| *** OkinaMatara <OkinaMatara!~Yukari@user/yukari> has joined #bzflag | 00:33 | |
| *** alfa1 <alfa1!~alfa1@host4.181-14-186.telecom.net.ar> has quit IRC (Remote host closed the connection) | 01:12 | |
| *** OkinaMatara <OkinaMatara!~Yukari@user/yukari> has quit IRC (Quit: Quit.) | 01:44 | |
| *** _I_Died_Once <_I_Died_Once!~I_Died_On@c-73-184-170-223.hsd1.ga.comcast.net> has quit IRC (Ping timeout: 258 seconds) | 02:13 | |
| *** Sgeo_ <Sgeo_!~Sgeo@user/sgeo> has joined #bzflag | 06:50 | |
| *** Sgeo <Sgeo!~Sgeo@user/sgeo> has quit IRC (Read error: Connection reset by peer) | 06:51 | |
| *** BulletCatcher <BulletCatcher!~bc@user/bulletcatcher> has quit IRC (Ping timeout: 245 seconds) | 07:23 | |
| *** _I_Died_Once <_I_Died_Once!~I_Died_On@c-73-184-170-223.hsd1.ga.comcast.net> has joined #bzflag | 07:53 | |
| *** Sgeo_ <Sgeo_!~Sgeo@user/sgeo> has quit IRC (Read error: Connection reset by peer) | 07:57 | |
| *** blast007[m] <blast007[m]!~blast007m@2001:470:69fc:105::7ec> has quit IRC (Quit: You have been kicked for being idle) | 09:00 | |
| blast007 | macsforme: https://www.macworld.com/article/347466/2021-mac-mini-design-m1x-price-release.html | 14:12 |
|---|---|---|
| *** blast007[m] <blast007[m]!~blast007m@2001:470:69fc:105::7ec> has joined #bzflag | 14:12 | |
| *** Sgeo <Sgeo!~Sgeo@user/sgeo> has joined #bzflag | 15:08 | |
| *** blast007[m] <blast007[m]!~blast007m@2001:470:69fc:105::7ec> has quit IRC (Quit: You have been kicked for being idle) | 16:00 | |
| blast007 | I'm considering splitting the Join Game menu into "Play Online" and "Play Offline" (or simlar wording), where Play Offline would be for LAN discovery or direct connect. | 16:00 |
| *** blast007[m] <blast007[m]!~blast007m@2001:470:69fc:105::7ec> has joined #bzflag | 16:01 | |
| blast007 | So part of that would be improving the LAN discovery to find servers on non-standard ports. Using mDNS/DNS-SD would be one way to improve discovery. | 16:01 |
| blast007 | I've played with an mDNS library and managed to advertise a service. | 16:02 |
| blast007 | Do we think there would be instances where people would want to manually type in a hostname/port for a server that uses central auth? | 16:03 |
| *** alfa1 <alfa1!~alfa1@host74.190-137-39.telecom.net.ar> has joined #bzflag | 16:05 | |
| blast007 | allejo: I've also played around with ORY Hydra for replacing our weblogin | 16:06 |
| blast007 | they have a sample node/express app for providing the login and consent UI and I've replicated that with a small Symfony PHP site | 16:07 |
| blast007 | Hydra itself isn't an identify provider, so we'd hook the login/consent stuff into our existing system | 16:07 |
| blast007 | I have a good bit of a phpBB plugin done that would let us login and register accounts through an API, so we could tie that into the login/consent app | 16:08 |
| alfa1 | what is wrong with phpbb login system? can't show well on cellulars? | 16:17 |
| blast007 | you mean the weblogin system? at this point I'm not suggesting that we stop using phpBB for our auth backend. | 16:18 |
| blast007 | our current weblogin system can't support IPv6 | 16:19 |
| alfa1 | but I guess phpbb will make a support for the future | 16:20 |
| allejo | blast007: instead of "Play Offline" I'd think "Play Local" or "Play on LAN" would be better apt. but i like that idea | 16:20 |
| blast007 | alfa1: I don't know what you mean | 16:20 |
| blast007 | allejo: yeah, that sounds better | 16:20 |
| blast007 | I want a better Start Server menu too | 16:21 |
| alfa1 | I don't know if you refer (about IPv6) only to the forum page or also to the game auth system | 16:21 |
| blast007 | maybe a map site that it ties in with so you can download published maps right from the client | 16:21 |
| allejo | re: ORY Hydra. not familiar with it but willing to explore it. so it'd be the central auth and phpbb would just auth with that? | 16:21 |
