gamedevlists-general Mailing List for gamedev (Page 23)
Brought to you by:
vexxed72
Menu
▾
▴
gamedevlists-general — List for discussing general game development issues
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(3) |
Oct
(28) |
Nov
(13) |
Dec
(168) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(51) |
Feb
(16) |
Mar
(29) |
Apr
(3) |
May
(24) |
Jun
(25) |
Jul
(43) |
Aug
(18) |
Sep
(41) |
Oct
(16) |
Nov
(37) |
Dec
(208) |
| 2003 |
Jan
(82) |
Feb
(89) |
Mar
(54) |
Apr
(75) |
May
(78) |
Jun
(141) |
Jul
(47) |
Aug
(7) |
Sep
(3) |
Oct
(16) |
Nov
(50) |
Dec
(213) |
| 2004 |
Jan
(76) |
Feb
(76) |
Mar
(23) |
Apr
(30) |
May
(14) |
Jun
(37) |
Jul
(64) |
Aug
(29) |
Sep
(25) |
Oct
(26) |
Nov
(1) |
Dec
(10) |
| 2005 |
Jan
(9) |
Feb
(3) |
Mar
|
Apr
|
May
(11) |
Jun
|
Jul
(39) |
Aug
(1) |
Sep
(1) |
Oct
(4) |
Nov
|
Dec
|
| 2006 |
Jan
(24) |
Feb
(18) |
Mar
(9) |
Apr
|
May
|
Jun
|
Jul
(14) |
Aug
(29) |
Sep
(2) |
Oct
(5) |
Nov
(4) |
Dec
|
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(11) |
Sep
(9) |
Oct
(5) |
Nov
(4) |
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(34) |
Jun
|
Jul
(9) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2016 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <ke...@ac...> - 2004-02-04 17:38:59
|
In 7.0 and up you can change the behaviour of for loops without affecting
the other "extensions", there is a separate setting for it.
It's not anonymous unions that are disabled with language extensions off
though, but anonymous structs. Anonymous unions is valid ANSI C, I'm pret=
ty
sure.
// Kristoffer
----- Original Message -----=20
From: "Anders Nilsson" <br...@ho...>
To: <gam...@li...>
Sent: Wednesday, February 04, 2004 5:15 PM
Subject: RE: [GD-General] Variables scope
> This is not really a bug but rather a feature so service packs are not
> likely to change the behaviour. You can turn on "more" compliance with
> the C++-standard but then you get other things you might not want
> (anonymous unions are forbidden etc). The behavior of a language should
> not change with SP's (but optional features can be added though).
>
> Just use the define-hack and include it in some file that all files
> includes (typedefs.h or something) and then you can include it on the
> platforms that has the "broken" variable scopes).
>
> Anders Nilsson
>
> On Wed, 2004-02-04 at 15:09, CAVEY GERARD wrote:
> > >Kristoffer Gr=C3=B6nlund wrote:
> > >
> > >>The way I've worked around this in the past has been by redefining =
for
as
> > >>follows:
> > >>#define for if (false) {} else for
> > >>
> > >>Yes, it's a hideously ugly hack, but so is the problem in the first
place.
> > >>I've never had any problems because of it.
> > >>
> > >>
> > >Hmm... sounds like an ugly solution for something that is more simpl=
y
> > >solved by just
> > >declaring the loop counter outside the for.
> >
> > Hi
> > As Mr Aravelo(pyrostudios) told me out of list
> > it can also be written
> > #define for if (1) for
> > a bit simpler ...
> > I didn t update VC 6.0 yet but maybe that the latest service pack
> > can avoid the workaround.
> > Anyway I d better wait to get VS.NET
> > Thanks for your help
> >
> > Regards
> > GC
>
>
>
> -------------------------------------------------------
> The SF.Net email is sponsored by EclipseCon 2004
> Premiere Conference on Open Tools Development and Integration
> See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
> http://www.eclipsecon.org/osdn
> _______________________________________________
> Gamedevlists-general mailing list
> Gam...@li...
> https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
> Archives:
> http://sourceforge.net/mailarchive/forum.php?forum_id=3D557
|
|
From: Anders N. <br...@ho...> - 2004-02-04 16:13:32
|
This is not really a bug but rather a feature so service packs are not
likely to change the behaviour. You can turn on "more" compliance with
the C++-standard but then you get other things you might not want
(anonymous unions are forbidden etc). The behavior of a language should
not change with SP's (but optional features can be added though).
