From a3068b39a280d61f3fe03054dfa53ba42e757990 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Tue, 16 Feb 2021 22:31:01 +0000 Subject: [PATCH 01/15] Update composer dependencies --- composer.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/composer.lock b/composer.lock index 9f1432ab5..85511924c 100644 --- a/composer.lock +++ b/composer.lock @@ -358,16 +358,16 @@ }, { "name": "pocketmine/raklib", - "version": "0.12.10", + "version": "0.12.11", "source": { "type": "git", "url": "https://github.com/pmmp/RakLib.git", - "reference": "48e70551cca6f2409115d3468bed94c2edd08f31" + "reference": "9cce458b8bfde3e4dfdbf70c659fc7b7fe26b5c4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/pmmp/RakLib/zipball/48e70551cca6f2409115d3468bed94c2edd08f31", - "reference": "48e70551cca6f2409115d3468bed94c2edd08f31", + "url": "https://api.github.com/repos/pmmp/RakLib/zipball/9cce458b8bfde3e4dfdbf70c659fc7b7fe26b5c4", + "reference": "9cce458b8bfde3e4dfdbf70c659fc7b7fe26b5c4", "shasum": "" }, "require": { @@ -382,7 +382,7 @@ "pocketmine/snooze": "^0.1.0" }, "require-dev": { - "phpstan/phpstan": "0.12.67", + "phpstan/phpstan": "0.12.76", "phpstan/phpstan-strict-rules": "^0.12.2" }, "type": "library", @@ -398,9 +398,9 @@ "description": "A RakNet server implementation written in PHP", "support": { "issues": "https://github.com/pmmp/RakLib/issues", - "source": "https://github.com/pmmp/RakLib/tree/0.12.10" + "source": "https://github.com/pmmp/RakLib/tree/0.12.11" }, - "time": "2021-01-15T16:19:15+00:00" + "time": "2021-02-15T11:21:05+00:00" }, { "name": "pocketmine/snooze", @@ -2553,7 +2553,7 @@ }, { "name": "symfony/polyfill-ctype", - "version": "v1.22.0", + "version": "v1.22.1", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-ctype.git", @@ -2612,7 +2612,7 @@ "portable" ], "support": { - "source": "https://github.com/symfony/polyfill-ctype/tree/v1.22.0" + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.22.1" }, "funding": [ { From 11630ab1aa3923d7137884280c2ecd1637a23c8d Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu, 18 Feb 2021 11:34:42 +0000 Subject: [PATCH 02/15] Bump phpstan/phpstan from 0.12.76 to 0.12.77 (#4041) --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index fd1fadd51..437c9b218 100644 --- a/composer.json +++ b/composer.json @@ -37,7 +37,7 @@ "pocketmine/spl": "^0.4.0" }, "require-dev": { - "phpstan/phpstan": "0.12.76", + "phpstan/phpstan": "0.12.77", "phpstan/phpstan-phpunit": "^0.12.6", "phpstan/phpstan-strict-rules": "^0.12.2", "phpunit/phpunit": "^9.2" diff --git a/composer.lock b/composer.lock index 85511924c..120424a1a 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "1609bd6189c249ac32c4d86501a7d020", + "content-hash": "33d008fec8748e1592fb721ad6f15497", "packages": [ { "name": "adhocore/json-comment", @@ -1002,16 +1002,16 @@ }, { "name": "phpstan/phpstan", - "version": "0.12.76", + "version": "0.12.77", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "7aaaf9a759a29795e8f46d48041af1c1f1b23d38" + "reference": "1f10b8c8d118d01e7b492f9707999d456be5812c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/7aaaf9a759a29795e8f46d48041af1c1f1b23d38", - "reference": "7aaaf9a759a29795e8f46d48041af1c1f1b23d38", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/1f10b8c8d118d01e7b492f9707999d456be5812c", + "reference": "1f10b8c8d118d01e7b492f9707999d456be5812c", "shasum": "" }, "require": { @@ -1042,7 +1042,7 @@ "description": "PHPStan - PHP Static Analysis Tool", "support": { "issues": "https://github.com/phpstan/phpstan/issues", - "source": "https://github.com/phpstan/phpstan/tree/0.12.76" + "source": "https://github.com/phpstan/phpstan/tree/0.12.77" }, "funding": [ { @@ -1058,7 +1058,7 @@ "type": "tidelift" } ], - "time": "2021-02-13T11:47:44+00:00" + "time": "2021-02-17T16:22:19+00:00" }, { "name": "phpstan/phpstan-phpunit", From 9c5114084b0d485000692af1a4972d415f6543e3 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Mon, 22 Feb 2021 16:42:54 +0000 Subject: [PATCH 03/15] Updated Snooze to fix race conditions --- composer.