logo logo

 Back to main page

The NWNX Community Forum

 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Authentication hooks (wishlist)
Goto page 1, 2, 3, 4, 5  Next
 
Post new topic   Reply to topic    nwnx.org Forum Index -> General Discussion
View previous topic :: View next topic  
Author Message
PlasmaJohn



Joined: 04 Mar 2005
Posts: 70
Location: The Garage

PostPosted: Thu Oct 09, 2008 15:36    Post subject: Authentication hooks (wishlist) Reply with quote

patch 1.66 wrote:
# Added new option to the nwnplayer.ini file under [Server Options] "Account validation required during Master Server down times=1" If this option is turned on, the server will track the public CD-Keys of each player logging onto the server. If the Master Server ever goes down for any reason (e.g. for scheduled maintenance) then the server will validate itself that the player name of any new player trying to connect is in fact using the same public cd-key that they last logged in with.

As many of us are aware, Master Server reliability over the last two months has been spotty (yes I'm being kind).

The above option works, but it has a significant design defect: it reads and writes values to nwnplayer.ini. I believe it also stores all of those keys into memory. If we were talking a few hundred keys, it would be tolerable but reality is closer to a few tens of thousands of keys with several hundred being used consistently. Manually maintaining that list is an unnecessary chore and even if it were pruned to the active keys, still causes significant restart lag and wastes system resources to keep them memory resident.

If possible I would like to see the in-memory keystore functions used to store a key and search for inclusion to be hooked and that the path to write them out to the nwnplayer.ini be disabled.
Back to top
View user's profile Send private message
virusman



Joined: 30 Jan 2005
Posts: 1020
Location: Russia

PostPosted: Thu Oct 09, 2008 19:04    Post subject: Reply with quote

I can hook a login attempt event and pass all necessary parameters to a handler script.
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
axs



Joined: 11 Feb 2005
Posts: 76

PostPosted: Thu Oct 09, 2008 22:02    Post subject: Reply with quote

Huh, that would be nice, but also with ability to refuse login.
Back to top
View user's profile Send private message
FunkySwerve



Joined: 02 Jun 2005
Posts: 377

PostPosted: Thu Oct 09, 2008 22:42    Post subject: Reply with quote

We use our database for this, since it's possible to avoid Master Server authentication even when it's up - meaning you can log into someone else's account even without their password, let alone their cd key. If you're using MySQL or SQLite, the simplest solution is just to boot on login if an unauthorized key tries to login. We allow players to add new keys to their accounts, as well - up to 7.

Funky
Back to top
View user's profile Send private message
Jambo



Joined: 24 Sep 2008
Posts: 22

PostPosted: Fri Oct 10, 2008 13:05    Post subject: Reply with quote

That would be great to see if you can write it virusman. Very Happy

One other thing I often think may have been interesting to see (if possible) would be to hook the actual password someone entered to connect to the server and pass it to a script. It would kind of allow for using the "server password" box for any kind of authentication method we may want in the future. To give an example, it would be possible to created a server with private registrations and for every player who joins a unique server password is created for them to use.
Back to top
View user's profile Send private message
PlasmaJohn



Joined: 04 Mar 2005
Posts: 70
Location: The Garage

PostPosted: Fri Oct 10, 2008 17:02    Post subject: Reply with quote

FunkySwerve wrote:
We use our database for this, since it's possible to avoid Master Server authentication even when it's up - meaning you can log into someone else's account even without their password, let alone their cd key.

How? The client's authentication is advisory to the user. The server makes its own query to the Master Server and doesn't (ok, shouldn't) depend on the client. If the client's authentication matters to the server, that's a blatant security hole that needs to be reported to Bioware.

Quote:
If you're using MySQL or SQLite, the simplest solution is just to boot on login if an unauthorized key tries to login.

I really do wish to prevent login. Bans for one, but also to keep people off the server when it's initializing.

virusman wrote:
I can hook a login attempt event and pass all necessary parameters to a handler script.

Just as long as we can tell what the Master Server response is: yea, nay, unreachable. Any nays get refused (and maybe recorded), any yea's store the username and keys if we don't already have them. Any time the MS is unreachable, we'll just grab them from the database.

Jambo wrote:
... unique player server passwords ...

That's also another thing I've wanted.
Back to top
View user's profile Send private message
virusman



Joined: 30 Jan 2005
Posts: 1020
Location: Russia

PostPosted: Fri Oct 10, 2008 18:21    Post subject: Reply with quote

PlasmaJohn wrote:
FunkySwerve wrote:
We use our database for this, since it's possible to avoid Master Server authentication even when it's up - meaning you can log into someone else's account even without their password, let alone their cd key.

How? The client's authentication is advisory to the user. The server makes its own query to the Master Server and doesn't (ok, shouldn't) depend on the client. If the client's authentication matters to the server, that's a blatant security hole that needs to be reported to Bioware.
Yes, it does rely on client-side authorization. The server doesn't check the client's account authorization, it only validates the cd keys through master server.
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
FunkySwerve



Joined: 02 Jun 2005
Posts: 377

PostPosted: Sat Oct 11, 2008 2:37    Post subject: Reply with quote

PlasmaJohn wrote:
FunkySwerve wrote:
We use our database for this, since it's possible to avoid Master Server authentication even when it's up - meaning you can log into someone else's account even without their password, let alone their cd key.

