Fix compatibility hash spoofing when plugins are present. Resolves #58.

Author: zkxs

NeosModLoader/AssemblyLoader.cs

@@ -48,7 +48,7 @@ internal static class AssemblyLoader
             Assembly assembly;
             try
             {
-                Logger.MsgInternal( $"load assembly {filename} with sha256hash: {Util.GenerateSHA256(filepath)}");
+                Logger.MsgInternal($"load assembly {filename} with sha256hash: {Util.GenerateSHA256(filepath)}");
                 assembly = Assembly.LoadFile(filepath);
             }
             catch (Exception e)

NeosModLoader/ModLoader.cs

@@ -10,7 +10,7 @@ namespace NeosModLoader
 {
     public class ModLoader
     {
-        internal const string VERSION_CONSTANT = "1.11.3";
+        internal const string VERSION_CONSTANT = "1.12.0";
         /// <summary>
         /// NeosModLoader's version
         /// </summary>

NeosModLoader/NeosVersionReset.cs

@@ -1,8 +1,11 @@
+using BaseX;
 using FrooxEngine;
 using HarmonyLib;
 using System;
 using System.Collections.Generic;
+using System.ComponentModel;
 using System.IO;
+using System.Linq;
 using System.Reflection;
 using System.Reflection.Emit;
 using System.Runtime.CompilerServices;
@@ -12,65 +15,159 @@ namespace NeosModLoader
 {
     internal class NeosVersionReset
     {
+        // used when AdvertiseVersion == true
+        private const string NEOS_MOD_LOADER = "NeosModLoader.dll";
+
         internal static void Initialize()
         {
             ModLoaderConfiguration config = ModLoaderConfiguration.Get();
             Engine engine = Engine.Current;
 
             List<string> extraAssemblies = Engine.ExtraAssemblies;
             string assemblyFilename = Path.GetFileName(Assembly.GetExecutingAssembly().Location);
-            bool nmlPresent = extraAssemblies.Contains(assemblyFilename);
+            bool nmlPresent = extraAssemblies.Remove(assemblyFilename);
 
             if (!nmlPresent)
             {
                 throw new Exception($"Assertion failed: Engine.ExtraAssemblies did not contain \"{assemblyFilename}\"");
             }
 
-            bool otherPluginsPresent = extraAssemblies.Count > 1;
-            bool shouldSpoofCompatibility = !otherPluginsPresent || config.Unsafe;
-            bool shouldSpoofVersion = !config.AdvertiseVersion && shouldSpoofCompatibility;
+            // get all PostX'd assemblies. This is useful, as plugins can't NOT be PostX'd.
+            Assembly[] postxedAssemblies = AppDomain.CurrentDomain.GetAssemblies()
+                .Where(IsPostXProcessed)
+                .ToArray();
 
-            if (shouldSpoofVersion)
-            {
-                // we intentionally attempt to set the version string first, so if it fails the compatibilty hash is left on the original value
-                // this is to prevent the case where a player simply doesn't know their version string is wrong
-                extraAssemblies.Clear();
-                if (!SpoofVersionString(engine))
+            string potentialPlugins = postxedAssemblies
+                .Select(a => Path.GetFileName(a.Location))
+                .Join(delimiter: ", ");
+
+            Logger.DebugFuncInternal(() => $"Found {postxedAssemblies.Length} potential plugins: {potentialPlugins}");
+
+            HashSet<Assembly> expectedPostXAssemblies = GetExpectedPostXAssemblies();
+
+            // attempt to map the PostX'd assemblies to Neos's plugin list
+            Dictionary<string, Assembly> plugins = new Dictionary<string, Assembly>(postxedAssemblies.Length);
+            Assembly[] unmatchedAssemblies = postxedAssemblies
+                .Where(assembly =>
                 {
-                    Logger.WarnInternal("Version string spoofing failed");
-                    return;
-                }
+                    string filename = Path.GetFileName(assembly.Location);
+                    if (extraAssemblies.Contains(filename))
+                    {
+                        // okay, the assembly's filename is in the plugin list. It's probably a plugin.
+                        plugins.Add(filename, assembly);
+                        return false;
+                    }
+                    else
+                    {
+                        // remove certain expected assemblies from the "unmatchedAssemblies" naughty list
+                        return !expectedPostXAssemblies.Contains(assembly);
+                    }
+                })
+                .ToArray();
+
+            string actualPlugins = plugins.Keys.Join(delimiter: ", ");
+            Logger.DebugFuncInternal(() => $"Found {plugins.Count} actual plugins: {actualPlugins}");
+
+            // warn about the assemblies we couldn't map to plugins
+            foreach (Assembly assembly in unmatchedAssemblies)
+            {
+                Logger.WarnInternal($"Unexpected PostX'd assembly: \"{assembly.Location}\". If this is a plugin, then my plugin-detection code is faulty.");
             }
-            else
+
+            // warn about the plugins we couldn't map to assemblies
+            HashSet<string> unmatchedPlugins = new(extraAssemblies);
+            unmatchedPlugins.ExceptWith(plugins.Keys); // remove all matched plugins
+            foreach (string plugin in unmatchedPlugins)
             {
-                Logger.MsgInternal("Version string not being spoofed due to config.");
+                Logger.ErrorInternal($"Unmatched plugin: \"{plugin}\". NML could not find the assembly for this plugin, therefore NML cannot properly calculate the compatibility hash.");
             }
 