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/composer.lock b/composer.lock index 85511924c..178e36903 100644 --- a/composer.lock +++ b/composer.lock @@ -404,16 +404,16 @@ }, { "name": "pocketmine/snooze", - "version": "0.1.4", + "version": "0.1.5", "source": { "type": "git", "url": "https://github.com/pmmp/Snooze.git", - "reference": "382ab149f01ecca0a57f999ff5d7fc9e271c3268" + "reference": "70b5e7937a06878dd321a3182ceb76d56298f2cd" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/pmmp/Snooze/zipball/382ab149f01ecca0a57f999ff5d7fc9e271c3268", - "reference": "382ab149f01ecca0a57f999ff5d7fc9e271c3268", + "url": "https://api.github.com/repos/pmmp/Snooze/zipball/70b5e7937a06878dd321a3182ceb76d56298f2cd", + "reference": "70b5e7937a06878dd321a3182ceb76d56298f2cd", "shasum": "" }, "require": { @@ -422,7 +422,7 @@ }, "require-dev": { "phpstan/extension-installer": "^1.0", - "phpstan/phpstan": "0.12.67", + "phpstan/phpstan": "0.12.76", "phpstan/phpstan-strict-rules": "^0.12.4" }, "type": "library", @@ -438,9 +438,9 @@ "description": "Thread notification management library for code using the pthreads extension", "support": { "issues": "https://github.com/pmmp/Snooze/issues", - "source": "https://github.com/pmmp/Snooze/tree/0.1.4" + "source": "https://github.com/pmmp/Snooze/tree/0.1.5" }, - "time": "2021-01-15T14:44:16+00:00" + "time": "2021-02-22T16:16:12+00:00" }, { "name": "pocketmine/spl", From ccc76cf33852fad3e0cca8ab805b8b15cd503f76 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Tue, 23 Feb 2021 19:25:22 +0000 Subject: [PATCH 04/15] Make less noise about XBL being enabled this has been in force for years now, it's expected by now. --- src/pocketmine/Server.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/pocketmine/Server.php b/src/pocketmine/Server.php index 696131515..50df4e0bf 100644 --- a/src/pocketmine/Server.php +++ b/src/pocketmine/Server.php @@ -1461,8 +1461,7 @@ class Server{ $this->onlineMode = $this->getConfigBool("xbox-auth", true); if($this->onlineMode){ - $this->logger->notice($this->getLanguage()->translateString("pocketmine.server.auth.enabled")); - $this->logger->notice($this->getLanguage()->translateString("pocketmine.server.authProperty.enabled")); + $this->logger->info($this->getLanguage()->translateString("pocketmine.server.auth.enabled")); }else{ $this->logger->warning($this->getLanguage()->translateString("pocketmine.server.auth.disabled")); $this->logger->warning($this->getLanguage()->translateString("pocketmine.server.authWarning")); From fcfd51dfc71a1af4c3e6832703c68af9b1ac6825 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Tue, 23 Feb 2021 19:39:21 +0000 Subject: [PATCH 05/15] CrashDump: do not put FALSE into crashdumps in case file_get_contents() failed --- src/pocketmine/CrashDump.php | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/pocketmine/CrashDump.php b/src/pocketmine/CrashDump.php index 6f250dcec..cdf67c6a5 100644 --- a/src/pocketmine/CrashDump.php +++ b/src/pocketmine/CrashDump.php @@ -206,9 +206,16 @@ class CrashDump{ if($this->server->getProperty("auto-report.send-settings", true) !== false){ $this->data["parameters"] = (array) $argv; - $this->data["server.properties"] = @file_get_contents($this->server->getDataPath() . "server.properties"); - $this->data["server.properties"] = preg_replace("#^rcon\\.password=(.*)$#m", "rcon.password=******", $this->data["server.properties"]); - $this->data["pocketmine.yml"] = @file_get_contents($this->server->getDataPath() . "pocketmine.yml"); + if(($serverDotProperties = @file_get_contents($this->server->getDataPath() . "server.properties")) !== false){ + $this->data["server.properties"] = preg_replace("#^rcon\\.password=(.*)$#m", "rcon.password=******", $serverDotProperties); + }else{ + $this->data["server.properties"] = $serverDotProperties; + } + if(($pocketmineDotYml = @file_get_contents($this->server->getDataPath() . "pocketmine.yml")) !