10:01 <+bridge> [ddnet] i found out why it crashes 10:01 <+bridge> [ddnet] i forgot to call EVP_DigestSignInit 10:01 <+bridge> [ddnet] in fact it should have been obvious since i wasnt giving it a private key anywhere xd 10:43 <+bridge> [ddnet] > D:\a\ddnet\ddnet\src\game\client\components\auth.cpp(2,10): fatal error C1083: Cannot open include file: 'openssl/crypto.h': No such file or directory [D:\a\ddnet\ddnet\debug\DDNet.vcxproj] 10:43 <+bridge> [ddnet] stupid windows 10:44 <+bridge> [ddnet] bestos 10:47 <+bridge> [ddnet] @Learath2 windows and mac dont link to openssl? 10:49 <+bridge> [ddnet] well they dont find it 10:49 <+bridge> [ddnet] :kek: 10:50 <+bridge> [ddnet] the CI doesnt install it 10:50 <+bridge> [ddnet] idk what to do about windows 10:50 <+bridge> [ddnet] maybe some bundle 10:50 <+bridge> [ddnet] 😃 10:51 <+bridge> [ddnet] yeah and it is only solution 10:51 <+bridge> [ddnet] or using vcpkg 10:52 <+bridge> [ddnet] https://vcpkg.readthedocs.io/en/latest/examples/installing-and-using-packages/ 10:52 <+bridge> [ddnet] vcpkg sounds the most modern sane way 10:54 <+bridge> [ddnet] yeah but its teeworlds 10:54 <+bridge> [ddnet] so 10:54 <+bridge> [ddnet] lets use some bundles 10:56 <+bridge> [ddnet] macos cant find it 10:56 <+bridge> [ddnet] hmm 11:01 <+bridge> [ddnet] hmm @Maiski your pr did not fix my issue in case you were aiming for that 11:04 <+bridge> [ddnet] The thing is we don't require openssl yet, on any platform 11:04 <+bridge> [ddnet] :monkaS: 11:06 <+bridge> [ddnet] we used to, but we removed the dependency to get security updates from your system's curl version on linux 11:06 <+bridge> [ddnet] instead of relying on me releasing a new ddnet version with updated openssl quickly 11:06 <+bridge> [ddnet] Done 11:27 <+bridge> [ddnet] @Ryozuki fwiw I'd probably link to libsodium separately on all platforms 11:27 <+bridge> [ddnet] why 11:27 <+bridge> [ddnet] it all works with openssl rn 11:34 <+bridge> [ddnet] because openssl is a mess 😛 11:35 <+bridge> [ddnet] it has the jankiest interface known to man too 11:35 <+bridge> [ddnet] i link to openssl with android 11:35 <+bridge> [ddnet] u can steal the build scripts xd 11:36 <+bridge> [ddnet] @TsFreddie you here? 11:38 <+bridge> [ddnet] chillerdragon: my fix was unrelated to your issues, since they occur even without resizing 11:39 <+bridge> [ddnet] yeah but i alreayd figured it out 11:39 <+bridge> [ddnet] all the key stuff is done 11:39 <+bridge> [ddnet] xd 13:55 < ***> Buffer Playback... 13:55 <+bridge> [13:34:14] [ddnet] i mean it doesnt really matter @TsFreddie that whole check is useless 13:55 <+bridge> [13:34:19] [ddnet] i'll remove it anyway 13:55 <+bridge> [13:34:31] [ddnet] sure 13:55 <+bridge> [13:34:38] [ddnet] we don't need to store any desktop screen values 13:55 <+bridge> [13:34:44] [ddnet] @TsFreddie one more 13:55 <+bridge> [13:35:04] [ddnet] when resizing 13:55 <+bridge> [13:35:04] [ddnet] SDL_GL_GetDrawableSize 13:55 <+bridge> [13:35:06] [ddnet] still gives the HDPI even on non HDPI? 13:55 <+bridge> [13:35:24] [ddnet] i remember seeing bugs like that 13:55 <+bridge> [13:35:28] [ddnet] so probably 13:55 <+bridge> [13:35:38] [ddnet] yeah, but rn we relie on SDL_GL_GetDrawableSize on resize 13:55 <+bridge> [13:35:42] [ddnet] not on GetWindowSize 13:55 <+bridge> [13:35:43] [ddnet] yep 13:55 <+bridge> [13:35:51] [ddnet] so resizing is wrong on macos without HDPI? 13:55 <+bridge> [13:36:02] [ddnet] It's fine for me fwiw 13:55 <+bridge> [13:36:03] [ddnet] i can i set the viewport to the hidpi list else 13:55 <+bridge> [13:36:11] [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/878965770669924382/unknown.png 13:55 <+bridge> [13:36:12] [ddnet] i mean i set the viewport to the hidpi list else 13:55 <+bridge> [13:36:14] [ddnet] yes 13:55 <+bridge> [13:36:15] [ddnet] i checked it 13:55 <+bridge> [13:36:17] [ddnet] i understand that 13:55 <+bridge> [13:36:20] [ddnet] and it makes sense 13:55 <+bridge> [13:36:28] [ddnet] i mean in CGraphics_Threaded::Resize 13:55 <+bridge> [13:36:33] [ddnet] then i'm not sure 13:55 <+bridge> [13:36:35] [ddnet] we only fetch the canvas size 13:55 <+bridge> [13:36:36] [ddnet] it was fine 13:55 <+bridge> [13:36:39] [ddnet] wtf 13:55 <+bridge> [13:36:44] [ddnet] but i don't know what should be wrong 13:55 <+bridge> [13:36:45] [ddnet] this is so reandom xD 13:55 <+bridge> [13:37:05] [ddnet] fwiw this doesn't happen to me either, I get the correct values 13:55 <+bridge> [13:37:11] [ddnet] `m_pBackend->GetViewportSize(m_ScreenWidth, m_ScreenHeight);` 13:55 <+bridge> [13:37:28] [ddnet] we use SDL_GL_GetDrawableSize after resize to set the correct viewport 13:55 <+bridge> [13:37:31] [ddnet] makes sense on HIDPI 13:55 <+bridge> [13:37:42] [ddnet] but if it always reports HIDPI, it should break non HIDPI 13:55 <+bridge> [13:37:50] [ddnet] probably some SDL version thing 13:55 <+bridge> [13:38:01] [ddnet] my mac is weird 13:55 <+bridge> [13:39:27] [ddnet] all macs are all weird 13:55 <+bridge> [13:39:37] [ddnet] ~~can we sue apple~~ 13:55 <+bridge> [13:40:22] [ddnet] anyway, if somebody with mac could test this, imo its a bug in SDL anway 13:55 <+bridge> [13:40:22] [ddnet] a call to SDL_GL_GetDrawableSize should always give the dev the drawable size, and if HIDPI is not desired, then it should not give high values xD 13:55 <+bridge> [13:40:23] [ddnet] i just remember i was doing a whole lot of mind twisters while making that PR, i don't think i want to rethink all of that again tbh 13:55 <+bridge> [13:40:34] [ddnet] ok 13:55 <+bridge> [13:40:45] [ddnet] and it doesn't make any sense anyway 13:55 <+bridge> [13:40:46] [ddnet] then i'll just assume to work with HiDPI XD 13:55 <+bridge> [13:40:53] [ddnet] and hope SDL fixes their stuff some day 13:55 <+bridge> [13:41:26] [ddnet] @Learath2 tweet Ryan 13:55 <+bridge> [13:41:38] [ddnet] Just do it the way that is correct and we can fix mac weirdness afterwards 13:55 <+bridge> [13:42:36] [ddnet] someone here who wants to test mi ddrace map? 13:55 <+bridge> [13:44:46] [ddnet] when bridge #general? 13:55 <+bridge> [13:44:59] [ddnet] someone should say him 13:55 < ***> Playback Complete. 15:06 <+ChillerDragon> if there is a wall directly behind a blue from tele it still takes the speed when entering sometimes :( is this some feature that is already used in maps or is it just too annoying to fix? 15:17 <+bridge> [ddnet] chillerdragon: can you read other channels btw? 15:18 <+bridge> [ddnet] else 15:18 <+bridge> [ddnet] chillerdragon: i tried to fix this blackscreen thing, i get this on the old intel laptop too 15:18 <+bridge> [ddnet] but even if i set the fullscreen mode to the one reported by SDL_GetDesktopDisplayMode it doesn't work 15:18 <+bridge> [ddnet] 15:18 <+bridge> [ddnet] So maybe its really a driver thing, especially bcs it works on AMD without any problem 15:18 <+bridge> [ddnet] so rip to real fullscreen users with that problem xd 15:41 <+bridge> [ddnet] onyl developer and wiki \:/ i wish more channesöl were bridged 15:42 <+bridge> [ddnet] @Jupstar ✪\: i mean there is the env var and downgrade option 15:42 <+bridge> [ddnet] i currently play with downgraded SDL 16:30 <+bridge> [ddnet] i did it :monkalaugh: 16:30 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/879009660890394634/unknown.png 16:38 <+bridge> [ddnet] nice do you already want to implement accounts or just the protocol? 