-            if (shouldSpoofCompatibility)
+            // flags used later to determine how to spoof
+            bool includePluginsInHash = true;
+
+            // if unsafe is true, we should pretend there are no plugins and spoof everything
+            if (config.Unsafe)
             {
-                if (!SpoofCompatibilityHash(engine))
+                if (!config.AdvertiseVersion)
                 {
-                    Logger.WarnInternal("Compatibility hash spoofing failed");
-                    return;
+                    extraAssemblies.Clear();
                 }
+                includePluginsInHash = false;
+                Logger.WarnInternal("Unsafe mode is enabled! Not that you had a warranty, but now it's DOUBLE void!");
             }
-            else
+            // else if unmatched plugins are present, we should not spoof anything
+            else if (unmatchedPlugins.Count != 0)
             {
-                Logger.WarnInternal("Version spoofing was not performed due to another plugin being present! Either remove unknown plugins or enable NeosModLoader's unsafe mode.");
+                Logger.ErrorInternal("Version spoofing was not performed due to some plugins having missing assemblies.");
+                return;
+            }
+            // else we should spoof normally
+
+
+            // get plugin assemblies sorted in the same order Neos sorted them.
+            List<Assembly> sortedPlugins = extraAssemblies
+                .Select(path => plugins[path])
+                .ToList();
+
+            if (config.AdvertiseVersion)
+            {
+                // put NML back in the version string
+                Logger.MsgInternal($"Adding {NEOS_MOD_LOADER} to version string because you have AdvertiseVersion set to true.");
+                extraAssemblies.Insert(0, NEOS_MOD_LOADER);
+            }
+
+            // we intentionally attempt to set the version string first, so if it fails the compatibilty hash is left on the original value
+            // this is to prevent the case where a player simply doesn't know their version string is wrong
+            if (!SpoofVersionString(engine))
+            {
+                Logger.WarnInternal("Version string spoofing failed");
+                return;
+            }
+
+            if (!SpoofCompatibilityHash(engine, sortedPlugins, includePluginsInHash))
+            {
+                Logger.WarnInternal("Compatibility hash spoofing failed");
                 return;
             }
 