| blast007 | alfa1: our current token system links a token to an IP address. With IPv6, it might be that the client/browser requests a token from one IP and talks to the server with another IP, so it will not match and thus be invalid. | 16:22 |
| blast007 | And we're already having issues with people behind carrier-grade NAT where their requests to different servers don't come from the same IP | 16:22 |
| alfa1 | apt.: aptitude? | 16:23 |
| blast007 | allejo: https://github.com/ory/hydra the first paragraph there gives a bit of overview | 16:23 |
| blast007 | alfa1: https://www.dictionary.com/browse/apt | 16:25 |
| allejo | definition #4 in this context | 16:25 |
| blast007 | mDNS/DNS-SD is pretty cool. We could include multiple TXT records. For instance, we could have a server description and the configuration hex values as TXT records, so you wouldn't have to query each server individually to fetch that. | 16:27 |
| alfa1 | Ory Hydra... I hope you all never will trust on a third party to do auth... | 16:27 |
| blast007 | alfa1: .... | 16:27 |
| blast007 | it would literally be a thing we host ourselves that ties in to our own authentication system | 16:28 |
| blast007 | it just provides a way for us to be an OpenID Connect provider | 16:28 |
| blast007 | basically, a much better version of our weblogin | 16:29 |
| allejo | aww here I was about to suggest we do Facebook login | 16:30 |
| blast007 | allejo: that'd be part of the login/consent app ;) | 16:30 |
| allejo | oh right hehe | 16:30 |
| alfa1 | ah thanks, since it was "apt." with period I thought on an abbreviation | 16:31 |
| allejo | nah. it was a period to end the sentence | 16:33 |
| blast007 | There will be the creation of one or more Symfony sites. I'm wanting a new interface for account registration and management that is outside of phpBB. Something that looks a bit more professional and is more clear that it's for a game account. | 16:34 |
| blast007 | That same site might also host the consent/login UIs for Hydra | 16:34 |
| alfa1 | apart from being an OpenID provider (which I don't know what other benefit could give), is it only the IPv6 issue the reason to the possible change? (if I understood all until now) | 16:35 |
| blast007 | alfa1: no | 16:35 |
| blast007 | OpenID Connect and OAuth2 can do more | 16:36 |
| alfa1 | allejo: ah! I use upper case in that case :) | 16:36 |
| blast007 | we could include additional information in the login token (or whatever it's called in OAuth land) | 16:37 |
| blast007 | for instance, we could give the user the option to pass their email address to the provider they're logging in to | 16:37 |
| blast007 | I'm not yet sure what identifier we'd provide | 16:37 |
| blast007 | some providers use the email address as the identifier | 16:37 |
| blast007 | actually, *most* probably do that | 16:38 |
| allejo | alfa1: i wish i could. my Shift key is broken :p | 16:39 |
| alfa1 | note: FSF (or at least R. Stallman) says the word "open" is at start suspicious and we see it both on OpenID and on OAuth (Open Authorization) | 16:39 |
| blast007 | ALLEJO: LIFE PRO TIP: JUST USE ALL CAPS | 16:39 |
| alfa1 | use caps lock :) | 16:40 |
| blast007 | alfa1: are you just spouting nonsense or do you have an actual point? | 16:40 |
| alfa1 | also you have 2 shift keys :P | 16:40 |
| blast007 | mention of what the subject for OIDC can be: https://github.com/ory/hydra-login-consent-node/blob/master/src/routes/login.ts#L99-L101 | 16:42 |
| alfa1 | my intention is never to annoy, blast007; I am wish you were more patient in general | 16:42 |
| alfa1 | and I wish* | 16:43 |
| blast007 | I am a very patient person. | 16:43 |
| allejo | stallman also refuses to visit any website. he emails a server that then downloads the HTML and emails it back to him | 16:45 |
| alfa1 | I am trying to understand this complex subject | 16:45 |
| alfa1 | I don't support all RS views BTW; just saying that | 16:45 |
| alfa1 | it was just a note while I am trying to read and understand what is the issue and what bebefits the nww sysem could give apart from the auth system | 16:46 |