Just use the define-hack and include it in some file that all files
includes (typedefs.h or something) and then you can include it on the
platforms that has the "broken" variable scopes).
Anders Nilsson
On Wed, 2004-02-04 at 15:09, CAVEY GERARD wrote:
> >Kristoffer Grönlund wrote:
> >
> >>The way I've worked around this in the past has been by redefining for as
> >>follows:
> >>#define for if (false) {} else for
> >>
> >>Yes, it's a hideously ugly hack, but so is the problem in the first place.
> >>I've never had any problems because of it.
> >>
> >>
> >Hmm... sounds like an ugly solution for something that is more simply
> >solved by just
> >declaring the loop counter outside the for.
>
> Hi
> As Mr Aravelo(pyrostudios) told me out of list
> it can also be written
> #define for if (1) for
> a bit simpler ...
> I didn t update VC 6.0 yet but maybe that the latest service pack
> can avoid the workaround.
> Anyway I d better wait to get VS.NET
> Thanks for your help
>
> Regards
> GC
|
|
From: <cas...@ya...> - 2004-02-04 15:51:20
|
Hi Garett, I somewhat agree with you. I think that the only real excuse to use a scripting language for all the game logic is portability, specially if you are targeting the mod community. However, if you design your language from scratch you can also add special features that ease the development of the scripts, for example, quakec provided a mechanism to specify state machines and animations, and unrealscript also has state machines and other nice features. In most cases I think that a scripting languages are overrated. However, that doesn't mean that scripting languages shouldn't be useful for games, it's just that I don't see the need to code all the game logic using a scripting language. You can expose events and object properties to the script, to customize some game situations or entity behaviours, the same way you use javascript to add simple dynamic content to a webpage. And you can also use it to define state machines, or scripted sequences, but not for all the game logic/ai. I think that it would be a good idea to mimic javascript Document Object Model (DOM) where a set (or hierarchy) of objects is exposed to the script and those objects are coded natively in C++ implementing IDispatch or using any other kind of reflection mechanism. -- Ignacio Castaño cas...@ya... Garett Bass wrote: > Design folks, > > Ok, sorry to distract you all, but I just don't get it. After reading > about Brian's problems with his scripts (and additionally having considered > the problem at length without actually implementing any scripting system > myself [except for my pitiful attempt at *writing* a scripting system for > Deer Hunter 3, which we won't go into here for fear of grave embarrassment > to myself]) it seems to me that "scripting" is being used to solve problems > that could just as easily be solved by real code. > > Please enlighten my heathen mind: Why not simply compile your "scripts" > into C/C++ .DLLs? These are the arguments I can vaguely recall for > scripting, but I just don't think they hold up: > > 1. You don't have to compile scripts. > > I mean, ok, yeah, you gotta spend a few seconds on compiling some C/C++ > into a .DLL (holy mother of poo!), but that serves a handy purpose: the > compiler checks a variety of error and warning conditions that give you > immediate feedback before you even try the script. And if it is so > difficult to arrange a test case for the script's performance, are you > really saving any time by not using a compiled language? > > 2. Scripting code is easier for designers to write. > > Um, really? Is Lua any easier to write than C? Ok, it's more verbose, but > verbose just means more symbols to remember and use correctly. At work I'm > stuck using Visual Basic, and while it is pretty handy for our problem > domain (RAD w/ database and native GUI), it also really confuses some of my > C++ instincts (and vice-versa). > > 3. The security of a sandbox. > > Ok, you've got me there, if your primary goal in scripting is to allow your > fanbase to create new content without exposing other users to a variety of > security scenarios, then I suppose you've found your holy grail. At the > cost of 15x performance of course. I seem to recall the user community > (PlanetQuake et al.) doing a pretty good job of filtering through the > security of mods, in fact, I don't recall any news of blaster or welchia > worms arising from Q2 mods, but you know, whatever keeps your paranoid heart > skipping happily along, go for it. Even if it is a huge pain in the ass. > > All that aside, I do believe there are some C-syntax scripting languages > out there these days (http://csl.sourceforge.net/csl.html). In the realm of > other ideas, Battlefield 1942 uses a "scripting" language that is really > more along the lines of a gameplay balancing dataset. You can code up new > vehicles in plain text by combining engines and meshes and various > attributes in new and interesting ways, but you can't really change the core > gameplay mechanic. > > I'm just not significantly compelled to go beyond dynamic library-based > extendability for the time being. However, I am significantly compelled to > find out why the higher minds of my time think otherwise. Please excuse my > dear Aunt Sally. > > Regards, > Garett Bass > gt...@st... |
|
From: Jorrit T. <Jor...@uz...> - 2004-02-04 14:52:10
|
Javier Arevalo wrote: >When you have a large codebase in the "proper" style, and suddenly need to >use it in a non-compliant compiler (like VC6), a hack may be worth a >thousand changes. > > > True enough. Greetings, |
|
From: Magnus A. <mag...@st...> - 2004-02-04 14:47:02
|
I've always used this:
#define for if(false); else for
It will behave correctly in your case as well.
