| Time |
Nick |
Message |
| 00:24 |
|
testman joined #minetest |
| 00:29 |
|
Soo_Slow joined #minetest |
| 00:32 |
|
behalebabo joined #minetest |
| 01:44 |
|
Miner_48er joined #minetest |
| 02:19 |
|
antoine62[m]1 joined #minetest |
| 02:33 |
|
LPKI_Ramen joined #minetest |
| 02:33 |
|
ReedWade joined #minetest |
| 04:19 |
|
Pie-jacker875 joined #minetest |
| 05:30 |
|
Hawk777 joined #minetest |
| 05:43 |
|
FeXoR joined #minetest |
| 05:59 |
|
dievri joined #minetest |
| 06:06 |
|
TomTom_ joined #minetest |
| 06:17 |
|
macc24_ joined #minetest |
| 06:26 |
|
deltanedas joined #minetest |
| 06:31 |
|
dievri joined #minetest |
| 06:47 |
|
ssieb joined #minetest |
| 07:07 |
|
andyo joined #minetest |
| 07:08 |
dievri |
Hello. I'm struggling with custom auth handler. I store password remotely. If it is no password, I return null both in geth_auth and create_auth. But for the very first time, it is possible to login for everyone, every name/pass pair. Or in which function I need to return is user is succeeded to login? |
| 07:11 |
|
ssieb joined #minetest |
| 07:25 |
|
deltanedas joined #minetest |
| 08:00 |
|
ShadowNinja joined #minetest |
| 08:11 |
dievri |
or, at least, how to access player new password hash outside create_auth function? |
| 08:12 |
|
MarwolTuk joined #minetest |
| 08:54 |
|
calcul0n joined #minetest |
| 08:54 |
|
SwissalpS joined #minetest |
| 09:13 |
sfan5 |
doesn't the engine store the new password after the player successfully logs in? |
| 10:09 |
|
Fixer joined #minetest |
| 10:22 |
dievri |
as far as I understood, If both get_auth and create_auth return nil, then player successfully logs in. |
| 10:36 |
|
deltanedas joined #minetest |
| 10:44 |
|
Flabb joined #minetest |
| 11:04 |
|
comrad joined #minetest |
| 11:08 |
|
proller joined #minetest |
| 11:13 |
|
deltanedas joined #minetest |
| 11:35 |
|
deltanedas joined #minetest |
| 11:36 |
|
calcul0n_ joined #minetest |
| 11:45 |
|
deltanedas joined #minetest |
| 11:57 |
|
deltanedas joined #minetest |
| 12:04 |
|
milkt joined #minetest |
| 12:37 |
|
testman joined #minetest |
| 12:43 |
|
kamdard joined #minetest |
| 13:02 |
|
lisac joined #minetest |
| 13:42 |
|
Verticen joined #minetest |
| 14:30 |
|
greeter joined #minetest |
| 14:57 |
specing |
Is it possible to control tool use in CSMs? |
| 14:57 |
specing |
i.e. to implement a crude client-side worldedit? |
| 15:01 |
specing |
all I saw were chat mods and stuff |
| 15:10 |
sfan5 |
I don't know exactly what you are referring to but I'm pretty sure the answer is no |
| 15:18 |
MTDiscord |
<IhrFussel> Can someone explain to me in what cases it's possible in 5.1 to execute functions inside minetest.deserialize()? |
| 15:18 |
MTDiscord |
<IhrFussel> I mean malicious code execution |
| 15:19 |
MTDiscord |
<IhrFussel> Example: I have a command and accept an arbitrary string from it and store that in my file to later retrieve it as a table value again...is an exploit ossible there? |
| 15:20 |
sfan5 |
you only have an issue if you put something an user wrote into minetest.deserialize |
| 15:20 |
specing |
sfan5: I'd like to write a script to place blocks in a pattern |
| 15:20 |
sfan5 |
of course this doesn't apply if you serialize user input and then deserialize it at some point later |
| 15:21 |
specing |
sfan5: with switching of inventory stacks and occasional consumption of food |
| 15:21 |
sfan5 |
definitely not possible with CSM |
| 15:21 |
specing |
D: |
| 15:21 |
MTDiscord |
<IhrFussel> Okay so ANY user input via a command is safe from exploitation? |
| 15:22 |
sfan5 |
if you don't do weird things like wanting the user to enter a lua table, sure |
| 15:23 |
sfan5 |
by the way the only possible exploit with unsafe deserialize is to freeze your server |
| 15:24 |
MTDiscord |
<IhrFussel> I basically just store param from register_chatcommand() in a table and write that to a file and on restart I load that file to turn the string into a table again...so no matter what my users enter as 'param' I can safely process it right? |
