| Time |
Nick |
Message |
| 00:19 |
|
est31 joined #minetest-dev |
| 01:04 |
|
Player_2 joined #minetest-dev |
| 02:33 |
|
shadowzone joined #minetest-dev |
| 02:51 |
|
shadowzone joined #minetest-dev |
| 03:13 |
hmmmm |
oh jesus christ |
| 03:13 |
hmmmm |
adding /Wall to msvc builds was a huge mistake |
| 03:13 |
hmmmm |
i'm surprised nobody complained about this recently |
| 03:14 |
VanessaE |
define "complained" |
| 03:14 |
VanessaE |
and what harm is it besides tons of warnings? |
| 03:16 |
hmmmm |
the tons of warnings is the harm |
| 03:16 |
hmmmm |
there were ~510000 warnings, almost 99% of them from the included windows headers |
| 03:16 |
VanessaE |
well considering that "to.... |
| 03:16 |
VanessaE |
holy fuck |
| 03:17 |
VanessaE |
ok I take back what I was about to say :P |
| 03:17 |
hmmmm |
warnings are useless unless they're actually noteworthy issues |
| 03:17 |
hmmmm |
what i expected: something like gcc's -Wall |
| 03:17 |
hmmmm |
what i got: oh my god stopstopstopstop |
| 03:18 |
exio4 |
well, you expected something that is useful from microsoft |
| 03:21 |
VanessaE |
lol |
| 03:22 |
VanessaE |
well what I was gonna say was, "tons of warnings" (were they legit that is) could explain why Wayward_One has hanging problems with MT now, as well as MichaelEh's weird crashing problem |
| 03:23 |
VanessaE |
(where there's a warning, there's code not precisely to C/C++ standard, which of course can lead to bugs, blah blah blah) |
| 04:14 |
|
Kalabasa joined #minetest-dev |
| 04:40 |
|
Hunterz joined #minetest-dev |
| 04:57 |
|
Miner_48er joined #minetest-dev |
| 05:01 |
|
selat joined #minetest-dev |
| 05:51 |
|
jin_xi joined #minetest-dev |
| 06:33 |
hmmmm |
did the formspec_escape issue ever get fixed? |
| 06:33 |
hmmmm |
it seems like all backslashes are missing from strings displayed in formspecs |
| 06:41 |
|
Hunterz joined #minetest-dev |
| 06:46 |
est31 |
#2225 ready to go, no feature changed, so even within freeze? |
| 06:46 |
ShadowBot |
https://github.com/minetest/minetest/issues/2225 -- Fixes for minetest.get_(all_)craft_recipe(s) by gregorycu |
| 06:46 |
hmmmm |
sure, but it needs to be reviewed first |
| 07:11 |
|
Weedy joined #minetest-dev |
| 07:11 |
|
Weedy joined #minetest-dev |
| 07:12 |
|
ImQ009 joined #minetest-dev |
| 07:38 |
|
Kalabasa joined #minetest-dev |
| 07:41 |
kahrl |
hmmmm, yes, 77e20a0c21 |
| 07:42 |
kahrl |
backslashes work for me (on linux) |
| 08:05 |
hmmmm |
it's broken on current HEAD windows |
| 08:09 |
hmmmm |
lol... somehow when compiled with msvc, minetest.exe exports lua functions |
| 08:10 |
hmmmm |
oh that makes sense, that's from the embedded lua |
| 08:14 |
kahrl |
seems strange that they are marked declspec(dllexport) if lua is compiled as a static lib |
| 08:17 |
kahrl |
hmmmm: re the last commit, shouldn't there are be a "bin\\Semidebug"? |
| 08:17 |
kahrl |
s/are/also |
| 08:18 |
hmmmm |
maybe, i'm not sure if cmake build types map over like that |
| 08:18 |
kahrl |
oh ok |
| 08:18 |
hmmmm |
well sorta |
| 08:18 |
hmmmm |
I must have added semidebug wrong somehow because it doesn't show up in the batch build dialog for the generated MSVC solution |
| 08:19 |
hmmmm |
but yeah there is RelWithDebInfo and MinSizeRel |
| 08:23 |
kahrl |
dunno, the solution generator might just have hardcoded build types |
| 08:37 |
|
kilbith joined #minetest-dev |
| 08:40 |
|
nrzkt joined #minetest-dev |
| 08:48 |
|
est31 joined #minetest-dev |
| 09:00 |
hmmmm |
ah nevermind |
| 09:01 |
hmmmm |
the path needs to be escaped for the build info that shows up on the left of the pause menu |
| 09:08 |
|
Krock joined #minetest-dev |
| 09:17 |
|
Krock joined #minetest-dev |
| 09:43 |
|
oleastre joined #minetest-dev |
| 09:56 |
|
DFeniks joined #minetest-dev |
| 10:03 |
|
Weedy joined #minetest-dev |
| 10:03 |
|
Weedy joined #minetest-dev |
| 10:26 |
|
selat joined #minetest-dev |
| 10:49 |
|
xrogaan joined #minetest-dev |
| 10:49 |
|
xrogaan joined #minetest-dev |
| 10:50 |
|
xrogaan left #minetest-dev |
| 10:51 |
|
Amaz joined #minetest-dev |
| 11:34 |
|
gregorycu joined #minetest-dev |
| 11:43 |
gregorycu |
Do we have any blockers I can look at for the release? |
| 12:14 |
|
Krock joined #minetest-dev |
| 12:25 |
|
xrogaan_ joined #minetest-dev |
| 12:25 |
|
Taoki joined #minetest-dev |
| 12:33 |
|
crazyR joined #minetest-dev |
| 12:40 |
|
iqualfragile joined #minetest-dev |
| 12:50 |
|
oleastre joined #minetest-dev |
| 13:05 |
|
Weedy joined #minetest-dev |
| 13:16 |
gregorycu |
There are more pull requests than bugs |
| 13:16 |
gregorycu |
I'm not sure what that means |
| 13:35 |
|
PilzAdam joined #minetest-dev |
| 13:36 |
gregorycu |
Hello PilzAdam |
| 13:36 |
gregorycu |
Do you think dead players should take damage? |
| 13:36 |
Wayward_One |
gregorycu: maybe we're gaining ground against the bugs? o.O |
| 13:36 |
gregorycu |
We only gain ground if PRs are merged |
| 13:37 |
Wayward_One |
oh... true |
| 13:37 |
gregorycu |
The longer a PR sits, the more chance it will need a rebase before merge, the more chance it will never get merged |
| 13:37 |
|
johnnyjoy joined #minetest-dev |
| 13:38 |
PilzAdam |
gregorycu, it should be up to mods / games |
| 13:38 |
gregorycu |
The reason I ask about dead players is that #81 becomes trivial to fix if we don't damage already-dead players |
| 13:38 |
ShadowBot |
https://github.com/minetest/minetest/issues/81 -- dying on lava causes repeated death, if respawn location isnt quickly updated |
| 13:39 |
PilzAdam |
(damage handling in general, that is) |
| 13:39 |
gregorycu |
I see |
| 13:39 |
gregorycu |
Once you're dead though... |
| 13:40 |
gregorycu |
That respawn window pops up... Is there any coming back from that? |
| 13:40 |
|
shadowzone joined #minetest-dev |
| 13:42 |
gregorycu |
I gotta sleep in 5 minutes, so yeah |
| 13:45 |
|
twoelk joined #minetest-dev |
| 13:47 |
twoelk |
gregorycu: iirc the issue was importand on connection lag with remote servers |
| 13:47 |
gregorycu |
Yes |
| 13:47 |
gregorycu |
The reason that is, is because the client continually sends "I got damaged" |
| 13:48 |
gregorycu |
Eventually the client sends "I want to respawn" |
| 13:48 |
twoelk |
you die, respawn at place of death and before you are teleported to spawn you die again |
| 13:48 |
gregorycu |
No, that's not accurate |
| 13:48 |
nrzkt |
+1 |
| 13:48 |
twoelk |
maybe not anymore |
| 13:48 |
gregorycu |
Yeah |
| 13:49 |
twoelk |
maybe the issue has been resolved by some opther fix or change |
| 13:49 |
gregorycu |
Basically, the issue happens when you have an "I want to respawn" message in-flight, and you send "I got damaged" behind it |
| 13:49 |
twoelk |
-p |
| 13:49 |
twoelk |
same effect |
| 13:49 |
twoelk |
doa |
| 13:49 |
gregorycu |
Eventually the server processes the "I want to respawn" and then it processes all the buffered "I got damaged" messages behind it |
| 13:49 |
gregorycu |
Well, simply by rearranging the setHP and respawn will do nothing |
| 13:50 |
twoelk |
never looked into it, just remember the things happening |
| 13:50 |
gregorycu |
You need to stop the "I got damaged" messages, or rather have a concept of "life id" |
| 13:50 |
gregorycu |
Where previous lifes messages get dropped |
| 13:50 |
twoelk |
it was rather annoying with some version of adventuretest iirc |
| 13:51 |
gregorycu |
Yeah, I really want to fix this, the oldest bug |
| 13:51 |
twoelk |
you kept loosing the inventory that way |
| 13:51 |
gregorycu |
I have a very simple 2 line fix |
| 13:51 |
