Server Help

ASSS Custom Projects - Bringing zones together
BDwinsAlt - Wed Jun 06, 2007 11:35 pm
Post subject: Bringing zones together
I got bored so I made a biller. (Yeah...)
In a little over a day I have added this:
Code: Show/Hide

-------------------------------------------------------------------------------
NetOp Commands: ?broadcast
Owner Commands: None
Sysop Commands: None
Smod  Commands: ?addop, ?removeop
Mod   Commands: ?banip, ?bkick, ?getip
-------------------------------------------------------------------------------
Misc  Commands: ?binfo, ?bnews, ?btime, ?buptime, ?bversion, ?coin, ?man, ?sex
MSG   Commands: ?message, ?messages, msgdel
Other Commands: ?password, ?listop, ?listall
Squad Commands: ?squadjoin, ?squadpassword, ?squadowner, ?squadlist, ?squadkick
-------------------------------------------------------------------------------
Note: Syntax differs for some commands.  Type ?man <command> for help.


When I broadcast it sends "BROADCAST:PID:SOUND:TEXT" but only to that one zone.
How do I make it so it sends to everything connected to that port without it having to be a DGRAM socket where I would have to specify an ip and port for each zone.

Because my socket isn't DGRAM, socket.send doesn't seem to exist. How do I send strings of information to all clients connected. Will I have to turn it into bytes and so on?

This is Java because python wasn't splitting the strings of information correctly.
CypherJF - Thu Jun 07, 2007 1:20 am
Post subject:
You'll have to be careful with Java string splitting as well.

BLAH:BLAH:

Will result in 2 array items, not 3.
BDwinsAlt - Thu Jun 07, 2007 1:37 am
Post subject:
I haven't messed with chats yet. I wonder how I will do that.
Yea so if I make it say info[3] (arguments) then the second BLAH will be info[4]. Thats gay.
Maverick - Thu Jun 07, 2007 1:52 am
Post subject:
wow icon_eek.gif
You made it all out of scratch or did you use existing code?
BDwinsAlt - Thu Jun 07, 2007 2:22 am
Post subject:
Well I added Commands to Skybill. All the bnews, buptime. btime... all that was from what I coded earlier. The squad/messaging is all I really had to focus on. I didn't take anything from any biller that I didn't already code. So yes it is scratch.
CypherJF - Thu Jun 07, 2007 2:46 am
Post subject:
Ah but can yours do what mine does (besides adding ops, lol)? icon_wink.gif

BTW, it's now running on hyperion.mineplowers.com incase the zone was red (you can update your dir listing).
BDwinsAlt - Thu Jun 07, 2007 2:54 am
Post subject:
I'm working on it icon_biggrin.gif

I probably will never release/use it once I'm done. Just a project. if it looks really nice then I might. We'll see. icon_biggrin.gif

Edit: I made it so chats = squadchat for now.
I'm just testing my chat stuff. Right now if you type ';hey' it will send to everyone online in your squad. I'll have to figure out how I'm going to make multiple chats. That is also only zone-wide right now. I think I have an idea about how I can use a DGRAM socket to send chats and broadcasts net-wide.

EDIT II: Would anyone like to help me send messages?
Each zone is connected to the biller on it's own thread to keep them from clashing. icon_confused.gif
Cyan~Fire - Thu Jun 07, 2007 9:39 pm
Post subject:
Messages: Just have each thread poll some function for messages waiting to be received.
BDwinsAlt - Thu Jun 07, 2007 9:59 pm
Post subject:
UBill.java
Code: Show/Hide

import java.net.*;
import java.io.*;

public class UBill {
    public static void main(String[] args) throws IOException {
        ServerSocket serverSocket = null;
        boolean listening = true;

        try {
            serverSocket = new ServerSocket(2555);
       System.out.println("Starting UBill 0.1...");
        } catch (IOException e) {
            System.err.println("Could not listen on port: 2555.");
            System.exit(-1);
        }

        while (listening)
       new UBillConnect(serverSocket.accept()).start();

        serverSocket.close();
    }
}


Part of UBillConnect.java
Code: Show/Hide

       PrintWriter out = new PrintWriter(socket.getOutputStream(), true);
       BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));


