Implement Protocol v2 and converted codebase to Netty. #72
Conversation
|
Also, original protocol is still fully supported, but this requires that the server list be highly compliant with the protocol. |
|
I believe there was an issue in my implementation of this that I never resolved. The way I proposed to fix this was a unique ID system, where each listing on a voting website would have a unique ID that would be included in each request. The first time a Votifier server receives a request from a voting website, the server would cache it in a file, and in the future reject any request (from that key) that does not have that unique ID. |
|
@coelho: I feel that specific kind of issue you mention is a non-issue as this would be a server list issue, not a Votifier one. |
|
@minecrafter The only solution to this that I think the server list would be able to do would be to generate a different RSA key for each user and have a different link for each user (which makes the protocol harder to implement for server list owners) The unique ID just needs code to be implemented on the plugin, and the server list owners can just use the existing database ID for the server listing. |
|
@coelho: Really? I don't think it's too difficult to generate per-listing keys and only accept signatures from them. |
|
@minecrafter Depends on the person implementing the protocol really. You also need to take into account that generating a RSA 2048 bit key takes a few seconds of CPU time as well, and you need to store additional data in your DB. It's not particularly the most ideal scenario. I do agree with your implementation however if people are able to implement it and understand it. |
|
Pinging @blakeman8192 |
|
I mistakenly assumed that this didn't support the old protocol without reading all the way through the discussion. I apologize and have deleted my comments. Please allow me some time to further review everything. |
|
Going to ask for a quick update (about ten days now). Pinging @blakeman8192 again. |
|
@coelho: I understand what your implementation would be like now. I will be adding in a way to provide a server ID to Votifier which will be mandatory. |
|
I'm currently working on improving the Python implementation so it can serve as a fully-fledged client and then I am going to work on the node.js implementation. |
…mvent limitations.
|
Token support has been added to the protocol. I have updated the Python client to reflect the changes. I am now working on a node.js version. |
|
The JavaScript client is finished and is currently available at the link where the Python client is. I haven't yet smoothed out both clients but they are usable. I plan on putting the JS one on npm when this is merged. |
|
I've now finished the PHP client (which is just sad, but everyone uses PHP unfortunately). I am posting it later. |
|
Hey guys, sorry again for the delay. I am very appreciative of your contributions, and judging by your persistence I am assuming you want this merged quickly! Rather than lie to you guys and make promises about taking care of this right away, I'm going to be honest: I simply don't have the time to maintain this project with any degree of haste anymore. @minecrafter are you willing to take over a lead role? |
|
@blakeman8192: I would need to think about this. I will try to be back with you within a few days or so, but I would likely need someone to take up some of the slack as well as I will not be able to maintain the project myself. |
|
@minecrafter considering how large this project is. I can imagine tonnes of people will assist if needed. A simple post in spigots irc grabbed a lot of attention. I'm certainly keeping an eye on this, an would love to see these features be added. Also props to @blakeman8192 for this amazing and useful plugin. |
|
@blakeman8192: Well, I slept on this a bit, and I have decided to take over the project. I'm known as @minecrafter on GitHub (as usual) and "tuxed" on BukkitDev. That should be all you need to transfer the project over. |
|
Protocol has been migrated to an HMAC-based authentication strategy. This is simpler to implement and is more user-friendly (with an auto-generated default key, suitable for server owners who want to get started with Votifier quickly). Paranoid server owners can add in separate per-toplist tokens, and can go further by removing the default key. |
|
@blakeman8192 pinging for an update - I would like to take over the project. |
|
@blakeman8192 pinging for another update. |
|
@blakeman8192 Pinging for another update. |
|
Hey, I'm going to be picking up this project myself and potentially doing a rewrite for version 2.0. Sorry to pull my offer back, perhaps we can work together on it in the future? |
|
I don't have an issue working on the project with you. I do have some ideas I would implement for the next version, and I can PR those. You can also add me to the project and I can work on it that way. |
|
@blakeman8192 I should note however that this PR is basically a complete rewrite of Votifier. |
|
Maybe we should move this over to another branch for development. I'll be in touch! |
|
Not a problem. |
|
@blakeman8192 once you push this to a new branch I'll PR some work to make Votifier compatible with BungeeCord and Sponge. |
|
Is it compatible with Forge as well? |
|
I can try to make Votifier compatible with Forge, but I feel as if it would be redundant as Sponge can run on top of Forge. |
|
Awesome! I apologize for my naivety with the current state of Minecraft modding. I've been out of the scene for a few years now. |
|
I don't blame you :) |
|
Welcome back to the massive legal battle that is Minecraft. Complete with EULA's DMCA's, with much more to come! |
|
@blakeman8192 Took me a while, but I have refactored Votifier to the point where it is now able to be ported to different mod platforms. I'm working on the Bungee port now. |
|
I'm going to be busy pretty soon, but I'd still like this pulled. |
|
@blakeman8192 any updates? |
|
I must say that this is not encouraging, given the paucity of activity. |
|
@blakeman8192 pinging you again |
|
@blakeman8192 there's two choices.. Accept or decline... Leaving it unanswered is just stupid. |
|
@blakeman8192 I'm still interested in pulling this. |
|
WEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEW. ;) |
|
I'm going to handle this later myself when I have time. |
|
Due to inaction, I've decided to go about forking Votifier. You can find it as NuVotifier. |
This is like #70, but I have decided to implement it differently.
The major difference is that this implementation uses Netty. The protocol is largely like that of #70, but with some modifications.
{"username": "tuxed", "timestamp": "1428297529.35", "address": "127.0.0.1", "serviceName": "service"}challenge), a HMAC-SHA256 (key is server-provided) assignature, the the server'stoken, and the JSON vote (as a string) aspayloadshortmagic0x733A, the payload length as ashort, and the payload itself.{"status":"ok"}response from Votifier or a{"status":"error"}message so the LIST can retry the request at later time or inform the server owner.A extremely rough Python client implementation is available here. I will work on node.js and PHP implementations as soon as I can.
Finally, I would like to thank @coelho which provided my motivation to do this.
Benefits:
Drawbacks: