New server framework, an example, and compressed packet fixed.

2021-11-27 15:25:55 +08:00
parent b909621c58
commit ab63acbd7e
13 changed files with 2792 additions and 69 deletions
--- a/server/auth/auth.go
+++ b/server/auth/auth.go
@ -0,0 +1,208 @@
+package auth
+
+import (
+	"bytes"
+	"crypto/aes"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha1"
+	"crypto/x509"
+	"encoding/base64"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/Tnze/go-mc/data/packetid"
+	"io/ioutil"
+	"net/http"
+	"strings"
+
+	"github.com/Tnze/go-mc/net"
+	"github.com/Tnze/go-mc/net/CFB8"
+	pk "github.com/Tnze/go-mc/net/packet"
+	"github.com/google/uuid"
+)
+
+const verifyTokenLen = 16
+
+//Encrypt a connection, with authentication
+func Encrypt(conn *net.Conn, name string) (*Resp, error) {
+	//generate keys
+	key, err := rsa.GenerateKey(rand.Reader, 1024)
+	if err != nil {
+		return nil, err
+	}
+
+	publicKey, err := x509.MarshalPKIXPublicKey(&key.PublicKey)
+	if err != nil {
+		return nil, err
+	}
+
+	//encryption request
+	VT1, err := encryptionRequest(conn, publicKey)
+	if err != nil {
+		return nil, err
+	}
+
+	//encryption response
+	ESharedSecret, EVerifyToken, err := encryptionResponse(conn)
+	if err != nil {
+		return nil, err
+	}
+
+	//encryption the connection
+	SharedSecret, err := rsa.DecryptPKCS1v15(rand.Reader, key, ESharedSecret)
+	if err != nil {
+		return nil, err
+	}
+	VT2, err := rsa.DecryptPKCS1v15(rand.Reader, key, EVerifyToken)
+	if err != nil {
+		return nil, err
+	}
+
+	//confirm the verify token
+	if !bytes.Equal(VT1, VT2) {
+		return nil, errors.New("verify token not match")
+	}
+
+	block, err := aes.NewCipher(SharedSecret)
+	if err != nil {
+		return nil, errors.New("load aes encryption key fail")
+	}
+
+	conn.SetCipher( //启用加密
+		CFB8.NewCFB8Encrypt(block, SharedSecret),
+		CFB8.NewCFB8Decrypt(block, SharedSecret))
+
+	hash := authDigest("", SharedSecret, publicKey)
+	resp, err := authentication(name, hash) //auth
+	if err != nil {
+		return nil, errors.New("auth servers down")
+	}
+
+	return resp, nil
+}
+
+func encryptionRequest(conn *net.Conn, publicKey []byte) ([]byte, error) {
+	var verifyToken [verifyTokenLen]byte
+	_, err := rand.Read(verifyToken[:])
+	if err != nil {
+		return nil, err
+	}
+	err = conn.WritePacket(pk.Marshal(
+		packetid.EncryptionBeginClientbound,
+		pk.String(""),
+		pk.ByteArray(publicKey),
+		pk.ByteArray(verifyToken[:]),
+	))
+	return verifyToken[:], err
+}
+
+func encryptionResponse(conn *net.Conn) ([]byte, []byte, error) {
+	var p pk.Packet
+	err := conn.ReadPacket(&p)
+	if err != nil {
+		return nil, nil, err
+	}
+	if p.ID != packetid.EncryptionBeginServerbound {
+		return nil, nil, fmt.Errorf("0x%02X is not Encryption Response", p.ID)
+	}
+
+	var SharedSecret, VerifyToken pk.ByteArray
+	if err = p.Scan(&SharedSecret, &VerifyToken); err != nil {
+		return nil, nil, err
+	}
+
+	return SharedSecret, VerifyToken, nil
+}
+
+func authentication(name, hash string) (*Resp, error) {
+	resp, err := http.Get("https://sessionserver.mojang.com/session/minecraft/hasJoined?username=" + name + "&serverId=" + hash)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	var Resp Resp
+	err = json.Unmarshal(body, &Resp)
+
+	return &Resp, err
+}
+
+// authDigest computes a special SHA-1 digest required for Minecraft web
+// authentication on Premium servers (online-mode=true).
