Certifying your etpro .config

Discussion for Admins of ETPro/BayonET servers.
If you don't run a server, please don't post here...

Moderators: Forum moderators, developers

User avatar
deej
Posts: 743
Joined: Fri Mar 19, 2004 12:44 am
Location: Belgium!
Contact:

Post by deej »

[pH*Deus] wrote:Another way could be that the leagues have a little textfile at the given domain that et can download which contains the recent verison-number and can be compared to the config.

in every case this information needs to be available 24/7
Well the subdomain stuff is a great idea but IMO but I can see the practical objections.

Instead of version textfiles, why not compare signatures? The leagues store their latest config in a http path etpro can check. ETPro retrieves the signature of the config file present and compares it to the signature of the config loaded on the gameserver.

If these differ ETPro assumes that the config on the http location is the recent and notifies the players that the config on the server is not the latest available.

In a further evolution of ETPro you can even imagine that ETPro could autodownload the new .config file from the league's http page ;).

Guess you would need something like these extra parameters inside a certified .config file:

Code: Select all

b_config_root "http://www.leetleague.com/etpro/config"
b_config_backup "http://alternateserver.com/etpro/config"
(Backup because we all know Murphy's a bitch)

In the general server.cfg file you could then set an extra parameter called b_autoupdateconfig to allow automatic updating of known configs.

If this idea would be implemented I think it's very important to put the "root" and "backup" paths inside the .config otherwise the system won't work.

Just brainstorming here a bit, I have absolutely no idea on how easy / difficult it is to actually write that stuff.
Our servers now run on 64 bit steroids. Point your ET to:
- Forgotten Ground StopWatch Server with occasional wolfrof 1
- Fraggle Rock ETPub Server - Mix up ET/UT & Duke Nukem
User avatar
Deus
Posts: 1053
Joined: Fri Mar 12, 2004 2:24 am
Location: Germany
Contact:

Post by Deus »

the idea of storing the signature atthe leagues page sounds good to me.
Not that anyone is able to build one for the config itself.

but this prevents the above case.

but ...

with only signature comparison it can only be said that the config is actual or not. There is no way to say if the config has been tempered with or just is outdated.
Its not really importent, but when someone alters the config he has to be punished harder then as when he just forgot to update.
So back to the file again :)

Code: Select all

config.signature
{
configname "name here"
configversion "1.3.3.7"
signature "putsighere"
}
so the signature can be removed from the actual .config
User avatar
deej
Posts: 743
Joined: Fri Mar 19, 2004 12:44 am
Location: Belgium!
Contact:

Post by deej »

[pH*Deus] wrote:with only signature comparison it can only be said that the config is actual or not. There is no way to say if the config has been tempered with or just is outdated.
Its not really importent, but when someone alters the config he has to be punished harder then as when he just forgot to update.
So back to the file again :)

Code: Select all

config.signature
{
configname "name here"
configversion "1.3.3.7"
signature "putsighere"
}
so the signature can be removed from the actual .config
Well I disagree here because you go against (or more correct: deviate from) the laws of cryptography.

I assume the signature is a Hash (MD5 / sha / whatever) of some sort which means you take the hash of the non-certified config file & append that 'signature' to the file. The gameserver then does the same operation for the certified config file (but omits the last signature line) and compares the calculated signature with the appended signature. If they match the signature is valid & the config is named "certified".

If someone alters only 1 character inside a certified config the hashes (i.e. signatures) will never match and thus the server will call the loaded config "not certified".

So my idea works if you assume that the leagues path contains the most recent config. Configs remain certified if the sig calculation is correct but if that sig differs form what it can find on the web it is out of date. So as such you don't say which is the most recent version but you do know where to find the latest version.

Both ways of working have advantages: by working with a .sig file you have more control but also more management overhead. So I guess it'll be a trade-off.
Our servers now run on 64 bit steroids. Point your ET to:
- Forgotten Ground StopWatch Server with occasional wolfrof 1
- Fraggle Rock ETPub Server - Mix up ET/UT & Duke Nukem
Pangea
Posts: 23
Joined: Thu Aug 12, 2004 10:09 pm

Post by Pangea »

Another thing: before all configs got certified and we still just one server which was public while not playing a war, I used to add g_password to the configs, which was very handy. Now it's not possible any more, but I don't care because we have an extra private server now. :P
But for all the clans using one server as public and private, a cvar which stores a password, that will be set as soon as a certified config is loaded, might be a nice feature.
User avatar
deej
Posts: 743
Joined: Fri Mar 19, 2004 12:44 am
Location: Belgium!
Contact:

Post by deej »

If you use a clan for both private & public play use default_comp.cfg & default_pub.cfg to set passwords and break rotations. Much easier than storing passwords in configs.

It's explained very well in DG's server guide.
Our servers now run on 64 bit steroids. Point your ET to:
- Forgotten Ground StopWatch Server with occasional wolfrof 1
- Fraggle Rock ETPub Server - Mix up ET/UT & Duke Nukem
User avatar
daita
Posts: 48
Joined: Thu Mar 03, 2005 5:37 am
Location: Jungle
Contact:

Post by daita »

[pH*Deus] wrote: the signature is done by etprodevteam to certify the config is in its pure state and has not been tempered with.
Can we get a mailbox where to send our league config file to get it certified ?

daita.
User avatar
deej
Posts: 743
Joined: Fri Mar 19, 2004 12:44 am
Location: Belgium!
Contact:

Post by deej »

Just pm one of the developpers.
Our servers now run on 64 bit steroids. Point your ET to:
- Forgotten Ground StopWatch Server with occasional wolfrof 1
- Fraggle Rock ETPub Server - Mix up ET/UT & Duke Nukem
User avatar
daita
Posts: 48
Joined: Thu Mar 03, 2005 5:37 am
Location: Jungle
Contact:

Post by daita »

and how many month do we have to wait to get the config certified ?

daita.
User avatar
Deus
Posts: 1053
Joined: Fri Mar 12, 2004 2:24 am
Location: Germany
Contact:

Post by Deus »

between 5 minutes and 3 month ;)

usually it does not take long if you meet the requirements
MerCuryRisIng
Posts: 5
Joined: Sat Jun 11, 2005 7:12 pm
Location: Australia
Contact:

Post by MerCuryRisIng »

Code: Select all

configname Austourney-3V3
init
{
	// AusTourney 3v3 Competition. January 2006 //
	setl sv_pure 1 
	setl g_gametype 3 
	setl g_doWarmup 1 
	setl g_warmup 10        
	setl g_heavyWeaponRestriction 20 
	setl g_altStopwatchMode 0 
	setl g_autofireteams 0 
	setl g_complaintlimit 0 
	setl g_ipcomplaintlimit 0 
	setl g_fastres 0 
	setl g_friendlyFire 1 
	setl g_maxlives 0 
	setl g_alliedmaxlives 0 
	setl g_axismaxlives 0 
	setl g_teamforcebalance 0 
	setl g_noTeamSwitching 0 
	setl g_voiceChatsAllowed 99 
	setl g_spectatorInactivity 0  

	set nextmap "" 

	set g_log austourney3V3-match.log 

	setl team_maxMortars 0 
	setl team_maxFlamers 0 
	setl team_maxMg42s 0 
	setl team_maxPanzers 0 
	setl team_maxplayers 0 
	setl team_nocontrols 0 
	setl team_maxMines 0
	setl team_maxriflegrenades 0

	setl match_latejoin 1 
	setl match_minplayers 2 
	setl match_mutespecs 0 
	setl match_readypercent 100 
	setl match_timeoutcount 2 
	setl match_timeoutlength 120 
	set  match_warmupDamage 2 

	setl sv_cheats 0

	setl sv_maxRate 25000 
	setl sv_dl_maxRate 42000 
	setl sv_floodProtect 0          
	setl sv_minping 0 
	setl sv_maxping 0 

	setl pmove_fixed 0 
	setl pmove_msec 8 

	setl g_allowVote 1 
	setl vote_limit 99 
	setl vote_percent 51 
	setl vote_allow_comp 0 
	setl vote_allow_gametype 0 
	setl vote_allow_kick 0 
	setl vote_allow_map 0
	setl vote_allow_matchreset 1 
	setl vote_allow_mutespecs 0 
	setl vote_allow_nextmap 0 
	setl vote_allow_pub 0 
	setl vote_allow_referee 1 
	setl vote_allow_shuffleteams 0 
	setl vote_allow_swapteams 0 
	setl vote_allow_friendlyfire 0 
	setl vote_allow_timelimit 0 
	setl vote_allow_warmupdamage 1 
	setl vote_allow_balancedteams 0 
	setl vote_allow_muting 0 
	setl vote_allow_cointoss 0

	setl b_pronedelay 1
	setl b_extendprone 1
	setl b_stickycharge 2
	setl b_antiwarp 1	  
	setl b_fixedphysics 1
	setl b_fixedphysicsfps 125     
	setl b_defaultskills "" 
	setl b_banners 0 
	setl b_noskillupgrades 0 
	setl b_shove 0 
	setl b_statsaver 1 
	setl b_intermissiontime 30 
	setl b_privatemessages 0 
	setl b_xpstopwatch 0 
	setl b_levels_battlesense "-1" 
	setl b_levels_engineer "-1" 
	setl b_levels_medic "-1" 
	setl b_levels_fieldops "-1" 
	setl b_levels_lightweapons "-1" 
	setl b_levels_soldier "-1" 
	setl b_levels_covertops "-1"
	setl b_riflegrenades 0  
	setl b_realhead 1  