| alfa1 | new | 16:47 |
| blast007 | https://en.wikipedia.org/wiki/OpenID#OpenID_Connect_(OIDC) | 16:48 |
| alfa1 | but the world is infected of third part systems in some way which want all the data, you know; just a fair worrying | 16:48 |
| alfa1 | and/or centralized systems | 16:48 |
| blast007 | this isn't third-party | 16:48 |
| alfa1 | I know OpenID says it is not cenrtalized but well; I will keep reading | 16:49 |
| blast007 | I mean, it's not *written* bus us, but it would be *hosted* by us, so all the data would remain with us. | 16:49 |
| blast007 | Hydra is open-source | 16:49 |
| alfa1 | I thought on that, yes | 16:49 |
| alfa1 | maybe users from bz will use other sites; the inverse way | 16:50 |
| alfa1 | continue, please, I don't want to interrupt | 16:50 |
| blast007 | there's also this ORY Kratos, which *is* an identity and use management system | 16:51 |
| blast007 | https://github.com/ory/kratos | 16:51 |
| blast007 | that would tie in with out Ory software | 16:51 |
| blast007 | handles registration/login, 2FA/MFA, account verification/recovery, etc | 16:52 |
| blast007 | I don't know if that's ready for production use yet | 16:53 |
| blast007 | last I had checked, they didn't have 2FA implemented yet | 16:53 |
| blast007 | Kratos doesn't have a 1.0 release yet | 16:54 |
| alfa1 | excuse me if I am ignorant still: then phpBB doesn't use IPv6 nowadays? | 16:57 |
| blast007 | yes | 16:57 |
| alfa1 | (or allow) | 16:57 |
| blast007 | our forum is accessible over IPv6 | 16:57 |
| blast007 | but my.bzflag.org is not, since the tokens it generates are tied to an IP | 16:57 |
| blast007 | the simple fix for game servers could be changing it from being tied to the client IP and being tied to the target server hostname/port | 16:58 |
| blast007 | for game servers/clients* | 16:58 |
| blast007 | but I'd rather have a better method for weblogin | 16:58 |
| alfa1 | "are tied to an IP": IPv4 right? | 16:59 |
| blast007 | allejo: I'm assuming a lot would break if we switched BZIDs to UUIDs, right? :) | 16:59 |
| allejo | 100% | 16:59 |
| blast007 | what if we did it only for the new OIDC logins? | 17:00 |
| blast007 | (and for 2.6 game logins) | 17:00 |
| blast007 | alfa1: currently, yeah | 17:01 |
| allejo | I feel like that'd allow us to have a smoother migration process, so i'd be for that | 17:01 |
| blast007 | k | 17:01 |
| allejo | otherwise we'd have to logic on determining whether something is a BZID or a UUID | 17:01 |
| blast007 | it'll break banlists, but meh | 17:01 |
| alfa1 | what about making my.bzflag.org working with both IPv4 and IPv6? | 17:02 |
| allejo | i mean, we'd be able to have to migrate banlists too. as long as we have a way to associated BZIDs with new logins | 17:03 |
| blast007 | I don't know if I would have a way for that | 17:03 |
| allejo | oh no. are we pulling a freenode and will require everything to recreate their accounts? :p | 17:04 |
| blast007 | same accounts, just there will be a new UUID associated with them for 2.6/OIDC | 17:04 |
| blast007 | I'd store it separately from the forum tables | 17:05 |
| blast007 | trying to get away from having a modded phpBB | 17:05 |
| blast007 | we have extra fields in our phpBB users table right now for storing the token info | 17:05 |
| blast007 | and the bzfls.php directly talks to the phpBB database | 17:06 |
| blast007 | actually switches between two databases multiple times per request, IIRC | 17:06 |
| blast007 | so I'd have it talk via the new phpBB plugin's API for handling login requests | 17:06 |
| blast007 | and part of having that new API is that we could have a way for our new account site to support in-game registration if we'd like | 17:07 |
| alfa1 | not sure if this was answered: "what about making my.bzflag.org working with both IPv4 and IPv6?". Also, since making an entire new auth system is complex, make a better system step by step, with secure advance. | 17:10 |
