Commit Graph

1384 Commits

Author SHA1 Message Date
md_5
6615500f08 Block all of java, not just java.lang 2014-07-10 10:50:00 +10:00
md_5
d63d5a2791 <yawkat> is that debug code i spot md_5? 2014-07-10 10:42:55 +10:00
md_5
2444dd15ab Fix #1106 - plugins using ssl throwing exceptions 2014-07-10 10:39:58 +10:00
md_5
2dd3d2101d Close #1105 - don't let security manager get replaced 2014-07-09 09:41:19 +10:00
md_5
8ce26e0370 Pass plugin into executor getter for future proofing 2014-07-08 15:53:25 +10:00
md_5
5d1b660e32 Implement Security Manager
This commit adds the basis for the intergration of a security manager into BungeeCord. The goal of the security manager is to prevent plugins from doing potentially dangerous or otherwise undesirable behaviour that may damage the stability of Bungee itself or pose a risk to the user's server.

One common theme in some Bungee plugins, especially those which were written in the very early days, is using Threads and ExecutorServices for scheduling purposes. Not only is this inefficient as there is no use of the thread caching features provided by the scheduler, it is also difficult to track who created which thread. Additionally creating threads not managed by the BungeeCord scheduler poses issues for when|if a plugin reload system is implemented, as these threads cannot be appropriately cleaned up and may continue to leak class references or perhaps even continue executing.

At this stage the SecurityManager is set to warn of prohibited actions, but not block them. For some plugins using external APIs, where usage of an ExecutorService is unavoidable, we have included an Unsafe interface to the scheduler which allows direct access to the underlying ExecutorService, or potentially a compatability wrapper.
2014-07-08 15:22:26 +10:00
md_5
7347daf203 Delay kicks in initial handler.
See source for reasoning
2014-07-08 15:16:22 +10:00
md_5
02cb1fc65b Allocate cipher with EVP_CIPHER_CTX_new. Thanks @Adam- for the tip. 2014-07-02 12:57:17 +10:00
md_5
7318750ed0 Update native cipher to make use of the OpenSSL EVP API so that it can actually utilise hardware acceleration and other goodies.
Whereas before OpenSSL would often lose benchmarks now it always wins.
2014-07-01 20:13:30 +10:00
md_5
21be93a1b1 [#1094] Remove config values set to null, add unit test for such behaviour. 2014-07-01 13:40:17 +10:00
md_5
bb69af5cd0 Disable epoll whilst we try to replicate some issues 2014-06-29 09:22:34 +10:00
Minecrell
a668da76d0 Write log messages with lower levels to the log file. 2014-06-29 09:13:16 +10:00
thinkofdeath
4cc009a9c0 Merge pull request #1089 from yawkat/typo-0
Fix typo
2014-06-28 14:04:10 +01:00
Jonas Konrad
4ef58d53b1 Fix typo 2014-06-28 13:45:26 +02:00
Jonas Konrad
afa37505c5 Fix javadocs for java 8 doclint 2014-06-28 09:05:50 +10:00
md_5
a53b63720b Add a comment 2014-06-26 19:24:05 +10:00
md_5
348457f613 Quickly test SO_REUSEADDR 2014-06-26 19:19:11 +10:00
md_5
fbb2f695b0 Show correct error when cannot bind query 2014-06-26 19:08:05 +10:00
md-5
350cbd7bb6 Merge pull request #1080 from RuriRyan/master
Fixed RemoteQuery, which broke with the Epoll update
2014-06-26 11:38:42 +10:00
RuriRyan
489242b1ef Fixed RemoteQuery, which broke with the Epoll update 2014-06-25 23:29:08 +02:00
md_5
4ac117fb4c Actually include native code, thanks again @normanmaurer 2014-06-25 18:21:59 +10:00
md_5
500b0af782 [Performance] Attempt to use Netty's Epoll implementation on Linux.
This will attempt to make use of Netty's EpollEventLoopGroup and Epoll(Server)SocketChannel when on Linux and the native libraries load correctly. It should bring a large increase in performance and hopefully reliability. Big thanks to the @netty team for implementing this and @normanmaurer for some tips on the support detection.