Each zone has it's own out and in. If one zone sends: CHAT:X:X to the biller then the biller sends the CHATTXT, but only out with out.println(....);

I need CHATTXT to be sent to every 'out' that exists in any new UBillConnect.
Doc Flabby - Thu Jun 07, 2007 10:05 pm
Post subject:
I would have a look at how i did it in skybill. (v0.3) I got the chats working perfectly http://forums.minegoboom.com/download.php?id=1888

And with theoretically no limit to the number of chats.
BDwinsAlt - Fri Jun 08, 2007 2:37 am
Post subject:
I used your biller to see how CHAT and CHATTXT worked. (Thanks for commenting your code biggrin.gif ).

I'll see what I can do. icon_biggrin.gif
BDwinsAlt - Fri Jun 08, 2007 2:44 am
Post subject:
Wow, now I get it working in python.
Python seems to send things faster. I'll stick with java since I can probably do more with that and I already coded a thousand lines.
Smong - Fri Jun 08, 2007 8:24 am
Post subject:
BDwinsAlt wrote:
Code: Show/Hide

while (listening)
    new UBillConnect(serverSocket.accept()).start();
I think you need to keep track of all the UBillConnect objects inside a collection. Then when you want to broadcast you iterate over the objects and call a send method, something like:
Code: Show/Hide

while (listening)
{
    UBillConnect u = new UBillConnect(serverSocket.accept());
    collection.add(u);
    u.start();
}
...
broadcast(msg)
{
for each u in collection:
  u.send(msg)
}

It's going to be more complex than that since you need to remove disconnected zones from the collection.
BDwinsAlt - Fri Jun 08, 2007 3:52 pm
Post subject:
I'm still having trouble. I can't seem to figure out how to make the classes reach each other. Basically it looks like I'll have to store the collection in UBill, do the command in UBillConnect, go back to UBill to find the collection, and then figure out how to make sure it sends to all of them.

I've never done anything like this before. I've been googling forever.

EDIT:
I have everything done with the chats except for sending them to other zones.
I think that's really all I have left to do unless I feel like making an aliasing system. I try to make it all non-mysql so there are no drivers involved and not everyone can use mysql.
I know it's slower and not as efficent and more work, but it takes hard work to make a good looking biller anyway.

If you have any dumbed down code to help me get these threads to work with each other let me know.

UBill -> UBillConnect (broadcast cmd is found and work is done) -> UBill (Sends to all zones connected) <-- that is what I need somehow.

I can always port it to python if I get bored in the future.
Also, which is better, md5 or SHA? The only way to decode md5 is to md5 a string and see if it equals the md5 string right? I would think that was secure enough.
BDwinsAlt - Sat Jun 09, 2007 9:37 pm
Post subject:
I figured out how to communicate between classes. The only problem is it uses
Code: Show/Hide

public UBill u = new UBill();


So when I use u.msg (a string containing the broadcast) it isn't the same. How can I keep using one UBill?
Smong - Sun Jun 10, 2007 7:33 am
Post subject:
You can make a static factory class. Like u = UBillFactory.getUBill(); The first time the function is called it will create one instance of UBill, all other times it returns that same instance.
Code: Show/Hide
public class UBillFactory
{
   private static UBill u;
   public static getUBill()
   {
      if (u == null)
         u = new UBill();
      return u;
   }
}
BDwinsAlt - Sun Jun 10, 2007 3:46 pm
Post subject:
I LOVE YOU! Thank you so much. You will be added in the huge thanks part of the credits.
icon_biggrin.gif

