player";
}
if($error !== null){
@ -543,15 +545,9 @@ class NetworkSession{
$this->authenticated = $authenticated;
if(!$this->authenticated){
if($authRequired){
$this->disconnect("disconnectionScreen.notAuthenticated");
return;
}
if($this->info->getXuid() !== ""){
$this->logger->warning("Found XUID, but login keychain is not signed by Mojang");
}
if(!$this->authenticated and $authRequired){
$this->disconnect("disconnectionScreen.notAuthenticated");
return;
}
$this->logger->debug("Xbox Live authenticated: " . ($this->authenticated ? "YES" : "NO"));

2
src/pocketmine/player/Player.php
View File

@ -283,7 +283,7 @@ class Player extends Human implements CommandSender, ChunkLoader, ChunkListener,
$this->uuid = $this->playerInfo->getUuid();
$this->rawUUID = $this->uuid->toBinary();
$this->xuid = $authenticated ? $this->playerInfo->getXuid() : "";
$this->xuid = $this->playerInfo->getXuid();
$this->perm = new PermissibleBase($this);
$this->chunksPerTick = (int) $this->server->getProperty("chunk-sending.per-tick", 4);