NetworkDesign: Difference between revisions
Jump to navigation
Jump to search
Content deleted Content added
imported>Hendrik Brummermann |
imported>Hendrik Brummermann No edit summary |
||
| Line 15: | Line 15: | ||
[[Image:messages-connected.png|thumb|Messages used to securely login.]] |
[[Image:messages-connected.png|thumb|Messages used to securely login.]] |
||
The login process is a bit complicated because of security requirements. Don't be scared, just follow it step by step. |
|||
Onces the TCP connection is established the clients requests the RSA public key from the server using [http://stendhal.game-host.org/hudson/job/marauroa_HEAD/javadoc/marauroa/common/net/message/MessageC2SLoginRequestKey.html C2SLoginRequestKey]. The server checks the protocol version implicitly included in every message. If it is compatible, it replies with a [http://stendhal.game-host.org/hudson/job/marauroa_HEAD/javadoc/marauroa/common/net/message/MessageS2CLoginSendKey.html S2CLoginSendKey] including the RSA public key. It is composed of two bytes arrays: The first one contains the value of 'n', and the second the value of 'e'. |
|||
The client now computes a nonce (a random number) and sends its hash as byte array to the server in a [http://stendhal.game-host.org/hudson/job/marauroa_HEAD/javadoc/marauroa/common/net/message/MessageC2SLoginSendPromise.html C2SLoginPromise] message. |
|||
{{TODO| |
|||
Message S2C Login Send Nonce |
|||
The server responds to the client promise by computing a nonce and sending it in this message. This message contains the nonce as a bytes array. |
|||
Message C2S Login Send Nonce Name and Password |
|||
The client now sends its nonce, its username and the value Crypt(xor(xor(client nonce, server nonce), password). This message contains 3 fields. The first one is a bytes array containing the client nonce, the second one a string containing the username and the third one a bytes array containing the encrypted password. On reception, the server checks that the hash he received at first is the hash of the nonce he just received. It then decodes the password field, and having the value of the client nonce and its nonce, it gets the value of the password. If the username/password combination is correct then the Server must send a Login ACK Message to indicate to the Client that the message has been correctly processed. However, if the username/password is wrong the Server will send a Login NACK (Not ACKnoledge). |
|||
Message S2C Login ACK |
|||
The LoginACK Message is sent from the Server to the Client to indicate that the login process has been completed correctly and that it can proceed to the next step. It has no params. |
|||
Message S2C Login NACK |
|||
The LoginNACK Message is sent from the Server to the Client to tell the Client that its login message is incorrect because either the username or password is wrong or because Server has decided to reject the login request, e.g. if the Server is full or because the IP is banned. |
|||
The message is composed of: Message indicating the resolution. |
|||
}} |
|||
{{br}} |
{{br}} |
||