Thanks again. icon_razz.gif icon_lol.gif icon_smile.gif icon_biggrin.gif icon_cool.gif icon_surprised.gif biggrin.gif
Cyan~Fire - Tue Jun 12, 2007 9:29 pm
Post subject:
That's not a Factory, Smong, it's a Singleton! Get your design patterns right. icon_razz.gif
Smong - Wed Jun 13, 2007 10:03 am
Post subject:
Heh I don't care only when I handed in some work the other day the guy said why didn't you use a "factory pattern" it works like this ...
Cerium - Wed Jun 13, 2007 5:48 pm
Post subject:
factories create lots of objects
singletons create a single object
BDwinsAlt - Fri Jun 15, 2007 4:47 am
Post subject:
Whatever it's called it worked for me. Smong was added to bversion, display message on entry, and readme. I will be releasing it for beta testing after I beta test it myself and change a few things. Any suggested commands/functions?
Smong - Fri Jun 15, 2007 5:21 am
Post subject:
How about making it save banners. Make sure there are ?changepassword and ?adduser op commands (and an option to not allow new users, so only ?adduser can be used).
BDwinsAlt - Fri Jun 15, 2007 12:18 pm
Post subject:
I haven't touched banners yet. I'll do that today when I get home. I added ?resetpassword for netops and I'll add ?adduser.
CypherJF - Fri Jun 15, 2007 5:18 pm
Post subject:
haha but how am i suppose to have fun, if i don't pound you and your biller to death. icon_wink.gif
BDwinsAlt - Fri Jun 15, 2007 5:30 pm
Post subject:
Then it will be fun when I reverse enginner your biller and combine it with mine to crush yours hard core. icon_biggrin.gif
CypherJF - Fri Jun 15, 2007 6:24 pm
Post subject:
*takes a pin and pops bd's balloon, laughs, and walks away* icon_twisted.gif har...
BDwinsAlt - Fri Jun 15, 2007 8:43 pm
Post subject:
-prizes himself prox (huge radius) and fires a huge bomb towards cypher (he used up all his repels and I have anti on. All he can do is esc q)

Muhahaha. icon_twisted.gif

J/k <3

If they want mysql they will go to you. If they don't do mysql, they will (hopefully) come to me. All is fair.
BDwinsAlt - Fri Jun 15, 2007 9:25 pm
Post subject:
Smong wrote:
How about making it save banners. Make sure there are ?changepassword and ?adduser op commands (and an option to not allow new users, so only ?adduser can be used).


Everything added. Any more suggestions?
CypherJF - Fri Jun 15, 2007 9:27 pm
Post subject:
BDwinsAlt wrote:
-prizes himself prox (huge radius) and fires a huge bomb towards cypher (he used up all his repels and I have anti on. All he can do is esc q)

Muhahaha. icon_twisted.gif

J/k <3

If they want mysql they will go to you. If they don't do mysql, they will (hopefully) come to me. All is fair.


Or if they want subgame to connect to it. tongue.gif
BDwinsAlt - Fri Jun 15, 2007 9:39 pm
Post subject:
Don't make me add subgame support. Reiz mich nicht. (Don't tempt me) icon_biggrin.gif
Smong - Sat Jun 16, 2007 7:07 pm
Post subject:
How are you saving stuff to disk? Custom DB (like pocob)?
BDwinsAlt - Sat Jun 16, 2007 8:07 pm
Post subject:
Just a custom way of saving everything to text files. I split different parts with a colon.
Login uses... Name:MD5Password:Squad:Email (?setemail)
An example: BDwinsAlt:a1b2c3d4e5f6g7h8:UBill:bdwinsalt@gmail.com

There are obviously different files for different things (like ?ban).

I was going to use mysql but cypher was using it, I didn't want to think about people using jdbc + mysql (some don't have a clue), and it was just easy for people who don't want to run any other special software.

It may be slower and a bit more work to code, but it works fine. I timed a login, 2 ms. Thats after it reads the bans, banfree,operators, and decides whether or not they are banned, then allows them to login. I thought that was awesome. I understand that it will differ from machine to machine because of different processor speeds. If it has 2ms on mine, it shouldn't be too much slower on any other pc.

Cypher and his MySQL. icon_biggrin.gif
Mine GO BOOM - Sat Jun 16, 2007 9:04 pm
Post subject:
BDwinsAlt wrote:
Login uses... Name:MD5Password:Squad:Email (?setemail)

I hope you plan on extending this to include a salt for the password hash. Otherwise, anyone who steals this file can just use a rainbow table and find user's passwords.

