AnMaster wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > I have locally a proof of concept challenge-response login for use in > crossfire (HMAC-SHA256). > > However how should it be added to server protocol exactly, setup command? I'd > prefer > upgrading protocol version.
Depends on a few things. Do you expect this change to only be in the trunk, or also backport to the stable release? If only in the trunk, then perhaps increasing the protocol version, and making that the only supported authentication method in fairly short order may be the right thing to do. For the trunk, we are not guaranteeing a lot of backwards compatibility. However, the stable release does guarantee some level of backwards compatibility. The problem with the protocol version (and why setup is often used instead) is that with just a number, it is not clear what has changed and if in fact and old client can operate on that newer server. Also, before committing any changes, the proposed protocol changes should be documented (like the current protocol commands - what does the server & client send to each other. That provides more concrete examples of how the changes will be implemented, and allows for better/more meaningful conversation. > > Backward compatibility would be supported by plain text login once and then > upgrade > password in player file to store the "shared secret", then HMAC-SHA256 would > be used in > future to log in. I feel that it is less of an issue storing an unencrypted > shared secret > on the server than, as we currently do, sending it in plain text over network. Almost certainly true - file access controls on the server itself can still be used to prevent unauthorized folks from looking at the player files. And for many systems, the password actually is stored in plain text (look at the #if in crypt_string()) _______________________________________________ crossfire mailing list [email protected] http://mailman.metalforge.org/mailman/listinfo/crossfire
