Comparing sockaddr_in

Networking and Multiplayer Programming

Started by Valmian September 24, 2004 04:06 PM

7 comments, last by Valmian 19 years, 6 months ago

122

Author

September 24, 2004 04:06 PM

I am writing a multiplayer game. In the game, all the clients connect to a server. When a client receives data, to ensure there is no hacking, I want to compare the sockaddr_in I get from recvfrom() to the sockaddr_in of the server. How can I do that? Ilya

Valmian

122

Author

September 24, 2004 04:41 PM

i wonder, would this work?

bool CompareIP(sockaddr_in ptAddr1, sockaddr_in ptAddr2){   if(ptAddr1.sin_addr.S_un.S_addr==ptAddr2.sin_addr.S_un.S_addr) 	return true;return false;}

Valmian

122

Author

September 24, 2004 05:06 PM

Yes, it works!!!!

crupp

122

September 25, 2004 02:35 AM

actually, IP addresses can be faked. that's called "spoofing".

Evil Steve

2,021

September 25, 2004 10:31 AM

Quote:Original post by crupp
actually, IP addresses can be faked. that's called "spoofing".

Yes. But only with raw sockets. And its non-trivial. And if you spoof your IP address, you can't get a reply to any data you send. So don't worry about it.

hplus0603

11,916

September 25, 2004 01:42 PM

Additionally, many internet service providers won't actually accept spoofed packets -- the end-node routers (that you are talking to) will drop them.

If you want to be a little more secure about finding out who is actually talking to you, I wrote up a paper on Authentication for Games.

enum Bool { True, False, FileNotFound };

markr

1,692

September 25, 2004 05:02 PM

The address you get from recvfrom will be the client one, not the server.

And you'll have to compare it anyway with a connected clients table to know who they are.

I am of course assuming that you are using UDP.

If you are using TCP you don't need to care about who someone is - it is normally safe to assume that if they are on the same socket, they are the same person - TCP hijacking is extremely difficult.

Essentially you'll only need to validate their identity when they open the socket if you're on TCP.

Mark

Valmian

122

Author

September 27, 2004 03:56 PM

ah.. but I am writing code for client (server is done by someone else) and I only need to see if I am getting data from the server or not. Players will not talk to each other directly. The game is for school so I am not too woried about security ;)
Thank you,
Ilya

Valmian

122

Author

September 27, 2004 03:58 PM

Quote:Original post by markr
The address you get from recvfrom will be the client one, not the server.

And you'll have to compare it anyway with a connected clients table to know who they are.

I am of course assuming that you are using UDP.

If you are using TCP you don't need to care about who someone is - it is normally safe to assume that if they are on the same socket, they are the same person - TCP hijacking is extremely difficult.

Essentially you'll only need to validate their identity when they open the socket if you're on TCP.

Mark

Yeah, I am using UDP.

Comparing sockaddr_in

This topic is closed to new replies.

Popular Topics

Recommended Tutorials

Comparing sockaddr_in

This topic is closed to new replies.

Popular Topics

Recommended Tutorials

Reticulating splines