gregorycu |
But it involves not continually getting damaged after death... Which mods may use |
| 13:52 |
twoelk |
so death blocks messaeges that come in after death ? |
| 13:52 |
twoelk |
gah -a |
| 13:53 |
gregorycu |
I don't know what you mean |
| 13:53 |
gregorycu |
Damage messages happen, even after death |
| 13:53 |
gregorycu |
If you sit in lava for 10 years, for 10 years you will get damaged |
| 13:53 |
gregorycu |
4 units of health a second |
| 13:54 |
gregorycu |
You can't hook player damage, so I'm not sure how mods use it |
| 13:54 |
twoelk |
hm, maybe not good for the gameplay |
| 13:54 |
gregorycu |
I was hoping to have a chat with PilzAdam but he has gone away |
| 13:55 |
twoelk |
yeah, he's not much for talking lately, University seems to take it's toll |
| 13:55 |
gregorycu |
Been there, not fun |
| 13:56 |
twoelk |
University? I actually miss the place, sort of |
| 13:56 |
gregorycu |
I think the best way is I submit a PR, and the convo can happen there at peoples convenience |
| 13:56 |
gregorycu |
Yeah, I did a double degree, twice the fun as a regular degree |
| 13:56 |
gregorycu |
But that was 4 years ago |
| 13:58 |
|
nrzkt joined #minetest-dev |
| 13:58 |
twoelk |
thinking off it, I guess I miss the being at the hub of information. Now I live in a more rural place, where even the next library worth such a name is a little off |
| 13:58 |
gregorycu |
What's a library? |
| 13:59 |
twoelk |
at university, there was always interesting events or there where people I could ask for help. I guess I would be totally lost today if I had no internet |
| 13:59 |
gregorycu |
Just don't need help :) |
| 14:00 |
twoelk |
can't be expert in everything and the advance in technology is at a breathtaking pace anyways |
| 14:01 |
gregorycu |
Sure you can :) |
| 14:01 |
gregorycu |
And if not, fake it till you make it |
| 14:02 |
twoelk |
I work in the civil engineering sector and I really do wish I was closer to some testing institute with all them new materials |
| 14:03 |
gregorycu |
What type of civil engineering? |
| 14:03 |
twoelk |
and faking knowledge must be carefully dosed or it may cost lives |
| 14:04 |
twoelk |
designing, building and installing smoke and heat extracting devices |
| 14:04 |
twoelk |
so if I blunder, people die |
| 14:05 |
gregorycu |
I know how you feel |
| 14:05 |
gregorycu |
If I blunder, a lot of rich people lose money |
| 14:05 |
kilbith |
you should move in private for pure offtopic like that guys... |
| 14:06 |
gregorycu |
Sorry, I'll shutup now |
| 14:06 |
twoelk |
sooooo on death I think nothing should affect the player until a respawn has been confirmed |
| 14:07 |
gregorycu |
I think so too, but people have commented otherwise |
| 14:07 |
twoelk |
and on respawn I don't think a shitload of damage aquired while he couldn't move should pe dumped on him |
| 14:07 |
gregorycu |
I'll submit a PR, see what is said |
| 14:08 |
gregorycu |
The problem is the server doesn't know |
| 14:08 |
gregorycu |
And it can't know reliably |
| 14:08 |
twoelk |
that's why I said confirmed, although I have not spent a thought on how that should work ;-P |
| 14:12 |
gregorycu |
Life sequence number |
| 14:12 |
gregorycu |
But yeah, easy fix is the no damage while dead |
| 14:14 |
DFeniks |
should all accumulated drowning damage be dumped on player if server been busy or network problem? it is problem in moontest because vacuum is drownable , and player gets breath by lua code that is executed by server |
| 14:15 |
gregorycu |
This only affects clients that have died |
| 14:15 |
gregorycu |
This particular bug |
| 14:15 |
twoelk |
^the real server life example needed for a functional test :) |
| 14:15 |
gregorycu |
This issue is different |
| 14:16 |
gregorycu |
Because this is about the server keeping you alive, as opposed to not killing you after respawning |
| 14:16 |
twoelk |
? disconnected clients? am I missing something? |
| 14:16 |
gregorycu |
DFeniks is referring to a mod where you take damage locally, but the server gives you health (effectively) |
| 14:17 |
twoelk |
I think the issue is you collect damage while in the limbo |
| 14:17 |
gregorycu |
So when the server lags, you don't get enough heath to keep you alive, and you die |
| 14:18 |
gregorycu |
The issue is that you collect damage between clicking respawn, and respawning |
| 14:18 |
twoelk |
er, no, you die and when you respawn you have less hp because you took more damage befor respawning |
| 14:18 |
gregorycu |
Urgh, two issues here |
| 14:19 |
twoelk |
oops, wait got to read what was said, might be missinterpreting |
| 14:19 |
DFeniks |
im not sure if i should comment on this . but i wonder if idea to take damage locally is that good idea |
| 14:19 |
gregorycu |
It is probably not a good idea |
| 14:19 |
DFeniks |
also having hardcoded health and breath values |
| 14:19 |
gregorycu |
But it's the way it is, so in the short term I want to get this bug fixed |
| 14:20 |
|
shadowzone joined #minetest-dev |
| 14:21 |
twoelk |
it is because it is part of predicting otherwise strange behaviour when lagging, or not as reallity tends to catch up with a surprise, whatever, don't know, ... guess -no lag- is the sollution to everything, the rest is up to 42 |
| 14:24 |
gregorycu |
Yeah... *sigh* |
| 14:26 |
twoelk |
actually could a priority flag be attached to certain things in the communication que? |
| 14:27 |
twoelk |
death is more important than say growth of a sapling nearby |
| 14:27 |
gregorycu |
Doesn't fix the issue though |
| 14:27 |
gregorycu |
(Probably makes for better perf) |
| 14:28 |
gregorycu |
It's possible the com queue is handled from a different thread from the ABMs |
| 14:29 |
* twoelk |
confesses to know absolutely nothing about details of the comunication between client and server |
| 14:31 |
gregorycu |
It's only fleeting knowledge for me |
| 14:31 |
gregorycu |
I'm just trying to fix as many perf issues and bugs as possible |
| 14:31 |
twoelk |
hm that spelling did look a little short for a thing that can get pretty endless :D |
| 14:32 |
gregorycu |
#2244 and #2245 |
| 14:32 |
ShadowBot |
https://github.com/minetest/minetest/issues/2244 -- Fix rebase bug, make render loop use cache setting by gregorycu |
| 14:32 |
ShadowBot |
https://github.com/minetest/minetest/issues/2245 -- Fix dying of lava causes repeated death by gregorycu |
| 14:35 |
twoelk |
so kicking a dead body should be useless :) |
| 14:35 |
gregorycu |
Just like in real life |
| 14:35 |
gregorycu |
I mean... err... |
| 14:35 |
gregorycu |
Goodnight twoelk |
| 14:36 |
twoelk |
bye - hm allready gone |
| 14:38 |
|
shadowzone joined #minetest-dev |
| 14:38 |
|
shadowzone joined #minetest-dev |
| 14:52 |
|
Kalabasa joined #minetest-dev |
| 14:54 |
|
CraigyDavi joined #minetest-dev |
| 14:54 |
|
jin_xi joined #minetest-dev |
| 15:08 |
|
vitaminx joined #minetest-dev |
| 15:09 |
vitaminx |
hi everyone, i'd like to speak privately to a developer who has knowledge about player account hacking |
| 15:09 |
|
kilbith joined #minetest-dev |
| 15:09 |
vitaminx |
or at least knows how minetest does authorization |
| 15:10 |
|
hmmmm joined #minetest-dev |
| 15:10 |
vitaminx |
i have some strange activity going on on my server and would like to know the opinion of someone who's experienced |
| 15:13 |
vitaminx |
with authorization i mean authentication ,sry |
| 15:14 |
hmmmm |
can you just as your damn question |
| 15:15 |
hmmmm |
ask*. sorry for that but it's violating the golden rule of don't ask to ask just ask |