| 15:24 |
sfan5 |
yes |
| 15:24 |
specing |
sfan5: are there any plans to make that possible in CSMs? |
| 15:26 |
sfan5 |
specing: unlikely, automated client-side behaviour is easily abused |
| 15:26 |
sfan5 |
and making such things possible isn't the long term goal of CSM |
| 15:27 |
specing |
What is the long term goal? |
| 15:28 |
sfan5 |
letting the server improve the experience by having server mods that provide a component to run on the client |
| 15:31 |
specing |
sfan5: how hard would it be to modify minetest to add the required api for this? |
| 15:31 |
|
bebebeko joined #minetest |
| 15:31 |
sfan5 |
not hard |
| 15:32 |
sfan5 |
in fact, a hack/cheat client I'm aware of has already done this |
| 15:32 |
specing |
excellent |
| 15:32 |
specing |
where can one get those patches? |
| 15:34 |
sfan5 |
... |
| 15:35 |
specing |
? |
| 15:37 |
|
AndDT joined #minetest |
| 15:53 |
|
proller joined #minetest |
| 16:24 |
|
Talkless joined #minetest |
| 16:24 |
|
deltanedas joined #minetest |
| 16:28 |
dievri |
How to prevent automatic login aftrer create_auth? |
| 16:30 |
Krock |
return as string here: https://github.com/minetest/minetest/blob/master/doc/lua_api.txt#L4578 |
| 16:30 |
Krock |
s/ as / a / |
| 16:32 |
dievri |
I can call this func myself? |
| 16:35 |
Krock |
you register a callback in one of your mods |
| 16:38 |
IronOxidizer[m] |
How do I build devtest? When I build minetest, it says `Game specified in default_game [minetest] is inavlid` |
| 16:38 |
Krock |
you don't need to build Lua code |
| 16:38 |
Krock |
devtest is a game for the Minetest engine |
| 16:38 |
Krock |
which is now called "minimal", and is integrated in 5.3.0 or newer |
| 16:39 |
IronOxidizer[m] |
How do I specifiy it? |
| 16:39 |
Krock |
https://github.com/minetest/minetest/blob/master/minetest.conf.example#L1274 |
| 16:39 |
Krock |
minetest.conf : default_game = devtest |
| 16:39 |
IronOxidizer[m] |
Ah, thanks |
| 16:39 |
IronOxidizer[m] |
Missed that |
| 16:39 |
Krock |
!next |
| 16:39 |
MinetestBot |
Another satisfied customer. Next! |
| 16:42 |
IronOxidizer[m] |
Hmm, still says the same error `Game specified in default_game [minetest] is inavlid` |
| 16:43 |
Krock |
which minetest.conf did you edit? |
| 16:44 |
Krock |
did you close all minetest(server) instances prior editing? |
| 16:44 |
IronOxidizer[m] |
Nvm I wrote it to the wrong dir |
| 16:44 |
IronOxidizer[m] |
I'm guessing I need to build minetest with a server to play locally |
| 16:44 |
Krock |
the minetest client includes a server |
| 16:44 |
IronOxidizer[m] |
Cause now i don't get any errors, but nothing happns |
| 16:45 |
Krock |
otherwise you couldn't play singleplayer mode |
| 16:45 |
IronOxidizer[m] |
Yeah, I'm building with `BUILD_SERVER=NO` in cmake |
| 16:45 |
Krock |
doesn't matter. it's forced to YES when building a client |
| 16:46 |
IronOxidizer[m] |
I wonder what's happening then |
| 16:46 |
Krock |
actually. I'm not sure about that. there's for sure server code in the client, but I don't know whether that's in direct relation to BUILD_SERVER |
| 16:46 |
Krock |
anyway |
| 16:46 |
Krock |
minetest --server --worldname "mycoolworld" should start a server |
| 16:47 |
Krock |
and minetest --go --address "" joins a local server (if you're using <5.3.0) |
| 16:48 |
IronOxidizer[m] |
Hmm, the client starts then instantly closes with no errors |
| 16:48 |
IronOxidizer[m] |
The server is running fine though |
| 16:49 |
Krock |
well then.. use the GUI to join it manually |
| 16:49 |
IronOxidizer[m] |
The GUI is launched by simply running ./minetest correct? |
| 16:50 |
Krock |
yes... just try it |
| 16:50 |
IronOxidizer[m] |
I've tried that already, no window appears |
| 16:50 |
IronOxidizer[m] |
And it exits with no errors |
| 16:50 |
dievri |
