feat(secure): Server-side check for friends and friends-of-friends

Author: ashquarky

globals/get_user_friend_pids.go

@@ -0,0 +1,21 @@
+package globals
+
+import (
+	"context"
+
+	pbfriends "github.com/PretendoNetwork/grpc-go/friends"
+	"github.com/PretendoNetwork/nex-protocols-go/v2/globals"
+	"google.golang.org/grpc/metadata"
+)
+
+func GetUserFriendPIDs(pid uint32) []uint32 {
+	ctx := metadata.NewOutgoingContext(context.Background(), GRPCFriendsCommonMetadata)
+
+	response, err := GRPCFriendsClient.GetUserFriendPIDs(ctx, &pbfriends.GetUserFriendPIDsRequest{Pid: pid})
+	if err != nil {
+		globals.Logger.Error(err.Error())
+		return make([]uint32, 0)
+	}
+
+	return response.Pids
+}

globals/globals.go

@@ -2,7 +2,8 @@ package globals
 
 import (
 	"database/sql"
-	pb "github.com/PretendoNetwork/grpc-go/account"
+	pbaccount "github.com/PretendoNetwork/grpc-go/account"
+	pbfriends "github.com/PretendoNetwork/grpc-go/friends"
 	"github.com/PretendoNetwork/nex-go/v2"
 	"github.com/PretendoNetwork/nex-protocols-common-go/v2/globals"
 	"github.com/PretendoNetwork/plogger-go"
@@ -23,5 +24,9 @@ var Postgres *sql.DB
 var MatchmakingManager *common_globals.MatchmakingManager
 
 var GRPCAccountClientConnection *grpc.ClientConn
-var GRPCAccountClient pb.AccountClient
+var GRPCAccountClient pbaccount.AccountClient
 var GRPCAccountCommonMetadata metadata.MD
+
+var GRPCFriendsClientConnection *grpc.ClientConn
+var GRPCFriendsClient pbfriends.FriendsClient
+var GRPCFriendsCommonMetadata metadata.MD

init.go

@@ -3,6 +3,7 @@ package main
 import (
 	"database/sql"
 	"fmt"
+	pbfriends "github.com/PretendoNetwork/grpc-go/friends"
 	"os"
 	"strconv"
 	"strings"
@@ -33,6 +34,9 @@ func init() {
 	accountGRPCHost := os.Getenv("PN_MINECRAFT_ACCOUNT_GRPC_HOST")
 	accountGRPCPort := os.Getenv("PN_MINECRAFT_ACCOUNT_GRPC_PORT")
 	accountGRPCAPIKey := os.Getenv("PN_MINECRAFT_ACCOUNT_GRPC_API_KEY")
+	friendsGRPCHost := os.Getenv("PN_MINECRAFT_FRIENDS_GRPC_HOST")
+	friendsGRPCPort := os.Getenv("PN_MINECRAFT_FRIENDS_GRPC_PORT")
+	friendsGRPCAPIKey := os.Getenv("PN_MINECRAFT_FRIENDS_GRPC_API_KEY")
 
 	if strings.TrimSpace(kerberosPassword) == "" {
 		globals.Logger.Warningf("PN_MINECRAFT_KERBEROS_PASSWORD environment variable not set. Using default password: %q", globals.KerberosPassword)
@@ -106,6 +110,39 @@ func init() {
 		"X-API-Key", accountGRPCAPIKey,
 	)
 
+	if strings.TrimSpace(friendsGRPCHost) == "" {
+		globals.Logger.Error("PN_MINECRAFT_FRIENDS_GRPC_HOST environment variable not set")
+		os.Exit(0)
+	}
+
+	if strings.TrimSpace(friendsGRPCPort) == "" {
+		globals.Logger.Error("PN_MINECRAFT_FRIENDS_GRPC_PORT environment variable not set")
+		os.Exit(0)
+	}
+
+	if port, err := strconv.Atoi(friendsGRPCPort); err != nil {
+		globals.Logger.Errorf("PN_MINECRAFT_FRIENDS_GRPC_PORT is not a valid port. Expected 0-65535, got %s", accountGRPCPort)
+		os.Exit(0)
+	} else if port < 0 || port > 65535 {
+		globals.Logger.Errorf("PN_MINECRAFT_FRIENDS_GRPC_PORT is not a valid port. Expected 0-65535, got %s", accountGRPCPort)
+		os.Exit(0)
+	}
+
+	if strings.TrimSpace(friendsGRPCAPIKey) == "" {
+		globals.Logger.Warning("Insecure gRPC server detected. PN_MINECRAFT_FRIENDS_GRPC_API_KEY environment variable not set")
+	}
+
+	globals.GRPCFriendsClientConnection, err = grpc.Dial(fmt.Sprintf("%s:%s", friendsGRPCHost, friendsGRPCPort), grpc.WithTransportCredentials(insecure.NewCredentials()))
+	if err != nil {
+		globals.Logger.Criticalf("Failed to connect to friends gRPC server: %v", err)
+		os.Exit(0)
+	}
+
+	globals.GRPCFriendsClient = pbfriends.NewFriendsClient(globals.GRPCFriendsClientConnection)
+	globals.GRPCFriendsCommonMetadata = metadata.Pairs(
+		"X-API-Key", friendsGRPCAPIKey,
+	)
+
 	globals.Postgres, err = sql.Open("postgres", os.Getenv("PN_MINECRAFT_POSTGRES_URI"))
 	if err != nil {
 		globals.Logger.Critical(err.Error())