-----Original Message-----
From: Jorrit Tyberghein [mailto:Jor...@uz...]=20
Sent: den 4 februari 2004 15:25
To: gam...@li...
Subject: Re: [GD-General] Variables scope
CAVEY GERARD wrote:
>>Kristoffer Gr=F6nlund wrote:
>>
>> =20
>>
>>>The way I've worked around this in the past has been by redefining =
for as
>>>follows:
>>>#define for if (false) {} else for
>>>
>>>Yes, it's a hideously ugly hack, but so is the problem in the first
place.
>>>I've never had any problems because of it.
>>>=20
>>>
>>> =20
>>>
>>Hmm... sounds like an ugly solution for something that is more simply =
>>solved by just
>>declaring the loop counter outside the for.
>> =20
>>
>
>Hi=20
>As Mr Aravelo(pyrostudios) told me out of list
>it can also be written=20
>#define for if (1) for
>a bit simpler ...
> =20
>
Yes but that can give bad results. For example:
if (a > b)
for (...)
else
...
With your version of 'for' the 'else' branch will never execute since =
it=20
will be
the 'else' for the 'if (1)'. With the previous version of 'for' that=20
problem is not there
because there is already an 'else' branch given in the 'for' define.
Greetings,
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Gamedevlists-general mailing list
Gam...@li...
https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
Archives:
http://sourceforge.net/mailarchive/forum.php?forum_id=3D557
|
|
From: Jorrit T. <Jor...@uz...> - 2004-02-04 14:26:11
|
CAVEY GERARD wrote:
>>Kristoffer Grönlund wrote:
>>
>>
>>
>>>The way I've worked around this in the past has been by redefining for as
>>>follows:
>>>#define for if (false) {} else for
>>>
>>>Yes, it's a hideously ugly hack, but so is the problem in the first place.
>>>I've never had any problems because of it.
>>>
>>>
>>>
>>>
>>Hmm... sounds like an ugly solution for something that is more simply
>>solved by just
>>declaring the loop counter outside the for.
>>
>>
>
>Hi
>As Mr Aravelo(pyrostudios) told me out of list
>it can also be written
>#define for if (1) for
>a bit simpler ...
>
>
Yes but that can give bad results. For example:
if (a > b)
for (...)
else
...
With your version of 'for' the 'else' branch will never execute since it
will be
the 'else' for the 'if (1)'. With the previous version of 'for' that
problem is not there
because there is already an 'else' branch given in the 'for' define.
Greetings,
|
|
From: CAVEY G. <GER...@sg...> - 2004-02-04 14:09:07
|
>Kristoffer Gr=F6nlund wrote:
>
>>The way I've worked around this in the past has been by redefining =
for as
>>follows:
>>#define for if (false) {} else for
>>
>>Yes, it's a hideously ugly hack, but so is the problem in the first =
place.
>>I've never had any problems because of it.
>> =20
>>
>Hmm... sounds like an ugly solution for something that is more simply=20
>solved by just
>declaring the loop counter outside the for.
Hi=20
As Mr Aravelo(pyrostudios) told me out of list
it can also be written=20
#define for if (1) for
a bit simpler ...
I didn t update VC 6.0 yet but maybe that the latest service pack=20
can avoid the workaround.
