-
-
Notifications
You must be signed in to change notification settings - Fork 121
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FastLogin handling cancelled PreLogin events #304
Comments
Which priority does the plugin use for the EDIT: Do you use asynchronous calls, so in case of BungeeCord |
Antibotdeluxe seems to be in highest priority, and i'm pretty sure it's async since it need to manage something like 2k connections/s. Atm, when under attack, antibotdeluxe can handle it easy, but fastlogin is creating a lot of threads for each connections and is crashing the dedicated :/ |
Background: So do you use Approaches Basically FastLogin have to wait until your checks are finished. Do you have maybe some kind of API event, where FastLogin could hook into after you made your checks?
Yes there is concept issue in FastLogin. However an approaches like above FastLogin would still make API request to Mojang although your plugin already identified the connection as malicious. FastLogin threading - Idea solve too many threads
Yes it's correct, FastLogins creates a new async task (utilizing caching from Bungee's Scheduler) for every blocking actions (HTTP, database) from the BungeeCord handler thread. Back then I didn't know better. I'm planing to change this. Maybe you already implemented a similar approach. It would be great to hear your concept in In case of the database with connection pooling (HikariCP), the number of threads that can access the database are limited by the number of connections in the pool. Other requests should be queued up and not hold any threads blocking. This means that we should have a processing thread pool (<= number of cores - like in Java) that doesn't perform any blocking calls and a database thread pool (<= connection size).
Therefore the number of threads will be limited, because we limit the number of blocking threads. Meanwhile we have potential full parallelism, because the processing pool doesn't block and only The idea is analog for HTTP. There we could use connection pooling using HTTP Keep-Alives and non-blocking I/O (ex: Netty). |
After taking a look with FusionCoding, the author of AntibotDeluxe, the plugin is running asynchronously, but using a ThreadPool instead of the inbuilt runAsync with the registerIntent method. However, he gave me this to get access to the plugin data by accessing it through the proxy, with this sample code: https://hastebin.com/uvohurazit.java AntiBotDeluxe has no API at this time, which is intended for that use, but this way should work too, he is currently sick so if there are any huge logical stupid things in there, take it easy ^^ |
Oh I misinterpreted you as the author, because of the so technical question, sorry.
So like I assumed. Both tasks run concurrently.
Thank you. Unfortunately this not an optimal solution in this case, because then FastLogin has to constantly pull the cache map if the result is available yet. How frequently should we pull, when do we time out and so on? Using something similar like a event or callbacks, we could get immediately notified. Alternatively we could prevent all Mojang calls meanwhile AntiBotDeluxe thinks the server is under attack. This way already registered players could still join while others will be kicked or assumed cracked at that time. However regardless of the selected approach above, we still need access to jar to compile FastLogin. Heavy reflections would be unpractical here. Since AntiBotDeluxe is a paid plugin and this is an open source plugin (everyone needs access to the libraries), the optimal solution would be to publish a jar containing only the API specifications available for everyone. This jar could for example contain the specification using an Java interface (without any implementation).
Hope he gets well soon. Is there away we could do without him doing anything as he should focus on recovering than on this? I guess someone of your AntiBotDeluxe team with his approval? Offtopic:
Would still be interested in how the thread pools are created. Do they have limit and are there more? But as you said, we should maybe discuss that later. |
Hello, Can you add FusionCoding & me on Discord? It would be easier to communicate and solve it asap. Best regards, |
Small recommendation is to use the |
What behaviour is observed:
FastLogin is handling cancelled PreLogin events
What behaviour is expected:
Is shouldn't handle them, since my antibot was cancelling them.
Steps/models to reproduce:
Cancel the prelogin event & it will send a request to mojang
Screenshots (if applicable)
/
Plugin list:
AuthmeReloaded, FastLogin, AntibotDeluxe
Environment description
Paper 1.8.8 & Latest build of Waterfall, using MariaDB for the 3 plugins
Plugin version or build number (don't write latest):
1.11-SNAPSHOT-74b1323
Server Log:
Hastebin / Gist link of the error, stacktrace or the complete log (if any)
https://paste.soleria.eu/yarafifuvi.md
Configuration:
Hastebin / Gist link of your config.yml file
https://paste.soleria.eu/feniliyeva.makefile
The text was updated successfully, but these errors were encountered: