Complete.Org: Mailing Lists: Archives: freeciv-dev: April 2003:
[Freeciv-Dev] Re: client/server authentication (PR#1767) 		Home

[Freeciv-Dev] Re: client/server authentication (PR#1767)

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: undisclosed-recipients:;
Subject: [Freeciv-Dev] Re: client/server authentication (PR#1767)
From: "Mike Kaufman" <kaufman@xxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 10 Apr 2003 22:00:27 -0700
Reply-to: rt@xxxxxxxxxxxxxx 
attached are a second set of three patches leading to server/client
authentication. With the previous commit of the preparation patches, these
should be quite readable.

auth3-4d.diff: variable name changes to make nomenclature consistent.

o pconn->name becomes pconn->username. 
o pinfo->name becomes pinfo->username. 
o In the client player_name and default_player_name become user_name and 
  default_user_name.
o find_[player|conn]_by_* function names also suitably changed.

auth4-5k.diff: implement _simple_ server-side authentication. 

o includes the necessary packets for communication with the client 
  (though the client packet-handler is #ifdefed out). 
o add database.[ch] to handle a user database. currently can only create
  a new entry, search for an entry by username and do a search by usernamd
  and return the password. Note: the db_entry struct is rudimentary and
  most of the fields present are unused and for demonstration purposes.
  Our current ranking system is expected to be plugged in here somehow.
o note: the database is binary. we could do this using freeciv registry,
  but I'm afraid this would be really slow and not really suited for 
  sequential search. comments welcome. tools will need to be written to 
  manipluate the database for administrative purposes.
o add auth.m4 (courtesy of Per) to enable server auth and optionally set
  the database name (defaults to ~/freeciv_user_database).
o add the necessary packet handler to interrogate the client for
  authentication.
o allow guest logins
o should work with non-authenticating clients (they get logged in as guests)
o implement a [quite] rudimentary password security system (checks for
  minimum length passwords and optionally can check minimum caps and
  numbers in the password)

auth5-6g.diff: implement an authenticating client for GTK1.2

o made as non-intrusive as possible.
o should work with non-authenticating servers.
o works for me.
o probably good enough to commit.
o probably could use a "reset" button to reset the connect dialog without
  quitting and restarting (you'll see what I mean when you try it).
o WANTS TESTERS!

Note: I said _simple_ authentication above, because this is no frills
authentication. Currently this does _not_ stop people from simply logging
in and /taking a non-connected player. Future patch will give an option to
disallow this. What this does for now is allow an authenticated ranking
system to be set up (I won't be able to log in as pille anymore and screw
up his rating :)

Please take a look.

-mike

Attachment: auth3-4d.diff.gz
Description: auth3-4d.diff.gz

Attachment: auth4-5k.diff.gz
Description: auth4-5k.diff.gz

Attachment: auth5-6g.diff.gz
Description: auth5-6g.diff.gz

[Prev in Thread] Current Thread [Next in Thread]