             Logger.MsgInternal("Compatibility hash spoofing succeeded");
         }
 
-        private static bool SpoofCompatibilityHash(Engine engine)
+        private static bool IsPostXProcessed(Assembly assembly)
+        {
+            return assembly.Modules // in practice there will only be one module, and it will have the dll's name
+                .SelectMany(module => module.GetCustomAttributes<DescriptionAttribute>())
+                .Where(IsPostXProcessedAttribute)
+                .Any();
+        }
+
+        private static bool IsPostXProcessedAttribute(DescriptionAttribute descriptionAttribute)
+        {
+            return descriptionAttribute.Description == "POSTX_PROCESSED";
+        }
+
+        // get all the non-plugin PostX'd assemblies we expect to exist
+        private static HashSet<Assembly> GetExpectedPostXAssemblies()
+        {
+            List<Assembly?> list = new()
+            {
+                Type.GetType("FrooxEngine.IComponent, FrooxEngine")?.Assembly,
+                Type.GetType("BusinessX.NeosClassroom, BusinessX")?.Assembly,
+                Assembly.GetExecutingAssembly(),
+            };
+            return list
+                .Where(assembly => assembly != null)
+                .ToHashSet()!;
+        }
+
+        private static bool SpoofCompatibilityHash(Engine engine, List<Assembly> plugins, bool includePluginsInHash)
         {
             string vanillaCompatibilityHash;
             int? vanillaProtocolVersionMaybe = GetVanillaProtocolVersion();
             if (vanillaProtocolVersionMaybe is int vanillaProtocolVersion)
             {
                 Logger.DebugFuncInternal(() => $"Vanilla protocol version is {vanillaProtocolVersion}");
-                vanillaCompatibilityHash = CalculateCompatibilityHash(vanillaProtocolVersion);
+                vanillaCompatibilityHash = CalculateCompatibilityHash(vanillaProtocolVersion, plugins, includePluginsInHash);
                 return SetCompatibilityHash(engine, vanillaCompatibilityHash);
             }
             else
@@ -80,10 +177,21 @@ private static bool SpoofCompatibilityHash(Engine engine)
             }
         }
 
-        private static string CalculateCompatibilityHash(int ProtocolVersion)
+        private static string CalculateCompatibilityHash(int ProtocolVersion, List<Assembly> plugins, bool includePluginsInHash)
         {
             using MD5CryptoServiceProvider cryptoServiceProvider = new();
-            byte[] hash = cryptoServiceProvider.ComputeHash(new MemoryStream(BitConverter.GetBytes(ProtocolVersion)));
+            ConcatenatedStream inputStream = new();
+            inputStream.EnqueueStream(new MemoryStream(BitConverter.GetBytes(ProtocolVersion)));
+            if (includePluginsInHash)
+            {
+                foreach (Assembly plugin in plugins)
+                {
+                    FileStream fileStream = File.OpenRead(plugin.Location);
+                    fileStream.Seek(375L, SeekOrigin.Current);
+                    inputStream.EnqueueStream(fileStream);
+                }
+            }
+            byte[] hash = cryptoServiceProvider.ComputeHash(inputStream);
             return Convert.ToBase64String(hash);
         }
 
@@ -109,20 +217,18 @@ private static bool SetCompatibilityHash(Engine engine, string Target)
 
         private static bool SpoofVersionString(Engine engine)
         {
-            // calculate correct version string
-            string target = Engine.VersionNumber;
+            string cachedVersion = engine.VersionString;
 
-            if (!engine.VersionString.Equals(target))
+            FieldInfo field = AccessTools.DeclaredField(engine.GetType(), "_versionString");
+            if (field == null)
             {
-                FieldInfo field = AccessTools.DeclaredField(engine.GetType(), "_versionString");
-                if (field == null)
-                {
-                    Logger.WarnInternal("Unable to write Engine._versionString");
-                    return false;
-                }
-                Logger.DebugFuncInternal(() => $"Changing version string from {engine.VersionString} to {target}");
-                field.SetValue(engine, target);
+                Logger.WarnInternal("Unable to write Engine._versionString");
+                return false;
             }
+            // null the cached value
+            field.SetValue(engine, null);
+
+            Logger.DebugFuncInternal(() => $"Changing version string from {cachedVersion} to {engine.VersionString}");
             return true;
         }
 

NeosModLoader/Util.cs

@@ -1,10 +1,11 @@
 using System;
-using System.IO;
+using System.Collections.Generic;
 using System.Diagnostics;
+using System.IO;
 using System.Reflection;
+using System.Security.Cryptography;
 using System.Threading;
 using System.Threading.Tasks;
-using System.Security.Cryptography;
 
 namespace NeosModLoader
 {
@@ -74,7 +75,7 @@ private static bool IsCompletedSuccessfully(this Task t)
         {
             return t.IsCompleted && !t.IsFaulted && !t.IsCanceled;
         }
-        
+
         //credit to delta for this method https://github.com/XDelta/
         internal static string GenerateSHA256(string filepath)
         {
@@ -84,5 +85,10 @@ internal static string GenerateSHA256(string filepath)
             return BitConverter.ToString(hash).Replace("-", "");
         }
 
+        internal static HashSet<T> ToHashSet<T>(this IEnumerable<T> source, IEqualityComparer<T>? comparer = null)
+        {
+            return new HashSet<T>(source, comparer);
+        }
+
     }
 }