How? The client's authentication is advisory to the user. The server makes its own query to the Master Server and doesn't (ok, shouldn't) depend on the client. If the client's authentication matters to the server, that's a blatant security hole that needs to be reported to Bioware.

For obvious reasons I'm not going to go into details, but it's extremely easy to do, and I've seen fairly young (or at least extremely immature) players do it to steal accounts. Using this ex_plo_it, they can login to someone else's account, without the password, and play, unless you have serverside cdkey authentication. The Master Server authentication just doesn't hack it.


Quote:

Quote:
If you're using MySQL or SQLite, the simplest solution is just to boot on login if an unauthorized key tries to login.

I really do wish to prevent login. Bans for one, but also to keep people off the server when it's initializing.

Acaos experimented some with this, when we had some difficulty with someone logging in with deliberately corrupted characters to crash the servers. He wound up stripping first timer gear before their login hit the server instead, but maybe it's possible - I think he chose it as the simpler option, rather than the only option, but he'd have to speak to that. If he doesn't post here, you might want to pm him. It might help if you clarified the reasons why it's so important to prevent login altogether.

Funky
Back to top
View user's profile Send private message
Jambo



Joined: 24 Sep 2008
Posts: 22

PostPosted: Sat Oct 11, 2008 20:30    Post subject: Reply with quote

If that's the case with the master server, creating a method of unique server passwords for every member may almost provide the best level of security although it would certainly come with complications (portalling between servers, security of that, etc). That is assuming it could be hooked to such a level.
Back to top
View user's profile Send private message
FunkySwerve



Joined: 02 Jun 2005
Posts: 377

PostPosted: Sat Oct 11, 2008 20:42    Post subject: Reply with quote

We've found cd key verification to be perfectly sufficient, for the last couple years.

Funky
Back to top
View user's profile Send private message
ShaDoOoW



Joined: 20 Aug 2005
Posts: 584

PostPosted: Sun Oct 12, 2008 22:40    Post subject: Reply with quote

FunkySwerve wrote:
We've found cd key verification to be perfectly sufficient, for the last couple years.

Funky
Well not me. I played on HG so I assume you setting CD-KEY in first login with given character. I used it too, becose other ways are user unfriendly (like php web CD-KEY registration). Anyway, there are players that don't know about this and someday they change their CD-KEY (well lets say in my country is possible to play with cr ac ked cdkey) they cannot log in. And then you have to do possibility to delete stored CD-KEY on char and that even more user unfriendly than web way...
_________________
Community Patch / NWNX Patch / NWNX Files / NWNX Connect
Back to top
View user's profile Send private message
FunkySwerve



Joined: 02 Jun 2005
Posts: 377

PostPosted: Mon Oct 13, 2008 0:47    Post subject: Reply with quote

ShaDoOoW wrote:
FunkySwerve wrote:
We've found cd key verification to be perfectly sufficient, for the last couple years.

Funky
Well not me. I played on HG so I assume you setting CD-KEY in first login with given character. I used it too, becose other ways are user unfriendly (like php web CD-KEY registration). Anyway, there are players that don't know about this and someday they change their CD-KEY (well lets say in my country is possible to play with cr ac ked cdkey) they cannot log in. And then you have to do possibility to delete stored CD-KEY on char and that even more user unfriendly than web way...

No, users are able to add new keys from ingame - up to 7, as I said. It hasn't proven to be a problem, though we do get the infrequent forum message asking for the account's key to be cleared - which only takes a few seconds.

Funky
Back to top
View user's profile Send private message
ShaDoOoW



Joined: 20 Aug 2005
Posts: 584

PostPosted: Mon Oct 13, 2008 1:36    Post subject: Reply with quote

FunkySwerve wrote:
No, users are able to add new keys from ingame - up to 7, as I said. It hasn't proven to be a problem, though we do get the infrequent forum message asking for the account's key to be cleared - which only takes a few seconds.

Funky
Misread it. And InGame didn't read it.

Thats much better way than mine Smile.
_________________
Community Patch / NWNX Patch / NWNX Files / NWNX Connect
Back to top
View user's profile Send private message
Asparius



Joined: 18 Sep 2007
Posts: 52

PostPosted: Mon Oct 13, 2008 18:18    Post subject: Reply with quote

virusman wrote:
PlasmaJohn wrote:
FunkySwerve wrote:
We use our database for this, since it's possible to avoid Master Server authentication even when it's up - meaning you can log into someone else's account even without their password, let alone their cd key.

How? The client's authentication is advisory to the user. The server makes its own query to the Master Server and doesn't (ok, shouldn't) depend on the client. If the client's authentication matters to the server, that's a blatant security hole that needs to be reported to Bioware.
Yes, it does rely on client-side authorization. The server doesn't check the client's account authorization, it only validates the cd keys through master server.


Is it really true? I tried to cut off connections to Master Server, allowing nwmain.exe to connect only to game server. I tried to login with false password and server has rejected it. When used true password, server allowed me to login...
Back to top
View user's profile Send private message
FunkySwerve



Joined: 02 Jun 2005
Posts: 377

PostPosted: Tue Oct 14, 2008 3:14    Post subject: Reply with quote

Yes, it's really true.

Funky
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    nwnx.org Forum Index -> General Discussion All times are GMT + 2 Hours
Goto page 1, 2, 3, 4, 5  Next
Page 1 of 5

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group