diff --git a/src/main/java/moe/yushi/authlibinjector/AuthlibInjector.java b/src/main/java/moe/yushi/authlibinjector/AuthlibInjector.java index 9cc9655..8ff4a55 100644 --- a/src/main/java/moe/yushi/authlibinjector/AuthlibInjector.java +++ b/src/main/java/moe/yushi/authlibinjector/AuthlibInjector.java @@ -55,6 +55,7 @@ import moe.yushi.authlibinjector.transform.DumpClassListener; import moe.yushi.authlibinjector.transform.support.AuthServerNameInjector; import moe.yushi.authlibinjector.transform.support.AuthlibLogInterceptor; import moe.yushi.authlibinjector.transform.support.BungeeCordAllowedCharactersTransformer; +import moe.yushi.authlibinjector.transform.support.BungeeCordProfileKeyTransformUnit; import moe.yushi.authlibinjector.transform.support.CitizensTransformer; import moe.yushi.authlibinjector.transform.support.ConcatenateURLTransformUnit; import moe.yushi.authlibinjector.transform.support.ConstantURLTransformUnit; @@ -293,6 +294,7 @@ public final class AuthlibInjector { transformer.units.add(new YggdrasilKeyTransformUnit()); config.getDecodedPublickey().ifPresent(YggdrasilKeyTransformUnit.PUBLIC_KEYS::add); transformer.units.add(new VelocityProfileKeyTransformUnit()); + transformer.units.add(new BungeeCordProfileKeyTransformUnit()); return transformer; } diff --git a/src/main/java/moe/yushi/authlibinjector/transform/support/BungeeCordProfileKeyTransformUnit.java b/src/main/java/moe/yushi/authlibinjector/transform/support/BungeeCordProfileKeyTransformUnit.java new file mode 100644 index 0000000..6bb8b4f --- /dev/null +++ b/src/main/java/moe/yushi/authlibinjector/transform/support/BungeeCordProfileKeyTransformUnit.java @@ -0,0 +1,65 @@ +/* + * Copyright (C) 2022 Haowei Wen and contributors + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package moe.yushi.authlibinjector.transform.support; + +import static org.objectweb.asm.Opcodes.ASM9; +import static org.objectweb.asm.Opcodes.ICONST_1; +import static org.objectweb.asm.Opcodes.IRETURN; +import java.util.Optional; +import org.objectweb.asm.ClassVisitor; +import org.objectweb.asm.MethodVisitor; +import moe.yushi.authlibinjector.transform.TransformContext; +import moe.yushi.authlibinjector.transform.TransformUnit; + +/** + * Hacks BungeeCord to bypass profile key signature validation. + * See https://github.com/SpigotMC/BungeeCord/commit/78ca16dfe3bf9a21d5c054a1884d4f5f198a62bc . + */ +public class BungeeCordProfileKeyTransformUnit implements TransformUnit { + + @Override + public Optional transform(ClassLoader classLoader, String className, ClassVisitor writer, TransformContext ctx) { + if ("net.md_5.bungee.EncryptionUtil".equals(className)) { + return Optional.of(new ClassVisitor(ASM9, writer) { + @Override + public MethodVisitor visitMethod(int access, String name, String descriptor, String signature, String[] exceptions) { + if ("check".equals(name) && "(Lnet/md_5/bungee/protocol/PlayerPublicKey;Ljava/util/UUID;)Z".equals(descriptor)) { + ctx.markModified(); + + MethodVisitor mv = super.visitMethod(access, name, descriptor, signature, exceptions); + mv.visitCode(); + mv.visitInsn(ICONST_1); + mv.visitInsn(IRETURN); + mv.visitMaxs(-1, -1); + mv.visitEnd(); + + return null; + } else { + return super.visitMethod(access, name, descriptor, signature, exceptions); + } + } + }); + } else { + return Optional.empty(); + } + } + + @Override + public String toString() { + return "BungeeCord Profile Key Transformer"; + } +}