Calculator Community > Other Calc-Related Projects and Ideas
Project TI-Trek for the CE nears first demo release
Eeems:
Looking good :)
ACagliano:
Thanks guys!
Update - v0.0.95
Planned to make this the full combat beta, but some security enhancements to the server and the whole setup make it necessary to release a client and bridge update before then.
NEW FEATURE - Client-Side Server List
As of right now, the server to connect to (through the bridge) is no longer controlled by the bridge's config file... it's controlled by the calculator itself.
Slot 1 is set by default and cannot be edited. Slots 2-10 are blank and can be edited (so that the game can connect to other hosted instances of the server).
The client adds 2 new packets, CONNECT and DISCONNECT.
Connect: Instructs the bridge to open a tcp socket to the server or host name following the control code in the serial packet.
Disconnect: Instructs the bridge to close the current socket.
* So long as the calculator does not unplug or disconnect from the bridge, you can connect/disconnect/reconnect without needing to restart the bridge. *
* Special thanks to commandblockguy for implementing this change. *
NEW FEATURE - On-Calc Mini-Log
The calculator has a 4-line mini-log, with each log-line buffered to 50 characters. This log can display errors, info, debug messages, and server broadcasts. The widget has variable height based on how many of the 4 lines it needs to display, and also remains on the screen for a configurable time. Default is 100 ticks. Any time a new message is written to the log, the clock resets.
And here is the new Settings interface to change the log timeout:
NEW FEATURE - Server Supports SSL
This may have been posted in this thread earlier, but the server is written with an optional SSL context. This can be enabled in the server config. The actual handling of certificates and renewal is not something the server does, so anyone hosting an SSL instance will need to handle ensuring their SSL config is up to date. The SSL path is also configurable, it just needs to be readable by whatever user is running this service.
*As of right now, the bridge does not support SSL, so any SSL servers will be unable to be connected to.*
NEW FEATURE - Verification-Based Authentication
As an attempt to dissuade connections to this service that are not from the calculator, such as random port probes or script kiddies, the server now implements a code-based verification system. When a user registers an account, an 8-digit code is generated and written to the user's account file, as well as sent to the calculator for display. You will be required to log into the web deck and input your verification code before you will be able to log in to the game server. This will allow us to filter unsolicited connections, as well as remove any anomalous user accounts created.
Eeems:
--- Quote from: ACagliano on September 27, 2020, 10:33:01 pm ---Thanks guys!
Update - v0.0.95
Planned to make this the full combat beta, but some security enhancements to the server and the whole setup make it necessary to release a client and bridge update before then.
NEW FEATURE - Client-Side Server List
As of right now, the server to connect to (through the bridge) is no longer controlled by the bridge's config file... it's controlled by the calculator itself.
Slot 1 is set by default and cannot be edited. Slots 2-10 are blank and can be edited (so that the game can connect to other hosted instances of the server).
The client adds 2 new packets, CONNECT and DISCONNECT.
Connect: Instructs the bridge to open a tcp socket to the server or host name following the control code in the serial packet.
Disconnect: Instructs the bridge to close the current socket.
* So long as the calculator does not unplug or disconnect from the bridge, you can connect/disconnect/reconnect without needing to restart the bridge. *
* Special thanks to commandblockguy for implementing this change. *
NEW FEATURE - On-Calc Mini-Log
The calculator has a 4-line mini-log, with each log-line buffered to 50 characters. This log can display errors, info, debug messages, and server broadcasts. The widget has variable height based on how many of the 4 lines it needs to display, and also remains on the screen for a configurable time. Default is 100 ticks. Any time a new message is written to the log, the clock resets.
And here is the new Settings interface to change the log timeout:
--- End quote ---
That's pretty cool :) Security is important, I'm glad you're thinking it through now.
--- Quote from: ACagliano on September 27, 2020, 10:33:01 pm ---NEW FEATURE - Server Supports SSL
This may have been posted in this thread earlier, but the server is written with an optional SSL context. This can be enabled in the server config. The actual handling of certificates and renewal is not something the server does, so anyone hosting an SSL instance will need to handle ensuring their SSL config is up to date. The SSL path is also configurable, it just needs to be readable by whatever user is running this service.