17:04 <+bridge> [ddnet] define implement accounts 17:05 <+bridge> [ddnet] rn im making the client be able to generate a key pair and register 17:05 <+bridge> [ddnet] this is done without interacting with any game server 17:06 <+bridge> [ddnet] next i think we need a new protocol msg that the client sends to the gameserver, it should contain the public key, and a signed message using that pubkey with some updated info, maybe the current time 17:07 <+bridge> [ddnet] so the server can use it to ask the auth server to verify its real 17:07 <+bridge> [ddnet] hmhm 17:08 <+bridge> [ddnet] 17:08 <+bridge> [ddnet] mhhh 17:08 <+bridge> [ddnet] "The login protocol should bind to the cryptographic session so that the login sequence cannot be forwarded to other servers." 17:08 <+bridge> [ddnet] idk if what i said works xd 17:08 <+bridge> [ddnet] but basically the foundation for this comment is "done" 17:09 <+bridge> [ddnet] i just need to figure out how to make this session 17:10 <+bridge> [ddnet] " The account server will store a constant, never changing mapping of public key hash " 17:10 <+bridge> [ddnet] why even account server 17:10 <+bridge> [ddnet] just use the signature 17:10 <+bridge> [ddnet] also about the whole multi private keys, for what? 17:10 <+bridge> [ddnet] because u can lose ur keypair 17:10 <+bridge> [ddnet] yes 17:10 <+bridge> [ddnet] thats why i think u should be able to change the pubkey with the email 17:10 <+bridge> [ddnet] so a account id mapping is needed 17:11 <+bridge> [ddnet] i am not against a ddnet hosted login accounts additionally 17:11 <+bridge> [ddnet] "This mapping is public and can be queried via an HTTPS endpoint so third party servers can also use it" 17:11 <+bridge> [ddnet] this is 17:11 <+bridge> [ddnet] why not just store the private key on ddnet side 17:11 <+bridge> [ddnet] and then always query it and never save it to disk 17:11 <+bridge> [ddnet] ??? 17:12 <+bridge> [ddnet] then it cannot be stolen easily 17:12 <+bridge> [ddnet] and ppl that don't want accounts on ddnet have to mantain their keys themself 17:12 <+bridge> [ddnet] basically 2 account systems 17:12 <+bridge> [ddnet] 1 that works with private keys like you do 17:13 <+bridge> [ddnet] idk what u are talking about 17:13 <+bridge> [ddnet] xd 17:13 <+bridge> [ddnet] and a traditional one that is basically one ddnet and is just there for ddnet stuff + the keys for ppl that can't handle all this stuff anyway 17:13 <+bridge> [ddnet] ok 17:13 <+bridge> [ddnet] the client automatically generates a keypair, and u register to the authserver with a email, this way u wont ever need a password 17:14 <+bridge> [ddnet] Open client 17:14 <+bridge> [ddnet] - either have private key on disk(unsecure for nobos that would just share it) 17:14 <+bridge> [ddnet] - have it on ddnet account(which is an additional account), always load it from there and only on memory 17:14 <+bridge> [ddnet] and other server don't need to fetch anything from ddnet 17:14 <+bridge> [ddnet] they havve the signature from the public key 17:14 <+bridge> [ddnet] @Jupstar ✪ i dont like having it on "ddnet account" 17:14 <+bridge> [ddnet] i also think its not as secure 17:14 <+bridge> [ddnet] > the client automatically generates a keypair, and u register to the authserver with a email, this way u wont ever need a password 17:14 <+bridge> [ddnet] Is the authserver configurable? Or is it i. e. auth.ddnet.tw? 17:14 <+bridge> [ddnet] we could avoid nobos sharing it by saving it 17:14 <+bridge> [ddnet] on another location 17:14 <+bridge> [ddnet] than .teeworlds 17:15 <+bridge> [ddnet] i dunno 17:15 <+bridge> [ddnet] i bet they won't loose, they will share it 17:15 <+bridge> [ddnet] ? 