nex/register_common_secure_server_protocols.go

@@ -4,11 +4,14 @@ import (
 	"github.com/PretendoNetwork/minecraft-wiiu/globals"
 	"github.com/PretendoNetwork/nex-go/v2"
 	"github.com/PretendoNetwork/nex-go/v2/types"
+	commonglobals "github.com/PretendoNetwork/nex-protocols-common-go/v2/globals"
+	"github.com/PretendoNetwork/nex-protocols-common-go/v2/match-making/database"
 	commonnattraversal "github.com/PretendoNetwork/nex-protocols-common-go/v2/nat-traversal"
 	commonsecure "github.com/PretendoNetwork/nex-protocols-common-go/v2/secure-connection"
 	nattraversal "github.com/PretendoNetwork/nex-protocols-go/v2/nat-traversal"
 	secure "github.com/PretendoNetwork/nex-protocols-go/v2/secure-connection"
 	"os"
+	"slices"
 
 	commonmatchmaking "github.com/PretendoNetwork/nex-protocols-common-go/v2/match-making"
 	commonmatchmakingext "github.com/PretendoNetwork/nex-protocols-common-go/v2/match-making-ext"
@@ -69,6 +72,63 @@ func stubBrowseMatchmakeSession(err error, packet nex.PacketInterface, callID ui
 	return rmcResponse, nil
 }
 
+func gameSpecificCanJoinMatchmakeSession(manager *commonglobals.MatchmakingManager, pid *types.PID, session *matchmakingtypes.MatchmakeSession) *nex.Error {
+	if !session.OpenParticipation.Value {
+		return nex.NewError(nex.ResultCodes.RendezVous.PermissionDenied, "Gathering is not open to new participants")
+	}
+
+	isPublic := false
+	attrib, err := session.Attributes.Get(0)
+	if err == nil {
+		// * I wish this was a joke. top 8 bits are GameMode
+		// * This is the only difference between a public and a Friends match
+		isPublic = (attrib.Value & 0xFFFFFF) == 0x30881
+	}
+
+	if isPublic && os.Getenv("PN_MINECRAFT_ALLOW_PUBLIC_MATCHMAKING") == "1" {
+		//globals.Logger.Info("Game is public")
+		return nil
+	}
+
+	host := session.OwnerPID
+	hostFriends := manager.GetUserFriendPIDs(host.LegacyValue())
+	if slices.Contains(hostFriends, pid.LegacyValue()) {
+		//globals.Logger.Info("User is friend of host")
+		return nil
+	}
+
+	isFriendsOfFriends := false
+	if len(session.ApplicationBuffer.Value) > 0xc3 {
+		isFriendsOfFriends = session.ApplicationBuffer.Value[0xc3] == 0x8F
+	}
+
+	if !isFriendsOfFriends {
+		return nex.NewError(nex.ResultCodes.RendezVous.NotFriend, "User is not a friend of host")
+	}
+
+	// * Get the participants of this gathering so we don't have to check all 100whatever of host's friends
+	_, _, participants, _, nerr := database.FindGatheringByID(manager, session.ID.Value)
+	if err != nil {
+		globals.Logger.Errorf("Can't find gathering for pariticpation check: %v", nerr)
+		return nerr
+	}
+
+	for _, friend := range hostFriends {
+		// * Make sure this friend is actually in-game
+		// * This cast feels bad
+		if slices.Contains(participants, uint64(friend)) {
+			// * Are you a friend of the host's friend?
+			friendsFriends := manager.GetUserFriendPIDs(friend)
+			if slices.Contains(friendsFriends, pid.LegacyValue()) {
+				//globals.Logger.Infof("User is friend of host's friend %v", friend)
+				return nil
+			}
+		}
+	}
+
+	return nex.NewError(nex.ResultCodes.RendezVous.NotFriend, "User is not a friend of host's friends")
+}
+
 func registerCommonSecureServerProtocols() {
 	secureProtocol := secure.NewProtocol()
 	globals.SecureEndpoint.RegisterServiceProtocol(secureProtocol)
@@ -95,6 +155,9 @@ func registerCommonSecureServerProtocols() {
 	commonMatchmakeExtensionProtocol := commonmatchmakeextension.NewCommonProtocol(matchmakeExtensionProtocol)
 	commonMatchmakeExtensionProtocol.SetManager(globals.MatchmakingManager)
 
+	globals.MatchmakingManager.GetUserFriendPIDs = globals.GetUserFriendPIDs
+	globals.MatchmakingManager.CanJoinMatchmakeSession = gameSpecificCanJoinMatchmakeSession
+
 	commonMatchmakeExtensionProtocol.CleanupSearchMatchmakeSession = cleanupSearchMatchmakeSessionHandler
 	if os.Getenv("PN_MINECRAFT_ALLOW_PUBLIC_MATCHMAKING") != "1" {
 		globals.Logger.Warning("Public minigames are disabled for safety reasons.")