[crossfire] SVN revions in version
Brendan Lally
brenlally at gmail.com
Fri Oct 13 17:54:36 CDT 2006
On 10/13/06, Christian Hujer <cher at riedquat.de> wrote:
>
> > Likewise, although the clients need only open a connection to the
> > metaserver to recieve the server list, having the official clients
> > send their revision numbers by default would give some indication as
> > to which versions of the clients are in use. (assuming the metaserver
> > were suitably modified to read that information from the socket).
> Oh that would make it easy for a bogus server to abuse or exploit known client
> bugs to hack client machines.
I apologise if I was unclear on that point, I'm talking about sending
the information to the /metaserver/, not the individual servers for
the purpose of determining client version usage rates. Currently the
best guess as to which clients everyone is running is based on
connections to metaforge, but most of these people probably query the
metaserver first (since that is default behaviour). It would be nice
to be able to tell roughly what versions everyone is running in terms
of addressing issues of backwards compatibility (eg, is anyone using
1.4 or 1.5 still, and is it therefore safe to break compatibility? or,
if a serious bug is found, is it worth making a new point release for
a version that the majority of the userbase runs?) Likewise if the
interface mode (gtk2, gtk, x11) were sent, then there would be some
usage statistics to base the questions about client design on. I am
thinking of something to go alongside
http://crossfire.real-time.com/metaserver/ that instead of listing
servers would list summary statistics for the clients, eg
In the last week there were x client connections of which y were from
unique IP addresses from n different countries. They were using the
following versions:
1.7 ...%
1.7.1 ...%
1.8 ...%
and so on.
In terms of client abuse of servers though, I am thinking of annoying
bugs and balance exploits and not security concerns. To give a recent
example, if someone sees a server running revision <= 4995 then they
may know they will be able to unequip cursed weapons by changing skill
and abuse that bug, whereas it might not occur to them to check
otherwise.
More information about the crossfire
mailing list