Anyway I d better wait to get VS.NET
Thanks for your help
Regards
GC
************************************************************************=
*
Ce message et toutes les pieces jointes (ci-apres le "message") sont
confidentiels et etablis a l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisee est interdite.=20
Tout message electronique est susceptible d'alteration.=20
SG Asset Management et ses filiales declinent toute responsabilite au =
titre
de ce message s'il a ete altere, deforme ou falsifie.
D=E9couvrez l'offre et les services de SG Asset Management sur le site
www.sgam.fr=20
********
This message and any attachments (the "message") are confidential and
intended solely for the addressees.
Any unauthorised use or dissemination is prohibited.=20
E-mails are susceptible to alteration. =20
Neither SG Asset Management nor any of its subsidiaries or affiliates =
shall
be liable for the message if altered, changed or falsified.=20
************************************************************************=
*
|
|
From: Jorrit T. <Jor...@uz...> - 2004-02-04 13:26:24
|
Kristoffer Grönlund wrote:
>The way I've worked around this in the past has been by redefining for as
>follows:
>#define for if (false) {} else for
>
>Yes, it's a hideously ugly hack, but so is the problem in the first place.
>I've never had any problems because of it.
>
>
Hmm... sounds like an ugly solution for something that is more simply
solved by just
declaring the loop counter outside the for.
Greetings,
|
|
From: Garett B. <gt...@st...> - 2004-02-04 13:04:43
|
Design folks, Ok, sorry to distract you all, but I just don't get it. After reading about Brian's problems with his scripts (and additionally having considered the problem at length without actually implementing any scripting system myself [except for my pitiful attempt at *writing* a scripting system for Deer Hunter 3, which we won't go into here for fear of grave embarrassment to myself]) it seems to me that "scripting" is being used to solve problems that could just as easily be solved by real code. Please enlighten my heathen mind: Why not simply compile your "scripts" into C/C++ .DLLs? These are the arguments I can vaguely recall for scripting, but I just don't think they hold up: 1. You don't have to compile scripts. I mean, ok, yeah, you gotta spend a few seconds on compiling some C/C++ into a .DLL (holy mother of poo!), but that serves a handy purpose: the compiler checks a variety of error and warning conditions that give you immediate feedback before you even try the script. And if it is so difficult to arrange a test case for the script's performance, are you really saving any time by not using a compiled language? 2. Scripting code is easier for designers to write. Um, really? Is Lua any easier to write than C? Ok, it's more verbose, but verbose just means more symbols to remember and use correctly. At work I'm stuck using Visual Basic, and while it is pretty handy for our problem domain (RAD w/ database and native GUI), it also really confuses some of my C++ instincts (and vice-versa). 3. The security of a sandbox. Ok, you've got me there, if your primary goal in scripting is to allow your fanbase to create new content without exposing other users to a variety of security scenarios, then I suppose you've found your holy grail. At the cost of 15x performance of course. I seem to recall the user community (PlanetQuake et al.) doing a pretty good job of filtering through the security of mods, in fact, I don't recall any news of blaster or welchia worms arising from Q2 mods, but you know, whatever keeps your paranoid heart skipping happily along, go for it. Even if it is a huge pain in the ass. All that aside, I do believe there are some C-syntax scripting languages out there these days (http://csl.sourceforge.net/csl.html). In the realm of other ideas, Battlefield 1942 uses a "scripting" language that is really more along the lines of a gameplay balancing dataset. You can code up new vehicles in plain text by combining engines and meshes and various attributes in new and interesting ways, but you can't really change the core gameplay mechanic. I'm just not significantly compelled to go beyond dynamic library-based extendability for the time being. However, I am significantly compelled to find out why the higher minds of my time think otherwise. Please excuse my dear Aunt Sally. Regards, Garett Bass gt...@st... |
|
From: <ke...@ac...> - 2004-02-04 12:27:57
|
The way I've worked around this in the past has been by redefining for as
follows:
#define for if (false) {} else for
Yes, it's a hideously ugly hack, but so is the problem in the first place.
I've never had any problems because of it.
// Kristoffer
From: "Jorrit Tyberghein" <Jor...@uz...>
> CAVEY GERARD wrote:
>
> >Hi there
> >
> >Few days ago i switched to Visual c++ 6.0 and this is what i discovered.