17:15 <+bridge> [ddnet] if they want to then let em be 17:15 <+bridge> [ddnet] i ask nobo that has problems with his client to send me his data 17:15 <+bridge> [ddnet] most people wont even know it exists 17:15 <+bridge> [ddnet] he'll will do bcs he 13 17:15 <+bridge> [ddnet] yes 17:15 <+bridge> [ddnet] thats the problem saving it 17:15 <+bridge> [ddnet] dude 17:15 <+bridge> [ddnet] u can ask any kid 17:15 <+bridge> [ddnet] send me ur browser cookies 17:16 <+bridge> [ddnet] and historyu 17:16 <+bridge> [ddnet] thats just a dumb argument 17:16 <+bridge> [ddnet] omg 17:16 <+bridge> [ddnet] mhh i disagree 17:16 <+bridge> [ddnet] thats something else 17:16 <+bridge> [ddnet] it should be ye 17:17 <+bridge> [ddnet] the thing is, the client and server 17:17 <+bridge> [ddnet] need to use the same authserver 17:17 <+bridge> [ddnet] imho the authserver wouldnt save any ddnet related data it just has the mapping to the account id 17:17 <+bridge> [ddnet] then u can manage that account id on ur db with ur own data 17:17 <+bridge> [ddnet] thats how i see it 17:18 <+bridge> [ddnet] Servers can send a special message with the authserver information 17:18 <+bridge> [ddnet] i guess 17:18 <+bridge> [ddnet] anyways this needs lot of discussion 17:18 <+bridge> [ddnet] and most important ppl here are afk nowadays so 17:20 <+bridge> [ddnet] i dunno if there is an auth server anyway you can also just login with username password 17:21 <+bridge> [ddnet] I would use /login username password as fallback for non-ddnet clients 17:21 <+bridge> [ddnet] For KoG we've planned to do so 17:21 <+bridge> [ddnet] Integrate the new ddnet login & use the /login username password scheme 17:21 <+bridge> [ddnet] 7login Ryozuki prorustprogrammer 17:21 <+bridge> [ddnet] ups 17:22 <+bridge> [ddnet] But auto-login is a more elegant user flow 17:22 <+bridge> [ddnet] and more secure 17:22 <+bridge> [ddnet] Depends on what you're using, in terms of pub/priv key it is 17:22 <+bridge> [ddnet] ye 17:23 <+bridge> [ddnet] i have to figure out how to make the server know a user is who says it is: basically create a session 17:23 <+bridge> [ddnet] the user has a priv pub key, the authserver has the pubkey mapping 17:23 <+bridge> [ddnet] how to make server verify 17:24 <+bridge> [ddnet] afaik the only way to know a pubkey is from someone is to sign something with a privkey and verify it with a pubkey 17:24 <+bridge> [ddnet] The client downloads the auth-server public key & signs a message? 17:24 <+bridge> [ddnet] so the client shoudl send some signed message 17:24 <+bridge> [ddnet] that the server can verify by sending it to authserver 17:24 <+bridge> [ddnet] no the client signs a message with its private key 17:24 <+bridge> [ddnet] and u can verify that signature is valid with the client pubkey 17:25 <+bridge> [ddnet] the authserver knows the client pubkey 17:25 <+bridge> [ddnet] Is it possible to turn the flow around? 