No new binaries for months. Has the project fallen apart?

Are you referring to the download area being stuck at 1129?

http://www.eqemulator.net/download.php

There's probably a post somewhere but I'm too tired to go looking. Try here...

http://code.google.com/p/projecteqemu/

Ya lol, it is more alive then ever :P For a while there, we were having multiple updates every day. Now, we are still having multiple every week. I imagine it will pick back up after the holidays some too :)

There have been a lot of site issues between EQEmu's connectivity being spotty (and thus the login server as well) and with PEQ's entire site and server going down because of issues at the place their server is hosted.

While the EQEmu site issues have been here all along, the PEQ ones are temporary. I imagine progress will ramp back up as soon as those are resolved.

No new binaries for months. Has the project fallen apart?
There has been alot of life in the development of the project lately actually...enough to take me hours to play catch up every week or so to integrate the changes into my code.

As far as the eqemulator server problems, I can't comment on those but lets just say development on the login server's cypto has begun on a couple side projects.

I'm basically the only one who's around that can update the official binaries and it's really not fun. Last time I tried it wasn't even up.

Basically I'm lazy and hope that people just can find the threads in dev to find the repo where we post binaries every so often. It's quite a bit more active when I don't have to put everyone's junk in personally -.-

I've also thought about the login server, perhaps making a minilogin with basic user authentication /shrug. I'm not really up for figuring out the crypto on my own but the basic netcode is pretty simple and I've had a few ideas about how to do user authentication without it. It was bad last week cause the server really needed to be restarted for a few days after it was deep into it's memory reserves seems pretty good now.

Yeah we're all still around. Suffering holidays! :)

Hey if I do a binary update (running 233 right now) do I need to worry about the updates overwriting anything I've changed thus far?

I've also thought about the login server, perhaps making a minilogin with basic user authentication /shrug. I'm not really up for figuring out the crypto on my own but the basic netcode is pretty simple and I've had a few ideas about how to do user authentication without it. It was bad last week cause the server really needed to be restarted for a few days after it was deep into it's memory reserves seems pretty good now.

And if the crypto was already figured out?

Hey if I do a binary update (running 233 right now) do I need to worry about the updates overwriting anything I've changed thus far?

None of the updates you do for the server code should cause any problems with changes you have made to the database. The only thing that can is if you update the database as well. It is always good to keep regular database backups just in case though and I do one before each time I update my server.

As for the alternate login server setup, I was thinking about it a bit. It could probably use it's own thread just for discussing it, since it isn't really the main subject of this thread. But, my ideas so far would be to setup a way to have both the normal login server, and also a backup mini-login type login server that is used only when the main LS is down. My idea is to create a command that allows players to set a password for their account manually on the server they play on. Basically, they would enter a password from in game and it would encrypt it with MD5 and save it to the accounts table. Then, when the login server was down, after not being able to reach it for a minute or 2, the server would then connect to it's own mini login server if it was setup and running. Players could probably edit their eqhost.txt and set both the normal login server and their main play server's mini login in there too. So, if it can't reach the normal LS, it would try to connect to the mini login for that server. If the password had been set while they were using the normal LS, it would verify that the person who set it should be the right person to use that account. It wouldn't allow new accounts to connect, or accounts that hadn't set their password yet, but I think that would still be better than no one being able to login at all while it was down. Then, the server keeps trying to connect to the normal Login Server while it is running the mini login and if it is able to connect and stay connected for a couple of minute, it would switch itself back to using the normal LS instead of the mini login.

I haven't really messed with the mini login stuff much, but I imagine something like this would work and be as secure as possible. The only way to do it better would be if we had a way to keep a mirror login server somewhere and have it sync it's database with the normal LS pretty often.

A mirrored login would be best I'd think. Keeping the accounts DB sync'd wouldn't be that bad.

And if the crypto was already figured out?

We'd be able to throw something together then. I've looked it it briefly and all I've seen is it appears to work in 4 byte chunks but haven't really gone further than that.

Problem with current LS is the person who wrote it didn't want it released, so really despite the security concerns it's not really up to the admins. Mirroring would probably be best but considering the circumstances I'm not sure how viable either option is.

The login server really is the rotting hub of Emu and something should be done before it snaps.

Ideally, the login server should be completely removed from the formula and login is handled by each Emu server.

Probably some sort of client side launcher and account creation app.

It could still hookup to a central server but just to get a list of known Emu servers it would DL locally and allow server to be added manually too.

And if the crypto was already figured out?
As KLS mentioned, it's already been cracked and is what is being used on the login server today...but only two people have access to that source.

The login server really is the rotting hub of Emu and something should be done before it snaps.

Ideally, the login server should be completely removed from the formula and login is handled by each Emu server.

Probably some sort of client side launcher and account creation app.

