Conditional digest-library depenency

Programmers discuss here anything related to FreeOrion programming. Primarily for the developers to discuss.

Moderator: Committer

Post Reply
Message
Author
o01eg
Space Kraken
Posts: 162
Joined: Sat Dec 10, 2011 5:46 am

Conditional digest-library depenency

#1 Post by o01eg » Sun Jul 30, 2017 8:32 am

I'm going to implement digest authentication based on algorithm described in https://tools.ietf.org/html/rfc7616 and sha265 digest. Which library better to use for cross-platform as it should be used on both server and client side and should be added to freeorion-sdk?

I propose to use Crypto++ but may be there are other lighter libraries exist like https://github.com/okdshin/PicoSHA2.
Gentoo Linux x64, gcc-7.3, boost-1.65.0
Ubuntu Server 18.04 x64, gcc-7.3, boost-1.65.1
Welcome to multiplayer server at freeorion-test.dedyn.io.Version 0.4.8
Donates are welcome: BTC:14XLekD9ifwqLtZX4iteepvbLQNYVG87zK

User avatar
adrian_broher
Programmer
Posts: 1072
Joined: Fri Mar 01, 2013 9:52 am
Location: Germany

Re: Conditional digest-library depenency

#2 Post by adrian_broher » Sun Jul 30, 2017 9:09 am

> I'm going to implement digest authentication

That's out of scope for this game.
Resident code gremlin
Attached patches are released under GPL 2.0 or later.
Git author: Marcel Metz

o01eg
Space Kraken
Posts: 162
Joined: Sat Dec 10, 2011 5:46 am

Re: Conditional digest-library depenency

#3 Post by o01eg » Sun Jul 30, 2017 9:24 am

> That's out of scope for this game.

Why? Most multiplayer games supports authentication for players.
Gentoo Linux x64, gcc-7.3, boost-1.65.0
Ubuntu Server 18.04 x64, gcc-7.3, boost-1.65.1
Welcome to multiplayer server at freeorion-test.dedyn.io.Version 0.4.8
Donates are welcome: BTC:14XLekD9ifwqLtZX4iteepvbLQNYVG87zK

User avatar
Vezzra
Release Manager, Design
Posts: 4648
Joined: Wed Nov 16, 2011 12:56 pm
Location: Sol III

Re: Conditional digest-library depenency

#4 Post by Vezzra » Mon Jul 31, 2017 3:42 pm

@ o01eg, the question is, what exactly is it you want to achieve? Authentication only makes sense if you want to restrict access to shared resources/assets. So, my guess is you want to make sure no player can take the save file of a game they've been playing with other human players, and try to cheat by loading that game and taking over as another empire.

For that to work they need the save file in the first place, which they don't have, except the game host. So unless the game host distributes the save file, no player can cheat that way.

With the noteable exception of the game host themself of course. However, protecting a savegame against "unauthorized" access by the game host requires far more than just simple authentication (you need to encrypt the savegame, the game state of each empire would need to be encrypted with player specific keys, key generation, exchange and management needs to be done in a way that isn't easy to hack, otherwise the whole effort is pointless, and at that point we already need something so complicated that adrian_broher's assessment applies).

So, if we leave protecting against cheating by the game host aside, what would we need authentication for? When continuing a saved game, it's the game host's responsibility to assign the correct players to their empires, so no cheating possible here.

I too know 4X games that use authentication, but the cases (or better, the one case) I know of needs that because each player gets the entire savegame, not just their own gamestate (which also means the savegame was encrypted IIRC). As this isn't the case with FO, we don't have that issue.

Or did you have something entirely different in mind?

o01eg
Space Kraken
Posts: 162
Joined: Sat Dec 10, 2011 5:46 am

Re: Conditional digest-library depenency

#5 Post by o01eg » Mon Jul 31, 2017 5:49 pm

Vezzra wrote:@ o01eg, the question is, what exactly is it you want to achieve? Authentication only makes sense if you want to restrict access to shared resources/assets. So, my guess is you want to make sure no player can take the save file of a game they've been playing with other human players, and try to cheat by loading that game and taking over as another empire.
The main goal is to restrict one player connect as another player.
Vezzra wrote: So, if we leave protecting against cheating by the game host aside, what would we need authentication for? When continuing a saved game, it's the game host's responsibility to assign the correct players to their empires, so no cheating possible here.
It's true while we have a game host's who could provide this responsibility. If a game host will be a bot on remote server it cann't check who is who without authentication.
Vezzra wrote: I too know 4X games that use authentication, but the cases (or better, the one case) I know of needs that because each player gets the entire savegame, not just their own gamestate (which also means the savegame was encrypted IIRC). As this isn't the case with FO, we don't have that issue.