| 15:16 |
|
Amaz joined #minetest-dev |
| 15:16 |
sofar |
hmmmm: you missed his first 2 lines of chat |
| 15:16 |
shadowzone |
hmmmm: he has been having people join his server and exploit some sort of hack and extract and possibilly send them anywhere. So he was wondering if there was someone who knew about authentication to help him. |
| 15:16 |
sofar |
<vitaminx> hi everyone, i'd like to speak privately to a developer who has knowledge about player account hacking / or at least knows how minetest does authorization |
| 15:16 |
hmmmm |
there is no need to speak privately about that |
| 15:16 |
hmmmm |
minetest is open source |
| 15:17 |
vitaminx |
yes, because I'd like to provide server logs which contain some sensitive info |
| 15:17 |
vitaminx |
like account names / passwords |
| 15:17 |
hmmmm |
server logs are a different matter |
| 15:17 |
vitaminx |
chat logs |
| 15:17 |
sofar |
I'm pretty sure minetest just passes credentials over the network in decodable format |
| 15:17 |
hmmmm |
typically PMing eachother isn't welcome because it's not in the channel logs and annoying |
| 15:18 |
vitaminx |
ok ok |
| 15:18 |
vitaminx |
one moment then |
| 15:18 |
hmmmm |
yea... the whole conversation doesn't need to be private |
| 15:18 |
hmmmm |
but chances are i won't even need your server logs to answer the question |
| 15:18 |
hmmmm |
so like i said... just ask |
| 15:20 |
vitaminx |
ok, so in public then - i've uploaded a conversation here: CHAT: <Kiss2> someone was on my accont |
| 15:20 |
vitaminx |
CHAT: <Kiss2> they where just on |
| 15:20 |
vitaminx |
CHAT: <Kiss2> HELP NO SOMEONE HACKED MY ACCOUNT I AM DATEING JOHNSEN |
| 15:20 |
vitaminx |
CHAT: <Kiss2> wtf someone hacked my account |
| 15:20 |
vitaminx |
CHAT: <magicman12> ? |
| 15:20 |
|
vitaminx joined #minetest-dev |
| 15:20 |
vitaminx |
ehm sorry about that :( |
| 15:20 |
hmmmm |
if you're pasting over 3 lines of text, please use a paste site |
| 15:20 |
vitaminx |
copy paste fail |
| 15:21 |
hmmmm |
also is this a development topic even? |
| 15:21 |
vitaminx |
well i'm turning to developers as #minetest nobody really knows |
| 15:21 |
vitaminx |
http://pastebin.com/T6ez4a4D |
| 15:22 |
vitaminx |
this is a conversation where someone apparently hacked player accounts, but i'm not 100% sure how he's doing it and how to protect |
| 15:22 |
vitaminx |
and *where* the vulnerability is |
| 15:23 |
shadowzone |
oh hail no! |
| 15:23 |
shadowzone |
I recently granted her interact on MTZ-Basic. |
| 15:24 |
hmmmm |
could you please translate that conversation to me... |
| 15:24 |
vitaminx |
ok |
| 15:24 |
hmmmm |
nevermind, summarize |
| 15:24 |
vitaminx |
lets make it short |
| 15:24 |
hmmmm |
in an intelligible manner |
| 15:24 |
vitaminx |
magicman12 apparently has a way to retreive passwords of accounts of his choice |
| 15:25 |
shadowzone |
http://www.dtccom.net/about-dtc |
| 15:25 |
shadowzone |
Just ban him |
| 15:25 |
hmmmm |
did you create a new account with a strong password and ask him to get that account? |
| 15:25 |
hmmmm |
(i.e. is it reproducable) |
| 15:25 |
|
Hunterz joined #minetest-dev |
| 15:26 |
vitaminx |
he wasnt connected recently so i havent had the chance to talk to him |
| 15:26 |
vitaminx |
i also dont want to ban him because i'd like to understand what happened |
| 15:26 |
vitaminx |
if i ban him someone else will come one day and will do the same |
| 15:27 |
hmmmm |
it's highly unlikely there's an issue with minetest itself |
| 15:27 |
vitaminx |
he's talking about a D.T.C client |
| 15:27 |
hmmmm |
are you sure your computer hasn't been compromised |
| 15:27 |
vitaminx |
yes 100% |
| 15:27 |
hmmmm |
right.. |
| 15:27 |
hmmmm |
nobody can be sure their computer hasn't been compromised |
| 15:28 |
vitaminx |
as far as 100% goes at least, trust me I'm a profi admin ;) |
| 15:28 |
hmmmm |
so yeah, what do the server logs say? |
| 15:29 |
vitaminx |
nothing related |
| 15:29 |
|
ImQ009 joined #minetest-dev |
| 15:29 |
vitaminx |
as far as I understand what he's saying is that he pulls the passwords using the (modified?) client |
| 15:29 |
vitaminx |
that would be strange because minetest is probably not storing hashes client-side |
| 15:30 |
hmmmm |
soo |
| 15:30 |
|
FR^2 joined #minetest-dev |
| 15:30 |
hmmmm |
I don't get it |
| 15:30 |
vitaminx |
me neither |
| 15:30 |
vitaminx |
thats why i asked if someone could read the chat logs |
| 15:30 |
hmmmm |
if the server logs have nothing related, why were you going to show me them |
| 15:30 |
hmmmm |
and why did you make a big stink about this being private |
| 15:31 |
vitaminx |
because he mentions account names and the password he hacked in the chat logs - i just didnt want to put that public |
| 15:31 |
vitaminx |
anyways it's xxxx'd out in pastebin now |
| 15:31 |
hmmmm |
and you can delete the pastebin entry too |
| 15:31 |
vitaminx |
yes, it aut-deletes in an hour |
| 15:32 |
hmmmm |
the server was probably compromised and he has the password hashes which are then sent raw during authentication |
| 15:33 |
hmmmm |
but the only way to be sure there's no problem is to log each authentication attempt |
| 15:33 |
vitaminx |
ok yes, the minetest auth attempts are logged of course |
| 15:34 |
vitaminx |
just need to grep them out, give me a sec |
| 15:34 |
|
SopaXorzTaker joined #minetest-dev |
| 15:34 |
|
shadowzone joined #minetest-dev |
| 15:35 |
crazyR |
just a quick though... check all your mods |
| 15:36 |
sofar |
yeah, don't forget to audit for rogue mods |
| 15:39 |
hmmmm |
well, it doesn't look like the packet sequence is enforced |
| 15:40 |
hmmmm |
i'm probably wrong but theoretically someone can simply skip TOSERVER_INIT2 completely? |
| 15:40 |
hmmmm |
..thanks sapier |
| 15:41 |
kilbith |
^ nrzkt |
| 15:41 |
hmmmm |
it's an initial guess |
| 15:41 |
hmmmm |
vitaminx, what you're doing is basically saying, "help help, somebody on my server got haxed, here are some vague irrelevant details, i need a complete audit of the relevant authentication code" |
| 15:42 |
vitaminx |
http://pastebin.com/cwBpv1AL |
| 15:42 |
vitaminx |
-> chat + relevant auth attempts |
| 15:43 |
vitaminx |
yes I'll certainly audit the mods as far as its feasible |
| 15:43 |
hmmmm |
at the very most that tells us there weren't any failed attempts in between |
| 15:44 |
hmmmm |
i'll have to take a better look at all this later |
| 15:44 |
nrzkt |
in fact protocol is shit |
| 15:44 |
nrzkt |
_INIT2 doesn't serve to anything :p |
| 15:44 |
vitaminx |
sure, make sure you copy that snippet, cause it expires in an hour |
| 15:45 |
nrzkt |
i'm rewriting all protocol to prevent those problem, and it's also a problem with using a pure UDP without any exchange between the client and the server to negociate some hidden params |
| 15:46 |
vitaminx |
and hmmm, i'm not coming here to cry for help - i could just ban the guy if necessary - I want to provide a good quality server, where security is just part of it - to help making minetest a bit better maybe |
| 15:46 |
Krock |
let's use rot13 on all network data! |
| 15:46 |
nrzkt |
vitaminx, approved |
| 15:47 |
|
ImQ009_ joined #minetest-dev |
| 15:53 |
|
roniz joined #minetest-dev |
| 15:55 |
hmmmm |
well i don't know man] |
| 15:55 |
hmmmm |
the protocol isn't that great but it is what it is |
| 15:55 |
hmmmm |
we inherited it |
| 15:56 |
hmmmm |
this isn't going to get fixed |
| 15:57 |
hmmmm |
it's too large of a code issue to do quickly and there's no evidence this wasn't a simple server compromise |