	setl g_medicChargeTime 45000
	setl g_engineerChargeTime 30000
	setl g_LTChargeTime 40000
	setl g_soldierChargeTime 20000
	setl g_covertopsChargeTime 30000

	setl b_headshot 0
	setl b_damagexp 0
	setl b_customVoiceChat 1
	setl b_intreadypercent 100
	setl b_multiview 1
	setl b_spectatornames 1
	setl b_panzerlevelup 1

	setl g_filtercams 1

	setl b_shrug 0 
	setl b_wolfrof 0 
	setl b_distancefalloff 1 
	setl b_helmetprotection 1 
	setl b_maxmortarpitch 20 
	setl b_chargetransfer 0 
	setl b_sv_hitsounds 1 

	setl g_speed 320
	setl g_gravity 800
	setl g_knockback 1000

	setl b_anticheat 1
	setl b_cheatkicktime 1
	set  b_cheatlog AusTourney_3v3.log

	setl b_mapscriptdirectory etpromapscripts 
	setl b_mapconfigdirectory ""

command "pb_sv_enable"
command "pb_sv_kicklen 1"
command "pb_sv_cvarempty"
command "sv_cvarempty"

command "sv_cvar rate IN 3500 25000" 
command "sv_cvar snaps EQ 20"
command "sv_cvar cg_bobup IN -0.005 0.005" 
command "sv_cvar cg_fov IN 90 120" 
command "sv_cvar cg_shadows IN 0 1" 
command "sv_cvar cl_freelook EQ 1" 
command "sv_cvar cl_maxpackets IN 20 100" 
command "sv_cvar cl_timenudge EQ 0" 
command "sv_cvar m_pitch OUT -0.015 0.015" 
command "sv_cvar m_yaw IN -0.022 0.022" 
command "sv_cvar r_allowextensions EQ 1"
command "sv_cvar r_ati_fsaa_samples EQ 0"
command "sv_cvar r_ati_truform_tess EQ 0"
command "sv_cvar r_clampToEdge EQ 1" 
command "sv_cvar r_colorMipLevels EQ 0" 
command "sv_cvar r_detailtextures EQ 0" 
command "sv_cvar r_drawentities EQ 1" 
command "sv_cvar r_drawworld EQ 1"
command "sv_cvar r_ext_ATI_pntriangles EQ 0"
command "sv_cvar r_flares IN 0 1" 
command "sv_cvar r_lightmap EQ 0" 
command "sv_cvar r_lodcurveerror GE 60" 
command "sv_cvar r_nv_fogdist_mode INCLUDE NV GL_EYE_RADIAL_NV" 
command "sv_cvar r_primitives IN 0 2" 
command "sv_cvar r_showmodelbounds EQ 0" 
command "sv_cvar r_showtris EQ 0" 
command "sv_cvar r_subdivisions IN 1 64" 
command "sv_cvar r_znear EQ 3" 
command "sv_cvar cl_pitchspeed EQ 0"
}

// Permap settings
map default
{
set g_userTimeLimit 0
set g_useralliedrespawntime 0
set g_useraxisrespawntime 0
set b_moverscale 1
command "forcecvar r_drawfoliage 1"
}
map adlernest_b5
{
set g_userTimeLimit 15
}
map townsquare_final
{
set g_userTimeLimit 12
} 
map frost_beta3
{ 
set g_userTimeLimit 12
}
map et_village
{
set g_userTimeLimit 15
}
-.- theres the AusTourney.com .config
User avatar
bani
Site Admin
Posts: 2780
Joined: Sun Jul 21, 2002 3:58 am
Contact:

Post by bani »

someone should move this info to WolfWiki
AmC0rp
Posts: 2
Joined: Mon Mar 03, 2008 6:07 am
Contact:

Post by AmC0rp »

Sorry for reopening after more than one year.
We run a tournament, and we would like to get our config certified.
Is still possible?

Thanks
User avatar
Deus
Posts: 1053
Joined: Fri Mar 12, 2004 2:24 am
Location: Germany
Contact:

Post by Deus »

Yes
You're welcome
locki
Posts: 8
Joined: Thu Aug 13, 2009 8:30 am

Post by locki »

User avatar
ReyalP
Posts: 1663
Joined: Fri Jul 25, 2003 11:44 am

Post by ReyalP »

Welcome to two years ago. And GG chaplja, hero of et anticheat. Looks like you were a scumbag after all.

Edit to add:
We (by which I mean I) are no longer signing configs, because tools to forge the signature are widely available. The only thing signing would do is give people a false sense of security.

If you really want the pretty green text, feel free to sign them yourself.
send lawyers, guns and money
Post Reply