== false){ + $this->data["pocketmine.yml"] = $pocketmineDotYml; + }else{ + $this->data["pocketmine.yml"] = ""; + } }else{ $this->data["pocketmine.yml"] = ""; $this->data["server.properties"] = ""; From fac2bd33790a101380f9ea9818f542c7a616a769 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Thu, 25 Feb 2021 22:41:07 +0000 Subject: [PATCH 06/15] Liquid: mark getSmallestFlowDecay() as impure this fixes two bogus PHPStan warnings. --- src/pocketmine/block/Liquid.php | 3 +++ tests/phpstan/configs/phpstan-bugs.neon | 10 ---------- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/src/pocketmine/block/Liquid.php b/src/pocketmine/block/Liquid.php index 255dc1631..ce12ef74e 100644 --- a/src/pocketmine/block/Liquid.php +++ b/src/pocketmine/block/Liquid.php @@ -418,6 +418,9 @@ abstract class Liquid extends Transparent{ return $isOptimalFlowDirection; } + /** + * @phpstan-impure This function modifies the adjacent sources count (premature optimisation) + */ private function getSmallestFlowDecay(Block $block, int $decay) : int{ $blockDecay = $this->getFlowDecay($block); diff --git a/tests/phpstan/configs/phpstan-bugs.neon b/tests/phpstan/configs/phpstan-bugs.neon index 69d1e6bbd..5d8f659c7 100644 --- a/tests/phpstan/configs/phpstan-bugs.neon +++ b/tests/phpstan/configs/phpstan-bugs.neon @@ -1,15 +1,5 @@ parameters: ignoreErrors: - - - message: "#^Comparison operation \"\\>\\=\" between 0 and 2 is always false\\.$#" - count: 1 - path: ../../../src/pocketmine/block/Liquid.php - - - - message: "#^If condition is always false\\.$#" - count: 1 - path: ../../../src/pocketmine/block/Liquid.php - - message: "#^Call to function is_resource\\(\\) with resource will always evaluate to true\\.$#" count: 3 From 78f998537745e0d185de68c1bc11c3dc2a20d849 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Fri, 26 Feb 2021 00:30:32 +0000 Subject: [PATCH 07/15] Player: fixed PlayerMoveEvent->getFrom() returning unexpected results on movement reversion fixes #4043 --- src/pocketmine/Player.php | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/src/pocketmine/Player.php b/src/pocketmine/Player.php index 6f2a8ce74..a23f9dbdc 100644 --- a/src/pocketmine/Player.php +++ b/src/pocketmine/Player.php @@ -1653,13 +1653,6 @@ class Player extends Human implements CommandSender, ChunkLoader, IPlayer{ $deltaAngle = abs($this->lastYaw - $to->yaw) + abs($this->lastPitch - $to->pitch); if($delta > 0.0001 or $deltaAngle > 1.0){ - $this->lastX = $to->x; - $this->lastY = $to->y; - $this->lastZ = $to->z; - - $this->lastYaw = $to->yaw; - $this->lastPitch = $to->pitch; - $ev = new PlayerMoveEvent($this, $from, $to); $ev->call(); @@ -1674,6 +1667,12 @@ class Player extends Human implements CommandSender, ChunkLoader, IPlayer{ return; } + $this->lastX = $to->x; + $this->lastY = $to->y; + $this->lastZ = $to->z; + + $this->lastYaw = $to->yaw; + $this->lastPitch = $to->pitch; $this->broadcastMovement(); $distance = sqrt((($from->x - $to->x) ** 2) + (($from->z - $to->z) ** 2)); @@ -1696,13 +1695,6 @@ class Player extends Human implements CommandSender, ChunkLoader, IPlayer{ } protected function revertMovement(Location $from) : void{ - $this->lastX = $from->x; - $this->lastY = $from->y; - $this->lastZ = $from->z; - - $this->lastYaw = $from->yaw; - $this->lastPitch = $from->pitch; - $this->setPosition($from); $this->sendPosition($from, $from->yaw, $from->pitch, MovePlayerPacket::MODE_RESET); } From e34a444dde93c77ed28fb5919d0e6cbae85dcd18 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Fri, 26 Feb 2021 00:34:38 +0000 Subject: [PATCH 08/15] Bump phpstan/phpstan from 0.12.77 to 0.12.78 (#4046) --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index 437c9b218..aa72e2534 100644 --- a/composer.json +++ b/composer.json @@ -37,7 +37,7 @@ "pocketmine/spl": "^0.4.0" }, "require-dev": { - "phpstan/phpstan": "0.12.77", + "phpstan/phpstan": "0.12.78", "phpstan/phpstan-phpunit": "^0.12.6", "phpstan/phpstan-strict-rules": "^0.12.2", "phpunit/phpunit": "^9.2" diff --git a/composer.lock