| 15:57 |
|
selat joined #minetest-dev |
| 15:57 |
nrzkt |
it's easy to bypass some things with this protocol. |
| 15:58 |
hmmmm |
TOSERVER_INIT can't be skipped unless you want no username |
| 15:58 |
hmmmm |
so that scenario isn't happening |
| 15:59 |
hmmmm |
regardless, this complaint increased the priority of the authentication protocol overhaul |
| 15:59 |
nrzkt |
i found a strange issue yesterday, bypassing credentials when disconnecting server and re-auth with another login |
| 15:59 |
hmmmm |
this could be related |
| 16:00 |
vitaminx |
hmmmm: as you said it, there can only be evidence of a server compromise, but not the opposite - my word on it doesnt count i guess? (ssh root + password logins disabled, i only use ssh-keys + server is minimal Debian install with only minetest port reachable from outside - no other ports open, etc.) |
| 16:02 |
hmmmm |
of course your word doesn't count |
| 16:02 |
hmmmm |
there's no way anybody can reasonably say with certainty they weren't compromised |
| 16:03 |
nrzkt |
hmmmm, are you sure you're not compromized ? |
| 16:03 |
vitaminx |
hmmmm: thats what i just said, so saying "it's too large of a code issue to do quickly and there's no evidence this wasn't a simple server compromise" makes no sense |
| 16:04 |
vitaminx |
because no-one can prove you the opposite |
| 16:04 |
hmmmm |
vitaminx: I'm saying it's something that can't be solved quickly |
| 16:04 |
hmmmm |
so the best you can do is assume a compromise |
| 16:05 |
vitaminx |
i'm sorry but no - the chat logs don't give any hint in that direction either |
| 16:06 |
vitaminx |
everything points to some rogue client or protocol abuse |
| 16:06 |
vitaminx |
but anyways, it's not my place to tell you something here i guess |
| 16:06 |
vitaminx |
i'm not developing the game, basically just wanted to report an issue |
| 16:19 |
hmmmm |
sorry |
| 16:20 |
crazyR |
can i ask why the devs are so defensive on topics of security this is the second day of security related watering down.... maybe its just me miss interpreting i dont know# |
| 16:20 |
hmmmm |
i want to take a better look at this but I can't |
| 16:20 |
twoelk |
vitaminx: I don't really understand the explaination in the server chat. It looks like he just logged onto the server folder. If so the part of copying the relevant files is missing. Are you blocking casual access to your server? Maybe build an index.html or whatever to catch unspecific calls to that folöder and divert them to som page |
| 16:20 |
hmmmm |
crazyR: not defensive, I know there is a huge problem with our auth |
| 16:21 |
hmmmm |
but I can't magically find & fix a structural problem like that (if it is one) in a quick manner |
| 16:21 |
* twoelk |
has a bad typing day of mega thick fingers |
| 16:21 |
hmmmm |
especially when i have real life work |
| 16:21 |
|
DFeniks joined #minetest-dev |
| 16:21 |
hmmmm |
I don't see how "everything points to a rogue client or protocol abuse" |
| 16:22 |
crazyR |
hmmmm i understand that but no one is holding you personally responsible for the fix to be issued. again unless i missed something |
| 16:25 |
hmmmm |
i'm not sure |
| 16:25 |
Brains |
So... The dev says, "Nice incident there but there is no real proof of exactly what is going on so, other than increasing the priority of the already in discussion overhaul, it is probably best to treat it as a possible server compromise." (Address what you can and deal with what you can't, pretty straightforward.) How does that amount to watering down? |
| 16:25 |
* Brains |
is paraphrasing, of course. |
| 16:26 |
hmmmm |
it can always be a server compromise |
| 16:26 |
hmmmm |
I could be compromised right now |
| 16:26 |
Brains |
And there is seldom a downside to firming up your server's attack surface. |
| 16:26 |
hmmmm |
my cpu could've been compromised 2 years ago when i bought it |
| 16:27 |
hmmmm |
I do feel a sense of urgency from this issue |
| 16:28 |
hmmmm |
in any case, I can't do anything more without vitaminx replicating the problem (having the attacker do the same thing again with a brand new account just created) |
| 16:29 |
hmmmm |
bbl |
| 16:31 |
crazyR |
brains: "it's too large of a code issue to do quickly and there's no evidence this wasn't a simple server compromise" that statement is the main part that i was referring too... when the bug/issue call it what you will was reported no asked for a quick solution. the fact that the devs know that the auth system isn't very good should actually be quite |
| 16:31 |
crazyR |
concerning. but (and this is not directed at hmmmm) i always seem too find issues that on surface seem important being pushed to one side. |
| 16:33 |
hmmmm |
it would be extremely concerning for any other type of project, but this is a video game where people (well, anybody reasonable) make their passwords "abcd1234" for the most part |
| 16:33 |
Brains |
crazyR: Without evidence of what actually happened, you can't really expect much of any response. The conversation also happens to mention (by two separate people IIRC) that an overhaul is on the table. |
| 16:34 |
hmmmm |
that's the reason why I'm not too concerned with the state of the authentication protocol, but others were making talk about improving it so I chimed in saying that if it's to be done, it's to be done the right way |
| 16:35 |
hmmmm |
the hot option is currently switching to SRP |
| 16:35 |
hmmmm |
I think est31 was working on it |
| 16:35 |
hmmmm |
or me, I don't know |
| 16:35 |
Brains |
crazyR: Oh, and, because it is required by custom in any discussion of open source software, patches accepted. (Mostly meant in an amusing manner) |
| 16:36 |
hmmmm |
but we're in the middle of a release |
| 16:36 |
hmmmm |
there are some blocking bugs that I need people get resolved first |
| 16:37 |
Brains |
hmmmm: Is there a list of blocking bugs at the moment? |
| 16:37 |
hmmmm |
in theory, it's the Issues list on github with the 'blocker' filter applied |
| 16:37 |
hmmmm |
I think that only pops one item up that I have no idea of or any control over |
| 16:38 |
vitaminx |
twoelk: by casual access you mean http access? there is no web server running on that machine |
| 16:38 |
hmmmm |
also I haven't seen wayward_one around recently, I need him to try out a patch to see if it resolves his sp issues |
| 16:38 |
hmmmm |
dammit I have RL stuff to do, stop dragging me into minetest land |
| 16:39 |
twoelk |
was just a wild guess from what I made of the chat. It looked like he just pasted the IP somewhere |
| 16:39 |
hmmmm |
ah the problem of remote work :( |
| 16:39 |
vitaminx |
<hmmmm> in any case, I can't do anything more without vitaminx replicating the problem -> ok i will try to do that, depends if the user connects again, i'll let you know if i find out more |
| 16:39 |
crazyR |
as i said above no one expected you to say. damn.... this needs fixing right away lets stop everything we are doing.... he just wanted some clues as to what could be the issue so he could attempt to learn.... |
| 16:42 |
|
decimalguy joined #minetest-dev |
| 16:42 |
|
Calinou joined #minetest-dev |
| 16:42 |
crazyR |
hmmmm also without sounding disrespectful if you have RL stuff to do why stay online here. disable notifactions and let someone else deal with it :) |
| 16:43 |
nrzkt |
i have RL stuff to, i go to highmaul mythic with my guild tonight :D |
| 16:43 |
twoelk |
