Fix detection of support for plugin messaging channel

A248 · Sep 28, 2023 · 2985be9 · 2985be9
1 parent 643dcef
commit 2985be9
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 8 deletions.
diff --git a/bans-core/src/main/java/space/arim/libertybans/core/env/AbstractEnvEnforcer.java b/bans-core/src/main/java/space/arim/libertybans/core/env/AbstractEnvEnforcer.java
@@ -98,10 +98,10 @@ private CentralisedFuture<Void> sendToThoseWithPermissionNoPrefix(String permiss
 	public final <D> void sendPluginMessage(P player, PluginMessage<D, ?> pluginMessage, D data) {
 		if (!sendPluginMessageIfListening(player, pluginMessage, data)) {
 			logger.error(
-					"Attempted to send plugin message to {}, but the appropriate channel is not accepted. " +
-							"This suggests you enabled use-plugin-messaging in the config.yml, but the player " +
-							"is not connected to a network. Please address this critical security flaw immediately. " +
-							"It leaves your server vulnerable to clients spoofing the plugin messaging channel",
+					"Attempted to send plugin message to {}, but it could not be sent. " +
+							"This suggests you enabled 'use-plugin-messaging' but are not using a network. " +
+							"Please address this critical security flaw immediately. " +
+							"It leaves your server vulnerable to clients spoofing the plugin messaging channel.",
 					player
 			);
 		}

diff --git a/bans-env/spigot/src/main/java/space/arim/libertybans/env/spigot/SpigotMessageChannel.java b/bans-env/spigot/src/main/java/space/arim/libertybans/env/spigot/SpigotMessageChannel.java
@@ -53,13 +53,21 @@ public void unregister() {
 
 	<D> boolean sendPluginMessage(Player player, PluginMessage<D, ?> pluginMessage, D data) {
 		boolean listened = player.getListeningPluginChannels().contains(BUNGEE_CHANNEL);
-		if (listened) {
+		//
+		// 1. The backend server must NOT be in online mode
+		// 2. The channel must NOT be listened on, strangely enough
+		// Explanation: getListeningPluginChannels() should never return BungeeCord, because it is a special channel
+		// Therefore, if this channel IS listened on, that suggests the client is trying to spoof it.
+		// The anti-spoof check is used for pre-1.13 clients which may register legacy channel names.
+		//
+		boolean canSend = !plugin.getServer().getOnlineMode() && !listened;
+		if (canSend) {
 			player.sendPluginMessage(
 					plugin, BUNGEE_CHANNEL,
 					new PluginMessageAsBytes<>(pluginMessage).generateBytes(data)
 			);
 		}
-		return listened;
+		return canSend;
 	}
 
 	@Override

diff --git a/bans-env/sponge/src/main/java/space/arim/libertybans/env/sponge/SpongeMessageChannel.java b/bans-env/sponge/src/main/java/space/arim/libertybans/env/sponge/SpongeMessageChannel.java
@@ -56,15 +56,20 @@ private RawPlayDataChannel channel() {
 	<D> boolean sendPluginMessage(ServerPlayer player, PluginMessage<D, ?> pluginMessage, D data) {
 		var channel = channel();
 		boolean supported = channel.isSupportedBy(player.connection());
-		if (supported) {
+		//
+		// 1. The backend server must NOT be in online mode
+		// 2. The channel must be supported
+		//
+		boolean canSend = !game.server().isOnlineModeEnabled() && supported;
+		if (canSend) {
 			channel.sendTo(player, (buffer) -> {
 				pluginMessage.writeTo(data, new ChannelBufAsOutput(buffer));
 			}).exceptionally((ex) -> {
 				LoggerFactory.getLogger(getClass()).error("Failed to send plugin message", ex);
 				return null;
 			});
 		}
-		return supported;
+		return canSend;
 	}
 
 	@Override