b/composer.lock index c8fc62332..de56c0157 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "33d008fec8748e1592fb721ad6f15497", + "content-hash": "9717b5169b8b103e975d51daa203d3c3", "packages": [ { "name": "adhocore/json-comment", @@ -1002,16 +1002,16 @@ }, { "name": "phpstan/phpstan", - "version": "0.12.77", + "version": "0.12.78", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "1f10b8c8d118d01e7b492f9707999d456be5812c" + "reference": "eecce8d2ee3cac6769f37b4cb1998b2715f82984" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/1f10b8c8d118d01e7b492f9707999d456be5812c", - "reference": "1f10b8c8d118d01e7b492f9707999d456be5812c", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/eecce8d2ee3cac6769f37b4cb1998b2715f82984", + "reference": "eecce8d2ee3cac6769f37b4cb1998b2715f82984", "shasum": "" }, "require": { @@ -1042,7 +1042,7 @@ "description": "PHPStan - PHP Static Analysis Tool", "support": { "issues": "https://github.com/phpstan/phpstan/issues", - "source": "https://github.com/phpstan/phpstan/tree/0.12.77" + "source": "https://github.com/phpstan/phpstan/tree/0.12.78" }, "funding": [ { @@ -1058,7 +1058,7 @@ "type": "tidelift" } ], - "time": "2021-02-17T16:22:19+00:00" + "time": "2021-02-20T13:24:36+00:00" }, { "name": "phpstan/phpstan-phpunit", From e755e1dc23117b9a46bc883a002536faffbdf2df Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Sat, 27 Feb 2021 01:07:58 +0000 Subject: [PATCH 09/15] ResourcePackClientResponsePacket: fixed non-deterministic decoding --- .../network/mcpe/protocol/ResourcePackClientResponsePacket.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/pocketmine/network/mcpe/protocol/ResourcePackClientResponsePacket.php b/src/pocketmine/network/mcpe/protocol/ResourcePackClientResponsePacket.php index ddec33eec..2306545ef 100644 --- a/src/pocketmine/network/mcpe/protocol/ResourcePackClientResponsePacket.php +++ b/src/pocketmine/network/mcpe/protocol/ResourcePackClientResponsePacket.php @@ -44,6 +44,7 @@ class ResourcePackClientResponsePacket extends DataPacket{ protected function decodePayload(){ $this->status = $this->getByte(); $entryCount = $this->getLShort(); + $this->packIds = []; while($entryCount-- > 0){ $this->packIds[] = $this->getString(); } From 649671cc69fc2d8ead71df2acc3cd5628b616d7e Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Sat, 27 Feb 2021 17:42:19 +0000 Subject: [PATCH 10/15] Bump phpstan/phpstan from 0.12.78 to 0.12.79 (#4051) --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index aa72e2534..822866b00 100644 --- a/composer.json +++ b/composer.json @@ -37,7 +37,7 @@ "pocketmine/spl": "^0.4.0" }, "require-dev": { - "phpstan/phpstan": "0.12.78", + "phpstan/phpstan": "0.12.79", "phpstan/phpstan-phpunit": "^0.12.6", "phpstan/phpstan-strict-rules": "^0.12.2", "phpunit/phpunit": "^9.2" diff --git a/composer.lock b/composer.lock index de56c0157..9c50e35f5 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "9717b5169b8b103e975d51daa203d3c3", + "content-hash": "2f28ec079e18a7d56c309d7829ff61f1", "packages": [ { "name": "adhocore/json-comment", @@ -1002,16 +1002,16 @@ }, { "name": "phpstan/phpstan", - "version": "0.12.78", + "version": "0.12.79", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "eecce8d2ee3cac6769f37b4cb1998b2715f82984" + "reference": "dd7769915648b704b9bd12925994457f1c2c8442" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/eecce8d2ee3cac6769f37b4cb1998b2715f82984", - "reference": "eecce8d2ee3cac6769f37b4cb1998b2715f82984", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/dd7769915648b704b9bd12925994457f1c2c8442", + "reference": "dd7769915648b704b9bd12925994457f1c2c8442", "shasum": "" }, "require": { @@ -1042,7 +1042,7 @@ "description": "PHPStan - PHP Static Analysis Tool", "support": { "issues": "https://github.com/phpstan/phpstan/issues", - "source": "https://github.com/phpstan/phpstan/tree/0.12.78" + "source": "https://github.com/phpstan/phpstan/tree/0.12.79" }, "funding": [ { @@ -1058,7 +1058,7 @@ "type": "tidelift" } ], - "time": "2021-02-20T13:24:36+00:00" + "time": "2021-02-25T16:44:57+00:00" }, { "name": "phpstan/phpstan-phpunit", From 401bd09d60e51c399c986e4a4d1d0961a8dd90a8 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 1 Mar 2021 16:56:23 +0000 Subject: [PATCH 11/15] Bump phpstan/phpstan from 0.12.79 to 0.12.80 (#4054) --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index 822866b00..24854848b 100644 --- a/composer.json +++ b/composer.json @@ -37,7 +37,7 @@ "pocketmine/spl": "^0.4.0" }, "require-dev": { - "phpstan/phpstan": "0.12.79", + "phpstan/phpstan": "0.12.80", "phpstan/phpstan-phpunit": "^0.12.6", "phpstan/phpstan-strict-rules": "^0.12.2", "phpunit/phpunit": "^9.2" diff --git a/composer.lock b/composer.lock index 9c50e35f5..3445a976e 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "2f28ec079e18a7d56c309d7829ff61f1", + "content-hash": "4ed24eeab1fdf52c6b9a797a42e10638", "packages": [ { "name": "adhocore/json-comment", @@ -1002,16 +1002,16 @@ }, { "name": "phpstan/phpstan", - "version": "0.12.79", + "version": "0.12.80", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "dd7769915648b704b9bd12925994457f1c2c8442" + "reference": "c6a1b17f22ecf708d434d6bee05092647ec7e686" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/dd7769915648b704b9bd12925994457f1c2c8442", - "reference": "dd7769915648b704b9bd12925994457f1c2c8442", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/c6a1b17f22ecf708d434d6bee05092647ec7e686", + "reference": "c6a1b17f22ecf708d434d6bee05092647ec7e686", "shasum": "" }, "require": { @@ -1042,7 +1042,7 @@ "description": "PHPStan - PHP Static Analysis Tool", "support": { "issues": "https://github.com/phpstan/phpstan/issues", - "source": "https://github.com/phpstan/phpstan/tree/0.12.79" + "source": "https://github.com/phpstan/phpstan/tree/0.12.80" }, "funding": [ { @@ -1058,7 +1058,7 @@ "type": "tidelift" } ], - "time": "2021-02-25T16:44:57+00:00" + "time": "2021-02-28T20:22:43+00:00" }, { "name": "phpstan/phpstan-phpunit", From 0e614ea8fd313e7bd86b61aa2e5040763623e653 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Sat, 6 Mar 2021 00:32:36 +0000 Subject: [PATCH 12/15] Use PHP 7.4.16 for Actions --- .github/workflows/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 848999328..0b8bf6929 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,7 +13,7 @@ jobs: strategy: matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.15] + php: [7.3.27, 7.4.16] steps: - uses: actions/checkout@v2 #needed for build.sh @@ -37,7 +37,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.15] + php: [7.3.27, 7.4.16] steps: - uses: actions/checkout@v2 @@ -87,7 +87,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.15] + php: [7.3.27, 7.4.16] steps: - uses: actions/checkout@v2 @@ -137,7 +137,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.15] + php: [7.3.27, 7.4.16] steps: - uses: actions/checkout@v2 From 9f6b914925cc228ce1e34b7f12db1678fe3eb0e9 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Sat, 6 Mar 2021 00:41:19 +0000 Subject: [PATCH 13/15] Revert "Use PHP 7.4.16 for Actions" This reverts commit 0e614ea8fd313e7bd86b61aa2e5040763623e653. apparently php-build doesn't have 7.4.16 yet ... --- .github/workflows/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0b8bf6929..848999328 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,7 +13,7 @@ jobs: strategy: matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.16] + php: [7.3.27, 7.4.15] steps: - uses: actions/checkout@v2 #needed for build.sh @@ -37,7 +37,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.16] + php: [7.3.27, 7.4.15] steps: - uses: actions/checkout@v2 @@ -87,7 +87,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.16] + php: [7.3.27, 7.4.15] steps: - uses: actions/checkout@v2 @@ -137,7 +137,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.16] + php: [7.3.27, 7.4.15] steps: - uses: actions/checkout@v2 From 3d90625020c2083d597bcde1e0188efafa58b64a Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Sun, 