Quick how-to-salt: generate a random string of 4 characters or more, append it to the end of the user's password, then do the hash. When saving, save the salt and the hash output next to each other.
Code: Show/Hide
Password: bob
Salt: md83e
Hash("bobmd83e"): 8d4b2a76f3d0e82aecab9cf0cc46bd10
John:8d4b2a76f3d0e82aecab9cf0cc46bd10:md83e:Winners:spam@aol.com
CypherJF - Sat Jun 16, 2007 10:02 pm
Post subject:
If the person has the salt, and knows what role the salt plays into the password hash, how much more effort is created on their end?
Mine GO BOOM - Sat Jun 16, 2007 10:45 pm
Post subject:
You'd have to regenerate a whole new rainbow table just for it. The reason for the salt is so every password hash is unique. If player A and player B both used the same password, no one would know. And if player C used a commonly hashed password such as 'password', the cracker wouldn't be able to notice that instantly.
BDwinsAlt - Sun Jun 17, 2007 12:18 am
Post subject:
Oh I see. I'll definitely add that. Why would anyone want to steal passwords from a game? I know people do it, but I think it's retarded. Ahh well it's easy enough to add a few characters to the end. Thanks for the suggestion.

Edit: Added to auth, password commands, and adduser. I made a random 5 character string containing letters and numbers to be added to the end of the password. That should be a lot more secure. Any more suggestions?
Doc Flabby - Sun Jun 17, 2007 6:32 am
Post subject:
don't use md5 for passwords, its not designed for it, and it can be cracked in a few hours using a bot-net/distributed computer. use sha-512 instead.

I havn't given up on skybill, btw just trying to figure a way to develop the database bit more elegantly tongue.gif
Smong - Sun Jun 17, 2007 6:58 am
Post subject:
Now going back to the DB, are you opening the files everytime you want to find something, or are you loading everything into memory when the program starts? I think pocob loads everything into mem, being java there's probably an overhead for that.
CypherJF - Sun Jun 17, 2007 9:02 am
Post subject:
I'd recommend using SQLite, it's a nice storage application. There's talk about Mozilla Firefox 3 will be using it for offline storage.
Mine GO BOOM - Sun Jun 17, 2007 10:28 am
Post subject:
How are you two dealing with longer usernames? Subgame supports accepting a 32 character username from the login packet, but then only deals with 20 characters later on. I don't remember how Grelminar deals with the security hole in ASSS, but I believe the billing server needs to deal with it for subgame to be secure.
BDwinsAlt - Sun Jun 17, 2007 3:33 pm
Post subject:
Right now my biller only supports ASSS. (Once I get everything done for that one, I'll add subgame support).

Right now I don't have a max length on user names. I could add one. Having an extremely long name is ridiculous anyway. I could easily make a max length and deny entry if it's over that length the way I have it setup.

As for the login thing, it opens the file each time. I guess I could load it into memory and update it each time a password is changed or a squad is changed.
I think it's easier just to load it each time. It only takes a few ms to load everything for a player to enter the game. I'll play around and see what's best.

By adding the salt, wouldn't that make the salted md5 passwords almost uncrackable unless they found out what the salt was?

Say a password is server, if I make it server9iw2v, and I MD5 that, who is going to have that on their list of possible passwords? Should I add bytes to the password as well? sa_tongue.gif

Making a = ? or something crazy like that. I think everything is pretty secure after salting and md5. I know I wouldn't be able to crack it if I tried. You can only get an md5 password by encoding and seeing if it matches. Someone would have to think of that password before anyone could even try to crack it.

I doubt anyone would think of the password I used as an example (server9iw2v) [That isn't what I used, but it's the same concept.)
CypherJF - Sun Jun 17, 2007 4:06 pm
Post subject:
I ensure no username is greater than 24 characters since this is the smallest limitation either in the client<->server, or server <-> biller UDP protocol. There is/was some debate whether or not the 24 characters includes a \0.
Smong - Sun Jun 17, 2007 4:57 pm
Post subject:
Asss trims it to 19 characters when you login, but it can be changed afterwards (for example ^ prefix) up to 23 characters long.

