[Freeciv-Dev] Re: client/server authentication (PR#1767)
|
Complete.Org:
Mailing Lists:
Archives:
freeciv-dev:
April 2003: [Freeciv-Dev] Re: client/server authentication (PR#1767) |
|
[Freeciv-Dev] Re: client/server authentication (PR#1767)[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
attached are the last two of a second set of three patches for client/server authentication. A lot of code has changed a bunch: o added gtk-2.0 client (probably not canonical GTK2, vasc, will have to look at it) o removed pconn->password, we no longer need it o made "unconnecting from %s" to "detaching from %s" as GB wanted o password check now checks that the password does not contain spaces o encapsulated more code in #ifdef AUTHENTICATION_ENABLED #endif o added configure magic (badly, Per or Jason or somebody will have to fix) o totally rewrote the database (see below for gory detail) o db is in ascii o it locks o added a freeciv/misc/db directory for the user_database (can be changed) o added some comments for Raimar. Things that didn't happen: o didn't fix the readline completion for /take. This turns out to be nasty since /take can take one or two arguments and the first argument is either a user or player depending on the existance of the second argument. Maybe later. o didn't fix Chris's complaint on the client. This might be fixable, I'll be in touch Chris (most people won't ever see this problem). How to test: % gunzip auth4-5s.diff.gz auth5-6i.diff.gz % cd freeciv % patch -p1 < auth4-5s.diff % patch -p1 < auth5-6i.diff % ./autogen --enable-auth [--enable-client=gtk2] # pointless otherwise % cd misc; make; cd .. # this is a configure problem, see below % make Gory database details: I told paulz that I would make user database work by calling into an external program. I lied (sorry paul). I discovered after doing this that it is much too ugly and potentially fragile to put in the freeciv codebase. Instead, I came up with a better idea (at least I think so). Since anybody who runs a large public server (thus needing auth, and being large needs a real database solution) will be compiling from source anyway, I decided that "pluggable" libraries is the way to go. No, this is not dlopen(). the freeciv user database basically consists of a library which is named libuserdb.a which is built in misc/db/ This library calls exactly one function in the server (connecthand.c:handle_db_lookup()) If someone wants a custom database solution, then he simply replaces libuserdb.a with another when compiling the server. There is a default database which comes with freeciv and will be compiled (kinda) when auth is enabled. If you want a custom database, you can do: % ./autogen --enable-auth=/path-to-db-lib/libuserdb.a and then compile after you've prepared the external library. To enlighten you, I have attached a toy database (which you can see is based quite a bit on the default one), which actually does fork a process which does the database lookup and returns the answer through exit status. To play with it, make sure you edit the accompanying Makefile and change USER_DB_PROGPATH and USER_DB_PATH before compiling. It's a good bet you don't have the default directories. The API is really simple: see misc/db/user_db.h for the functions which an external library must have to survive. There are two configure bugs (at least). 1. If misc/db/libuserdb.a isn't compiled before the server, can't find it as a dependency. The current kludge is as above, before doing the global make, do make in misc/ 2. If you specify an external library, the server should be recompiled, but doesn't. The configure patch is a real kludge, somebody should clean it up. Also, I'm not sure that the external library option should be wrapped into the enable-auth option. Also, in the default code, the database file location is not configurable. It should be. Right now it's named freeciv_user_database and it will be created in the same directory that the server is started in. -mike
|
