[Minetest-dev] (no subject)

e est mtest31 at yandex.com
Mon Apr 6 01:00:10 UTC 2015


Hi,

I have seen that nrzkt has made protocol version 25, I think the init packets need some additional work to be truly auth mechanism generic, and best the work is done before the next release so that we can change 25 directly, without having to support its init packets. I have outlined the end product below.

In init packets, server and client both send a connection salt (server has its own, client has its own) (16 bytes each), called sS, and sC.

The TOSERVER_INIT packet doesn't contain the clien't desired username anymore. This is to allow for features like authentication only by cryptographic key (and every user account has one). Instead, there is a new TOSERVER_USERNAME packet. It is sent directly after init, and before authentication. It isn't sent in singleplayer.

The TOCLIENT_INIT packet contains the server's public key (32 bytes), but only for later support (reserved). Also, two bytes CRYPTOFLAGS_SERVER, and two bytes CRYPTOFLAGS_CLIENT.

After that TOSERVER_USERNAME packet, server sends TOCLIENT_AUTH_METHOD packet which contains supported auth mechanisms aU for that specific user, and a string USED_USERNAME_LEGACY, which is explained below.

For authentication, Client initiates authentication based on one of the protocols it supports.

Authentication protocols are (others added later perhaps):
1. srp based on salted hash
2. srp based on legacy hash with implied upgrade to modern srp
3. ed25519 public key auth

Also listed as authentication protocols (technically they are):
4. srp salted hash first login
5. ed25519 public key auth first login

1. is normal srp, salt is sS and sC concatenated.
2. is the "upgrade" authentication protocol, where client first authenticates to the server via srp with the legacy hash as the "password", then establishes the srp key
The legacy hash is calculated using the USED_USERNAME_LEGACY casing. All other login mechanisms don't use the username for salting.
3. is login via ed25519 public keys, like ssh key based auth (client sends signature of sS and sC concatenated)
4. the client sends the srp key the server should store (with sS and sC concatenated and hashed)
5. the client sends its ed25519 public key

Greetings, est


More information about the Minetest-dev mailing list