> >The compiler accept the following C++ code :
> >
> >//first loop
> > for(unsigned long b=0;b<MeshesArray[current].VerticesCount;b++)
> > {
> > ...//processing
> > }
> >//second loop
> > for( b=0;b<not_used*3;b++)
> > {
> > ...
> > }
> >
> >But i thiink i should write the second FOR like this "for(unsigned long
> >b=0;b<not_used*3;b++)" (i mean i should redeclare 'b' because it came out
of
> >scope)
> >When i tried the compiler answered me "error redefinition ..." !!!
> >Did i forget to set an option ;it is a bit strange isn t it?
> >
> >Greetings
> >GC
> >
> >
>
> The best way to avoid this bug in VC 6 is to put 'unsigned long b'
> before the first
> loop like this:
>
> unsigned long b;
> for (b = 0 ; ...)
> ...
> for (b = 0 ; ...)
>
> We had the same problem in Crystal Space.
>
> Greetings,
>
|
|
From: Jorrit T. <Jor...@uz...> - 2004-02-04 09:46:52
|
CAVEY GERARD wrote:
>Hi there
>
>Few days ago i switched to Visual c++ 6.0 and this is what i discovered.
>The compiler accept the following C++ code :
>
>//first loop
> for(unsigned long b=0;b<MeshesArray[current].VerticesCount;b++)
> {
> ...//processing
> }
>//second loop
> for( b=0;b<not_used*3;b++)
> {
> ...
> }
>
>But i thiink i should write the second FOR like this "for(unsigned long
>b=0;b<not_used*3;b++)" (i mean i should redeclare 'b' because it came out of
>scope)
>When i tried the compiler answered me "error redefinition ..." !!!
>Did i forget to set an option ;it is a bit strange isn t it?
>
>Greetings
>GC
>
>
The best way to avoid this bug in VC 6 is to put 'unsigned long b'
before the first
loop like this:
unsigned long b;
for (b = 0 ; ...)
...
for (b = 0 ; ...)
We had the same problem in Crystal Space.
Greetings,
|
|
From: Jamie F. <ja...@qu...> - 2004-02-04 09:41:48
|
that's just the way msvc6 is and always has been (i think maybe they added
an option at some point to switch the behaviour?), its scoping of variables
declared in for statements just violates the standard because microsoft
(obviously!) know better. Fortunately they recovered in msvc7.
jamie
-----Original Message-----
From: gam...@li...
[mailto:gam...@li...]On Behalf Of
CAVEY GERARD
Sent: 04 February 2004 09:11
To: 'gam...@li...'
Subject: [GD-General] Variables scope
Hi there
Few days ago i switched to Visual c++ 6.0 and this is what i discovered.
The compiler accept the following C++ code :
//first loop
for(unsigned long b=0;b<MeshesArray[current].VerticesCount;b++)
{
...//processing
}
//second loop
for( b=0;b<not_used*3;b++)
{
...
}
But i thiink i should write the second FOR like this "for(unsigned long
b=0;b<not_used*3;b++)" (i mean i should redeclare 'b' because it came out of
scope)
When i tried the compiler answered me "error redefinition ..." !!!
Did i forget to set an option ;it is a bit strange isn t it?
Greetings
GC
*************************************************************************
Ce message et toutes les pieces jointes (ci-apres le "message") sont
confidentiels et etablis a l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisee est interdite.
Tout message electronique est susceptible d'alteration.
SG Asset Management et ses filiales declinent toute responsabilite au titre
de ce message s'il a ete altere, deforme ou falsifie.
Découvrez l'offre et les services de SG Asset Management sur le site
www.sgam.fr
********
This message and any attachments (the "message") are confidential and
intended solely for the addressees.
Any unauthorised use or dissemination is prohibited.
E-mails are susceptible to alteration.
Neither SG Asset Management nor any of its subsidiaries or affiliates shall
be liable for the message if altered, changed or falsified.
*************************************************************************
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Gamedevlists-general mailing list
Gam...@li...
https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
Archives:
http://sourceforge.net/mailarchive/forum.php?forum_idU7
|
|
From: CAVEY G. <GER...@sg...> - 2004-02-04 09:11:15
|
Hi there
Few days ago i switched to Visual c++ 6.0 and this is what i =
discovered.