@BDwinsAlt
Doc Flabby wrote:
don't use md5 for passwords ... it can be cracked in a few hours using a bot-net/distributed computer.
CypherJF - Sun Jun 17, 2007 5:24 pm
Post subject:
Updated my src to max out the user name at 23 characters.
BDwinsAlt - Sun Jun 17, 2007 6:44 pm
Post subject:
Ok I'm going to salt + md5, and then put it into sha-512. Is that secure enough?
I hope so.

Edit: That's what I did. Should be a lot more secure now. Doubt anyone will crack it.
Mine GO BOOM - Sun Jun 17, 2007 8:24 pm
Post subject:
BDwinsAlt wrote:
Ok I'm going to salt + md5, and then put it into sha-512. Is that secure enough?

You should never hash a hash. That just makes it worse. Pick one, and only use one.
BDwinsAlt - Wed Jun 20, 2007 5:18 pm
Post subject:
Ok I took out one of the hashes. I also added a module that will be open source so players can add what ever they want. I made it handle all commands and events before it goes to that modules because I don't want players to be able to steal passwords when ?password is sent. So you can only add commands that don't already exist.

You can get the following things from UBillConnect to UBillCmd:
Pid, cmd, arg, bang, out
PID = Player ID who sent the command.
CMD = the actual command sent.
ARG = The argument for the command.
BANG = The player's bang level
OUT = The thing used to send messages back to the server.

I'll post an example once I get on my other pc.

Code: Show/Hide

/*
Author: BDwinsAlt
Edited: June 20, 2007 [4:33 AM]

Credits:
         Smong        - Showing me factory classes allowing me to send messages across zones.
         Doc Flabby   - Commenting his code to show me how ASSS handles events.
         Mine GO Boom - Keeping me in line and allowing me to continue posting on his fourms.
         CypherJF     - Being a cool friend and giving me ideas. (Love ya)
         Sass         - Didn't help me with biller, but he is cool. (Lova ya, too)
         Hamm         - Being patient while I was updating the biller.
         Sonic VI     - Allowing me to test my netban command on an actual player and not myself.

         *God*        - For being there for me and allowing me to have the things I need in order to live and code.

*** ~Important Information~ ***
----------------------------------------------------------------------
pid = Player ID
cmd = Command that was sent
arg = argument for that command
bang = user's bang level (5 = Netop ... 1 = Mod [0 for Player] )
out = The thing used to send the message.
----------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Send can be modified to send sounds if you like.
  E.X: send = "MSG:" + pid + ":12:"; [Use right before out.println()]
  See ?newbie command for more information.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~ This is the only part I can leave open source because of security issues.
~ Existing commands won't get sent here; there is no use in trying to get passwords this way.

TIP: Don't seperate parts of a command with a colon, this will cause multi args and you are only granted one.
     Split them using something else (like a semicolon or something). [Until I edit]
*/

import java.io.*;

public class UBillCmd {

// Create a way for UBillConnect to get the information to send.

   // Handle all commands here
   public void handleCmd(String pid, String cmd, String arg, int bang, PrintWriter out)
   {

   // This is just to keep you from typing it each time.
   String send = "MSG:" + pid + ":0:";
   
   // Find out if a command is equals to something below.

   // *About*
   if (cmd.equalsIgnoreCase("about"))
   {
   out.println(send + "I am a simple, lonely biller.  I just sit here and listen to all your commands.");
   }

   // *Bstaff*
   else if (cmd.equalsIgnoreCase("bstaff"))
   {

   try {

   // Opens bstaff.txt file for reading.
   BufferedReader in = new BufferedReader(new FileReader("bstaff.txt"));
   String lines = in.readLine();

   // Starts while loop
   while(lines != null)
   {
   out.println(send + lines);  // Sends the text to the player line by line
   lines = in.readLine();      // Reads the next line
   }
   in.close();                 // Closes the file
   // End while Loop

   } catch(Exception e){out.println(send + "Unable to locate bstaff.txt.");}   // If file doesn't exist

