[CEntrilo] v3.0 looks possible


yeah, good news for you ;)
Although Luigi Auriemma said, he wont touch Ventrilo v3.0, he did it and released some code to authenticate with the servers. For you that means, there will perhaps be a CEntrilo v3.0 soon.
Thanks, mate!

But there are other (serious) things i have to do:
That CEntrilo code is ugly as hell! damn. its so ugly i really dont want to put that code on my page. Its grown from a small UDP proxy, to a Ventrilo Decoder, then a Ventrilo Bot, later an ISDN Gateway and finally a client for PDA’s.
You know what i mean? The whole code design doesnt fit. Totally mixed up absolutely different coding styles, different approaches and finally even mixing classless code with classes. There’s also no distinguishing regarding MVC or some layer separation. nada.

Why i tell that?
Some weeks ago i received a question if i dont want to GPL CEntrilo and let others help with development.
To be honest – CEntrilo is already GPL’ed. There were some persons (3? 4?) who asked for the source and of course i sent it. (you remember GPL? it doesnt prohibit sharing just binaries – it says you must give out the sourcecode if one asks for it)
Uh yes, i didnt add any license dialog – sorry for that – its my fault, but MDA’s dont have too much place for that button :)

So yes, its GPL’ed but no, i dont want to put the source on my page.
People who ask for the src, will of course get it.

But ok, i think i’ll merge the V3.0 code into my source and update the protocol code also (which is the most time consuming)

now i will read through aluigi’s code – i’ll post some news if something happened :]

[CEntrilo] no support for ventrilo v3.0 for now

hi again.

just want to let you know that i will not support ventrilo v3.0.
the reason is, the ventrilo guys are authenticating the server against some of their servers.
just have a look at port 6100 when you start ventrilo…

as stated on: http://ventrilo.com/forums/showthread.php?t=23257
they require you to let the client authenticate the server.
if you are behind a firewall, so u’re fucked.

  • server calculates some seed (?) and sends this to the client (UDP)
  • client contacts flagship-servers and gets some other token (UDP)
  • client calculates encryption keys from this
  • server sends 0x34 command during TCP-handshake
  • client receives 0x34 command
  • server modifies encryption lookup tables using the keys from above
  • client modifies encryption lookup tables using the keys from above
  • both communicate with modified tables now

i hate that “we want control everything”-way everyone goes.

well, i was able to let the win32 client authenticate my server and then use that authentication token to decode the protocol without any problems.
that token seems just to change when the server is restarted – but neither i want to make a dumper for that token nor do i want to re-implement their authentication procedure.
maybe i’ll find another way like bruteforcing the encryption while the server sends pings and information blocks, but i dont think its the right way.

P.S.: these guys really suck!