The compiler accept the following C++ code :
//first loop
for(unsigned long b=3D0;b<MeshesArray[current].VerticesCount;b++)
{
...//processing
}
//second loop=20
for( b=3D0;b<not_used*3;b++)
{
...
}
But i thiink i should write the second FOR like this "for(unsigned long
b=3D0;b<not_used*3;b++)" (i mean i should redeclare 'b' because it came =
out of
scope)
When i tried the compiler answered me "error redefinition ..." !!!
Did i forget to set an option ;it is a bit strange isn t it?
Greetings=20
GC=20
************************************************************************=
*
Ce message et toutes les pieces jointes (ci-apres le "message") sont
confidentiels et etablis a l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisee est interdite.=20
Tout message electronique est susceptible d'alteration.=20
SG Asset Management et ses filiales declinent toute responsabilite au =
titre
de ce message s'il a ete altere, deforme ou falsifie.
D=E9couvrez l'offre et les services de SG Asset Management sur le site
www.sgam.fr=20
********
This message and any attachments (the "message") are confidential and
intended solely for the addressees.
Any unauthorised use or dissemination is prohibited.=20
E-mails are susceptible to alteration. =20
Neither SG Asset Management nor any of its subsidiaries or affiliates =
shall
be liable for the message if altered, changed or falsified.=20
************************************************************************=
*
|
|
From: Kent Q. <ken...@co...> - 2004-02-04 02:42:43
|
There are a couple of major benefits that haven't yet been mentioned:
* You can open source your scripting code without open sourcing the whole
app. If you believe in the value of the mod community this can be big.
* Vastly shorter (nonexistent?) build times for changes at the scripting level.
* You're forced to think about the API you want to expose to scripting.
Yes, discipline in coding helps, but having the enforced discipline is useful.
Kent
----
Kent Quirk
CTO, CogniToy
|
|
From: Alen L. <ale...@cr...> - 2004-02-03 13:26:20
|
I can only say: Wow! Thanks a bunch for this one Brian. ----- Original Message ----- From: "Brian Hook" <ho...@py...> To: <gam...@li...> Sent: Monday, February 02, 2004 16:43 Subject: Re: [GD-General] Authentication security > Is there any known open implementation of asymmetric encryption? I've used libtomcrypt in the past with some success, although I haven't looked at it in the past year or so. http://libtomcrypt.org/ Brian ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Gamedevlists-general mailing list Gam...@li... https://lists.sourceforge.net/lists/listinfo/gamedevlists-general Archives: http://sourceforge.net/mailarchive/forum.php?forum_idU7 |
|
From: Aaron D. <ri...@in...> - 2004-02-03 01:17:27
|
You realise that you can't chain together encrypted packets in CBC mode if you are using UDP for unreliable communications. If you intended on just encrypting the packets individually, make sure you include a sequence number or else you may be prone to replay attacks. On Sun, 1 Feb 2004, Dan Thompson wrote: > Hello again, everyone. I'm looking for a way to pass credentials securely > over the wire. Here's what I'm planning, but I'm not sure how well this will > work under UDP, if at all ( I don't think so). > > 1) Users connect to an SSL port in the server, and submit credentials > (hashed) > 2) The server authenticates, and if successful, sends back some kind of huge > session key over the secure link. > 3) The client drops the SSL connection, and connects back on a standard > port, and uses the session key as authentication over TCP. All semi > sensitive data is sent across this link. (Anything critical is done over > SSL). > > Now I can see that this is completely pointless with UDP. Session keys only > work with a connection based protocol. I also know that this is by no means > bulletproof - TCP hijacking and whatnot on the semi-sensitive link. However > for a game... heh. Hopefully you don't need any more than this. However I > still am up in the air on how to deal with authenticity of UDP packets. > Since its all based on source IP/port and player IDs, it seems like it would > be fairly trivial to forge the source ip on a packet and move other people > around. Of course, this requires knowing the other player's IP... but still. > > This seems like to me to be a fairly important issue - especially with > MMORPGs these days. Without a good authentication scheme, people could > delete characters, etc, and people put a *lot* of time into those things. > > As per usual, the archives search was worthless. *twitch* > > Any ideas/comments? > -Dan > > > > ------------------------------------------------------- > The SF.Net email is sponsored by EclipseCon 2004 > Premiere Conference on Open Tools Development and Integration > See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. > http://www.eclipsecon.org/osdn > _______________________________________________ > Gamedevlists-general mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-general > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=557 > |
