Rpc checksum error handle

Fela · December 15, 2024, 12:16pm

Godot Version

4.2

Question

Is there a way to handle rpc checksum error? The goal is to process a connection from an unknown application, for example. At first glance, this error does not lead to the server stopping, but it seems to me that each error should have its own control.

I would like something like:
If checksum_error:
disconnect_peer(peer_id)

Thank you.

gaboot · December 16, 2024, 4:45am

That’s not the intended use of those errors. Obviously it’s possible with enough c++… Maybe fake it by sending the correct checksum to the external application you want to use?

pennyloafers · December 16, 2024, 4:58am

You may want to look at the packet peer or multiplayer API extension to see if you can stamp a checksum and check and strip each packet going through. If not, you would have to do the checksum on every RPC you create.

But I will say that even UDP already has a checksum within its protocol. You won’t catch any corrupted data on a packet that makes it to an RPC.

pennyloafers · December 16, 2024, 1:08pm

I gave this a little more thought.

If you want to protect against unknown applications trying to probe the server you can setup an key system to connect that is application based and encrypt the communication. If they fail to provide a key they cannot connect.

If they have a different version of the game with different RPC API, you can easily setup a version check upon connection.

I will say if you introduce a bug where a rpc node checksum error occurs (an error that occurs when a node path exists but the RPC method does not ) you may disconnect a friendly application. This could happen with any node that may dynamically spawned and uses RPCs.

Although if the unknown app had the key you would be back to square one. But if a hacker was that good a checksum check may not matter if they leverage the existing rpc API.

Fela · December 17, 2024, 10:04am

DTLS encription is exactly what I have currently configured and testing. It’s funny that I only considered encryption as a way to hide client data. And I didn’t even think about the TLS handshake in the context of limiting the connection.
I really appreciate the lead. Thanks a lot.

system · January 16, 2025, 10:05am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.