In create_auth I have some condition, if not met, I would not like user create account. But, whatever I do (returning nil, false, invalid pass), user actually logs in to the server.... |
| 16:50 |
Krock |
what OS are you using? |
| 16:50 |
Krock |
ChromeOS: https://github.com/minetest/minetest/issues/10216 |
| 16:51 |
IronOxidizer[m] |
aarch64 musl postmarketOS |
| 16:51 |
sfan5 |
is that a phone or? |
| 16:51 |
IronOxidizer[m] |
Yeah |
| 16:52 |
Krock |
dievri: all you could try is to kick the player, but it's really not the right place to perform such checks |
| 16:53 |
sfan5 |
it probably fails to create the irrlicht device or some stupid thing and there's no log message |
| 16:53 |
dievri |
where I can check? |
| 16:53 |
Krock |
dievri: in on_prejoinplayer. you can check whether the player is already registered there - using the auth functions, and skip your checks for existing accounts |
| 16:54 |
dievri |
but I need to check a password hash, which is just in create_auth accessable to me |
| 16:55 |
dievri |
oh, wait ... |
| 16:55 |
Krock |
why? |
| 16:55 |
Krock |
there's also default_password to restrict access by defualt: https://github.com/minetest/minetest/blob/master/minetest.conf.example#L1314 |
| 16:56 |
Krock |
though players will have to rejoin in order to change their password (known issue) |
| 16:58 |
sfan5 |
IronOxidizer[m]: does it say anything useful when ran with --verbose |
| 16:59 |
dievri |
in create_auth info I use user credentials to login to external resource, where I also store their info. If response it ok, than they are allowed to login to minetest server. |
| 17:02 |
Krock |
async login process... uh, I have no idea how to approach this |
| 17:03 |
Krock |
I'd perhaps send a request on joinplayer, and remove the auth if a denying answer arrives from the remote service |
| 17:03 |
Krock |
which the results in the player being kicked, or having reduced privileges |
| 17:04 |
dievri |
now way stop login from create_auth? |
| 17:04 |
dievri |
*no |
| 17:05 |
Krock |
I don't think so |
| 17:05 |
IronOxidizer[m] |
sfan5: Looks like everything works fine until a random `Irrlicht: Quit messaged recieved` and everything stops |
| 17:05 |
Krock |
at least I never tried that. perhaps there's a way, but I cannot help you further there |
| 17:06 |
Krock |
IronOxidizer[m]: was a debug.txt file created? do you have gdb installed (by any chance?)? |
| 17:06 |
Krock |
might also be worth trying Lua instead of LuaJIT (if that was used) |
| 17:06 |
IronOxidizer[m] |
A debug.txt was created but no useful information was given other than `2020-09-23 18:48:09: [Main]: Automatically selecting world at [/home/user/minetest/bin/../worlds/world] |
| 17:06 |
IronOxidizer[m] |
` |
| 17:07 |
Krock |
seems to be the output from minetest --server |
| 17:09 |
|
SwissalpS joined #minetest |
| 17:14 |
MinetestBot |
[git] v-rob -> minetest/minetest: Replace MyEventReceiver KeyList with std::unordered_set (#10419) 787561b https://git.io/JUgHw (2020-09-23T17:12:20Z) |
| 17:14 |
MinetestBot |
[git] tenplus1 -> minetest/minetest: Ability to remove minetest.after once set (#10103) 34e3ede https://git.io/JUgHr (2020-09-23T17:11:56Z) |
| 17:23 |
|
proller joined #minetest |
| 17:24 |
|
ssieb joined #minetest |
| 17:29 |
|
homthack joined #minetest |
| 17:36 |
IronOxidizer[m] |
Sweet, I got it working. The issue was irrlicht isn't compatible with xwayland so I had to switch over to openbox |
| 17:36 |
IronOxidizer[m] |
1 major problem, I'm in game and I hear sounds and everything perfectly, but I can't get the debug menu (f5) to showup and I don't see any blocks or particle effects. Just the skybox |
| 17:37 |
IronOxidizer[m] |
Actually, I don't know if it's a skybox, just blue when I look up, and dark grey when I look down |
| 17:38 |
Krock |
if you can change your view, F5 must work too |
| 17:38 |
Krock |
means the server has troubles with mapgen. check debug.txt for new logs |
| 17:38 |
IronOxidizer[m] |