|
From: Brian H. <ho...@py...> - 2004-02-02 16:43:50
|
> Is there any known open implementation of asymmetric encryption? I've used libtomcrypt in the past with some success, although I haven't looked at it in the past year or so. http://libtomcrypt.org/ Brian |
|
From: Jorrit T. <Jor...@uz...> - 2004-02-02 12:09:08
|
Garett Bass wrote: >Design folks, > > Ok, sorry to distract you all, but I just don't get it. After reading >about Brian's problems with his scripts (and additionally having considered >the problem at length without actually implementing any scripting system >myself [except for my pitiful attempt at *writing* a scripting system for >Deer Hunter 3, which we won't go into here for fear of grave embarrassment >to myself]) it seems to me that "scripting" is being used to solve problems >that could just as easily be solved by real code. > > Please enlighten my heathen mind: Why not simply compile your "scripts" >into C/C++ .DLLs? These are the arguments I can vaguely recall for >scripting, but I just don't think they hold up: > > One other reason for not doing this is portability. The projects that I'm involved with are multi-platform. These games have to work on Windows and Linux and possibly also MacOS/X. Having to distribute two or three versions of your dll's is a hurdle. If you can keep the main portion of your game in C++ and then the game logic itself in a portable scripting language then you have some maintenance advantages. Still another reason is for sending over scripts dynamically over the internet. This may be relevant for some types of games. Doing this with C++ compiled code is very hard to do and sending C++ code requires the client to have a C++ compiler which is also a big burden. Greetings, |
|
From: Colin F. <cp...@ea...> - 2004-02-02 11:19:30
|
> >* Crypto + keyword "hijacker" in a mail message, I'm waiting for the > >stormtroopers and black helicopters any m > > ROTFL... Brian, if you managed to escape, perhaps you could enlighten me on > this one... Bah! It's common knowledge in the intelligence community that the "Brian Hook" persona is a totally invented character used to get a certain sector of the programming community to solve government problems. Unfortunately, "Brian"'s profile has become so elaborated by overenthusiastic agents (in a desire to capture the attention and assistance of programmers) that we now require a staff of writers, fact-checkers, continuity experts, and licensing lawyers (for when the persona becomes corporate, and offers publicly-traded shares on the stock market; ticker: 'HOOK'). We have a guy who is just in charge of keeping track of the things that "Brian" has asked and said in past written correspondence. A cursory analysis of "Brian's" statements in various newsgroups would reveal to anyone that the concentration of apparent intelligence is impossibly superhuman, despite careful efforts of the writers and research team to introduce little quips and claims of doubt in the narrative to throw suspicion away from what would otherwise be recognized as the product of a group-mind or a staggering IQ. A department is exploring possible franchise products, like action figures, music CD's, animated series, T-shirts, candy, cereal, graphic novels, animatronics, and, yes, even a "Brian Hook" video game. Amazingly, it turns out that almost everyone else in the places where the "Brian" persona frequents are fictitious personas invented by other deep-cover intelligence branches. So you, reader, may be the only real person in this forum. We haven't yet narrowed down who you are yet, but it's only a matter of time before the real human is identified...the one actual computer programmer, with all the answers. YOU ARE THE ONE! STAY WHERE YOU ARE. (By the way, if "Brian" should happen to "respond" to these claims, be assured that it's all part of the plan. You are so wrapped up in the illusion that you won't believe the truth even when it is fully disclosed.) |
|
From: Alen L. <ale...@cr...> - 2004-02-02 07:52:49
|
>* Crypto + keyword "hijacker" in a mail message, I'm waiting for the >stormtroopers and black helicopters any m ROTFL... Brian, if you managed to escape, perhaps you could elighten me on this one... >can just as easily exchange the session key by using PGP/RSA between >server and client for the session key (which I believe is what SSL Is there any known open implementation of asymmetric encryption? I'd like to have something that can be incorporated in the code directly. Loading dlls for such a service sounds too vulnerable. (Sorry to stray off the main topic, but it just reminded me on some other ideas that required asymmetric encryption.) Thanks, Alen |
|
From: Brian H. <ho...@py...> - 2004-02-02 01:02:12
|
