Got package I couldn't decipher from "client's IP" - somebody trying to break in?

[arnaudlecam]

Hi, I got this message on the console when I try to conncet a client: Got package I couldn't decipher from "client's IP" - somebody trying to break in? Maybe a shared secret pb ? RandomNumbers.bin were created under /common with the same shared secret on server side and client side before compilation... Have you got any idea about the pb ?

[christofmuc]

You're correct, that is the message that is emitted when the shared secret from random.bin doesn't allow decoding, normally I have seen this only with a mismatch secret pair.

Did you test a localhost client server build on the same machine? If that works and the error message comes up at two different machines only probably double check the RandomNumbers.bin, because it will be autogenerated by the CMake process.

If that doesn't work, you could try to get it to run without encryption first to see if the Blowfish really is the problem. Looking at the code (it's been awhile) that would be lines 84ff in Client.cpp and lines 43ff of DataAcceptThread.cpp of the client package, and line 71ff of the AcceptThread.cpp and line 75ff in SendThread.cpp of the server package. Looking at this, I should a) add a #define to enable and disable encryption and refactor the code into common to centralize the code for it.

Let me know how it proceeds!

[arnaudlecam]

Hi @christofmuc , Reading the doc, I created a file named RandomNumbers.bin in the /common subdirectory (on local and remote host, with the same shared secret). But now I see my /CMakeLists.txt contains: set(CRYPTO_FILE "${CMAKE_CURRENT_LIST_DIR}/common/resources/RandomNumbers.bin") (it was before you commited) So I mouved my RandomNumbers.bin files in /common/resources on each host, and I works now ! The pb was in the doc...

[christofmuc]

Oh, I just merged into master with changes piled up for months. Surprised it works ;-)

The latest master has externalized the shared secret file (it is still the same 72 bytes for Blowfish) - you have a UI to select the file for the client, and specify it on the command line for the server. Makes it easier to change. This is brand new, I haven't really tested it, so go with your version in case you want to test drive a more stable (i.e. hung to dry) software!

[arnaudlecam]

I got it working now : next step for me is to build for Windows (needed to have test session with my band members...). Thank you !