*As of right now, the bridge does not support SSL, so any SSL servers will be unable to be connected to.*
--- End quote ---
Will there be a way to reload the certificate without restarting the service?
--- Quote from: ACagliano on September 27, 2020, 10:33:01 pm ---NEW FEATURE - Verification-Based Authentication
As an attempt to dissuade connections to this service that are not from the calculator, such as random port probes or script kiddies, the server now implements a code-based verification system. When a user registers an account, an 8-digit code is generated and written to the user's account file, as well as sent to the calculator for display. You will be required to log into the web deck and input your verification code before you will be able to log in to the game server. This will allow us to filter unsolicited connections, as well as remove any anomalous user accounts created.
--- End quote ---
I'm assuming there is a way to recover this as well in the back-end if the user forgets it?
ACagliano:
--- Quote from: Eeems on November 17, 2020, 09:06:38 am ---That's pretty cool :) Security is important, I'm glad you're thinking it through now.
--- End quote ---
You think that's cool wait till you see what I scrapped the older security mechanisms in favor of...
--- Quote from: Eeems on November 17, 2020, 09:06:38 am ---Will there be a way to reload the certificate without restarting the service?
--- End quote ---
Possibly? I'm not 100% sure how to do that... and restarting the service is simple enough.
--- Quote from: Eeems on November 17, 2020, 09:06:38 am ---I'm assuming there is a way to recover this as well in the back-end if the user forgets it?
--- End quote ---
Nope, because this security system has been (at least for now) removed. See the Update notes.
UPDATE: Version 0.0.98 released
- First Public Release with the Multi-Line log/chat widget, and 2-way chat ability.
- Battery icons on the module stats overview tabs now indicate POWER_OK or POWER_WARN
- "Particles" system implemented... displays some effects on the screen if certain conditions are true.
- ---- First particle implemented - "Cracked screen" effect appears when the ship integrity is low.
- And last but not least:
Self-Contained, Custom, Service-Level Packet Filter
This particular bit of the server is not yet implemented, as it's still under development, but when complete, will wrap the packet receive portions of the server in a packet filter specifically designed to "speak" the TI-Trek protocol. The filter receives the connection descriptor, the `addr` info of the packet, and the data, as well as a format string, indicating the lengths and types of specific packet segments. First the filter checks the blacklist, immediately closing the connection to an IP that is on it. Then the filter performs a sanity check, looking for data that should not belong in certain parts of the packet (such as special characters in the usernames), and last but not least, it performs a threshold check, seeking how many times an offender has triggered the filter. If that number is over a specified hitcount, the offender is blacklisted. Blacklisted users are written to a fail2ban-compatible logfile every time they try to connect, post-blacklist. The filter also has the ability to search for extra modules and actions written by end users. Modules (checks) go in the `filter/modules/` directory; Actions go in `filter/actions/`. The "method" and "failaction" keys specify the check name and the response to a True response from the check. For a custom check/action, the value of that key is the name of the file to look for, and the code should be in `main():`. To see the current progress on that, check out the link below. Code for finding and loading the module provided by beckadamtheinventor.
https://github.com/acagliano/titrek-server/blob/master/trek_filter.py
ACagliano:
Updates! Updates! Updates!
Version 0.0.99pre is still under development, but here is a few highlights for development so far.
1. Packets for MODULE_STATE_CHANGE, ENGINE_MAXIMUMS, and SETSPEED are now implemented at least in part. They don't check for certain statuses that might prevent the actions yet, but they do update, relay their responses to their calc, and have the effects propagate to your on-calc GUI.
2. The engine/speed configuration interface is now implemented. Accessed by pressing [Log]. You can scroll between your available engines, move sliders around to change your speed, then press [Sto] to engage your new speed.
3. With Debug Mode enabled in the client settings, the calculator now prints the Control Code and size of every packet it receives to the log widget.
4. Server-side, TrekFilter is now formally implemented into the service. TrekFilter is a custom firewall I made for the service, programmed to understand its protocol better than a system firewall could, and able to interact with your system firewall through the use of custom fail2ban jails.
Here a screenshot showing new (and some old) progress.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version