Go Back   EQEmulator Home > EQEmulator Forums > Support > Support::MiniLogin

Support::MiniLogin Support forum for problems with the official MiniLogin release.

Reply
 
Thread Tools Display Modes
  #1  
Old 10-16-2004, 04:38 PM
Elkay
Hill Giant
 
Join Date: Sep 2004
Posts: 184
Default Feature request

After some testing, I've noticed that this minilogin bases who gets logged in solely on the ip address matching minilogin_id, even if the login/password is invalid. I understand that this is basically an alternate method of verificaiton to bypass the crypto, but in the future do you see adding a login/password check instead as being viable? Or would that make it a real public LS instead of Minilogin and therefore fall under the category of what the dev team hasn't wanted to release in the past? Just curious more than anything else, as this alone at least allows testing and world development when the emu LS is down or confused.

The other feature that would be nice also is at least being able to secure the server via locking the server through the INI which the public LS does support. Right now it's locked in my INI but simply shows 'Up' status via Minilogin.
Reply With Quote
  #2  
Old 10-16-2004, 06:01 PM
Edgar1898
Senior Member
Former EQEmu Developer
Current EQ2Emu Lead Developer
 
Join Date: Dec 2002
Posts: 1,065
Default Re: Feature request

Quote:
Originally Posted by Elkay
After some testing, I've noticed that this minilogin bases who gets logged in solely on the ip address matching minilogin_id, even if the login/password is invalid. I understand that this is basically an alternate method of verificaiton to bypass the crypto, but in the future do you see adding a login/password check instead as being viable? Or would that make it a real public LS instead of Minilogin and therefore fall under the category of what the dev team hasn't wanted to release in the past? Just curious more than anything else, as this alone at least allows testing and world development when the emu LS is down or confused.

The other feature that would be nice also is at least being able to secure the server via locking the server through the INI which the public LS does support. Right now it's locked in my INI but simply shows 'Up' status via Minilogin.
It doesnt handle any encryption, but it wasnt designed to. Like you noted, it basis its authentication by the users IP address only, that is what the main difference between the public one and Minilogin. I had this pointed out to me a few weeks ago I I think its very relevent - under the DCMA if someone releases code that allows someone to circumvent encryption protocols, they can be held liable. Therefore releasing a login server that decrypts login passwords would not be the smartest thing to do. Even though SOE is leaving us alone right now, they almost certainly would be pissed if a full login server were publicly released. I disabled the locked status because there is really no need for it. If someone is hosting a server on their network for a few friends as was intended for this product, they should be able to trust them :P
__________________
Lethal Encounter
Reply With Quote
  #3  
Old 10-17-2004, 03:36 AM
Cisyouc
Demi-God
 
Join Date: Jun 2004
Location: Heaven.
Posts: 1,260
Default Re: Feature request

Quote:
Originally Posted by Edgar1898
Quote:
Originally Posted by Elkay
After some testing, I've noticed that this minilogin bases who gets logged in solely on the ip address matching minilogin_id, even if the login/password is invalid. I understand that this is basically an alternate method of verificaiton to bypass the crypto, but in the future do you see adding a login/password check instead as being viable? Or would that make it a real public LS instead of Minilogin and therefore fall under the category of what the dev team hasn't wanted to release in the past? Just curious more than anything else, as this alone at least allows testing and world development when the emu LS is down or confused.

The other feature that would be nice also is at least being able to secure the server via locking the server through the INI which the public LS does support. Right now it's locked in my INI but simply shows 'Up' status via Minilogin.
It doesnt handle any encryption, but it wasnt designed to. Like you noted, it basis its authentication by the users IP address only, that is what the main difference between the public one and Minilogin. I had this pointed out to me a few weeks ago I I think its very relevent - under the DCMA if someone releases code that allows someone to circumvent encryption protocols, they can be held liable. Therefore releasing a login server that decrypts login passwords would not be the smartest thing to do. Even though SOE is leaving us alone right now, they almost certainly would be pissed if a full login server were publicly released. I disabled the locked status because there is really no need for it. If someone is hosting a server on their network for a few friends as was intended for this product, they should be able to trust them :P
Is it possible to release the source without releasing the encryption piece? Im not all that familiar with DLLs but thats something that comes to mind, or is that essentially the same thing?
__________________
namespace retval { template <class T> class ReturnValueGen { private: T x; public: ReturnValueGen() { x = 0; }; T& Generator() { return x; }; }; } int main() { retval::ReturnValueGen<int> retvalue; return retvalue.Generator(); }
C++ is wonderful.
Reply With Quote
  #4  
Old 10-17-2004, 03:48 AM
Edgar1898
Senior Member
Former EQEmu Developer
Current EQ2Emu Lead Developer
 
Join Date: Dec 2002
Posts: 1,065
Default

Its possible, but probably will never happen.
__________________
Lethal Encounter
Reply With Quote
  #5  
Old 10-18-2004, 05:01 AM
daeken_bb
Discordant
 
Join Date: Mar 2003
Location: Chambersburg, PA
Posts: 469
Default Re: Feature request

Quote:
Originally Posted by Edgar1898
under the DCMA if someone releases code that allows someone to circumvent encryption protocols
That's actually not true. It's illegal to release a piece of code that circumvents copyright protections, not encryption.
__________________
Keep me unemployed and working on OpenEQ, PM me about donating

Check out my deviantART page at http://daeken.deviantart.com/
Reply With Quote
  #6  
Old 11-20-2004, 10:15 PM
IntesstoMic
Sarnak
 
Join Date: Oct 2003
Posts: 67
Default for Elkay

Hello
Elkay and you solve your pb with minilogin ?
If yes, can you post your solution ?
It probably help me...
thanks
Reply With Quote
  #7  
Old 11-22-2004, 04:51 AM
Elkay
Hill Giant
 
Join Date: Sep 2004
Posts: 184
Default

What exactly is the problem you're having? If you post the error/symptoms, I can probably get you up and running.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

   

All times are GMT -4. The time now is 07:20 AM.


 

Everquest is a registered trademark of Daybreak Game Company LLC.
EQEmulator is not associated or affiliated in any way with Daybreak Game Company LLC.
Except where otherwise noted, this site is licensed under a Creative Commons License.
       
Powered by vBulletin®, Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Template by Bluepearl Design and vBulletin Templates - Ver3.3