Hi all,

Her is attached my test client and server for HE Net server. Cyrently look more like a network chat server so i decided to post it here ... until i have some game related content into it ...

Please test clients and server if you can and have the time.
I am open to hear ideeas for additions, bugs found etc etc.

For example i already know i will have to add channels, list of active games and /stats about each user
I also intend to add wisper or /msg comamnd as well as animated emoticons. i also plan to change the standard edit control in the main window (chat) with a richedit.

The IP initialy presented is my own... and i might have the server on-line for a while.
But it works with any IP (yours, loopback 127.0.01 and local 192.168.0.1)

My first try at winsock also as until now i used DirectPlay for HE.

User / pass just anything works now as server side check-up is not yet enforced.
However the user/pass is sent via network so do not use any important pass for this.

New user creation and options are not working.

All the rest should be working ok.

As i have said before any comments / tests are welcome

BTW port used is 1024 TCP/IP only
Posted on 2003-05-04 18:35:30 by BogdanOntanu
Hi BogdanOntanu,

Ive just given it a quick test, everything seems ok appart from 2 tiny faults i noticed.

the "Connection to server failed" output text doesnt start on a new line if it happens more than once, and if you have a long user name the end of it gets cut off in the user list.... of course it Just needs some horizontal scrolling, actually i havent tried connecting loads of clients, so there might be a problem with the names disappearing of the bottom too.

Nice work :alright:

Lennon.

P.S What kind of security features is it going to have? im new to winsock like you and my chat client/server is in desperate need of some, but im not sure of what security features this kind of thing needs.
Posted on 2003-05-05 04:34:54 by Lennon
bogdan, haven't time to look at your stuff right now, but a suggestion for when you start implementing security - based on POP3 APOP authentification.

server should send a string to client when client connects - for example "HE server v1.2". This string should also contain a changing (preferably random) part. APOP usually uses a date string, but random is better.

When client wants to authenticate, it appends password to the server "hello" string, and does a cryptographic hash (preferably SHA or better) on it. It authenticates by sending user name + cryptographic hash.

Server has of course saved the hello-string it saved when client connected. When it receives the auth request from client, it looks up the user password in its database, does the same hashing as client did, and can compare hashes.

Voila, relatively secure authentication, with no way of deriving user password from auth string. The "random" part (could be date, but preferably some ascii string made with a decent PRNG) means nobody can sniff data connection and just send the same hash.
Posted on 2003-05-05 05:17:05 by f0dder
Yes thank you for ideeas...

however i have a problem... it is working locally but when somebody tries to connect from interne it gives a connection to server failed message....

presumed i do something wrong with binding the listening socket ...

here is the code sampe about server startup


HE_PORT1 dd 1024


wsa_data WSADATA_STRU <0>

socket_01 SOCKADDR_IN_STRU <0>

income_info_len dd 16
income_info SOCKADDR_IN_STRU <0>

list_socket dd 0

users_crt dd 0

.code

Server_Start PROC
pushad

call DialogBoxParamA,[hinst_main],800,[hwnd_main],offset Start_Dialog_Callback,0

.IF eax==1
popad
ret
.ENDIF

Call Clear_All_Users


mov eax,0101h
Call WSAStartup,eax,offset wsa_data

.IF eax!=0
.data
sz_err_0001 db "WSA StartUp Fail",0
.code
Call OutputDebugStringA, offset sz_err_0001
.ELSE
.data
sz_ok_0001 db "WSA StartUp OK",0
.code
Call OutputDebugStringA, offset sz_ok_0001
.ENDIF

;-----------------------------
; prepare socket port
;-----------------------------
mov eax,[HE_PORT1]
Call htons,eax

mov esi,offset socket_01
mov word ptr [esi.sin_port],ax
mov eax,AF_INET
mov word ptr [esi.sin_family],ax

mov eax,[val_server_ip]
mov [esi.sin_addr],eax
;--------------------------
; create a socket
;--------------------------
Call socket,PF_INET,SOCK_STREAM,0
mov [list_socket],eax

;--------------------------
; setup notification
;--------------------------
Call WSAAsyncSelect,[list_socket],[hwnd_main],WM_LISTSOCKET,FD_ACCEPT+FD_READ+FD_CLOSE

;-----------------------------
; bind == associate with port
;-----------------------------
Call bind,[list_socket],offset socket_01,16

;-----------------------------------
; listen for incoming connections
;-----------------------------------
Call listen,[list_socket],2

;---------------------------------------------------
; all other processing is done in Windows Messages
;---------------------------------------------------


Any ideeas?
Posted on 2003-05-05 17:09:50 by BogdanOntanu
Hi bogdan,

Ive had a quick scan of your source, all the raw "magic" numbers are confusing me, but a few things hit me:

;--------------------------
; create a socket
;--------------------------
Call socket,PF_INET,SOCK_STREAM,0
mov
    ,eax

    shouldnt it be AF_INET, and the third Parameter of Socket is protocol, think it should be IPPROTO_TCP (IPPROTO_TCP=6)

    ;--------------------------
    ; setup notification
    ;--------------------------
    Call WSAAsyncSelect,
      ,,WM_
      LISTSOCKET,FD_ACCEPT+FD_READ+FD_CLOSE

      why do you need the FD_READ+FD_CLOSE, shouldnt the listening socket do just that, and nothing else...when a connection is made and accept is called, the new created socket is normally used for data transfer etc.

