PrisonRankup

PrisonRankup

149k Downloads

Hack breaks bungeecord-fronted servers

theminecoder opened this issue ยท 4 comments

commented

Your hack in the JoinListener which resets the players UUID breaks other plugins that rely on the UUID like essentials and to be brutally honest it also breaks the server saving you player data. Let me be the first to tell you this is very bad.

We have 10 servers fronted by bungeecord which forces backend servers to be in offline mode so that bungeecord does not have problems authenticating the client. Now I understand that can lead to security problems which is probably why you played with the UUID in the first place. But when properly port blocked offline servers fronted by a proxy have the same (if not less) amount of risk a online server does so there is no need for this to occur.

I have successfully compiled and tested this plugin without the UUID hack and it works fine.

(Sorry if I come off harsh. I've been pulling my hair out for about 10 hours trying to fix this problem thinking it was the file system's fault.)

commented

This is quite debatable. The reason the hack was installed is to correct the incorrect UUIDs that end up happening when the server is in offline mode, including ones which are fronted with proxies. Furthermore, this is meant to replace the UUID for plugins like Essentials so it corrects it for them as well. I do not believe that replacing the UUID when the player joins will effect the plugin storing the data at a later time.

commented

As far as i am aware the are no such thing as incorrect uuids for offline mode as they are static just like online uuids, so this should never be an issue.

Either way a hack like this (if needed) should be merged into the base server software instead of plugins because otherwise you could have 20+ plugins all trying to correct the same problem which:

  • Would cause event tick lag
  • Would cause inconstancy between plugins (if they -for some reason- return different UUID's).
commented

This is incorrect, in offline-mode it doesn't lookup the player's UUIDs.. I've tested this myself. Sadly, this is intentional and if I were to make a PR it would be declined.

commented

Can you provide examples of this? I would love to see where it has been incorrectly calculated.