> 1) Users connect to an SSL port in the server, and submit > credentials (hashed) > 2) The server authenticates, and if successful, sends back some > kind of huge session key over the secure link. > 3) The client drops the SSL connection, and connects back on a > standard port, and uses the session key as authentication over TCP. > All semi sensitive data is sent across this link. (Anything > critical is done over SSL). Well, that's one way of doing it, but using SSL is overkill IMO. You can just as easily exchange the session key by using PGP/RSA between server and client for the session key (which I believe is what SSL effectively accomplishes). The important thing is choosing what you're actually trying to secure. If you're trying to secure intermediate communication because of passwords, etc. then this method achieves it. If you're trying to achieve security vs. the client, i.e. client side hacks, well -- you're pretty much screwed no matter what. > Now I can see that this is completely pointless with UDP. Not if the connection is in terms of logic as opposed to a basic property of the transport system (a la TCP). If Client A "connects" to Server Z using UDP, this is still a valid vie of a "connection". > need any more than this. However I still am up in the air on how to > deal with authenticity of UDP packets. Since its all based on > source IP/port and player IDs, it seems like it would be fairly > trivial to forge the source ip on a packet and move other people > around. Well...sure, but what's the point of hijacking/spoofing a secured channel? The hijacker* only gets the equivalent of noise since he won't have the session key, right? Brian * Crypto + keyword "hijacker" in a mail message, I'm waiting for the stormtroopers and black helicopters any m |
|
From: Brian H. <ho...@py...> - 2004-02-02 00:55:52
|
> ie. If you use 'healht' instead of 'health' in your 'weapon_hit' > function, at runtime you wouldn't know why can't you kill your > target, but with the newindex metamethod those errors would show up > as soon as the offending code is executed. Yes, I agree, and at the very least I should add that. I'm also going to add the "read only" facility that Roberto talks about in his book using a similar method. Brian |
|
From: Dan T. <da...@ar...> - 2004-02-01 21:37:43
|
Hello again, everyone. I'm looking for a way to pass credentials securely over the wire. Here's what I'm planning, but I'm not sure how well this will work under UDP, if at all ( I don't think so). 1) Users connect to an SSL port in the server, and submit credentials (hashed) 2) The server authenticates, and if successful, sends back some kind of huge session key over the secure link. 3) The client drops the SSL connection, and connects back on a standard port, and uses the session key as authentication over TCP. All semi sensitive data is sent across this link. (Anything critical is done over SSL). Now I can see that this is completely pointless with UDP. Session keys only work with a connection based protocol. I also know that this is by no means bulletproof - TCP hijacking and whatnot on the semi-sensitive link. However for a game... heh. Hopefully you don't need any more than this. However I still am up in the air on how to deal with authenticity of UDP packets. Since its all based on source IP/port and player IDs, it seems like it would be fairly trivial to forge the source ip on a packet and move other people around. Of course, this requires knowing the other player's IP... but still. This seems like to me to be a fairly important issue - especially with MMORPGs these days. Without a good authentication scheme, people could delete characters, etc, and people put a *lot* of time into those things. As per usual, the archives search was worthless. *twitch* Any ideas/comments? -Dan |
|
From: <cas...@ya...> - 2004-02-01 20:59:07
|
Brian Hook wrote: >>You can do that without "hacking" lua. This is from the top of my >>head, but if you want to follow this direction I can provide a more >>detailed explanation > > This catches assignments at run-time though, not at compile time, > correct? ups, should read mails more carefully! yes, that catches errors at run time only. It's not possible to do that at compile time without fully redesigning the language. However, that allows you to catch errors earlier, and provides a descriptive error message to let you know what's going on. ie. If you use 'healht' instead of 'health' in your 'weapon_hit' function, at runtime you wouldn't know why can't you kill your target, but with the newindex metamethod those errors would show up as soon as the offending code is executed. In my experience (that's not much :D), this kind of runtime checks and a proper test suite can be really helpful. -- Ignacio Castaño cas...@ya... |
|
From: Brian H. <ho...@py...> - 2004-02-01 20:05:56
|
> You can do that without "hacking" lua. This is from the top of my > head, but if you want to follow this direction I can provide a more > detailed explanation This catches assignments at run-time though, not at compile time, correct? Brian |
12 messages has been excluded from this view by a project administrator.