17:25 <+bridge> [ddnet] well knows means it has the mapping to its account id 17:25 <+bridge> [ddnet] So the server doenst store any keys 17:25 <+bridge> [ddnet] it has to store the public key 17:25 <+bridge> [ddnet] the public key is always safe to share 17:25 <+bridge> [ddnet] Yeah, but how do you protect against attacks which aims to send you thousands of public keys 17:25 <+bridge> [ddnet] random generated ones 17:26 <+bridge> [ddnet] well thats just spam protection 17:26 <+bridge> [ddnet] thats the same as trying to register to a website a lot of times 17:26 <+bridge> [ddnet] Captcha xd 17:26 <+bridge> [ddnet] i think thats out of scope for now 17:26 <+bridge> [ddnet] xd 17:27 <+bridge> [ddnet] we should first have smth working and then consider the spam issues 17:27 <+bridge> [ddnet] also the auth server is a http server 17:27 <+bridge> [ddnet] so it can be behind cloudflare 17:27 <+bridge> [ddnet] https://github.com/edg-l/ddnet-authservice 17:27 <+bridge> [ddnet] here is my POC authserver 17:29 <+bridge> [ddnet] Mhmm we dont use emails xd 17:29 <+bridge> [ddnet] its basically to allow recover 17:29 <+bridge> [ddnet] iirc 17:29 <+bridge> [ddnet] so u can change ur pubkey 17:29 <+bridge> [ddnet] if u lose ur keypair 17:30 <+bridge> [ddnet] Sure, but we dont use them actually 17:30 <+bridge> [ddnet] we're using keycloak for the new authorization & authentication system 17:30 <+bridge> [ddnet] & discord as primary login provider 17:31 <+bridge> [ddnet] For the others we allow e-mail/password registrations, but we do not recommend 17:31 <+bridge> [ddnet] i for sure dont want to depend on discord 17:31 <+bridge> [ddnet] discord will die in 5 years 17:31 <+bridge> [ddnet] or less 17:31 <+bridge> [ddnet] Its okay 🙂 You can integrate Github, Twitter, Guilded.gg & others also 17:31 <+bridge> [ddnet] nah i prefer having it ourselves 17:32 <+bridge> [ddnet] depending on others sucks 17:32 <+bridge> [ddnet] oauth2 services 17:32 <+bridge> [ddnet] Exactly 17:32 <+bridge> [ddnet] In your POC, you can add some possibility to set an accountId instead of an email 17:33 <+bridge> [ddnet] So you dont have to use the email & can rely on other 3rd party services for user management 17:48 <+bridge> [ddnet] Still not really convinced by this kind of auth server, where is learath xd 17:48 <+bridge> [ddnet] wasnt he for a semi managed key pair before, or did he change his opinion xd 17:49 <+bridge> [ddnet] idk xd 17:49 <+bridge> [ddnet] everyone is missing 17:50 <+bridge> [ddnet] but actually this is from their comment 17:50 <+bridge> [ddnet] maybe i interpreted it wrong 17:50 <+bridge> [ddnet] i think you overestimate ppl xD 17:50 <+bridge> [ddnet] wdym 17:51 <+bridge> [ddnet] "Design as @Learath2 and I talked about:" 17:51 <+bridge> [ddnet] xd 17:51 <+bridge> [ddnet] ups 17:51 <+bridge> [ddnet] that auto ping 17:51 <+bridge> [ddnet] everyone once loged in in his live 17:51 <+bridge> [ddnet] username 17:51 <+bridge> [ddnet] password 17:51 <+bridge> [ddnet] 17:51 <+bridge> [ddnet] but they never cared about how to be manage data, that might be important 17:51 <+bridge> [ddnet] .e.g deleting windows, changing os whatever, and all need to recover their keys 17:51 <+bridge> [ddnet] everyone once loged in in his live 17:51 <+bridge> [ddnet] username 17:51 <+bridge> [ddnet] password 17:51 <+bridge> [ddnet] 17:51 <+bridge> [ddnet] but they never cared about how to manage data, that might be important 17:51 <+bridge> [ddnet] .e.g deleting windows, changing os whatever, and all need to recover their keys 17:52 <+bridge> [ddnet] ye ppl are stupid 17:52 <+bridge> [ddnet] but this is a game 17:52 <+bridge> [ddnet] they wont lose their lives 17:52 <+bridge> [ddnet] Hm, I don't remember the exact specifics we decided on, but a pubkey associated with an email is what we ended up on 17:52 <+bridge> [ddnet] and ppl who care enough will take care 17:52 <+bridge> [ddnet] If you have access to your email, you can always add a new pubkey 17:52 <+bridge> [ddnet] thats the