RSA implementation

From WinBolo

How to Implement in WinBolo

The netplayer.c module in the server contains network information about each client in the game. One of the fields in the structure hasPassed. This field is used to prevent clients that have not provided a password from sending any packets to the server. This is handled in servernet.c.

void serverNetTCPPacketArrive(BYTE *buff, int len, BYTE playerNum, unsigned long addr, unsigned short port) {
  static char info[MAX_UDPPACKET_SIZE] = GENERICHEADER; /* Buffer to send */
  BYTE *pnt;                                  /* Data Pointer   */

   /* Server password check */
  if (hasPass == TRUE) {
    if (netPlayersHasPassed(&np, playerNum) == FALSE) {
      /* If this isn't a password packet drop them */
      if (len != sizeof(PASSWORD_PACKET) || buff[BOLOPACKET_REQUEST_TYPEPOS] != BOLOPACKET_PASSWORDCHECK) {
        serverNetPlayerLeave(playerNum, FALSE);
        return;
      }
    }
  }

 /* Process packet */
  ...

Two additional fields could be added to the netplayers structure that include the RSA random data to check and whether the client has passed the RSA check.

The join process in network.c would have to be modified.

In netJoinInit() before or after the password is sent an additional server send/receive is needed. The steps for this would be as the example process above. The list of valid public keys for clients and servers could be stored in the tracker or on WBN. Both the client and the server should check they are valid.

The current version of WinBolo is set at 1.15, and servers are not yet capable of distinguishing between clients that were compiled before the source-code release and third-party game clients that enable cheating. Developers are researching the best way to implement RSA encryption and will deliver a new blessed server and client whose version will increase to WinBolo 1.16.