<a box at the bottom with numbers> sounds like some mobile client and the only number in the main menu would be the IP number if I'm not missing something |
| 16:44 |
Calinou |
what about IPv6? |
| 16:44 |
Calinou |
and domain names |
| 16:44 |
Calinou |
and localhost |
| 16:45 |
Brains |
Calinou: We aren't talking about minetest proper but about somebody describing an exploit... |
| 16:48 |
twoelk |
anyways a thing that should be ruled out would be if someone can get some sort of access to the folder of the server world without using the game client |
| 16:48 |
twoelk |
if so all world files would be easy prey |
| 16:50 |
vitaminx |
twoelk: there's only ssh listening on the server with latest Debian security patches, plain passwords disabled. to hack the server he would have to exploit latest openssh-server or my 4096bit ssh key |
| 16:50 |
Brains |
Hmmm... Just noticed my world files are readable by everybody. Might have to change that later. |
| 16:50 |
vitaminx |
i dont think that any of them is likely |
| 16:53 |
twoelk |
vitaminx: have you tried accessing your own server folder with some browser or whatever to rule that out? |
| 16:53 |
vitaminx |
here, try yourself: 108.161.138.137 |
| 16:54 |
twoelk |
:D |
| 16:54 |
Brains |
nmap'ed it recently? |
| 16:55 |
twoelk |
hehe, nope, not that easy, one point for you |
| 16:55 |
vitaminx |
nmap says port 22 is open... noooooo :D |
| 16:56 |
Brains |
It should say more than 22 since you have minetest running. =:P |
| 16:56 |
nrzkt |
no |
| 16:56 |
sfan5 |
i don't think nmap detects minetest |
| 16:56 |
nrzkt |
because minetest uses UDP |
| 16:56 |
sfan5 |
thats not the reason |
| 16:56 |
sfan5 |
nmap can scan UDP |
| 16:56 |
nrzkt |
and if you send a little packet protocol will drop it |
| 16:57 |
vitaminx |
-sU |
| 16:57 |
hmmmm |
guys, this isn't dev related |
| 16:57 |
hmmmm |
please take it to #minetest instead |
| 16:57 |
Brains |
Good point |
| 16:58 |
sfan5 |
nrzkt: 30000/udp open|filtered unknown |
| 16:58 |
vitaminx |
i guess i'm taking it home, i have to go, anyways thanks for looking at it |
| 16:58 |
nrzkt |
open|fitered doesn't say nothing :) |
| 16:58 |
vitaminx |
;) |
| 16:58 |
sfan5 |
nrzkt: it does because all other ports are "closed unknown |
| 16:58 |
sfan5 |
" |
| 16:59 |
nrzkt |
becase there is no firewall and RST are answered |
| 16:59 |
nrzkt |
sudo nmap -sU unix-experience.fr -PN -p 50000 |
| 16:59 |
sfan5 |
UDP does not have RSTs |
| 16:59 |
nrzkt |
but UDP 50000 port isn't opened on my server |
| 17:00 |
nrzkt |
and there is a firewall which block you packet and doesn't answer to it |
| 17:00 |
nrzkt |
same for all closed UDP port on my server |
| 17:00 |
sfan5 |
yeah, but vitaminx does not have a firewall so that matters |
| 17:01 |
nrzkt |
your test doesn't mean there is something, it mean maybe something, or maybe not. |
| 17:01 |
twoelk |
at least got a ping of 75ms and a message port 22 is closed |
| 17:02 |
sfan5 |
nrzkt: i didn't say otherwise |
| 17:05 |
vitaminx |
bye everyone |
| 17:05 |
vitaminx |
\quit |
| 17:05 |
vitaminx |
lol |
| 17:05 |
|
nrzkt left #minetest-dev |
| 17:14 |
oleastre |
Hi |
| 17:15 |
oleastre |
Simple question: I'm playing with mapgen v5/7 and try to make growing trees using existing code in minetest_game. I currently register saplings as decoration and use set_gen_notify to post process the saplings and make thew grow in place. |
| 17:17 |
oleastre |
I'm searching for a better solution... And would try to implement function based decorations (like schematic one, but using lua defined function to place the content). |
| 17:17 |
oleastre |
Before I dig into minetest code, does it seems interesting, should it be discussed here, in the forum or github issue ? |
| 17:18 |
Calinou |
forum |
| 17:20 |
oleastre |
ok, thx |
| 17:29 |
|
Hunterz joined #minetest-dev |
| 17:31 |
|
Calinou joined #minetest-dev |
| 17:32 |
|
T4im joined #minetest-dev |
| 17:34 |
Wayward_One |
hmmmm, right here |
| 17:36 |
|
rubenwardy joined #minetest-dev |
| 17:37 |
|
Robert_Zenz joined #minetest-dev |
| 17:43 |
|
CWz joined #minetest-dev |
| 17:43 |
|
CWz left #minetest-dev |
| 18:03 |
|
compunerd joined #minetest-dev |
| 18:05 |
|
SudoAptGetPlay joined #minetest-dev |
| 18:18 |
|
Taoki joined #minetest-dev |
| 18:32 |
|
cheapie joined #minetest-dev |
| 18:39 |
VanessaE |
[02-02 13:36] <Caleneledh> VanessaE: Here you go https://www.dropbox.com/s/ioxvo5w4jdcisat/volcano_world.tar.gz?dl=0 |
| 18:39 |
VanessaE |
^^^^ he reproduced that entities-multiplying-out-of-nowhere bug that causes #1426 |
| 18:39 |
ShadowBot |
https://github.com/minetest/minetest/issues/1426 -- repeated errors trying to delete extraneous entities from a block ends in segfault |
| 18:39 |
VanessaE |
without anything installed but default, creative, and a mod he's working on that does not create entities at all. |
| 18:40 |
T4im |
did he say what backend he was using? |
| 18:40 |
T4im |
db backend I mean |
| 18:40 |
VanessaE |
no |
| 18:41 |
VanessaE |
or rather, he reproduced the "suspiciously large number of objects" message, which amounts to the same thing anyway |
| 18:52 |
|
ImQ009 joined #minetest-dev |
| 19:04 |
|
MinetestForFun joined #minetest-dev |
| 19:28 |
|
Miner_48er joined #minetest-dev |
| 19:29 |
|
nrzkt joined #minetest-dev |
| 19:35 |
|
younishd joined #minetest-dev |
| 19:39 |
|
shadowzone joined #minetest-dev |
| 19:40 |
|
sapier joined #minetest-dev |
| 19:46 |
est31 |
can anyone remove the unconfirmed label for #2222 |
| 19:46 |
ShadowBot |
https://github.com/minetest/minetest/issues/2222 -- minetest.get_craft_recipe occasionally returns wrong recipes |
| 19:49 |
sapier |
not sure if this is really a bug for what I understood it just returns a different reciep with same output? |
| 19:50 |
sapier |
if this is correct I'd consider it a missing feature but not a bug |
| 19:50 |
T4im |
you request the default chest and get the locked chest as result |
| 19:51 |
T4im |
i.e. it returns the recipe of a different output |
| 19:52 |
T4im |
est31 already found out why though.. string matching gone too far |
| 19:52 |
sapier |
oh sorry misread est31's explanation |
| 19:53 |
T4im |
the unit test should already have been enough though :P |
| 19:54 |
sapier |
well code doesn't show why it's wrong but only prooves it is |
| 19:54 |
T4im |
yes, confirms it ;) |
| 19:55 |
T4im |
(just pointing out, because est31 asked about label removal, which might not be a bad idea, to avoid it being ignored to the soonâ„¢ release date, hehe) |
| 19:57 |
|
kilbith joined #minetest-dev |
| 19:58 |
sapier |
maybe I can even push a fix immediatly |
| 19:58 |
sapier |
if I'm right it's a one line fix |
| 19:58 |
est31 |
Two line |
| 19:59 |
est31 |
the other method get_all_craft_recipes has this behaviour too |
| 20:01 |
T4im |
hmm didn't #2225 fix that too? not that you guys conflict there |
| 20:01 |
ShadowBot |
https://github.com/minetest/minetest/issues/2225 -- Fixes for minetest.get_(all_)craft_recipe(s) by gregorycu |
| 20:01 |
est31 |
2225 would also give a huge speed improvement |
| 20:02 |
sapier |
possible but I don't wanna read all that text below there, shadowninja seems to have already checked it I'll let him merge it once he likes it ;-) |
| 20:04 |
est31 |
That discussion was mostly about changing the API behaviour. We agreed on doing that in a later PR, with entirely new functions to not break mods |
| 20:05 |
est31 |
and the comments following that discussion was me testing the patch and gregory fixing the PR |
| 20:11 |
est31 |
