Built-in STMP server

[slipknotivo]

Log pvpgn:

Nov 20 16:43:06 [info ] pvpgn::bnetd::_client_loginreq2: [300] "RULERS-TEAM02" logged in (no password) Nov 20 16:43:12 [info ] pvpgn::bnetd::_client_setemailreply: [300] init account "Rulers-Team02" email to "" Nov 20 16:43:12 [info ] pvpgn::bnetd::_client_realmjoinreq109: [300] realm join for "RULERS-TEAM02" failed (no password)

account have password, fix: change pass /chpass "acc" "new pass"

[RElesgoe]

How did the account initially not have a password?

[slipknotivo]

la cuenta tenia contraseña pero por algun motivo se les bugea la contraseña y el e-mail

had the account password but for some reason they bugea password and e-mail

[RElesgoe]

@HarpyWar I think we need to add sending email capability to PvPGN.

[HarpyWar]

@xboi209 Yes, it can be implemented if use good C++ SMTP library. It will be nice enhancement.

@slipknotivo How can I reproduce the bug? Can you send me your server's database to do it?

[cen1]

I'd advise against implementing SMTP server inside PvPGN. Why not simply make it connect to a real SMTP server, authenticate and send email from there? This way you just connect to any email server using telnet or openssl and it only needs a socket. You could even do it via gmail this way.

Adding a full blown SMTP server will inevitably be half-assed implementation. Just think of Postfix/exim and how hard those programs are to set up properly.

So I believe what you actually want is an SMTP client, not server.

[HarpyWar]

Sure, it will be better to implement only interface to make it connect to a real SMTP server.

Another issue is that standart activation links in email can not be used here because it needs a web server. I suggest below solution to prevent spam registrations via email.

First mail can be send with a temporary random generated password to a user after registration. If user don't provide an email after login then it will be kicked from a server until email will not be entered. After a first login account will be locked and banned. It will need two more fields in a database to save initial password and flag that it is not activated account. Then user checks his mail and enter temporary password into login screen (if user not activated temporary password validation should be checked before locked flag). After first login password automatically changes to initial that user was entered on registration.

Users can make a mistake in an email. If account didn't activated during X time after registration (e.g. one hour) then it can be re-registered.

[cen1]

I think it could be made less complicated. You can send like a 4 digit code via email and then user enters it somewhere after first login. There are a few ways:

1. Is there a dialog box option? I know bnet can trigger alert boxes but I don't know about dialog ones (where you can enter text).
2. Throw non-activated user in a special channel (like the void) and lock him inside until he writes the code. This shouldn't be too hard to do, yo simply ignore all packets except chat.

This way you only need one email and use can pick his own password from start which is preferred.

[HarpyWar]

There is no dialog box feature, even if create it with ExtraWork not all games support this. The second solution looks the best!

[cen1]

I'll start messing around with this, first thing to do is check out the existing SMTP client libraries and pick a good one. I'll post my findings here.

[cen1]

It seems that libcurl is the most obvious choice. There are some more libraries but they have much less examples on the internet and libcurl is definitely the most known and supported out there.

I'll create a sample code for smtp and smtps for my own mail server and gmail as examples in few days.

[cen1]

1. Pvpgn would now depend on OpenSSL and libcurl
2. First you need to build OpenSSL for windows which is a PITA: http://developer.covenanteyes.com/building-openssl-for-visual-studio/, linux is just apt-get install openssl-dev or whatever. I did a static build.
3. Get libcurl source and run cmake: cmake -G "Visual Studio 12" -B./build -H./ -DOPENSSL_ROOT_DIR=C:/git/openssl/ build -DOPENSSL_LIBRARIES=C:/git/openssl/build/lib -DOPENSSL_INCLUDE_DIR=C:/git/openssl/build/include -DBUILD_CURL_TESTS=OFF -DCURL_STATICLIB=ON OpenSSL paths need to be provided, tests disabled because of some cmake error and I decided to use static in this case
4. Paths are release/lib/Release and libcurl_root/include
5. Sample code, confirmed working: http://pastebin.com/UXQzvhUm just change FROM and TO defines and Username and Password in the code (gmail example). This just connects to smtp server, sends email and disconnects. We will probably need to have strategies to maybe keep connection online and only disconnect if nobody creates an account for X amount of time?
6. Project needs to link to ssleay.32.lib, libeay32.lib, ws2_32.lib, preprocessor needs CURL_STATICLIB

Since we are introducing two new dependencies I need some guidance how to deal with this. At the moment we only depend on zlib and it has to be externally provided or it's provided by magic builder. Linux is not a problem because you just install the dependencies but on windows we need to provide headers and binaries somehow. Magicbuilder can provide them obviously but I'd suggest we solve this permanently. Do you think we could add include files and binaries for windows build to the project? Same for zlib. This makes us responsible for updating the libraries but magic builder has the same problem anyway.