7 Mar 2021 16:37:33 +0000 Subject: [PATCH 14/15] Revert "Revert "Use PHP 7.4.16 for Actions"" This reverts commit 9f6b914925cc228ce1e34b7f12db1678fe3eb0e9. --- .github/workflows/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 848999328..0b8bf6929 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,7 +13,7 @@ jobs: strategy: matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.15] + php: [7.3.27, 7.4.16] steps: - uses: actions/checkout@v2 #needed for build.sh @@ -37,7 +37,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.15] + php: [7.3.27, 7.4.16] steps: - uses: actions/checkout@v2 @@ -87,7 +87,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.15] + php: [7.3.27, 7.4.16] steps: - uses: actions/checkout@v2 @@ -137,7 +137,7 @@ jobs: fail-fast: false matrix: image: [ubuntu-20.04] - php: [7.3.27, 7.4.15] + php: [7.3.27, 7.4.16] steps: - uses: actions/checkout@v2 From ed842529422b381acd0bfdb7bdea1ebdd268bc30 Mon Sep 17 00:00:00 2001 From: "Dylan K. Taylor" Date: Sun, 7 Mar 2021 19:53:19 +0000 Subject: [PATCH 15/15] Player: Improved XUID verification we check if an existing player is online with a matching XUID first; if there isn't, we don't bother loading the playerdata, since that other player couldn't have joined unless they had a match or were allowed to bypass. --- src/pocketmine/Player.php | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/src/pocketmine/Player.php b/src/pocketmine/Player.php index a23f9dbdc..c43370272 100644 --- a/src/pocketmine/Player.php +++ b/src/pocketmine/Player.php @@ -2073,32 +2073,40 @@ class Player extends Human implements CommandSender, ChunkLoader, IPlayer{ * @return void */ protected function processLogin(){ - $this->namedtag = $this->server->getOfflinePlayerData($this->username); - if((bool) $this->server->getProperty("player.verify-xuid", true)){ - $recordedXUID = $this->namedtag->getTag("LastKnownXUID"); - if(!($recordedXUID instanceof StringTag)){ - $this->server->getLogger()->debug("No previous XUID recorded for " . $this->getName() . ", no choice but to trust this player"); - }elseif($this->xuid !== $recordedXUID->getValue()){ + $checkXUID = (bool) $this->server->getProperty("player.verify-xuid", true); + $kickForXUIDMismatch = function(string $xuid) use ($checkXUID) : bool{ + if($checkXUID && $this->xuid !== $xuid){ if($this->kick("XUID does not match (possible impersonation attempt)", false)){ //TODO: Longer term, we should be identifying playerdata using something more reliable, like XUID or UUID. //However, that would be a very disruptive change, so this will serve as a stopgap for now. //Side note: this will also prevent offline players hijacking XBL playerdata on online servers, since their //XUID will always be empty. - return; + return true; } $this->server->getLogger()->debug("XUID mismatch for " . $this->getName() . ", but plugin cancelled event allowing them to join anyway"); - }else{ - $this->server->getLogger()->debug("XUID match for " . $this->getName()); } - } + return false; + }; foreach($this->server->getLoggedInPlayers() as $p){ if($p !== $this and ($p->iusername === $this->iusername or $this->getUniqueId()->equals($p->getUniqueId()))){ - if(!$p->kick("logged in from another location")){ - $this->close($this->getLeaveMessage(), "Logged in from another location"); - + if($kickForXUIDMismatch($p->getXuid())){ return; } + if(!$p->kick("logged in from another location")){ + $this->close($this->getLeaveMessage(), "Logged in from another location"); + return; + } + } + } + + $this->namedtag = $this->server->getOfflinePlayerData($this->username); + if($checkXUID){ + $recordedXUID = $this->namedtag->getTag("LastKnownXUID"); + if(!($recordedXUID instanceof StringTag)){ + $this->server->getLogger()->debug("No previous XUID recorded for " . $this->getName() . ", no choice but to trust this player"); + }elseif(!$kickForXUIDMismatch($recordedXUID->getValue())){ + $this->server->getLogger()->debug("XUID match for " . $this->getName()); } }