+// Source: http://wiki.vg/Protocol_Encryption#Server
+//
+// Also many, many thanks to SirCmpwn and his wonderful gist (C#):
+// https://gist.github.com/SirCmpwn/404223052379e82f91e6
+func authDigest(serverID string, sharedSecret, publicKey []byte) string {
+	h := sha1.New()
+	h.Write([]byte(serverID))
+	h.Write(sharedSecret)
+	h.Write(publicKey)
+	hash := h.Sum(nil)
+
+	// Check for negative hashes
+	negative := (hash[0] & 0x80) == 0x80
+	if negative {
+		hash = twosComplement(hash)
+	}
+
+	// Trim away zeroes
+	res := strings.TrimLeft(fmt.Sprintf("%x", hash), "0")
+	if negative {
+		res = "-" + res
+	}
+
+	return res
+}
+
+// little endian
+func twosComplement(p []byte) []byte {
+	carry := true
+	for i := len(p) - 1; i >= 0; i-- {
+		p[i] = byte(^p[i])
+		if carry {
+			carry = p[i] == 0xff
+			p[i]++
+		}
+	}
+	return p
+}
+
+//Resp is the response of authentication
+type Resp struct {
+	Name       string
+	ID         uuid.UUID
+	Properties [1]struct {
+		Name, Value, Signature string
+	}
+}
+
+//Texture includes player's skin and cape
+type Texture struct {
+	TimeStamp int64     `json:"timestamp"`
+	ID        uuid.UUID `json:"profileId"`
+	Name      string    `json:"profileName"`
+	Textures  struct {
+		SKIN, CAPE struct {
+			URL string `json:"url"`
+		}
+	} `json:"textures"`
+}
+
+//Texture unmarshal the base64 encoded texture of Resp
+func (r *Resp) Texture() (t Texture, err error) {
+	var texture []byte
+	texture, err = base64.StdEncoding.DecodeString(r.Properties[0].Value)
+	if err != nil {
+		return
+	}
+
+	err = json.Unmarshal(texture, &t)
+	return
+}
--- a/server/auth/auth_test.go
+++ b/server/auth/auth_test.go
@ -0,0 +1,58 @@
+package auth
+
+import (
+	"encoding/json"
+	"testing"
+
+	"github.com/google/uuid"
+)
+
+func TestResp(t *testing.T) {
+	var resp Resp
+	err := json.Unmarshal([]byte(`{"id":"853c80ef3c3749fdaa49938b674adae6","name":"jeb_","properties":[{"name":"textures","value":"eyJ0aW1lc3RhbXAiOjE1NTk1NDM5MzMwMjUsInByb2ZpbGVJZCI6Ijg1M2M4MGVmM2MzNzQ5ZmRhYTQ5OTM4YjY3NGFkYWU2IiwicHJvZmlsZU5hbWUiOiJqZWJfIiwidGV4dHVyZXMiOnsiU0tJTiI6eyJ1cmwiOiJodHRwOi8vdGV4dHVyZXMubWluZWNyYWZ0Lm5ldC90ZXh0dXJlLzdmZDliYTQyYTdjODFlZWVhMjJmMTUyNDI3MWFlODVhOGUwNDVjZTBhZjVhNmFlMTZjNjQwNmFlOTE3ZTY4YjUifSwiQ0FQRSI6eyJ1cmwiOiJodHRwOi8vdGV4dHVyZXMubWluZWNyYWZ0Lm5ldC90ZXh0dXJlLzU3ODZmZTk5YmUzNzdkZmI2ODU4ODU5ZjkyNmM0ZGJjOTk1NzUxZTkxY2VlMzczNDY4YzVmYmY0ODY1ZTcxNTEifX19"}]}`), &resp)
+	if err != nil {
+		panic(err)
+	}
+	wantID := uuid.Must(uuid.Parse("853c80ef3c3749fdaa49938b674adae6"))
+
+	//check UUID
+	if resp.ID != wantID {
+		t.Errorf("uuid doesn't match: %v, want %s", resp.ID, wantID)
+	}
+
+	//check name
+	if resp.Name != "jeb_" {
+		t.Errorf("name doesn't match: %s, want %s", resp.Name, "jeb_")
+	}
+
+	//check texture
+	texture, err := resp.Texture()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	t.Log(texture.TimeStamp)
+
+	if texture.ID != wantID {
+		t.Errorf("uuid doesn't match: %v, want %s", texture.ID, wantID)
+	}
+
+	if texture.Name != "jeb_" {
+		t.Errorf("name doesn't match: %s, want %s", texture.Name, "jeb_")
+	}
+
+	const (
+		wantSKIN = "http://textures.minecraft.net/texture/7fd9ba42a7c81eeea22f1524271ae85a8e045ce0af5a6ae16c6406ae917e68b5"
+		wantCAPE = "http://textures.minecraft.net/texture/5786fe99be377dfb6858859f926c4dbc995751e91cee373468c5fbf4865e7151"
+	)
+	if texture.Textures.SKIN.URL != wantSKIN {
+		t.Errorf("skin url not match: %s, want %s",
+			texture.Textures.SKIN.URL,
+			wantSKIN)
+	}
+	if texture.Textures.CAPE.URL != wantCAPE {
+		t.Errorf("cape url not match: %s, want %s",
+			texture.Textures.CAPE.URL,
+			wantCAPE)
+	}
+}
--- a/server/gameplay.go
+++ b/server/gameplay.go
@ -0,0 +1,10 @@
+package server
+
+import (
+	"github.com/Tnze/go-mc/net"
+	"github.com/google/uuid"
+)
+
+type GamePlay interface {
+	AcceptPlayer(name string, id uuid.UUID, protocol int32, conn *net.Conn)
+}
--- a/server/handshake.go
+++ b/server/handshake.go
@ -0,0 +1,22 @@
+package server
+
+import (
+	"github.com/Tnze/go-mc/net"
+	pk "github.com/Tnze/go-mc/net/packet"
+)
+
+func (s *Server) handshake(conn *net.Conn) (protocol int32, intention int32, err error) {
+	var (
+		Protocol, Intention pk.VarInt
+		ServerAddress       pk.String        // ignored
+		ServerPort          pk.UnsignedShort // ignored
+	)
+	// receive handshake packet
+	var p pk.Packet
+	err = conn.ReadPacket(&p)
+	if err != nil {
+		return 0, 0, err
+	}
+	err = p.Scan(&Protocol, &ServerAddress, &ServerPort, &Intention)
+	return int32(Protocol), int32(Intention), err
+}
--- a/server/login.go
+++ b/server/login.go
@ -0,0 +1,80 @@
+package server
+
+import (
+	"fmt"
+
+	"github.com/Tnze/go-mc/data/packetid"
+	"github.com/Tnze/go-mc/net"
+	pk "github.com/Tnze/go-mc/net/packet"
+	"github.com/Tnze/go-mc/offline"
+	"github.com/Tnze/go-mc/server/auth"
+	"github.com/google/uuid"
+)
+
+type LoginHandler interface {
+	AcceptLogin(conn *net.Conn, protocol int32) (name string, id uuid.UUID, err error)
+}
+
+type MojangLoginHandler struct {
+	OnlineMode bool
+	Threshold  int
+}
+
+func (d *MojangLoginHandler) AcceptLogin(conn *net.Conn, protocol int32) (name string, id uuid.UUID, err error) {
+	//login start
+	var p pk.Packet
+	err = conn.ReadPacket(&p)
+	if err != nil {
+		return
+	}
+	if p.ID != packetid.LoginStart {
+		err = wrongPacketErr{expect: packetid.LoginStart, get: p.ID}
+		return
+	}
+
+	err = p.Scan((*pk.String)(&name)) //decode username as pk.String
+	if err != nil {
+		return
+	}
+
+	//auth
+	if d.OnlineMode {
+		var resp *auth.Resp
+		//Auth, Encrypt
+		resp, err = auth.Encrypt(conn, name)
+		if err != nil {
+			return
+		}
+		name = resp.Name
+		id = resp.ID
+	} else {
+		// offline-mode UUID
+		id = offline.NameToUUID(name)
+	}
+
+	//set compression
+	if d.Threshold >= 0 {
+		err = conn.WritePacket(pk.Marshal(
+			packetid.Compress, pk.VarInt(d.Threshold),
+		))
+		if err != nil {
+			return
+		}
+		conn.SetThreshold(d.Threshold)