current status, pubkey with email 17:52 <+bridge> [ddnet] yes no doubt about that 17:52 <+bridge> [ddnet] 17:52 <+bridge> [ddnet] but i think that happens quite often, more often than loosing their password probably 17:52 <+bridge> [ddnet] and they dont know why 17:53 <+bridge> [ddnet] especially users from steam just expect to auto login 17:53 <+bridge> [ddnet] bcs of >steam< 17:53 <+bridge> [ddnet] ppl dont change os quite often 17:53 <+bridge> [ddnet] only linux ppl do 17:53 <+bridge> [ddnet] they reinstall windows once per year xD 17:53 <+bridge> [ddnet] do they_? xd 17:53 <+bridge> [ddnet] most ppl dont know 17:54 <+bridge> [ddnet] how to install windows 17:54 <+bridge> [ddnet] dude who doesnt, you have to xD 17:54 <+bridge> [ddnet] trust me 17:54 <+bridge> [ddnet] windows after 1 year broken af xd 17:54 <+bridge> [ddnet] my father pc had windows 8 17:54 <+bridge> [ddnet] since long 17:54 <+bridge> [ddnet] he didnt want to touch anything 17:54 <+bridge> [ddnet] cuz scared something breaks 17:54 <+bridge> [ddnet] ye 17:54 <+bridge> [ddnet] xd 17:54 <+bridge> [ddnet] ye windows gets rly messy 17:54 <+bridge> [ddnet] from xp to 10 my family did that ritual xd 17:54 <+bridge> [ddnet] thats why linux is so superior 17:54 <+bridge> [ddnet] i still havent reinstalled arch linux 17:54 <+bridge> [ddnet] bcs it updates every minute xddd 17:54 <+bridge> [ddnet] atleast since 2018 17:55 <+bridge> [ddnet] nah but windows gets slow not cuz updates 17:55 <+bridge> [ddnet] well maybe 17:55 <+bridge> [ddnet] i found out that windows takes so much space 17:55 <+bridge> [ddnet] and i cant never figure out why 17:55 <+bridge> [ddnet] and my linux distro still has plenty of space, and i know how to cleanup 17:55 <+bridge> [ddnet] well we went offtopic 17:55 <+bridge> [ddnet] xd 17:56 <+bridge> [ddnet] i think we should discuss this account stuff when heinrich is around 17:56 <+bridge> [ddnet] he is the one who probs know most 17:56 <+bridge> [ddnet] and deen xd 17:56 <+bridge> [ddnet] xd 17:56 <+bridge> [ddnet] but deen doesnt seem to discuss accounts 17:56 <+bridge> [ddnet] xd 17:56 <+bridge> [ddnet] he just lets it flow 17:57 <+bridge> [ddnet] he is busy making a super in memory database with 128 cores 17:57 <+bridge> [ddnet] :monkalaugh: 17:57 <+bridge> [ddnet] xd 17:57 <+bridge> [ddnet] https://hookrace.net/blog/hana-cpp-development/ 17:57 <+bridge> [ddnet] look it 17:57 <+bridge> [ddnet] xd 17:59 <+bridge> [ddnet] 10 million lines of C++ code and 15 million lines of Python tests 18:00 <+bridge> [ddnet] We can do auto login with pubkeys np 18:47 <+bridge> [ddnet] lmao https://www.reddit.com/r/programming/comments/p93vw3/getting_gplv2_compliance_from_a_chinese_company/ 19:02 <+bridge> [ddnet] you already have steam_api.dll 19:02 <+bridge> [ddnet] just use steam authentication 20:39 <+bridge> [ddnet] But not everyone is using steam, so you can use it partly, but not always 20:48 <+bridge> [ddnet] imagine using steam 22:23 <+bridge> [ddnet] Q: How would you diagnose a randomly happening couple second packet loss? 22:29 <+bridge> [ddnet] I think this pretty much implies the local connection has an issue, right? 22:29 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/879099901412253746/unknown.png 22:51 <+bridge> [ddnet] ah nice, perfect moment to debug the bug in #bugs with that packet loss xd 23:41 <+bridge> [ddnet] @Learath2 turn off every electric device in the house and see if it disappears? 23:42 <+bridge> [ddnet] hm house too big for that, too many people here 23:42 <+bridge> [ddnet] maybe when my parents are at work I can give it a try