Notice: Any messages purporting to come from this site telling you that your password has expired, or that you need to verify your details, confirm your email, resolve issues, making threats, or asking for money, are
spam. We do not email users with any such messages. If you have lost your password you can obtain a new one by using the
password reset link.
Due to spam on this forum, all posts now need moderator approval.
Entire forum
➜ SMAUG
➜ SMAUG coding
➜ Client negotiation
It is now over 60 days since the last post. This thread is closed.
Refresh page
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Sun 01 Apr 2007 03:21 AM (UTC) |
| Message
| With MUSHclient to be open-source in the future, I plan on making a special version of MUSHclient for my MUD. I've had this idea in mind for a while, but obviously creating my own MUD client was not much of a priority (compared to the MUD).
So after coding in some features for my MUD in MUSHclient, I'd like for the MUD to recognize the player is using the special version and for the client to confirm (sort of like a handshake).
First off, what do you think of this? Not actually how to code it in, but the concept. Is it a bad idea? I plan on having things such as pre-installed aliases for the MUD, restricted use of things that are illegal on the MUD (triggers), etc. The player using this client would gain some sort of bonus (like maybe 2x EXP).
Second, what would be a good way of coding this in? I could probably hack it in somehow and get it working, but I'm not really sure of a decent way of doing it. I was thinking somewhere along the lines of the client sending text to the MUD which is ignored (it doesn't process the input) and then the MUD sends back text (which the client does not display) which would confirm (handshake). |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| Nick Gammon
Australia (23,158 posts) Bio
Forum Administrator |
| Date
| Reply #1 on Sun 01 Apr 2007 03:44 AM (UTC) |
| Message
| Such a thing would be easy enough to bypass. Someone could use a packet sniffer to work out your negotiation, and then get themselves 2x EXP without using your custom client.
There was a discussion a while back about some sort of AFK detection in the client, so that it would send back an "afk" message (an MXP sequence) if it detected that there had been no keyboard input for a while. However as we worked out, it wouldn't be that hard to either suppress the AFK messages, or generate dummy keypresses (eg. using some sort of gamers keyboard).
However if you simply want to detect the special version, and thus perhaps do things that other (alternative) clients don't support, then something like the client name, which is already sent, might do. Alternatively some sort of telnet negotiation would be easy enough to do.
One simple enough technique would be for the client to recognise a sequence (eg. "Welcome to XYZ MUD! Code (611b4ddf75f13d089eba73c6)") and then hash that against an internally stored string, and reply with the result. The server could then work out whether or not the modified client was present. |
- Nick Gammon
www.gammon.com.au, www.mushclient.com | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #2 on Sun 01 Apr 2007 03:56 AM (UTC) |
| Message
| | And that sequence would change each time the player logged on? |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| Nick Gammon
Australia (23,158 posts) Bio
Forum Administrator |
| Date
| Reply #3 on Sun 01 Apr 2007 04:17 AM (UTC) |
| Message
| Yes, you would generate a new random string (challenge) of some sort. That way the response has to be different each time, otherwise someone would simply note the response and send that automatically.
For example, your code would look like this:
Send challenge: 611b4ddf75f13d089eba73c6
MUSHclient hashes: 611b4ddf75f13d089eba73c6 and e726d6fceed2d0b2799c44ce (stored internally) together.
For example, in Lua, it would do this:
reply = utils.hash ("611b4ddf75f13d089eba73c6"
.. "e726d6fceed2d0b2799c44ce" )
print (reply) --> 7bb30ebd4f0565199c0fc471f9485432ebc97d55
This reply (7bb30ebd4f0565199c0fc471f9485432ebc97d55) would be sent back. Now the server also hashes the string it sent, with the "secret" string (e726d6fceed2d0b2799c44ce) and if it gets the same result, it assumes you have the custom client.
Assuming someone doesn't reverse engineer the client to find the secret string, an assumption I would not necessarily make, that gives a reasonably secure way of knowing they have your client.
|
- Nick Gammon
www.gammon.com.au, www.mushclient.com | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #4 on Tue 03 Apr 2007 02:51 AM (UTC) |
| Message
| | On to another concept. Is it a bad idea to restrict the client to only be able to connect to my MUD? I understand people do play multiple MUDs at once, but this will be a client designed specifically for my MUD and if I allow connections to other MUDs I'll have to limit the client a lot. |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| Gohan_TheDragonball
USA (183 posts) Bio
|
| Date
| Reply #5 on Tue 03 Apr 2007 03:12 AM (UTC) |
| Message
| | why would you need to limit it. i assume stock the mushclient source will work just fine on any mud. so anything you add you could simply just make specifically work if its connected to your mud, otherwise the client will operate normally. | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #6 on Tue 03 Apr 2007 03:18 AM (UTC) |
| Message
| | Because there are a lot of things that are global (global options, reading in World Files, etc). |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #7 on Tue 03 Apr 2007 03:24 AM (UTC) |
| Message
| I'm not sure I'd see it as a big problem, assuming I had a reason to use a custom client for a game. It might have to be a pretty good reason, though.
Even so, why would these extra settings break other MUDs? |
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Gohan_TheDragonball
USA (183 posts) Bio
|
| Date
| Reply #8 on Tue 03 Apr 2007 03:25 AM (UTC) |
| Message
| as for how you could use the IAC negotiation stuff, check this out:
http://www.auricmud.com/snippets/client-code.html | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #9 on Tue 03 Apr 2007 03:26 AM (UTC) |
| Message
| David: I don't think many people would want to use a client that had disabled triggers, on other MUDs that would allow triggers.
Gohan: I'm pretty sure people could spoof that, as Nick mentioned. |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #10 on Tue 03 Apr 2007 03:31 AM (UTC) |
| Message
| | Oh yeah, I'd forgotten about your plans to disable triggers and so forth. :) Well, in a sense, haven't you already solved the problem then? |
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #11 on Tue 03 Apr 2007 03:48 AM (UTC) |
| Message
| | Er, what problem? I have many problems. :P |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| Gohan_TheDragonball
USA (183 posts) Bio
|
| Date
| Reply #12 on Tue 03 Apr 2007 04:52 AM (UTC) |
| Message
| | well what i meant was combine the IAC negotiation stuff with that hashing stuff mentioned earlier. you negotiate that its your custom client, and then send the hashed string and wait for the response, if the response is correct, boom 2x exp gains. | | Top |
|
The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).
To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.
30,521 views.
It is now over 60 days since the last post. This thread is closed.
Refresh page
![[Go to top]](/images/gototop.gif)
top