   }
   
   // *Levels*
   else if (cmd.equalsIgnoreCase("levels"))
   {
   out.println(send + "NetOp = 5");
   out.println(send + "Owner = 4");
   out.println(send + "SysOp = 3");
   out.println(send + "SMod  = 2");
   out.println(send + "Mod   = 1");
   }

   // *Poetry*
   else if (cmd.equalsIgnoreCase("poetry"))
   {
   out.println(send + "Roses are red.  Violets are blue.  All my base are belong to you.");
   }

   // ~~ Start Man section ~~
   else if (cmd.equalsIgnoreCase("man"))
   {

   if (arg.equalsIgnoreCase(""))
   {
   out.println(send + "Ect. Commands:  ?about, ?bstaff, ?levels, ?poetry");
   }

   else if (arg.equalsIgnoreCase("about"))
   {
   out.println(send + "Args: None");
   out.println(send + "Syntax: ?about");
   out.println(send + "Description: Sends a little information about the biller.");
   }

   else if (arg.equalsIgnoreCase("bstaff"))
   {
   out.println(send + "Args: None");
   out.println(send + "Syntax: ?bstaff");
   out.println(send + "Description: Displays biller staff.");
   }

   else if (arg.equalsIgnoreCase("levels"))
   {
   out.println(send + "Args: None");
   out.println(send + "Syntax: ?levels");
   out.println(send + "Description: Displays the different operating levels.");
   }

   else if (arg.equalsIgnoreCase("poetry"))
   {
   out.println(send + "Args: None");
   out.println(send + "Syntax: ?poetry");
   out.println(send + "Description: Displays a simple, geeky poem.");
   }
   
   } // End Man section

   else if (cmd.equalsIgnoreCase("newbie") && bang == 0)
   {
   // Example of sending things your own way using different sounds and bang levels.
   out.println("MSG:" + pid + ":3:" + "Newb!");
   }

   } // End handleCmd

} // End Class


Edit: Forgot to take a comment out. You can send more than one line of text back.
BDwinsAlt - Sat Jun 23, 2007 2:09 am
Post subject:
I have a screen shot of my progress. I just now added a small GUI for now. I can pack it into a jar because I won't have to worry about a console anymore. I think it looks better this way. The reason the top is a charcoal color is because my system theme is overriding the Java theme.



The GUI was just something sudden. It wasn't really that complex either. I'll be adding more GUIs to it. I may add a setup GUI so you can just execute a jar and enter the values.

I could also make a name removal system (old names get removed) with this.
A person could set a last login date of something like July 4, 2002 (Pretending the database is that old) and any logins from before then would be deleted.

Any ideas/suggestions?

I plan on making it so you can change the welcome message and network name (like SSBD) while the biller is running.


HUGE thanks again to Smong. I've bene using that factory class like crazy. icon_biggrin.gif

Opps forgot to include a ban/invaild login example. Oh well. You see the basic idea.

Edit: Looks a bit weird for now. I added config (I figured password is more important than network name. BTW, the textfiled for greeting has more content in front of it. You can keep typing and typing. It doesn't stop at the edge.

Smong - Sat Jun 23, 2007 11:34 am
Post subject:
If you change settings via the GUI do they save back to config files? Or is everything hardcoded? Also that class is a "singleton" apparently, so you'll have to stop calling it a factory icon_neutral.gif
BDwinsAlt - Sat Jun 23, 2007 4:06 pm
Post subject:
But I store lots of objects. I'll just call it a smong class.
The greeting and password are loaded from the file when the setup utility is started. When you click save & quit, it saves what ever is in the boxes to the file. So if you don't change anything it stays the same (Still updates it, but it will be the same information). If you change something, it updates with the new information.

I'm pretty sure the biller loads the password each time a zone trys to connect to see if it matches the current one. it should since I'm pretty sure the greeting does that.

EDIT: I will try to tie up any loose ends and release a beta before my vacation on Wednesday -Sunday.

You guys can beta test it (if you want) and report any issues to me.
I did most of my coding in the middle of the night (12-5am or so) so it may have small grammar issues.

I can't make it better until I know what's wrong with it first. icon_biggrin.gif
All times are -5 GMT
View topic
Powered by phpBB 2.0 .0.11 © 2001 phpBB Group