It could still hookup to a central server but just to get a list of known Emu servers it would DL locally and allow server to be added manually too.

personally, I'd rather not DL / install more things on my side, as a player

Yeah, what MNWatchdog mentioned as the hub is the only thing that really does keep it connected actually. There are other servers out there that handle their own login and those are seen as having nothing to do with this community, when in fact they are all built from it, SoD for example.

personally, I'd rather not DL / install more things on my side, as a playerDont play then.

My point is theres been hours and even DAYS when the login server was unavailable so people couldnt log in. Its FAR from a rare occurance too.

Plus, for some reason when the login server starts to puke, so does every server. Zones flake and people are either trapped in a zone or risk being disconnected while zoning and not being able to log back in until the login server is up and running again.

Im sure there also people who would like to run more private servers for numerous reasons from just thier friends to under developement; where they dont have to announce to everyone theyve got a server just to be able to log in from more than just locally.

Since weve got a sprint of developement, some needs to be put into cutting the cord to the biggest weakness of Emu, the login server.

I'd love to see a solution to the login server problem. I fully understand and support any developer's wish not to have their source in the open domain, and I understand the concerns about possible hacking related consequences if the crypto source was "out there" but it must be possible for a server to be configured to check the source of an apparently-authenticated login and reject ones that come outside of a list of trusted hosts?

I have to admit I haven't played for a while now but I feel the lure again, and the flakyness of the login server has always been a problem.

Happy new year, everyone!

As KLS mentioned, it's already been cracked and is what is being used on the login server today...but only two people have access to that source.

You assume that because only two people currently have access to the source for the login means that there isn't another copy of it out and about, floating around on someones system, hidden in a dark corner?

You assume that because only two people currently have access to the source for the login means that there isn't another copy of it out and about, floating around on someones system, hidden in a dark corner?

That is highly unlikely, unless somebody hacked their machines and stole it from them. It's the source for the encryption that is the important thing, and I'd bet anything only two (perhaps three, one very trusted old timer) people have that. Further confirmation comes from that older login server "source" which was leaked (which by the way is useless for our client.) Sure, the login server source was there, but the encryption was pre-compiled. I infer from that that even when the LS was distributed to "trusted" people, it was done so without the encryption source.

Dont play then.

My point is theres been hours and even DAYS when the login server was unavailable so people couldnt log in. Its FAR from a rare occurance too.

Plus, for some reason when the login server starts to puke, so does every server. Zones flake and people are either trapped in a zone or risk being disconnected while zoning and not being able to log back in until the login server is up and running again.

Im sure there also people who would like to run more private servers for numerous reasons from just thier friends to under developement; where they dont have to announce to everyone theyve got a server just to be able to log in from more than just locally.

Since weve got a sprint of developement, some needs to be put into cutting the cord to the biggest weakness of Emu, the login server.

thanks for considering your players while making decisions (well I play on PEQ so maybe not yours but more CD's, and I have no idea who you are, sorry) but basically what I was saying, is replace the current central login server with a better central login server instead of us having to install separate shit for each server, I know some people probably play on more than one server, personally, I just play on PEQ and my own shitty server to test / when PEQ is down, I do agree the LS right now is pretty shitty at times, so it does need to be fixed, but I don't think having us all install more shit would be the best solution.

EDIT: also I'm not too sure what you're talking about with zones being flakey when the LS is down, they seem to be just as bad as normally when it's up, I think its more we dread it happening when we know the LS is down so we worry about it more. And we do have MiniLogin if people want to run more private servers, although that system could be improved to make it easier to add people, but there are scripts / php pages to do that

I once wrote a login server using letter soup! :D

I once wrote a login server using letter soup! :D

aww I love soup

I sued Cambell's for not including right and left parentheses and squiggly brackets, dollar signs and other various necessary components for those whom prefer to write code in letter soup!

Im sure there also people who would like to run more private servers for numerous reasons from just thier friends to under developement; where they dont have to announce to everyone theyve got a server just to be able to log in from more than just locally.
What you're asking for has been around for years...try doing some basic reading (http://www.eqemulator.net/wiki/wikka.php?wakka=MiniLogin).

Richardo, if you buy some of the generic alphabet soups, you get curly braces but they only work in Linux servers. You can make the dollar sign using an S and an I. I'll PM you my formula.

The old EQ login server used DES with a default key.

The new EQ login server, if it is not using DES, is using RC4 like EQ2.

Splitting the EQEMu community is not the answer, I would prefer to see better hosts on the main eqemu site instead of seeing project forks.

I sued Cambell's for not including right and left parentheses and squiggly brackets, dollar signs and other various necessary components for those whom prefer to write code in letter soup!

hahaha thats awesome

Just start and add LS to the SVN, so people can get started on it. Keep it as it is now, and eventually there will be no LS.

Just start and add LS to the SVN, so people can get started on it. Keep it as it is now, and eventually there will be no LS.

Agreed. It wouldn't be a bad idea.