ok getCraftRecipes is not affected by 2222, but I dont know why... |
| 20:11 |
est31 |
yetr |
| 20:11 |
est31 |
yet* |
| 20:13 |
sapier |
https://gist.github.com/sapier/d715be2ba96c50d79a7a can you check this works? if yes I'm gonna push it |
| 20:14 |
* est31 |
checking... |
| 20:17 |
sapier |
est31 your patch adds a new chance for data inconsistency |
| 20:17 |
est31 |
2225? |
| 20:18 |
sapier |
hmm ok at least it's encapsulated within craft manager so it's as good as it can be |
| 20:20 |
sapier |
crap ccraftdefmanager is one of those cpp only classes again ... I really wanna know what celeron wanted to do by making class declarations in cpp files ... well I guess it's been celeron |
| 20:20 |
est31 |
I've only applied your gist for the getCraftRecipe method, and made both methods work. |
| 20:21 |
est31 |
meaning that getCraftRecipes is still broken, but the lua wrapper accounts for that |
| 20:21 |
est31 |
https://github.com/minetest/minetest/blob/70074800a207974a0c1383275186cefe6955f297/src/script/lua_api/l_craft.cpp#L408 |
| 20:22 |
est31 |
and the method getCraftRecipes isn't used elsewhere |
| 20:23 |
est31 |
gonna check changing getCraftRecipes doesn't break anything |
| 20:25 |
est31 |
no doesnt |
| 20:26 |
est31 |
sapier: your gist is ok. |
| 20:28 |
sapier |
ok I'm pushing the fix |
| 20:28 |
sapier |
guess it's small enough to not count as feature change |
| 20:30 |
sapier |
hmm no I'm gonna remove the second part, if some craftmanager used it for searching the new variant may fail |
| 20:31 |
est31 |
k remove it. as I said, the lua wrapper removes the longer names already, so the second part doesnt change anything. |
| 20:32 |
sapier |
yes no risk in feature freeze phase |
| 20:33 |
est31 |
yea |
| 20:35 |
est31 |
2225 would stable enough btw, but your approach is stabler. |
| 20:36 |
est31 |
be* |
| 20:37 |
sapier |
I think your approach is right too so keep bugging ppl so it's gonna be merged right after release |
| 20:40 |
est31 |
btw not my PR... |
| 20:41 |
sapier |
oh :-) sorry gregorycu |
| 20:41 |
est31 |
fine then thanks |
| 20:42 |
est31 |
:) |
| 20:50 |
hmmmm |
sapier |
| 20:50 |
hmmmm |
am I nuts or is a user able to logon by skipping TOSERVER_INIT? |
| 20:51 |
hmmmm |
that is, the logon sequence is not enforced |
| 20:51 |
sapier |
are you sure? :-) |
| 20:53 |
hmmmm |
no, that's why I'm asking if I'm nuts |
| 20:53 |
hmmmm |
i just took a cursory glance |
| 20:53 |
sapier |
I'm not sure, I never tried this ... tying to read it from code now |
| 20:53 |
hmmmm |
some guy came on earlier saying that a user hax3d his server by modifying a client |
| 20:54 |
hmmmm |
I said the modification is most likely inserting the raw hashes he stole from the server which might've been compromised a different way |
| 20:55 |
hmmmm |
oh that was fun... minetest server drama paired with incomprehensible chat logs is all that i need as a reminder that minetest is primarily used by 12 year olds |
| 20:56 |
sapier |
I'm not exactly sure but you could be right |
| 20:57 |
hmmmm |
but notice how the username is specified in that same packet |
| 20:57 |
hmmmm |
so if a modified client really did skip that packet they wouldn't be able to specify which account to steal |
| 20:58 |
sapier |
most likely not but we don't drop the client on inconsistent data, that's bad |
| 20:59 |
sapier |
easyest way would be server.cpp 1644 ... at least if we consider protocol_version 0 to be invalid |
| 21:02 |
T4im |
sapier: your fix seems to change something, but not really fix it.. I now get a silver ingot (moreores I think?) in the middle instead of a steel ingot for the default chest |
| 21:03 |
sapier |
hmmmm: what do you think about droping a peer if protocol version is 0? |
| 21:03 |
hmmmm |
I have no qualms |
| 21:04 |
sapier |
T4im: are you sure? the check in there did work fine |
| 21:04 |
sapier |
and est31 told so too. maybe there's another reciep matching chest with a silver ingot in the middle? |
| 21:04 |
T4im |
I think moreores adds those alternative metals for the locked chest recipes |
| 21:04 |
T4im |
but I can double check |
| 21:04 |
* est31 |
checks out origin master... |
| 21:06 |
sapier |
the only thing my fix ensures it that the output reciep is a reciep for the requested output, if there's more then once reciep result will still be random |
| 21:07 |
sapier |
well not exactly random, order of registration will define what is returned |
| 21:07 |
est31 |
result will be the last added recipe |
| 21:07 |
est31 |
yea |
| 21:07 |
T4im |
yes, that's expected via doc |
| 21:07 |
T4im |
but not that one gets a different output :) |
| 21:07 |
T4im |
recipe for different output* |
| 21:08 |
est31 |
T4im: which mods have you installed |
| 21:08 |
est31 |
and which game |
| 21:09 |
T4im |
default game, and that's a testing game.. but I'll just adapt quickly the unittest and run it with only moreores as mod to test if it still happens |
| 21:09 |
T4im |
a testing world* |
| 21:10 |
T4im |
well without moreores it even fails already |
| 21:10 |
T4im |
in that case its still steel |
| 21:10 |
est31 |
http://pastebin.com/hdSyunru |
| 21:10 |
T4im |
moreores just adds another last_recipe then |
| 21:11 |
est31 |
^ with minimal development test |
| 21:11 |
T4im |
well run the unit test in #2222 :) |
| 21:11 |
ShadowBot |
https://github.com/minetest/minetest/issues/2222 -- minetest.get_craft_recipe occasionally returns wrong recipes |
| 21:11 |
T4im |
that one is still failing in a vanilla _game |
| 21:12 |
sapier |
just tried again, worksforme |
| 21:13 |
T4im |
oops.. eh.. yea.. my fault.. disregard |
| 21:13 |
sapier |
*smile* did you forget to rebuild? ;-) |
| 21:13 |
T4im |
nearly |
| 21:13 |
T4im |
seems I used a binary started before the recompile.. |
| 21:13 |
T4im |
run in the background.. forgot to close it |
| 21:14 |
sapier |
well happens :-) |
| 21:14 |
* T4im |
blushes |
| 21:15 |
T4im |
thanks for the fix :) |
| 21:16 |
sapier |
well it's not a big deal to fix it if it's already located that precise |
| 21:21 |
|
AnotherBrick joined #minetest-dev |
| 21:23 |
|
MinetestForFun joined #minetest-dev |
| 21:26 |
est31 |
hmmmm so do we want to use srp after all? --> If we do, we need additional dependencies. |
| 21:27 |
est31 |
I could set up some ed25519 - based ssh-like protocol however |
| 21:27 |
hmmmm |
SRP is the best choice here |
| 21:28 |
hmmmm |
it offers actual security without requiring encryption |
| 21:28 |
hmmmm |
and as we know, encryption is useless without certainty of who you're talking to :) |
| 21:29 |
est31 |
yes |
| 21:29 |
est31 |
the ed25519 protocol would be without encryption too |
| 21:30 |
est31 |
only the start messages would be encrypted |
| 21:30 |
hmmmm |
well |
| 21:31 |
hmmmm |
is it a zero-knowledge proof algorithm |
| 21:31 |
hmmmm |
this is why I strongly support SRP |
| 21:32 |
hmmmm |
if we have to store the cryptographic equivalent of passwords on the server, the scenario that happened this morning will undoubtably happen again |
| 21:34 |
est31 |
what happened |
| 21:35 |
hmmmm |
i don't know for sure, but the likely scenario is that a server hosting minetest was compromised, or somehow the account list was leaked |
| 21:36 |
hmmmm |
and then the person doing that modified the minetest client to use the stolen hashes directly instead of hashing the password first |
| 21:37 |
sapier |
hmmmm that's not gonna help for stolen password lists |
| 21:38 |
sapier |
