From 8ae3760b0bfffe17eb82206f66d9aefedb02e4ae Mon Sep 17 00:00:00 2001 From: Charles Le Maux Date: Sun, 15 Sep 2024 23:01:23 +0200 Subject: [PATCH 1/3] [+] Modded patch pre-0.7 --- generic_executor.py | 13 +++++++++---- server_mc_manager.py | 4 +++- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/generic_executor.py b/generic_executor.py index c22905f..248a483 100644 --- a/generic_executor.py +++ b/generic_executor.py @@ -180,7 +180,7 @@ def account_delete(user: UserRecord) -> tuple[HTTPStatus, Union[str, None]]: return HTTPStatus.INTERNAL_SERVER_ERROR, f"Error deleting user '{user_id}' on the server." -allowed_frameworks: list[str] = ["paper", "spigot", "bukkit"] +allowed_frameworks: list[str] = ["bukkit", "fabric", "forge", "spigot", "paper"] def server_create(user: UserRecord, name: str, version: str, framework: str = "paper") -> ( tuple)[HTTPStatus, Union[str, None]]: @@ -237,11 +237,16 @@ def server_run(user: UserRecord, name: str) -> tuple[HTTPStatus, Union[str, None try: port: int = firebase_manager.get_server_port(user_id) version: str = firebase_manager.get_server_field(user_id, name, "version") - if version is None: + framework: str = firebase_manager.get_server_field(user_id, name, "framework") + if version is None or framework is None: return HTTPStatus.NOT_FOUND, f"Server {name} not found." - server_id = mc_manager.start_server(f"users/{user_id}/{name}", port, user_id, name, version) + if (framework == "forge") or (framework == "fabric"): + server_id = mc_manager.start_server(f"users/{user_id}/{name}", port, user_id, + name, version, modded=True) + else: + server_id = mc_manager.start_server(f"users/{user_id}/{name}", port, user_id, name, version) if server_id is None: - return HTTPStatus.OK, f"You cannot run multiples instances at this time." + return HTTPStatus.OK, f"You cannot run multiples instances at this time." try: firebase_manager.update_server_running_state(user_id, name, True) except Exception as e: diff --git a/server_mc_manager.py b/server_mc_manager.py index 810433f..38a49ef 100644 --- a/server_mc_manager.py +++ b/server_mc_manager.py @@ -21,7 +21,7 @@ class MinecraftServerManager: self.offline_ports: list[int] = [] def start_server(self, server_directory: str, port: int, user_id: str, server_name: str, - version: str, jar_file='server.jar', memory_size='4G') -> Union[int, None]: + version: str, jar_file: str = 'server.jar', memory_size: str ='4G', modded: bool = False) -> Union[int, None]: if port in self.servers: return None @@ -38,6 +38,8 @@ class MinecraftServerManager: java: str = f"/usr/lib/jvm/java-{get_sdk_version(version)}-openjdk/bin/java" command = f"{java} -Xmx{memory_size} {reg_flags} -jar {jar_file} --nogui" + if modded: + command = "./start.sh" process = subprocess.Popen(shlex.split(command), cwd=server_directory, stdin=subprocess.PIPE) #TODO: Track process behavior and stderr, while excepting Advanced Terminal features not to be avail. From 20047990b503f66def33d3600bb63b5b9e28b76a Mon Sep 17 00:00:00 2001 From: Charles Le Maux Date: Mon, 16 Sep 2024 01:52:16 +0200 Subject: [PATCH 2/3] [+] Fixed server creation vulnerability When a user wanted to create a server, it was created on firebase before the preliminary checks were made, reordering the function has fixed that. --- generic_executor.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/generic_executor.py b/generic_executor.py index 248a483..0cd4ef4 100644 --- a/generic_executor.py +++ b/generic_executor.py @@ -199,7 +199,6 @@ def server_create(user: UserRecord, name: str, version: str, framework: str = "p return HTTPStatus.NOT_FOUND, f"You haven't associated a subdomain yet." if firebase_manager.server_name_taken(user_id, name): return HTTPStatus.CONFLICT, f"Server name '{name}' already in use." - firebase_manager.create_server(user_id, name, version, port, framework) file_manager.create_folder(server_path) file_manager.copy_folder_contents(server_template_path, server_path) file_manager.copy_folder_contents("servers/shared", server_path) @@ -208,6 +207,7 @@ def server_create(user: UserRecord, name: str, version: str, framework: str = "p file_manager.update_server_property(prop_path, "query.port", port) file_manager.update_server_property(prop_path, "enable-query", "true") file_manager.log_action(user_id, name, "ServerCreate") + firebase_manager.create_server(user_id, name, version, port, framework) return HTTPStatus.CREATED, f"Successfully created server '{name}'." except Exception as e: file_manager.log_error(type(e).__name__, str(e)) @@ -304,7 +304,7 @@ def update_property(uid: str, name: str, prop: str, value: str) -> tuple[HTTPSta def update_properties(user: UserRecord, name: str, props: list[tuple[str, str]]) -> tuple[HTTPStatus, Union[str, None]]: errors: list[str] = [] for prop, value in props: - if prop not in MinecraftServerManager.allowed_properties: + if prop not in mc_manager.allowed_properties: return HTTPStatus.FORBIDDEN, f"Property '{prop}' not allowed." status, message = update_property(uid=user.uid, name=name, prop=prop, value=value) if status != HTTPStatus.OK: From 21fb9f1286e18c405df5bbcb40b6ede07fb70c6d Mon Sep 17 00:00:00 2001 From: Charles Le Maux Date: Mon, 16 Sep 2024 01:52:27 +0200 Subject: [PATCH 3/3] [~] Coding style --- server_mc_manager.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/server_mc_manager.py b/server_mc_manager.py index ea534ba..6aab6e9 100644 --- a/server_mc_manager.py +++ b/server_mc_manager.py @@ -21,7 +21,8 @@ class MinecraftServerManager: self.offline_ports: list[int] = [] def start_server(self, server_directory: str, port: int, user_id: str, server_name: str, - version: str, jar_file: str = 'server.jar', memory_size: str ='4G', modded: bool = False) -> Union[int, None]: + version: str, jar_file: str = 'server.jar', + memory_size: str ='4G', modded: bool = False) -> Union[int, None]: if port in self.servers: return None @@ -40,6 +41,7 @@ class MinecraftServerManager: command = f"{java} -Xmx{memory_size} {reg_flags} -jar {jar_file} --nogui" if modded: command = "./start.sh" + process = subprocess.Popen(shlex.split(command), cwd=server_directory, stdin=subprocess.PIPE) #TODO: Track process behavior and stderr, while excepting Advanced Terminal features not to be avail.