      ;-----------------------------
      ; bind == associate with port
      ;-----------------------------
      Call bind,
        ,offset socket_01,16

        not sure about the 16, but im sure you know what your doing there.

        ;-----------------------------------
        ; listen for incoming connections
        ;-----------------------------------
        Call listen,
          ,2

          you could try just using SOMAXCONN (5) instead of 2..

          Have a look at my client/server source, i "think" it works fine over internet from my tests, but im not getting much feedback :rolleyes:

          Best of luck,
          Lennon.
Posted on 2003-05-05 18:08:59 by Lennon
Thanks, i will check it out.

Have not looked over your source code yet :(

But i will soon :)

Same problem here with testing/feedback ...

Mainly because i must use help from somebody else (far away) to do those tests...
But to be honest i i must say i did have help :) from Hiro and Dreq

So let's help each other, since we have same things to test now...


Are you on Yahoo MEssenger or something?
my YM ID is bogdanontanu

BTW
---------------
-- PF_INET is from the help files for socket() function but is the same as AF_INET :)
-- 16 - is the size of sin structure but indeed i should have used SIZE operator, remained there from some early tests
-- i use FD_CLOSE and FD_READ because they are notifications for the whole serverside operations and i want to know when an client exits gracefully and also when there is data to be read from clients...
--indeed i should have used 5 for backlog size but i wanted to stress the server a little
Posted on 2003-05-05 20:01:47 by BogdanOntanu
Ahhhhhh Bollards, my inexperience with Winsock shows again.

Just checked and indeed (AF_INET & PF_INET) = 2

I dont have yahoo messenger, im on ICQ #76927142 tho.

*EDIT* if i remember right tho bogdan, the listening socket wont ever connect to the clients, it just listens....when you accept the new connection a new socket is created and that connects to the client, so i still dont think you should be using FD_CLOSE and FD_READ.

*EDIT* and what about the third member of Socket (protocol)

Call socket,PF_INET,SOCK_STREAM,0 ;what is 0?

I wish somebody with a bit more experience would speak up.

Lennon.
Posted on 2003-05-06 06:24:42 by Lennon
So anybody has any ideas why it works on loopback and local LAN but seems to fail over internet ?

Also it looks like i need another ppl to test it over internet.... and ppl do not have time when i havetime etc etc :(

Is there another way? any kind of free automated services that i can direct on making a call to my server just for testing?
Posted on 2003-05-06 13:20:19 by BogdanOntanu
haven't really looked at your code... do you bind your listening socket to a specific address, or 0.0.0.0 ?
Posted on 2003-05-06 13:24:22 by f0dder
I have not posted the code :) only executable..

In the above example i was binding the server to a specific IP enetered by user at server start. But that could be entered as ZERO also

in the somehow newer versions of the server i bind to 0.0.0.0 as i intend to listen to ALL incomming connections local LAN or internet...

For example the server is running now...maybe you can try a connection with the above posted client on my IP?

Could it be the PORT=1024 that is bad? (looks like reserved by "iana" )

Also i could post the whole sourcecode here if it helps ...
Posted on 2003-05-06 13:29:54 by BogdanOntanu
I think binding to 0.0.0.0 is the best thing... and use a higher (10k+) port number... and be sure you and the testers aren't behind firewalls or NATed networks. Sorry, don't have time to run tests right now.
Posted on 2003-05-06 13:31:29 by f0dder
this must eb a simple dummy algo error somewhere :(
I am just newbie at Winsock and i cant find it ...

So could it be that i am useing 2 networkadapters in my PC (one for cable and one for LAN) ?
ICS is enabled also on this PC ...
Posted on 2003-05-06 13:32:55 by BogdanOntanu
I tried it out with a friend and it works fine over the internet. Maybe you have a firewall that doesn't like port 1024?

Thomas
Posted on 2003-05-06 13:34:06 by Thomas
Originally posted by BogdanOntanu
ICS is enabled also on this PC ...

Didn't ICS enable some kind of built-in firewall?
Posted on 2003-05-06 13:37:25 by Thomas
Hi Thomas,

OMG do you actually say it WORKS over internet? wow

SO it must be my ICS then?
Posted on 2003-05-06 13:47:29 by BogdanOntanu
Disabled ICS and run a few tests with Hiro and it is NOT working ...

Tryed with Dreq (a friend / HE fan) and also not working very strange ...

Do i have to use htonl after inet_addr ? to store port number input from user into a sin_addr structure member ?

I am wondering if it is because of my strange network connection or i am doing something wrong... but i have to say that Dreq's Client made in Delphi worked (established connection to his server form another PC over ICS ...so ...

it must be my error
Posted on 2003-05-06 14:35:58 by BogdanOntanu
bogdan, can your HE client connect to his server? Tried it that way around?
Posted on 2003-05-06 14:38:11 by f0dder
Yes,

Tryed that way arround and again is not working ... :( but i worked once a few days ago with him making some
changes to IPtables to route 1024 port somehow...

My ports appear filtered on a nmap scan made by Hiro...but i do not run no firewall on my box.

PS
----
I am running Win2k SP3
Posted on 2003-05-06 14:43:22 by BogdanOntanu
You could try using another client/server app to test if its your setup.
Posted on 2003-05-06 14:46:09 by Lennon

My ports appear filtered on a nmap scan made by Hiro...but i do not run no firewall on my box.


Then you have a crappy ISP ;)

Try to test it on port 80 :grin:
Posted on 2003-05-06 14:56:41 by bazik