Go Back   EQEmulator Home > EQEmulator Forums > Archives > Archive::Support > Archive::Linux Servers

Archive::Linux Servers Archive area for Linux Servers's posts that were moved here after an inactivity period of 90 days.

Reply
 
Thread Tools Display Modes
  #1  
Old 03-30-2002, 05:49 AM
_OZZY_
Hill Giant
 
Join Date: Jan 2002
Location: Shreveport, Louisiana, USA
Posts: 129
Default Going out on a limb here....

Is it possible to release the minilogin source code for 0.2.6? I've tried the 0.2.3 source code, but can't get past all the damn errors. I don't know about anyone else, but I want to be able to debug my database without having a bunch of people on my server. I know it annoys them each time I have to restart it. Hopefully, someone has the source or has figured out how to compile the 0.2.3 code for 0.2.6. Thanks in advance.
Reply With Quote
  #2  
Old 03-30-2002, 03:38 PM
theCoder
Sarnak
 
Join Date: Jan 2002
Posts: 90
Default

This has been asked for before, but degenerated into flames because the person who asked apparently had some sort of negative history with some other people here. Why the source for login hasn't been released recently wasn't adequately addressed.

It's a shame because they're creating a single point of failure for Verant to attack if they wish.

It's also a problem for those of us with NATs, since we can't connect to our own servers if we use gotfrags.

The only solution I know of right now (it's what I use) is to run the minilogin binary on your Everquest machine, and point your world binary at that machine (in the loginserver.ini file). Then in your eqhosts.txt file, use localhost:5999 as the servers. It works; it's not optimal, but it works.

It would be nice to know why the source isn't being released though...
Reply With Quote
  #3  
Old 03-30-2002, 04:34 PM
DeletedUser
Fire Beetle
 
Join Date: Sep 2002
Posts: 0
Default

Actually, Verant would probably rather attack us if we publicly released the login code. Why? Because a coder had to figure out the encryption for people to login. (Ever heard of packet sniffing?) So if someone spent the time to figure out how to decrypt it like one of our coders did and was able to sniff someones packets, he could get their username and password.
Reply With Quote
  #4  
Old 03-30-2002, 05:13 PM
_OZZY_
Hill Giant
 
Join Date: Jan 2002
Location: Shreveport, Louisiana, USA
Posts: 129
Default

The source code doesn't really matter to me, but the only released binary is for Windows. I'm running a RedHat server. If I can't get a *nix binary, I guess I'll set up an old 486 to run the windows version (yuk!). The whole idea was to keep the server seperate from the client, but it's not really that important. I just needed to set up a local deal so I can create my custom database and debug it before I go live with it. Thanks tho.
Reply With Quote
  #5  
Old 03-30-2002, 05:13 PM
theCoder
Sarnak
 
Join Date: Jan 2002
Posts: 90
Default

Ah, I see. Without stupid laws like the DMCA, Verant wouldn't have a leg to stand on in court. In fact, reverse engineering for interoperability (like the emulator) is usually explicitly allowed in the relevant laws. That's why we all have cheap PCs (someone reversed engineered a closed BIOS and reimplemented it). Personally, I think if Verant wanted to (i.e., felt they couldn't compete), they'd send threatening letters either way.

Although, if someone can figure out the "encryption" just by packet sniffing, then I guess it's not very good encryption. I'm surprised that they (Verant) didn't include real encryption in EQ. It wouldn't be too hard to include a public key in the EQ executable. Since they sell EQ on CDs, secure key distribution wouldn't be a problem. I could see the protocol going something like this:

1) EQ gets username and password from the user. It calculates E(password), where E(x) denotes the encryption of x with Verant's public key. EQ then sends the username and E(password) to Verant.

2) Verant decrypts the password using their private key and either lets in the user or denies him/her.

In this way, the user's password would never be sent in the clear. This would also mean that no login emulator could be made since the emulator would need access to the private key to decrypt the password. Why commercial companies rely on security through obscurity (especially when good solutions are fairly easy to think of) is simply beyond me.

But this is getting way off topic. If we could figure out the NAT problem (not being able to log into my own server if I use gotfrags), it wouldn't be as much of an issue. It would be nice to run a completely independent server, though (Everquest LAN pary? scary...)
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

   

All times are GMT -4. The time now is 10:54 AM.


 

Everquest is a registered trademark of Daybreak Game Company LLC.
EQEmulator is not associated or affiliated in any way with Daybreak Game Company LLC.
Except where otherwise noted, this site is licensed under a Creative Commons License.
       
Powered by vBulletin®, Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Template by Bluepearl Design and vBulletin Templates - Ver3.3