From a350b3bd77cf32a0ee53cce52161b84281dd93ec Mon Sep 17 00:00:00 2001 From: Gravit Date: Mon, 9 Dec 2019 03:27:13 +0700 Subject: [PATCH] =?UTF-8?q?[FIX]=20=D0=9F=D0=B5=D1=80=D0=B5=D0=BC=D0=B5?= =?UTF-8?q?=D1=89=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BA=D1=80=D0=B8=D1=82=D0=B8?= =?UTF-8?q?=D1=87=D0=BD=D1=8B=D1=85=20=D0=BA=D0=BB=D0=B0=D1=81=D1=81=D0=BE?= =?UTF-8?q?=D0=B2=20=D0=B2=20=D0=B1=D0=B5=D0=B7=D0=BE=D0=BF=D0=B0=D1=81?= =?UTF-8?q?=D1=82=D0=BD=D0=BE=D0=B5=20=D0=BC=D0=B5=D1=81=D1=82=D0=BE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../launchserver/LaunchServerStarter.java | 2 +- .../auth/handler/JsonAuthHandler.java | 2 +- .../auth/hwid/JsonHWIDHandler.java | 2 +- .../auth/provider/JsonAuthProvider.java | 2 +- .../manangers/CertificateManager.java | 2 +- .../launchserver/manangers/MirrorManager.java | 2 +- .../impl/LaunchServerModulesManager.java | 2 +- .../pro/gravit/launcher/LauncherEngine.java | 18 ++++++++++++---- .../launcher/client/ClientModuleManager.java | 2 +- .../pro/gravit/launcher/LauncherConfig.java | 1 - .../modules/impl/SimpleModuleManager.java | 11 +++++++--- .../{utils => launcher}/HTTPRequest.java | 21 +------------------ .../LauncherTrustManager.java | 2 +- .../pro/gravit/utils/helper/JVMHelper.java | 3 --- modules | 2 +- 15 files changed, 33 insertions(+), 41 deletions(-) rename LauncherCore/src/main/java/pro/gravit/{utils => launcher}/HTTPRequest.java (70%) rename LauncherCore/src/main/java/pro/gravit/{utils/verify => launcher}/LauncherTrustManager.java (99%) diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServerStarter.java b/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServerStarter.java index ff31bb65..202b9787 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServerStarter.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/LaunchServerStarter.java @@ -27,7 +27,7 @@ import pro.gravit.utils.helper.JVMHelper; import pro.gravit.utils.helper.LogHelper; import pro.gravit.utils.helper.SecurityHelper; -import pro.gravit.utils.verify.LauncherTrustManager; +import pro.gravit.launcher.LauncherTrustManager; import java.io.BufferedReader; import java.io.BufferedWriter; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/handler/JsonAuthHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/handler/JsonAuthHandler.java index 41a0bb08..89604bc1 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/handler/JsonAuthHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/handler/JsonAuthHandler.java @@ -1,7 +1,7 @@ package pro.gravit.launchserver.auth.handler; import pro.gravit.launcher.Launcher; -import pro.gravit.utils.HTTPRequest; +import pro.gravit.launcher.HTTPRequest; import java.io.IOException; import java.net.URL; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/hwid/JsonHWIDHandler.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/hwid/JsonHWIDHandler.java index ac2e796f..f23bebb0 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/hwid/JsonHWIDHandler.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/hwid/JsonHWIDHandler.java @@ -4,7 +4,7 @@ import com.google.gson.JsonElement; import pro.gravit.launcher.hwid.HWID; import pro.gravit.launcher.hwid.OshiHWID; -import pro.gravit.utils.HTTPRequest; +import pro.gravit.launcher.HTTPRequest; import pro.gravit.utils.helper.LogHelper; import java.io.IOException; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/provider/JsonAuthProvider.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/provider/JsonAuthProvider.java index 35e72088..2bdc5dd0 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/provider/JsonAuthProvider.