Hey there!
I'm developing a game server which makes use of several processes to do things.
It look basically like this:
WorldServer
ZoneServer
ZoneServer
ZoneServer
ChatServer (?Maybe, unimplemented, for cross-zone chat?)
My WorldServer handles logging into accounts, doing character selection etc, -HOWEVER-; this is all fine. I'm at the point though, how do I transit between processes?
I was thinking, disconnect from the world server, and connect to the ZoneServer you're in, and then send a 'JoinZone' packet; but how does the ZoneServer know I'm not cheating as to where I am, and who I am, etc?
Previously, when I used single proccess methods, I could just reference a hash-table (dictionary) with a Connection key, and grab my user object. This works on the WorldServer, but isn't so easy when it's a whole new proccess, and the connection objects themselves will change, too because of disconnection/reconnection.
Advice?
Thanks!
Vaughands
Transisting between proccess's
One way is for the WorldServer to send a message to the ZoneServer (possibly through the database), which will indicate the incoming player is allowed. Another option is opaque, cryptographic "tokens" which only your servers can decrypt and test for freshness/uniqueness/ownership. A client with a good token can be assumed to be legitimate. An example of the above is the "Kerberos" protocol.
Also, to be more fault resistant you should probably wait for the client to successfully connect to the ZoneServer before it "disconnects" from the WorldServer.
I haven't ever actually written such before, but that is how I would initially approach it. Feel free to point out any problems you envision with such an approach, and don't take my word that it will work.
Also, to be more fault resistant you should probably wait for the client to successfully connect to the ZoneServer before it "disconnects" from the WorldServer.
I haven't ever actually written such before, but that is how I would initially approach it. Feel free to point out any problems you envision with such an approach, and don't take my word that it will work.
Author
Aye, but who do you identify who the 'incoming player' is? Is the client just going to send their unique ID or something to the Zone-Server and the zone-server will check if it's OK? You can spoof that though, if you're zoning and I time it properly (wouldn't be hard if I knew you were zoning) then I could end up in control of your character!
Cryptographic tokens are infeasible to spoof. This assumes you have additional precautions to prevent MITM attacks on the communication channel itself, which you would need anyway to protect the user's login.
Author
How would I generate these tokens and validate them? Pseudo-code is fine, but I've never implemented something like that before.
A quick Google search for the aforementioned "Kerberos" protocol will be helpful. Even secure random session ids can work. An attacker cannot predict the session id you give to the client, so they cannot make the attack you mentioned (again, excepting the MITM case).
The multiplayer and networking moderator has written an article you might find insightful.
Searching these forums for "login server" yields lots of results on the same basic idea. More links might be found inside.
The multiplayer and networking moderator has written an article you might find insightful.
Searching these forums for "login server" yields lots of results on the same basic idea. More links might be found inside.
Author
This isn't a 'commercial' server persay, so any basic cryptography should do the trick to deter *MOST* people, I would hope. I see lots of articles, but so many to go about it. I was thinking of using the users ID and current minute or hour to generate a 'key'.. but that's spoof able far too easy. I could use the password, but then that requires I store the users password in memory, isn't that dangerous too? :/
It sounds like a secure random session ID will be "good enough" for your purposes, at least for the moment. You should be able to get a library to generate secure random numbers by Googling for "secure random <your programming language of choice>".
Storing the user password at all is dangerous. You should be storing a strongly hashed and salted value.
Be realistic too though. Even getting your game to 100 concurrent users is a huge achievement. You should be able to serve them all from a single, powerful machine (depending on the game). Concentrate first on making a game good enough to scale, then worry about how to scale it.
Storing the user password at all is dangerous. You should be storing a strongly hashed and salted value.
Be realistic too though. Even getting your game to 100 concurrent users is a huge achievement. You should be able to serve them all from a single, powerful machine (depending on the game). Concentrate first on making a game good enough to scale, then worry about how to scale it.
Author
Right, that was my mindset. Orginally, I had a login-server, chat server etc all trying to talk to each other. I looked at what I had, and said "Realistically speaking, I can probably intergrate the login and world into one; and probably just drop the chat server all together right now"
I'm storing MD5 passwords in the database right now, and hash them before sending them off for authentication.
So, just to make sure I'm understanding right, and I'm pretty sure I am, as you've been a great help!
Client [SwitchZoneRequest] -> ZoneServer (verifies they're on the zone line and everything is OK, sends off to WorldServer which generates a 'token', (random sessionID)
World -> Requested ZoneServer (Sends this token, saying that someone is expected to be incoming soon; to wait for them.)
World -> ZoneServer (Indiciates success, has a packet with the required port and hostname to connect to the next zone AND the token; the server can at this point then 'drop' the player from it's list and send out notifcations to surrounding entities, and persist the user into the datbase)
ZoneServer -> Client (Sends the previous packet, the client knows who to connect to now)
Client -> Requested ZoneServer (Packet with the token, the ZoneServer has been waiting and knows the user with this secret token is valid so accept them and load who they are, which could have been sent with the token... or embedded in the token somehow.)
My only key question: Can I just generate a token for the user once, and store it for them as a 'session token'? That would work, but it's pretty secure and immune to replay attacks, right?
I'm storing MD5 passwords in the database right now, and hash them before sending them off for authentication.
So, just to make sure I'm understanding right, and I'm pretty sure I am, as you've been a great help!
Client [SwitchZoneRequest] -> ZoneServer (verifies they're on the zone line and everything is OK, sends off to WorldServer which generates a 'token', (random sessionID)
World -> Requested ZoneServer (Sends this token, saying that someone is expected to be incoming soon; to wait for them.)
World -> ZoneServer (Indiciates success, has a packet with the required port and hostname to connect to the next zone AND the token; the server can at this point then 'drop' the player from it's list and send out notifcations to surrounding entities, and persist the user into the datbase)
ZoneServer -> Client (Sends the previous packet, the client knows who to connect to now)
Client -> Requested ZoneServer (Packet with the token, the ZoneServer has been waiting and knows the user with this secret token is valid so accept them and load who they are, which could have been sent with the token... or embedded in the token somehow.)
My only key question: Can I just generate a token for the user once, and store it for them as a 'session token'? That would work, but it's pretty secure and immune to replay attacks, right?
This article answers the question on how to securely support moving between servers: Authentication for Games
Additionally, an expanded version of it is available in Game Programming Gems 7, which you may find on Amazon or your local library.
In brief, this describes different alternatives, recommending a Kerberos-style ticketing system.
Additionally, an expanded version of it is available in Game Programming Gems 7, which you may find on Amazon or your local library.
In brief, this describes different alternatives, recommending a Kerberos-style ticketing system.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