+	}
+
+	// send login success
+	err = conn.WritePacket(pk.Marshal(packetid.Success,
+		pk.UUID(id),
+		pk.String(name),
+	))
+	return
+}
+
+type wrongPacketErr struct {
+	expect, get int32
+}
+
+func (w wrongPacketErr) Error() string {
+	return fmt.Sprintf("wrong packet id: expect %#02X, get %#02X", w.expect, w.get)
+}
--- a/server/ping.go
+++ b/server/ping.go
@ -0,0 +1,74 @@
+package server
+
+import (
+	"encoding/json"
+
+	"github.com/Tnze/go-mc/chat"
+	"github.com/Tnze/go-mc/net"
+	pk "github.com/Tnze/go-mc/net/packet"
+	"github.com/google/uuid"
+)
+
+type ListPingHandler interface {
+	Name() string
+	Protocol() int
+	MaxPlayer() int
+	OnlinePlayer() int
+	PlayerSamples() []PlayerSample
+	Description() chat.Message
+}
+
+type PlayerSample struct {
+	Name string    `json:"name"`
+	ID   uuid.UUID `json:"id"`
+}
+
+func (s *Server) acceptListPing(conn *net.Conn) {
+	var p pk.Packet
+	for i := 0; i < 2; i++ { // Ping or List. Only allow check twice
+		err := conn.ReadPacket(&p)
+		if err != nil {
+			return
+		}
+
+		switch p.ID {
+		case 0x00: //List
+			var resp []byte
+			resp, err = s.listResp()
+			if err != nil {
+				break
+			}
+			err = conn.WritePacket(pk.Marshal(0x00, pk.String(resp)))
+		case 0x01: //Ping
+			err = conn.WritePacket(p)
+		}
+		if err != nil {
+			return
+		}
+	}
+}
+
+func (s *Server) listResp() ([]byte, error) {
+	var list struct {
+		Version struct {
+			Name     string `json:"name"`
+			Protocol int    `json:"protocol"`
+		} `json:"version"`
+		Players struct {
+			Max    int            `json:"max"`
+			Online int            `json:"online"`
+			Sample []PlayerSample `json:"sample"`
+		} `json:"players"`
+		Description chat.Message `json:"description"`
+		FavIcon     string       `json:"favicon,omitempty"`
+	}
+
+	list.Version.Name = s.ListPingHandler.Name()
+	list.Version.Protocol = s.ListPingHandler.Protocol()
+	list.Players.Max = s.ListPingHandler.MaxPlayer()
+	list.Players.Online = s.ListPingHandler.OnlinePlayer()
+	list.Players.Sample = s.ListPingHandler.PlayerSamples()
+	list.Description = s.ListPingHandler.Description()
+
+	return json.Marshal(list)
+}
--- a/server/server.go
+++ b/server/server.go
@ -0,0 +1,45 @@
+package server
+
+import "github.com/Tnze/go-mc/net"
+
+const ProtocolVersion = 756
+
+type Server struct {
+	ListPingHandler
+	LoginHandler
+	GamePlay
+}
+
+func (s *Server) Listen(addr string) error {
+	listener, err := net.ListenMC(addr)
+	if err != nil {
+		return err
+	}
+
+	for {
+		conn, err := listener.Accept()
+		if err != nil {
+			return err
+		}
+		go s.acceptConn(&conn)
+	}
+}
+
+func (s *Server) acceptConn(conn *net.Conn) {
+	defer conn.Close()
+	protocol, intention, err := s.handshake(conn)
+	if err != nil {
+		return
+	}
+
+	switch intention {
+	case 1: // list ping
+		s.acceptListPing(conn)
+	case 2: // login
+		name, id, err := s.AcceptLogin(conn, protocol)
+		if err != nil {
+			return
+		}
+		s.AcceptPlayer(name, id, protocol, conn)
+	}
+}