for what I understood it it'd only help to prevent someone claiming to be the server to get the password from client trying to join |
| 21:38 |
hmmmm |
the reason that works is because the server doesn't actually know what the password is |
| 21:39 |
T4im |
wait, minetest servers accept hashes? no cram? |
| 21:40 |
sapier |
T4im: the warning not to use a valuable password for minetest is there for a reason ;-) |
| 21:40 |
hmmmm |
sapier: http://en.wikipedia.org/wiki/Secure_Remote_Password_protocol#Overview read that |
| 21:40 |
T4im |
well anyway.. those hashes are broken in milliseconds anyway.. |
| 21:41 |
T4im |
no kdf used it seems :/ no salt, no iterations.. just a simple digest :/ |
| 21:44 |
hmmmm |
celeron designed the minetest protocol. :-) |
| 21:44 |
sapier |
hmmmm still ifor what I understand this it's not a protection against hacked servers |
| 21:44 |
est31 |
you cant protect against hacked servers |
| 21:44 |
est31 |
if its hacked its hacked |
| 21:44 |
sapier |
T4im: it's never been designed to be used in internet ;) |
| 21:44 |
est31 |
no protocol can ensure that |
| 21:44 |
T4im |
:D |
| 21:45 |
T4im |
est31: you can make sure that it takes a few weeks or months to break it instead millisecons, so you have time changing your passwords |
| 21:45 |
est31 |
The biggest problem is that the hash from the auth.txt can be used to authenticate to other servers where the user has the same password |
| 21:45 |
sapier |
est31 I know but hmmmm used a hacked server as example where srp would help ... I don't think that's correct ;-) |
| 21:45 |
celeron55 |
hashing passwords with plain sha1 was the simplest acceptable solution four years ago with a 15-person userbase |
| 21:46 |
celeron55 |
it's actually kind of surprising it's still not causing a lot of issues |
| 21:46 |
est31 |
It was reasonable back then. but now we need a better protocol |
| 21:46 |
T4im |
that's because there's not much to gain, I think |
| 21:46 |
est31 |
^ |
| 21:47 |
sapier |
T4im: exactly the most valuable thing you can gain from minetest is someone using a good password for it ... which is strongly discouraged |
| 21:47 |
T4im |
the only ones that might abuse that are scriptkiddies and trolls... just because they figured out how |
| 21:47 |
hmmmm |
right and it's very important that the protocol is done correctly this time around |
| 21:48 |
T4im |
though.. you know.. I can imagine people trying it if they want to gain server access |
| 21:48 |
T4im |
like.. actually there is something to gain |
| 21:48 |
est31 |
has anyone found an srp implementation without additional dependencies? |
| 21:48 |
celeron55 |
if you pull in a crypto library, make sure it's good either very minimal or if it's large, it has to be usable for most other future things |
| 21:48 |
T4im |
imagine you get the admin account of someone with enough privileges to run lua via worldedit... |
| 21:48 |
sapier |
I'm completely with you hmmmm, yet without encryption there's still no protection against mim |
| 21:48 |
T4im |
lua's os to quickly install a botnet client or bitcoin client or whatever |
| 21:49 |
hmmmm |
there's no good encryption without trust |
| 21:49 |
est31 |
yea and no sandboxing for lua |
| 21:49 |
sapier |
hmmmm: of course you need both |
| 21:49 |
hmmmm |
in any case, with SRP you effectively get a private/public key pair |
| 21:49 |
hmmmm |
why not use that |
| 21:49 |
est31 |
from the password |
| 21:49 |
hmmmm |
but yeah, you're right I misread |
| 21:49 |
est31 |
thats not very secure |
| 21:49 |
|
VanessaE joined #minetest-dev |
| 21:49 |
T4im |
hmmmm: security is never absoloute.. thus any increase in security is valuable.. even if it means trustless encryption |
| 21:49 |
sapier |
hmmmm: yes we could use srp in combination with encryption |
| 21:49 |
hmmmm |
it can be used for negotiating |
| 21:50 |
hmmmm |
the key |
| 21:50 |
hmmmm |
symmetric key i mean |
| 21:50 |
celeron55 |
note that in the future something else than passwords might be used for login |
| 21:50 |
est31 |
^ this |
| 21:50 |
hmmmm |
I am a strong supporter of certificates but people didn't like that |
| 21:50 |
est31 |
I'm for public key auth also for clients |
| 21:50 |
celeron55 |
passwords are already kind of outdated technology, but there's no widely used alternative |
| 21:51 |
est31 |
People want to log in from their desktop and from their smartphone. |
| 21:51 |
celeron55 |
and they're a good fallback when you just don't care |
| 21:51 |
hmmmm |
for websites I tend to use de-facto certificates by maxing out the possible enthropy in the password field and storing the logon in a secured file |
| 21:51 |
est31 |
and when they visit their friends, they want to show them how cool MT is |
| 21:52 |
est31 |
We can add certs as optional mechanism, and people caring about security can use that |
| 21:52 |
est31 |
and secure the password based login with srp... |
| 21:53 |
hmmmm |
we can do a lot of stuff |
| 21:53 |
hmmmm |
but honestly who has the time to |
| 21:53 |
hmmmm |
:( |
| 21:53 |
sapier |
question is is it worth the benefit |
| 22:00 |
|
acerspyro joined #minetest-dev |
| 22:01 |
|
decimalguy left #minetest-dev |
| 22:14 |
|
CraigyDavi joined #minetest-dev |
| 22:15 |
VanessaE |
I have to point something out about this whole password discussion: |
| 22:15 |
VanessaE |
until you can also make it easy for users to *manage* their passwords, you've only solved about a quarter of the problem. |
| 22:16 |
T4im |
certificates would help that.. in fact they would solve all but the "multiple clients on the same account" problem |
| 22:16 |
VanessaE |
("easy" being either the client saves the user's passwords in some manner, or copy&paste works on all platforms and all DE's, so that the user can use their own password manager e.g. KeePass or so) |
| 22:17 |
sapier |
VanessaE: in digital world there's no solution for having both comfort AND security |
| 22:17 |
T4im |
there's always the option to have neither :p |
| 22:17 |
VanessaE |
and it is ALWAYS worth the benefit to have a good, secure protocol for authentication, even in "a fucking video game" because peoples' reputations are also at stake here, not just a bunch of constructions in some random server. |
| 22:18 |
VanessaE |
sapier: then a balance must be struck. |
| 22:18 |
sapier |
yet is it worth spending months of development time for it instead of fixing issues? |
| 22:18 |
est31 |
for the saving, I've done a password manager. Although it has no GUI yet: https://forum.minetest.net/viewtopic.php?f=14&t=11116 |
| 22:18 |
sapier |
a password manager is almost useless for the "multiclient issue" |
| 22:19 |
VanessaE |
sapier: no one's saying to spend months of dev time, especially on that - that's why I said to get Copy&paste working across the board. |
| 22:19 |
sapier |
copy&paste doesn't even work on windows for all applications |
| 22:20 |
VanessaE |
we're not talking "all applications" though |
| 22:20 |
VanessaE |
we're talking about minetest. |
| 22:20 |
VanessaE |
and then, mostly on non-Windows systems, as I understand it (I don't know how it behaves on Windows) |
| 22:20 |
sapier |
exactly... which ain't running on one specified os but dozends |
| 22:21 |
est31 |
sapier: the password manager does help. You only need to sync the stored passwords file, e.g. with dropbox (although that might be insecure) |
| 22:21 |
VanessaE |
dozens? three. with let's see... three copy&paste methods by my count. |
| 22:22 |
VanessaE |
(linux, BSD, Mac; X11 middle click, ctrl-c/ctrl-v, and whatever OS-X uses) |
| 22:22 |