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/provider/JsonAuthProvider.java @@ -6,7 +6,7 @@ import pro.gravit.launcher.request.auth.AuthRequest; import pro.gravit.launcher.request.auth.password.AuthPlainPassword; import pro.gravit.launchserver.auth.AuthException; -import pro.gravit.utils.HTTPRequest; +import pro.gravit.launcher.HTTPRequest; import pro.gravit.utils.helper.SecurityHelper; import java.io.IOException; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/CertificateManager.java b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/CertificateManager.java index 71fad349..8744e7e6 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/CertificateManager.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/CertificateManager.java @@ -24,7 +24,7 @@ import pro.gravit.utils.helper.JVMHelper; import pro.gravit.utils.helper.LogHelper; import pro.gravit.utils.helper.SecurityHelper; -import pro.gravit.utils.verify.LauncherTrustManager; +import pro.gravit.launcher.LauncherTrustManager; import java.io.*; import java.math.BigInteger; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/MirrorManager.java b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/MirrorManager.java index 45a7a92c..cc63f029 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/MirrorManager.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/manangers/MirrorManager.java @@ -1,7 +1,7 @@ package pro.gravit.launchserver.manangers; import com.google.gson.JsonElement; -import pro.gravit.utils.HTTPRequest; +import pro.gravit.launcher.HTTPRequest; import pro.gravit.utils.HttpDownloader; import pro.gravit.utils.helper.IOHelper; import pro.gravit.utils.helper.LogHelper; diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/modules/impl/LaunchServerModulesManager.java b/LaunchServer/src/main/java/pro/gravit/launchserver/modules/impl/LaunchServerModulesManager.java index 29508783..409435e9 100644 --- a/LaunchServer/src/main/java/pro/gravit/launchserver/modules/impl/LaunchServerModulesManager.java +++ b/LaunchServer/src/main/java/pro/gravit/launchserver/modules/impl/LaunchServerModulesManager.java @@ -5,7 +5,7 @@ import pro.gravit.launcher.modules.impl.SimpleModuleManager; import pro.gravit.launchserver.LaunchServer; import pro.gravit.utils.helper.LogHelper; -import pro.gravit.utils.verify.LauncherTrustManager; +import pro.gravit.launcher.LauncherTrustManager; import java.nio.file.Path; import java.util.Arrays; diff --git a/Launcher/src/main/java/pro/gravit/launcher/LauncherEngine.java b/Launcher/src/main/java/pro/gravit/launcher/LauncherEngine.java index 7545e6ae..db38369d 100644 --- a/Launcher/src/main/java/pro/gravit/launcher/LauncherEngine.java +++ b/Launcher/src/main/java/pro/gravit/launcher/LauncherEngine.java @@ -14,10 +14,8 @@ import pro.gravit.launcher.request.Request; import pro.gravit.launcher.request.RequestException; import pro.gravit.launcher.request.auth.RestoreSessionRequest; -import pro.gravit.launcher.request.update.UpdateRequest; import pro.gravit.launcher.request.websockets.StandartClientWebSocketService; import pro.gravit.utils.helper.*; -import pro.gravit.utils.verify.LauncherTrustManager; import java.io.IOException; import java.nio.file.Path; @@ -27,16 +25,24 @@ import java.security.interfaces.ECPrivateKey; import java.security.interfaces.ECPublicKey; import java.security.spec.InvalidKeySpecException; +import java.util.Arrays; import java.util.Objects; import java.util.concurrent.atomic.AtomicBoolean; public class LauncherEngine { + //JVMHelper.getCertificates + public static X509Certificate[] getCertificates(Class clazz) { + Object[] signers = clazz.getSigners(); + if (signers == null) return null; + return Arrays.stream(signers).filter((c) -> c instanceof X509Certificate).map((c) -> (X509Certificate) c).toArray(X509Certificate[]::new); + } + public static final AtomicBoolean IS_CLIENT = new