Issue with AuthMe and proxy-support

[yangm97]

Looking at the logs, both Bungeecord and Glowstone are receiving the correct player IP:

06:28:30 [INFO] [/187.180.212.96:39420] <-> InitialHandler has connected
06:28:30 [INFO] [TheticalFlyer97] <-> ServerConnector [lobby] has connected

06:28:30 [INFO] UUID of player TheticalFlyer97 is a6462498-08d5-37c4-bfbb-158cac0008f2
06:28:30 [INFO] TheticalFlyer97 [/187.180.212.96:43947] connected, UUID: a6462498-08d5-37c4-bfbb-158cac0008f2
06:28:30 [INFO] TheticalFlyer97 joined the game
06:28:30 [INFO] TheticalFlyer97[/187.180.212.96:43947] registered channel: FML
06:28:30 [INFO] TheticalFlyer97[/187.180.212.96:43947] registered channel: AuthMeBridge
06:28:30 [INFO] TheticalFlyer97[/187.180.212.96:43947] registered channel: FML|HS
06:28:30 [INFO] TheticalFlyer97[/187.180.212.96:43947] registered channel: FORGE
06:28:30 [INFO] TheticalFlyer97[/187.180.212.96:43947] registered channel: BTLP/Bridge
06:28:30 [INFO] TheticalFlyer97[/187.180.212.96:43947] registered channel: BungeeCord
06:28:30 [INFO] TheticalFlyer97[/187.180.212.96:43947] registered channel: BAuthMeBridge
06:28:42 [INFO] TheticalFlyer97 issued command: /register (censored)

But looking at the AuthMe database, you can see that AuthMe has, somehow, received the Bungeecord IP from Glowstone and is using that instead of the player IP:

Another issue with AuthMe is that it’s not censoring commands with passwords (like /register and /login). AuthMe works perfectly fine otherwise.

---

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

[mastercoms]

It won't be able to censor commands unless it adds support for Glowstone. It uses a different logging interface than what Glowstone uses. The IP problem is strange, though. Also, you may want to censor your IP :).

[yangm97]

My IP is dynamic, so it has probably changed itself a number of times already but thanks :)

I will give a shout to AuthMe devs regarding the logging interface then.

[Postremus]

I was not able to reproduce the problem that authme uses the bungeecord ip. Have you set proxy-support to true?

[yangm97]

Yes. As you can see, the forwarded IP can be seen on GlowStone logs.

I’m afraid this might be somehow related to the way networking works in docker swarm. I’ve seen some issues on their side too, but as soon as I changed the port mapping mode to “host”, both bungee and glowstone started seeing the player IP (see this comment).

[mastercoms]

Relevant AuthMe code: https://github.com/AuthMe/AuthMeReloaded/blob/1f8307c8f6457741a130bccecc1d75977d99fe54/src/main/java/fr/xephi/authme/util/PlayerUtils.java#L39

[yangm97]

temp.zip

This is my (stripped down) server. Removed most plugins and config so you can deploy only the relevant parts (lobby(glowstone), bungeecord and database). Build with: docker-compose build and deploy with docker stack deploy -c docker-compose.yml whateverstackname. Bungeecord will be listening on the default minecraft port. I recommend testing with an external client, but I think you can replicate the issue from localhost too.

[VaiTon]

@yangm97 are you able to reproduce with the latest build?

[ahdg6]

In latest build,I can't even use Authme on glowstone. Thu Jul 01 11:58:29 UTC 2021:https://ci.codemc.io/job/AuthMe/job/AuthMeReloaded/ https://paste.ubuntu.com/p/dFYFzTNdQb/

[yangm97]

@VaiTon good question. Has anyone tried to use the reproduction docker stack with the latest build?

[mastercoms]

In latest build,I can't even use Authme on glowstone. Thu Jul 01 11:58:29 UTC 2021:https://ci.codemc.io/job/AuthMe/job/AuthMeReloaded/ https://paste.ubuntu.com/p/dFYFzTNdQb/

That's related to this: #914

[mastercoms]

I haven't used the Docker container yet, but I can test this out soon.