I force enabled it in adanved settings |
| 17:38 |
IronOxidizer[m] |
Works |
| 17:38 |
IronOxidizer[m] |
~12 FPS, nice |
| 17:39 |
Krock |
ouch |
| 17:39 |
IronOxidizer[m] |
Still not blocks rendering though |
| 17:39 |
Krock |
how about joining other servers? does that work? |
| 17:39 |
IronOxidizer[m] |
I mean, I am playing on a PinePhone. Just getting this work is pretty nice |
| 17:39 |
IronOxidizer[m] |
Yeah, I joined other servers, still no block rendering |
| 17:39 |
Krock |
disable shaders? |
| 17:39 |
IronOxidizer[m] |
They are disabled |
| 17:40 |
IronOxidizer[m] |
Tried both enabled and disabled |
| 17:41 |
IronOxidizer[m] |
I can see the block info in the debug stats, I can hear the grass sounds when walking, and I can see my fps go up when I look at the floor or ceiling. |
| 17:41 |
IronOxidizer[m] |
So something weird is going on |
| 17:41 |
Krock |
try the "software" render |
| 17:42 |
Krock |
interesting |
| 17:43 |
IronOxidizer[m] |
Oh, lol. I checked the logs. ALl the textures are "fully transparent" |
| 17:44 |
IronOxidizer[m] |
Where do I get textures from? |
| 17:49 |
IronOxidizer[m] |
Nvm, regardless of the texturepack I use, the textures are invisible |
| 17:51 |
|
FeXoR joined #minetest |
| 17:59 |
|
Elon_Sat0shi joined #minetest |
| 18:00 |
Elon_Sat0shi |
so i just heard that among us has cheaters now, sounds like imposter cheaters can disable the kill cooldown and kill all the crewmates instantly |
| 18:00 |
Elon_Sat0shi |
I hope the devs implement a server-side timer or something |
| 18:01 |
Elon_Sat0shi |
It reminded me about how Minetest is more secure about not trusting the user |
| 18:03 |
|
homthack34 joined #minetest |
| 18:04 |
dievri |
Why player still online, when get_auth returning nil? |
| 18:04 |
Elon_Sat0shi |
hmm, no clue |
| 18:06 |
rubenwardy |
the auth data isn't continuely checked |
| 18:06 |
rubenwardy |
like, the player doesn't continuously authenticate |
| 18:06 |
rubenwardy |
once they're connected, that's it |
| 18:06 |
rubenwardy |
you can kick them |
| 18:08 |
dievri |
get_auth gets called constantly |
| 18:09 |
dievri |
I put return nil both in create_auth and get_auth, and player still logs in |
| 18:13 |
Krock |
return values are sometimes simply ignored |
| 18:14 |
Krock |
handled return values are documented. |
| 18:15 |
dievri |
I can't understand logic or flow of the auth |
| 18:19 |
rubenwardy |
seems weird for it to be called constantly |
| 18:19 |
rubenwardy |
wait, privileges |
| 18:19 |
rubenwardy |
get_auth contains privileges |
| 18:19 |
rubenwardy |
privileges will be checked almost constantly |
| 18:21 |
|
testman joined #minetest |
| 18:22 |
dievri |
I don't quite understand, how to stop player login process, if create_auth fails. |
| 18:22 |
Krock |
perhaps create_auth must not fail |
| 18:23 |
dievri |
hmm, it's true also for get_auth |
| 18:23 |
|
homthack joined #minetest |
| 18:37 |
|
homthack joined #minetest |
| 18:48 |
|
homthack joined #minetest |
| 19:40 |
|
proller joined #minetest |
| 20:09 |
|
TomTom_ joined #minetest |
| 20:09 |
|
bebebeko joined #minetest |
| 20:16 |
|
proller joined #minetest |
| 20:23 |
|
Goat2 joined #minetest |
| 20:28 |
|
deltanedas joined #minetest |
| 20:31 |
|
deltanedas joined #minetest |
| 20:51 |
|
uroboro joined #minetest |
| 20:53 |
|
Croquetas left #minetest |
| 20:54 |
|
TomTom_ joined #minetest |
| 20:58 |
MinetestBot |
[git] orbea -> minetest/minetest_game: Furnace: Start the timer on on_metadata_inventory_take (#2639) dd91a1b https://git.io/JUgAN (2020-09-23T20:58:09Z) |
| 21:40 |
|
proller joined #minetest |
| 22:51 |
|
uroboro joined #minetest |
| 22:52 |
|
Htbrdd joined #minetest |
| 22:57 |
|
__vy joined #minetest |
| 22:58 |
|
est31 joined #minetest |
| 23:12 |
MinetestBot |
[git] paramat -> minetest/minetest: Fix horizontal/vertical merging bug of hardware-colored framed glass … 9bff154 https://git.io/JUgjX (2020-09-23T23:10:50Z) |
