mirror/HMCL
2
0
Fork 0
mirror of https://github.com/HMCL-dev/HMCL.git synced 2025-03-07 17:36:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

Use custom log4j2.xml

Browse Source
This commit is contained in:
Glavo 2021-12-11 14:30:54 +08:00 committed by Yuhui Huang
parent b6ea4c7003
commit 7da2671ec5
4 changed files with 96 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
HMCL/src/main/java/org/jackhuang/hmcl/game/LauncherHelper.java
View File

@ -72,11 +72,6 @@ import static org.jackhuang.hmcl.util.i18n.I18n.i18n;
public final class LauncherHelper {
private static final Set<String> UNSAFE_CLIENT_1_7_XML_SHA1 =
Collections.unmodifiableSet(new HashSet<>(Collections.singletonList("6605d632a2399010c0085d3e4da58974d62ccdfe")));
private static final Set<String> UNSAFE_CLIENT_1_12_XML_SHA1 =
Collections.unmodifiableSet(new HashSet<>(Collections.singletonList("ef4f57b922df243d0cef096efe808c72db042149")));
private final Profile profile;
private final Account account;
private final String selectedVersion;
@ -523,31 +518,12 @@ public final class LauncherHelper {
VersionNumber.VERSION_COMPARATOR.compare("1.14.4-28.2.2", it.getVersion()) <= 0);
boolean hasOptiFine = version.getLibraries().stream().anyMatch(it -> it.is("optifine", "OptiFine"));
if (hasForge28_2_2 && hasOptiFine && gameVersion.compareTo(VersionNumber.asVersion("1.14.4")) == 0) {
Controllers.confirm(i18n("launch.advice.forge28_2_2_optifine"), i18n("message.error"), continueAction, null);
Controllers.confirm(i18n("launch.advice.forge28_2_2_optifine"), i18n("message.error"), continueAction, breakAction);
suggested = true;
}
}
// CVE-2021-44228 Remote code injection in Log4j
if (gameVersion.compareTo(VersionNumber.asVersion("1.7")) >= 0 && gameVersion.compareTo(VersionNumber.asVersion("1.18")) <= 0) {
String xmlSha1 = Optional.ofNullable(version.getLogging().get(DownloadType.CLIENT))
.flatMap(loggingInfo -> Optional.of(loggingInfo.getFile()))
.flatMap(idDownloadInfo -> Optional.ofNullable(idDownloadInfo.getSha1()))
.orElse("");
if (gameVersion.compareTo(VersionNumber.asVersion("1.12")) < 0) {
if (UNSAFE_CLIENT_1_7_XML_SHA1.contains(xmlSha1)) {
Controllers.confirm(i18n("launch.advice.log4j_cve_2021_44228"), i18n("message.warning"), continueAction, breakAction);
suggested = true;
}
} else {
if (UNSAFE_CLIENT_1_12_XML_SHA1.contains(xmlSha1)) {
Controllers.confirm(i18n("launch.advice.log4j_cve_2021_44228"), i18n("message.warning"), continueAction, breakAction);
suggested = true;
}
}
}
if (!suggested) {
if (!future.isDone()) {
future.complete(javaVersion);
}