Feedback is appreciated.
2014-06-25 18:14:50 +10:00
md_5
2b304ecebc Close plugin log handlers on disable 2014-06-24 18:22:35 +10:00
md_5
81d83bdd8a Calling parent logger seems to work nowadays - closes #1071 2014-06-24 18:21:13 +10:00
md_5
b9f2f3cfae Add a getKeys method to the Configuration API 2014-06-24 16:59:15 +10:00
md_5
923aa05d4a Downgrade forced hosts errors to a warning log level 2014-06-24 16:56:24 +10:00
md_5
e54388a5e0 Add matchPlayer API 2014-06-23 17:26:30 +10:00
md_5
59ba644623 Make IP command tabbable - closes #999 2014-06-23 17:16:14 +10:00
md_5
fbc69543fd Reset yaml locations on any error, closes #1007 2014-06-23 17:13:41 +10:00
maciekmm
4d1f0cbb26 Added getKickedFrom() to ServerKickEvent. 2014-06-22 17:11:27 +10:00
md_5
e849afbb23 Add simple address cache for those with slow or otherwise unresponsive DNS servers.
I wonder when @netty was supposed to add async dns lookups.
2014-06-20 20:04:22 +10:00
Moehritz
1a7efeabc4 Fix unregisterCommand(s) - second try 2014-06-20 19:43:36 +10:00
Gabscap
f6e41c856c Closing all handlers on stop() 2014-06-20 19:28:01 +10:00
md_5
151344aaff Fix typo in unused readUnsignedByte method of MinecraftProtocol 2014-06-20 19:26:34 +10:00
md_5
b167a45690 Revert "Reenable throttle since we only support 1.7+"
This reverts commit f23691df23.
2014-06-13 16:25:53 +10:00
vemacs
31bd836203 Write server name in ServerIP subchannel response.
Behaves similarly to the UUIDOther implementation.
2014-06-11 16:13:32 +10:00
Jonas Konrad
4dce37cd13 Prefix "BungeeCord > " to forwarded MC|Brand messages [Fixes #1038] 2014-06-11 16:12:30 +10:00
xxyy
107d6b011d Fix ServerPing NPE w/ String favicons
Currently, passing a null favicon String to the ServerPing(Protocol, Players, String, String) constructor causes a NPE. However, passing a null `Favicon` object to the corresponding constructor does not cause one. Setting the favicon String using the setFavicon(String) method doesn't cause a NPE either.

Therefore, the NPE thrown by the constructor is inconsistent and should be avoided. Please find a sample NPE here: http://newpaste.md-5.net/pmtqjc8vl (Note the `null` favicon)

This PR changes the documented (unintended?) behaviour by adding a null check before passing the favicon String to the alternative `Favicon` object constructor. This makes the constructor consistent with the other one and the `setFavicon(String)` method. This also adds compatibility for old (made before Favicon API) plugins passing `null` favicon Strings (and expecting no favicon to be displayed instead of a NPE).

Thanks!
2014-06-11 16:09:20 +10:00
md_5
f23691df23 Reenable throttle since we only support 1.7+ 2014-06-11 16:08:33 +10:00
md_5
77f6930280 Mojang allows multiple status queries in a connection, we should too. 2014-06-11 16:07:14 +10:00
md_5
9604a9a31e Show 1.7.9 as supported version 2014-06-11 16:05:07 +10:00
md_5
91989564e5 Add method to get player's locale 2014-06-11 16:03:10 +10:00
Thinkofdeath
3c938c03c7 Fix BaseComponent calling the wrong method when inheriting from another BaseComponent (Fixes #1049) 2014-06-08 13:07:42 +01:00
md_5
9226df86f0 Lazy init vhost address. 2014-05-31 18:46:35 +10:00
md_5
00db351dd6 Deprecate tab list API - it will be removed in Minecraft 1.8 as the updates by Mojang render it useless. 2014-05-25 09:19:34 +10:00
md_5
ad2ff54b76 Bump a few versions, should probably think about exposing the new EPollEventLoop. 2014-05-15 17:07:31 +10:00
md_5
ece641da23 Change lobby to fallback in fallback_lobby translation. 2014-05-03 17:31:19 +10:00
Jonas Konrad
2af8dac70c Pull up getFaviconObject to the API 2014-05-03 17:29:48 +10:00
Thinkofdeath
33a098f4ba Merge branch 'vemacs-master' 2014-05-01 11:00:12 +01:00
vemacs
e4e01ccb55 Null check 2014-05-01 10:59:14 +01:00