sapier |
ubuntu debian suse freebsd kubuntu xubuntu fedora windows xp windows 7 windows 8 windows 8.1 windows 10 macos android 2 3 4 5 |
| 22:22 |
sapier |
I could mention different versions of the linux distributions in there too ;-) |
| 22:22 |
VanessaE |
I said non-windows systems, and you said "dozens" of "OS's" |
| 22:22 |
sapier |
all of those are different os |
| 22:23 |
est31 |
its not that ubuntu and kubuntu have completely different APIs |
| 22:23 |
VanessaE |
so from your list, that leaves ubuntu debian suse freebsd kubuntu xubuntu fedora macos android, and there are only two OS's common among those |
| 22:23 |
VanessaE |
excuse me, three. |
| 22:23 |
VanessaE |
linux distros are distros, not OS's |
| 22:23 |
sapier |
well ubuntu has unity while kubuntu has kde ... I'd consider this a significant difference |
| 22:24 |
VanessaE |
it's not like you have to change which kernel, libc, etc calls you're making just because you move from Ubuntu to SuSE or something. |
| 22:24 |
sapier |
nope VannessaE actually distribution is almost same as OS |
| 22:24 |
sapier |
kernel libc & co aren't related to copy&paste at all |
| 22:24 |
VanessaE |
I'd continue to debate that idea... |
| 22:24 |
VanessaE |
but it doesn't matter |
| 22:25 |
VanessaE |
we're not talking about major differences in system calls and so forth |
| 22:25 |
VanessaE |
we're talking about copy&paste ffs. |
| 22:25 |
sapier |
relevant is graphics subsys and windowmanager |
| 22:25 |
acerspyro |
Thing is, there is no "type" of OS |
| 22:25 |
VanessaE |
what does graphics have to do with receiving a paste event from the system clipboard? |
| 22:25 |
|
oleastre joined #minetest-dev |
| 22:25 |
sapier |
well graphics as of X-server |
| 22:26 |
VanessaE |
that's at a layer only just above the windowing system, when I last checked |
| 22:26 |
acerspyro |
Nothing defines the term OS apart from what runs on your system. Windows 7 with an update applied compared to one without the update could or could not be considered a different OS |
| 22:26 |
VanessaE |
(though I'm no expert on X11 :P ) |
| 22:27 |
sapier |
well especially in this area it's quite fluid atm |
| 22:27 |
est31 |
with mir and wayland and so on |
| 22:27 |
est31 |
? |
| 22:28 |
sapier |
yes est |
| 22:29 |
VanessaE |
well if you think it's THAT hard to get something as basic as copy&paste going, then encryption + a good built-in password manager (in the spirit of what browsers do) is what's gonna have to be, if you want any chance of getting users to create decent passwords and not have the same one on multiple servers. |
| 22:29 |
sapier |
well I'd may even be more easy to get encryption work as we'd have all of the code within minetest itself ;-) |
| 22:30 |
VanessaE |
perhaps, but you DID say you expected it to take "months" of work :P |
| 22:30 |
sapier |
I didn't say how much time would be required to fix copy&paste for each and every os ;-) |
| 22:31 |
VanessaE |
granted. |
| 22:31 |
sapier |
still as always the better a bugreport is the better the chance it's gonna be fixed |
| 22:32 |
sapier |
well unless copy&paste issue is related to irrlicht |
| 22:32 |
VanessaE |
I don't recall who but I seem to recall someone said it is |
| 22:33 |
acerspyro |
What are we talking about? |
| 22:33 |
acerspyro |
Isn't the clipboard an X11? |
| 22:33 |
acerspyro |
+thing |
| 22:33 |
VanessaE |
acerspyro: when sapier and I get at each other like this, it gets random :) |
| 22:33 |
VanessaE |
sapier: right? ;) |
| 22:33 |
acerspyro |
lol |
| 22:33 |
exio4 |
irrlicht's clipboard support doesn't .. really work |
| 22:34 |
VanessaE |
the thing that bothers me is WHY you have to go through irrlicht in the first place |
| 22:35 |
acerspyro |
^ |
| 22:35 |
VanessaE |
I mean, what's stopping you from writing your own minimal input handler for stuff like this? |
| 22:35 |
acerspyro |
https://github.com/graphitemaster/neothyne |
| 22:36 |
acerspyro |
Using as little dependancies as possible |
| 22:36 |
acerspyro |
SDL2 and g++ or clang++... I think that's it. |
| 22:36 |
VanessaE |
back in the old days, that's what we did. run through our own code first, and then if it didn't understand the input, pass it on to the kernel's input handler (if there was a reason to) |
| 22:36 |
acerspyro |
And it's gonna be a full FPS game. |
| 22:37 |
exio4 |
VanessaE: back in the old days, you didn't have to support at least 3 operating systems, where things may change between them, and what not |
| 22:38 |
acerspyro |
By using as little deps as possible, you support all 4 OSes in one shot. |
| 22:38 |
exio4 |
mantaining code is more expensive than writing it, and not offloading the work to a library is adding useless load to the little time dev core devs have to 'waste' in MT |
| 22:38 |
acerspyro |
Linux, Unix, Mac, Windows |
| 22:38 |
VanessaE |
exio4: point taken. |
| 22:38 |
T4im |
from what I heared x11 clipboard support is quite messy |
| 22:38 |
exio4 |
acerspyro: how do you get "clipboard support" without using platform-dependant APIs or a library? |
| 22:38 |
T4im |
2-3 different systems in place |
| 22:38 |
exio4 |
also, there is more than one clipboard |
| 22:38 |
T4im |
^ |
| 22:38 |
exio4 |
which one do you like most? |
| 22:38 |
VanessaE |
useless load? if you're worrying about "load" in a keyboard handler, you're doing something terribly wrong. |
| 22:38 |
acerspyro |
exio4: change the way you do it depending on the target OS |
| 22:39 |
est31 |
exio4: http://standards.freedesktop.org/clipboards-spec/clipboards-latest.txt |
| 22:39 |
acerspyro |
You know, ever heard of ifdef's? |
| 22:39 |
est31 |
everything specified |
| 22:39 |
est31 |
I dont say its not messy |
| 22:40 |
exio4 |
acerspyro: but then you are doing platform specific things, and you have to support them! |
| 22:40 |
exio4 |
est31: freedesktop is a cool joke |
| 22:40 |
acerspyro |
I think SDL2 deals with the clipboard |
| 22:41 |
exio4 |
is minetest using SDL2? |
| 22:41 |
VanessaE |
it does not afaik? |
| 22:41 |
exio4 |
exactly. |
| 22:41 |
exio4 |
I don't say "it's the best we have", but it is what we have got! |
| 22:41 |
VanessaE |
I see no reason not to use SDL if it would be helpful - nearly every system already has it anyway don't they? |
| 22:42 |
acerspyro |
^ |
| 22:42 |
acerspyro |
Steam uses SDL, too |
| 22:43 |
VanessaE |
there you go. |
| 22:43 |
celeron55 |
irrlicht sometimes uses SDL as its windowing backend |
| 22:43 |
celeron55 |
i don't know if anyone is doing builds like that though |
| 22:55 |
sapier |
steam? isn't this the tool deleting users homedir? |
| 22:56 |
VanessaE |
that's since been fixed ;P |
| 22:57 |
VanessaE |
some nitwit messed up writing a script that does rm -rf $foo"/" where $foo could end up being empty heh |
| 22:57 |
VanessaE |
or something substantially similar. |
| 22:58 |
est31 |
all sdl's fault ;) |
| 23:01 |
acerspyro |
Well, steam |
| 23:01 |
acerspyro |
Steam games, to be exact |
| 23:01 |
acerspyro |
Steam uses GTK |
| 23:01 |
acerspyro |
(except for the fullscreen interface) |
| 23:11 |
T4im |
can happen to everyone... "rm -rf /usr /share/minetest" (note the accidental space) ;-) |
| 23:12 |
T4im |
so good minetest is not using bash scripts :) |
| 23:12 |
|
MinetestForFun joined #minetest-dev |
| 23:16 |
|
MinetestForFun_ joined #minetest-dev |
| 23:23 |
|
sapier left #minetest-dev |
| 23:25 |
|
twoelk joined #minetest-dev |
| 23:29 |
|
acerspyro joined #minetest-dev |
| 23:48 |
|
AnotherBrick joined #minetest-dev |