AtomicBoolean(false); public static void checkClass(Class clazz) throws SecurityException { LauncherTrustManager trustManager = Launcher.getConfig().trustManager; if (trustManager == null) return; - X509Certificate[] certificates = JVMHelper.getCertificates(clazz); + X509Certificate[] certificates = getCertificates(clazz); if (certificates == null) { throw new SecurityException(String.format("Class %s not signed", clazz.getName())); } @@ -54,7 +60,7 @@ public static void main(String... args) throws Throwable { JVMHelper.verifySystemProperties(Launcher.class, true); EnvHelper.checkDangerousParams(); //if(!LauncherAgent.isStarted()) throw new SecurityException("JavaAgent not set"); - JVMHelper.verifyNoAgent(); + verifyNoAgent(); LogHelper.printVersion("Launcher"); LogHelper.printLicense("Launcher"); LauncherEngine.checkClass(LauncherEngine.class); @@ -91,6 +97,10 @@ public static void initGson(ClientModuleManager modulesManager) { Launcher.gsonManager.initGson(); } + public static void verifyNoAgent() { + if (JVMHelper.RUNTIME_MXBEAN.getInputArguments().stream().filter(e -> e != null && !e.isEmpty()).anyMatch(e -> e.contains("javaagent"))) throw new SecurityException("JavaAgent found"); + } + public void readKeys() throws IOException, InvalidKeySpecException { if (privateKey != null || publicKey != null) return; Path dir = DirBridge.dir; diff --git a/Launcher/src/main/java/pro/gravit/launcher/client/ClientModuleManager.java b/Launcher/src/main/java/pro/gravit/launcher/client/ClientModuleManager.java index 6a6e62d0..3121f061 100644 --- a/Launcher/src/main/java/pro/gravit/launcher/client/ClientModuleManager.java +++ b/Launcher/src/main/java/pro/gravit/launcher/client/ClientModuleManager.java @@ -3,7 +3,7 @@ import pro.gravit.launcher.Launcher; import pro.gravit.launcher.modules.LauncherModule; import pro.gravit.launcher.modules.impl.SimpleModuleManager; -import pro.gravit.utils.verify.LauncherTrustManager; +import pro.gravit.launcher.LauncherTrustManager; import java.nio.file.Path; import java.util.Collection; diff --git a/LauncherAPI/src/main/java/pro/gravit/launcher/LauncherConfig.java b/LauncherAPI/src/main/java/pro/gravit/launcher/LauncherConfig.java index 9efbb4b6..a755e529 100644 --- a/LauncherAPI/src/main/java/pro/gravit/launcher/LauncherConfig.java +++ b/LauncherAPI/src/main/java/pro/gravit/launcher/LauncherConfig.java @@ -5,7 +5,6 @@ import pro.gravit.launcher.serialize.stream.StreamObject; import pro.gravit.utils.helper.SecurityHelper; import pro.gravit.utils.helper.VerifyHelper; -import pro.gravit.utils.verify.LauncherTrustManager; import java.io.IOException; import java.security.cert.CertificateException; diff --git a/LauncherAPI/src/main/java/pro/gravit/launcher/modules/impl/SimpleModuleManager.java b/LauncherAPI/src/main/java/pro/gravit/launcher/modules/impl/SimpleModuleManager.java index 50766c4d..ce124b68 100644 --- a/LauncherAPI/src/main/java/pro/gravit/launcher/modules/impl/SimpleModuleManager.java +++ b/LauncherAPI/src/main/java/pro/gravit/launcher/modules/impl/SimpleModuleManager.java @@ -7,7 +7,7 @@ import pro.gravit.utils.helper.IOHelper; import pro.gravit.utils.helper.JVMHelper; import pro.gravit.utils.helper.LogHelper; -import pro.gravit.utils.verify.LauncherTrustManager; +import pro.gravit.launcher.LauncherTrustManager; import java.io.IOException; import java.lang.invoke.MethodHandles; @@ -169,11 +169,16 @@ public LauncherModule loadModule(Path file) throws IOException { return null; } } - + //JVMHelper.getCertificates + private static X509Certificate[] getCertificates(Class clazz) { + Object[] signers = clazz.getSigners(); + if (signers == null) return null; + return Arrays.stream(signers).filter((c) -> c instanceof X509Certificate).map((c) -> (X509Certificate) c).toArray(X509Certificate[]::new); + } public