| alfa1 | Obviously, if you are having trouble nowadays, try to fix it quickly (and fine if posible; not temporarely). | 17:11 |
| blast007 | that's what we're trying to do... | 17:11 |
| blast007 | though it probably won't be my.bzflag.org anymore | 17:11 |
| blast007 | I'd leave that IPv4 only so that 2.4 keeps working | 17:11 |
| blast007 | if I make the IPv6 capable, the old weblogin breaks and 2.4 breaks | 17:11 |
| blast007 | there is no way to fix them to work Ipv6 with the current token system | 17:12 |
| blast007 | we're doing it for 2.6 because we can force a new way to do it | 17:12 |
| blast007 | heck, we put an IPv4 address *in* the server list response right now | 17:13 |
| blast007 | so that needs to go away | 17:13 |
| blast007 | it isn't actually used either, so it's some old legacy bit of info | 17:13 |
| alfa1 | that sounds wrong for me, excuse me: there should be a way to test the client beforehand to see if it's 4 o 6, or not? | 17:13 |
| alfa1 | and manage 2 tokens if necessary | 17:14 |
| blast007 | *both the client and server need to know how to do the same thing* | 17:14 |
| blast007 | no, that's silly | 17:14 |
| alfa1 | not 2 tokens at once, but depending on the system | 17:14 |
| blast007 | 2.4 is pretty much in bug fix only might right now | 17:14 |
| blast007 | work needs to progress towards 2.6, and IPv6 support is one aspect | 17:15 |
| blast007 | there's a TON of things we need to fix to add IPv6 support in the game | 17:15 |
| alfa1 | ah | 17:15 |
| blast007 | the ban system for instance | 17:15 |
| alfa1 | the main problem is the client then | 17:15 |
| blast007 | no, client and server | 17:15 |
| alfa1 | ok | 17:16 |
| blast007 | neither of them can support IPv6 right now | 17:16 |
| blast007 | both need many changes | 17:16 |
| blast007 | but we can fix the login method even before we support IPv6 in the client/server | 17:17 |
| alfa1 | then nowadays a player which only has IPv6 available (not sure how forced is this being worldwide) won't be able to play right? | 17:21 |
| blast007 | right | 17:21 |
| blast007 | and players behind CG-NAT also might not be able to play with a registered account | 17:21 |
| alfa1 | ok | 17:22 |
| blast007 | this especially applies to those on mobile broadband | 17:22 |
| alfa1 | returning to the auth system: I compare it with web browsing: the server tests the browser and display the version which will work | 17:23 |
| blast007 | CG-NAT is where a bunch of users are behind a limited set of public IPs, so their IP isn't dedicated to their home | 17:23 |
| alfa1 | displays* | 17:23 |
| blast007 | alfa1: if you're still suggesting that we make it work for 2.4, then stop | 17:23 |
| blast007 | there's 0 point to it in 2.4 | 17:24 |
| blast007 | 2.4 can never support IPv6 | 17:24 |
| blast007 | it's easier to just tell 2.6 to talk to a different server | 17:25 |
| alfa1 | ok, I see | 17:26 |
| alfa1 | 1 server for IPv4 (2.4) and other for IPv6 (2.6) for auth | 17:26 |
| blast007 | 2.6's list server would have IPv4 and IPv6 | 17:27 |
| blast007 | maybe we'll switch the format to JSON as well | 17:27 |
| blast007 | the old code/format is pretty meh | 17:27 |
| blast007 | We can break the mold with 2.6. If we have a better way to do it, we can do it. | 17:28 |
| alfa1 | yes, seems a good cause | 17:29 |
| alfa1 | and still not making all client/server to work with IPv6; just auth, right? | 17:29 |
| alfa1 | as a first step | 17:30 |
| alfa1 | this will help with CG-NAT as well? | 17:32 |
| blast007 | by the time 2.6 is out, the client/server will support IPv6 | 17:34 |
| blast007 | but again, we can do the login stuff before that | 17:34 |
| blast007 | the work will be done in master (2.5) | 17:34 |
| blast007 | we'll do another 2.4 release soon so that the fix for Open Broadcaster Software (OBS) game capture is fixed | 17:35 |
| alfa1 | ok | 17:37 |
| blast007 | allejo / macsforme: can you think of anything else we were doing to fix in 2.4 before the next release? I'd probably merge PRs 288 and 289. I also have some code somewhere that adds haptic feedback for SDL2, but maybe that should just go into 2.5 along with the joystick improvements (PR 255). | 17:41 |