37
HMCLCore/src/main/java/org/jackhuang/hmcl/launch/DefaultLauncher.java
View File

@ -31,12 +31,14 @@ import org.jackhuang.hmcl.util.Log4jLevel;
import org.jackhuang.hmcl.util.StringUtils;
import org.jackhuang.hmcl.util.gson.UUIDTypeAdapter;
import org.jackhuang.hmcl.util.io.FileUtils;
import org.jackhuang.hmcl.util.io.IOUtils;
import org.jackhuang.hmcl.util.io.Unzipper;
import org.jackhuang.hmcl.util.platform.CommandBuilder;
import org.jackhuang.hmcl.util.platform.JavaVersion;
import org.jackhuang.hmcl.util.platform.ManagedProcess;
import org.jackhuang.hmcl.util.platform.OperatingSystem;
import org.jackhuang.hmcl.util.platform.Bits;
import org.jackhuang.hmcl.util.versioning.VersionNumber;
import java.io.*;
import java.net.InetSocketAddress;
@ -186,6 +188,10 @@ public class DefaultLauncher extends Launcher {
res.addDefault("-Dcom.sun.jndi.cosnaming.object.trustURLCodebase=", "false");
}
if (isUsingLog4j()) {
res.addDefault("-Dlog4j.configurationFile=", getLog4jConfigurationFile().getAbsolutePath());
}
Proxy proxy = options.getProxy();
if (proxy != null && StringUtils.isBlank(options.getProxyUser()) && StringUtils.isBlank(options.getProxyPass())) {
InetSocketAddress address = (InetSocketAddress) options.getProxy().address();
@ -339,6 +345,29 @@ public class DefaultLauncher extends Launcher {
}
}
private boolean isUsingLog4j() {
return VersionNumber.VERSION_COMPARATOR.compare(repository.getGameVersion(version).orElse("Unknown"), "1.7") >= 0;
}
public File getLog4jConfigurationFile() {
return new File(repository.getVersionRoot(version.getId()), "log4j2.xml");
}
public void extractLog4jConfigurationFile() throws IOException {
File targetFile = getLog4jConfigurationFile();
InputStream source;
if (VersionNumber.VERSION_COMPARATOR.compare(repository.getGameVersion(version).orElse("Unknown"), "1.12") < 0) {
source = DefaultLauncher.class.getResourceAsStream("/assets/game/log4j2-1.7.xml");
} else {
source = DefaultLauncher.class.getResourceAsStream("/assets/game/log4j2-1.12.xml");
}
try (InputStream input = source;
OutputStream output = new FileOutputStream(targetFile)) {
IOUtils.copyTo(input, output);
}
}
protected Map<String, String> getConfigurations() {
return mapOf(
// defined by Minecraft official launcher
@ -406,6 +435,10 @@ public class DefaultLauncher extends Launcher {
decompressNatives(nativeFolder);
}
if (isUsingLog4j()) {
extractLog4jConfigurationFile();
}
File runDirectory = repository.getRunDirectory(version.getId());
if (StringUtils.isNotBlank(options.getPreLaunchCommand())) {
@ -481,6 +514,10 @@ public class DefaultLauncher extends Launcher {
decompressNatives(nativeFolder);
}
if (isUsingLog4j()) {
extractLog4jConfigurationFile();
}
String scriptExtension = FileUtils.getExtension(scriptFile);
boolean usePowerShell = "ps1".equals(scriptExtension);

28
HMCLCore/src/main/resources/assets/game/log4j2-1.12.xml Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="WARN">
<Appenders>
<Console name="SysOut" target="SYSTEM_OUT">
<PatternLayout pattern="[%d{HH:mm:ss}] [%t/%level]: %msg{nolookups}%n" />
</Console>
<Queue name="ServerGuiConsole">
<PatternLayout pattern="[%d{HH:mm:ss} %level]: %msg{nolookups}%n" />
</Queue>
<RollingRandomAccessFile name="File" fileName="logs/latest.log" filePattern="logs/%d{yyyy-MM-dd}-%i.log.gz">
<PatternLayout pattern="[%d{HH:mm:ss}] [%t/%level]: %msg{nolookups}%n" />
<Policies>
<TimeBasedTriggeringPolicy />
<OnStartupTriggeringPolicy />
</Policies>
</RollingRandomAccessFile>
</Appenders>
<Loggers>
<Root level="info">
<filters>
<MarkerFilter marker="NETWORK_PACKETS" onMatch="DENY" onMismatch="NEUTRAL" />
</filters>
<AppenderRef ref="SysOut"/>
<AppenderRef ref="File"/>
<AppenderRef ref="ServerGuiConsole"/>
</Root>
</Loggers>
</Configuration>

29
HMCLCore/src/main/resources/assets/game/log4j2-1.7.xml Normal file
View File

@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="WARN">
<Appenders>
<Console name="SysOut" target="SYSTEM_OUT">
<PatternLayout pattern="[%d{HH:mm:ss}] [%t/%level]: %msg%n" />
</Console>
<Queue name="ServerGuiConsole">
<PatternLayout pattern="[%d{HH:mm:ss} %level]: %msg%n" />
</Queue>
<RollingRandomAccessFile name="File" fileName="logs/latest.log" filePattern="logs/%d{yyyy-MM-dd}-%i.log.gz">
<PatternLayout pattern="[%d{HH:mm:ss}] [%t/%level]: %msg%n" />
<Policies>
<TimeBasedTriggeringPolicy />
<OnStartupTriggeringPolicy />
</Policies>
</RollingRandomAccessFile>
</Appenders>
<Loggers>
<Root level="info">
<filters>
<MarkerFilter marker="NETWORK_PACKETS" onMatch="DENY" onMismatch="NEUTRAL" />
<RegexFilter regex=".*\$\{[^}]*\}.*" onMatch="DENY" onMismatch="NEUTRAL"/>
</filters>
<AppenderRef ref="SysOut"/>
<AppenderRef ref="File"/>
<AppenderRef ref="ServerGuiConsole"/>
</Root>
</Loggers>
</Configuration>