void checkModuleClass(Class clazz, LauncherTrustManager.CheckMode mode) throws SecurityException { if (trustManager == null) return; - X509Certificate[] certificates = JVMHelper.getCertificates(clazz); + X509Certificate[] certificates = getCertificates(clazz); if (certificates == null) { if (mode == LauncherTrustManager.CheckMode.EXCEPTION_IN_NOT_SIGNED) throw new SecurityException(String.format("Class %s not signed", clazz.getName())); diff --git a/LauncherCore/src/main/java/pro/gravit/utils/HTTPRequest.java b/LauncherCore/src/main/java/pro/gravit/launcher/HTTPRequest.java similarity index 70% rename from LauncherCore/src/main/java/pro/gravit/utils/HTTPRequest.java rename to LauncherCore/src/main/java/pro/gravit/launcher/HTTPRequest.java index 051601de..2b4bb42c 100644 --- a/LauncherCore/src/main/java/pro/gravit/utils/HTTPRequest.java +++ b/LauncherCore/src/main/java/pro/gravit/launcher/HTTPRequest.java @@ -1,4 +1,4 @@ -package pro.gravit.utils; +package pro.gravit.launcher; import com.google.gson.JsonElement; import com.google.gson.JsonParser; @@ -17,25 +17,6 @@ public final class HTTPRequest { private static final int TIMEOUT = 10000; private static final JsonParser parser = new JsonParser(); - public static int sendCrashreport(String strurl, byte[] data) throws IOException { - URL url = new URL(strurl); - HttpURLConnection connection = (HttpURLConnection) url.openConnection(); - connection.setRequestMethod("POST"); - connection.setRequestProperty("Content-Type", - "application/x-www-form-urlencoded"); - connection.setRequestProperty("Content-Length", - Integer.toString(data.length)); - connection.setRequestProperty("Content-Language", "en-US"); - OutputStream outputStream = connection.getOutputStream(); - outputStream.write(data); - outputStream.close(); - return connection.getResponseCode(); - } - - public static int sendCrashreport(String strurl, String data) throws IOException { - return sendCrashreport(strurl, data.getBytes(IOHelper.UNICODE_CHARSET)); - } - public static JsonElement jsonRequest(JsonElement request, URL url) throws IOException { return jsonRequest(request, "POST", url); } diff --git a/LauncherCore/src/main/java/pro/gravit/utils/verify/LauncherTrustManager.java b/LauncherCore/src/main/java/pro/gravit/launcher/LauncherTrustManager.java similarity index 99% rename from LauncherCore/src/main/java/pro/gravit/utils/verify/LauncherTrustManager.java rename to LauncherCore/src/main/java/pro/gravit/launcher/LauncherTrustManager.java index b35fb07e..5710081a 100644 --- a/LauncherCore/src/main/java/pro/gravit/utils/verify/LauncherTrustManager.java +++ b/LauncherCore/src/main/java/pro/gravit/launcher/LauncherTrustManager.java @@ -1,4 +1,4 @@ -package pro.gravit.utils.verify; +package pro.gravit.launcher; import pro.gravit.utils.helper.LogHelper; diff --git a/LauncherCore/src/main/java/pro/gravit/utils/helper/JVMHelper.java b/LauncherCore/src/main/java/pro/gravit/utils/helper/JVMHelper.java index edf607d9..ac532383 100644 --- a/LauncherCore/src/main/java/pro/gravit/utils/helper/JVMHelper.java +++ b/LauncherCore/src/main/java/pro/gravit/utils/helper/JVMHelper.java @@ -190,7 +190,4 @@ public static void verifySystemProperties(Class mainClass, boolean requireSys private JVMHelper() { } - public static void verifyNoAgent() { - if (RUNTIME_MXBEAN.getInputArguments().stream().filter(e -> e != null && !e.isEmpty()).anyMatch(e -> e.contains("javaagent"))) throw new SecurityException("JavaAgent found"); - } } diff --git a/modules b/modules index 9ee94152..9282291e 160000 --- a/modules +++ b/modules @@ -1 +1 @@ -Subproject commit 9ee94152da6ae8e3ea045484f60b2a2246b4e993 +Subproject commit 9282291e67d54aa617d32e78ef70a62b50a4c428