Or did you have something entirely different in mind?
Also if we have a remote server it should distinguish those who can control server from whose who cann't control server.
Gentoo Linux x64, gcc-7.3, boost-1.65.0
Ubuntu Server 18.04 x64, gcc-7.3, boost-1.65.1
Welcome to multiplayer server at freeorion-test.dedyn.io.Version 0.4.8
Donates are welcome: BTC:14XLekD9ifwqLtZX4iteepvbLQNYVG87zK

User avatar
Vezzra
Release Manager, Design
Posts: 4648
Joined: Wed Nov 16, 2011 12:56 pm
Location: Sol III

Re: Conditional digest-library depenency

#6 Post by Vezzra » Fri Aug 04, 2017 10:06 am

Ah ok, now I understand. However, what you're talking about here is the authentication required for a "meta-server": a server that allows you to create/spawn and manage games, and where the host not necessarily sits directly in front of the server machine (meaning, a remote game server).

While that is something we might have at some point in the future, the current FO "server" isn't anything like that. The server process can only handle one game, and gets launched by the game host on their local machine. Currently it's not possible to have a bot control the server (AFAICT), so you'd always need a human game host to launch the server and manage a multiplayer game. And that human can easily ensure no one takes over the empire of another player (unless they allow it of course).

So, adrian_broher's assessment still stands. The way things are set up currently wrt multiplayer games, user/player authentication is beyond the scope of this game. Unless we decide to extend FO with more sophisticated server capabilities that would allow to manage (multiplayer) games remotely, it makes no sense to just add authentication. I'd only do that as part of a remote game server implementation.

o01eg
Space Kraken
Posts: 162
Joined: Sat Dec 10, 2011 5:46 am

Re: Conditional digest-library depenency

#7 Post by o01eg » Fri Aug 04, 2017 6:37 pm

Vezzra wrote:Ah ok, now I understand. However, what you're talking about here is the authentication required for a "meta-server": a server that allows you to create/spawn and manage games, and where the host not necessarily sits directly in front of the server machine (meaning, a remote game server).
Yep. Although I've seen "meta-server" term uses for non-game server which just manages only list of already running servers, not spawns or stops them.
Vezzra wrote: While that is something we might have at some point in the future, the current FO "server" isn't anything like that. The server process can only handle one game, and gets launched by the game host on their local machine. Currently it's not possible to have a bot control the server (AFAICT), so you'd always need a human game host to launch the server and manage a multiplayer game. And that human can easily ensure no one takes over the empire of another player (unless they allow it of course).

So, adrian_broher's assessment still stands. The way things are set up currently wrt multiplayer games, user/player authentication is beyond the scope of this game. Unless we decide to extend FO with more sophisticated server capabilities that would allow to manage (multiplayer) games remotely, it makes no sense to just add authentication. I'd only do that as part of a remote game server implementation.
Ok, may be I'm just implementing features in the wrong order.
Gentoo Linux x64, gcc-7.3, boost-1.65.0
Ubuntu Server 18.04 x64, gcc-7.3, boost-1.65.1
Welcome to multiplayer server at freeorion-test.dedyn.io.Version 0.4.8
Donates are welcome: BTC:14XLekD9ifwqLtZX4iteepvbLQNYVG87zK

User avatar
adrian_broher
Programmer
Posts: 1072
Joined: Fri Mar 01, 2013 9:52 am
Location: Germany

Re: Conditional digest-library depenency

#8 Post by adrian_broher » Sat Aug 12, 2017 1:02 pm

Aside from Vezzra said there is no need to pull in any dependency for authentication. Send the password just plain text over the net.

You only want to keep people out of a game session, not using this for authorizing access to some private data.
Resident code gremlin
Attached patches are released under GPL 2.0 or later.
Git author: Marcel Metz

Post Reply