| blast007 | Is there a solution for the code signing on macos? | 17:41 |
| blast007 | I haven't tried reproducing issue 287 ("World weapon shots are not colored on radar") but is that something we'd wait to fix for 2.6? | 17:42 |
| alfa1 | BTW and before I forget: if email is an option to be used as an identifier (I read it somewhere here), I recommend not to: the less (info), the better. And what's wrong about a nick? Also, multiple nicks should stay as an option. | 17:44 |
| blast007 | alfa1: our usernames aren't good identifiers because they can be changed | 17:45 |
| blast007 | so for us, I'd use a UUID | 17:45 |
| alfa1 | ah they must be static | 17:45 |
| alfa1 | I think I read something about BZID before too... what is wrong about a number? | 17:46 |
| alfa1 | I need to read all UUID but the idea is no multiple accounts? | 17:48 |
| blast007 | sequential IDs tend to be bad for security since it's easy to iterate through all of them | 18:02 |
| blast007 | UUIDs have nothing to do with disallowing multiple accounts | 18:02 |
| blast007 | it's just a unique ID, in this case a 128-bit number | 18:02 |
| alfa1 | ah, I see | 18:03 |
| JeffM[m] | https://wasteaguid.info/ | 18:03 |
| blast007 | hehe | 18:03 |
| alfa1 | JeffM[m]: hi; can you open the private channel to tell you something, please? | 18:04 |
| blast007 | what is the "something"? | 18:04 |
| blast007 | the same thing you had sent to me? | 18:04 |
| alfa1 | why do you ask? | 18:05 |
| JeffM[m] | what private channel? I'm on matrix | 18:05 |
| alfa1 | private messagging: matrix sets it to disabled by default | 18:06 |
| alfa1 | messaging* | 18:06 |
| blast007 | alfa1: stop spamming users in our channel | 18:21 |
| blast007 | you're probably violating Libera.chat rules too | 18:21 |
| JeffM[m] | it is very inaproprite. | 18:22 |
| JeffM[m] | and rather sad | 18:22 |
| alfa1 | excuse me but what did I do wrong? I just ask persons in private; persons that I know somewhat. | 18:24 |
| blast007 | you're sending the same conspiracy theory stuff to everyone that responds | 18:25 |
| JeffM[m] | sigh | 18:25 |
| JeffM[m] | even if they do not say yes.... | 18:25 |
| blast007 | oh cool | 18:26 |
| alfa1 | only at JeffM[m] I asked twice just because I saw him active just before and the first time I didn't get any answer (I thought it was unactive). But I can stop asking on the channel if it is so annoying. I am not an annoying person, I just asked the question to one person 2 times. | 18:26 |
| alfa1 | he was inactive* | 18:27 |
| JeffM[m] | just stop | 18:27 |
| alfa1 | and remember I am slow on English, please; it is not my intention to be involved on long talks: while I write an answer others already talk more | 18:28 |
| alfa1 | "[15:24:23] <JeffM[m]> even if they do not say yes...." not so true... | 18:29 |
| JeffM[m] | dude, just stop | 18:31 |
| JeffM[m] | you know what that means | 18:31 |
| allejo | blast, i've got nothing else in mind for 2.4. both 288 and 289 seem pretty basic so i have no concerns about including those | 18:41 |
| allejo | macos app signing would be nice to have but last i remember, that was a hassle so i'm not too worried about that for 2.4 | 18:42 |
| allejo | re: world weapon colors on radar. i'd wait for 2.6. potentially could give players an advantage if they know the team color of the shot and know they don't have to dodge it | 18:42 |
| blast007 | k | 18:53 |
| tupone | alfa1: stop sending me in private (and also public) | 19:11 |
| *** alfa1 <alfa1!~alfa1@host74.190-137-39.telecom.net.ar> has quit IRC (Remote host closed the connection) | 20:17 | |
| *** BulletCatcher <BulletCatcher!~bc@user/bulletcatcher> has joined #bzflag | 21:59 | |
| *** Zehra <Zehra!~Yukari@user/yukari> has joined #bzflag | 22:50 | |
Generated by irclog2html.py 2.17.3.dev0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!