Re: one more quick question about identd

From: Barid Bel Medar (icarus@berkshire.net)
Date: 06/29/96


On Sat, 29 Jun 1996, Ground Zero Enterprises wrote:

> Not everything in this message is correct.  

Sorry, it was.  I've done this, so I know that for a fact.  (I did it the 
wrong way, first, too.)

> I installed a patch for 
> ident handling that was written by Eric Green and I have not noticed that 
> people could not login or that the MUD freezes what so ever.  

Okay.  I'm not sure on the precise implementation of said patch, but try 
this: design a host that "hangs" when you try to connect to it.  i.e., 
like this:

% telnet lo 113
Trying 127.0.0.1...

...and then just sits there.  Unless Mr Green implemented a workaround 
(such as setting the timeout to one second), the MUD *will* freeze there 
until it receives a reply, be it positive or negative.  I'm almost 
positive about this.  This is where network lag will be most prevalent, 
and when you'll need the entire thirty seconds for a reply to come 
through (if one will come through at all).

Because of the nature of the MUD, if it has to wait for connect() to 
return, it will freeze and nothing will be done, unless someone seriously 
changed the way things are done.  There was a discussion about this sort 
of thing on this list a few months ago (well, about six months, maybe).

> It is 
> stabel and works pretty well.  I would suggest it if you are interested 
> in installing an Ident h.andler

Again, try it on the above test.  Most hosts reply immediately to a 
connection request, and also to an ident request.  However, if they do 
not, you will be stuck.

I am aware of several ways to work around this problem.  The most 
straightforward, though boring, way of doing it is to switch Circle over 
to a multitasking base (each connection gets its own process).  When this 
is done, it doesn't matter if you force that process to wait; it's not 
needed for anything else anyway.  I don't believe that "polling" for 
connect requests will work correctly.  If you are behind a firewall, you 
may be able to "queue" a request which connects you when able, without 
having to wait.

Someone is welcome to correct me on this with specifics if I'm wrong.  
I'm pretty sure I'm not, though.  The overall assumption is that 
connect() is blocking, and that there is no way around it.  If both of 
those assumptions are correct, I'm afraid it may be impossible to write 
an ident handler which honors the RFC specifications in a single-task, 
multi-user environment.  Setting the timeout to one second will do the 
trick, but it'll also lock out about half of the ident daemons which have 
to be swapper into memory, or whatever.

> On Sat, 29 Jun 1996, Barid Bel Medar wrote:
> 
> > On Sat, 29 Jun 1996, Ben Leibig wrote:
> > 
> > > The ident thing that lets you see the full address of players entering the mud
> > 
> > What is this supposed to mean?
> > 
> > > how meny players have whats needed on their end.  
> > 
> > Is this a question, or a statement?
> > 
> > Anyone who's running an ident daemon.  Telnet to port 113 of a computer 
> > and see if it answers.  If it does, an identd is being run.
> > 
> > > IE how often does it work
> > 
> > Whenever it's running and you have the correct information.
> > 
> > > i dont wanna take the time to set it up if it only works every once in 
> > > a while.  BUt if it generaly works it might be worth looking at.  
> > 
> > It always works.  Do you expect it to just not answer or something?  
> > Linux has it on by default.  SunOS does not, but it can be easily 
> > enabled.  In other words, about 75-80% of the people who visit your MUD 
> > will have an identd running or be able to run one.  Dynamic IP accounts 
> > MUST add an identd to the system, which are found everywhere (for IRC, 
> > usually).
> > 
> > > IF 
> > > anyone knows about it and could let me know that would be helpful.
> > > 
> > 
> > Try the Internet Requests for Comments (RFC's).  Go to Yahoo, search for 
> > "RFC".  Look for the RFC list, then choose the RFC index.  Once it's 
> > loaded, search for the word "identification" (search by browser, not web 
> > page).  Then click on the RFC number nearby.  It will tell you the 
> > implementation of identd as used on all UNIX systems.
> > 
> > Be aware that the RFC suggests waiting for *at least* 30 seconds to 
> > accomadate network lag.  During that time, CircleMUD will not be able to 
> > log on new users.  If you plan on running a busy MUD, either find a way 
> > around this or don't use an identd.
> > 
> > You must also write the ident function yourself.  It's pretty easy, but 
> > you have to be prepared to handle all the errors correctly (i.e., only 
> > throw someone off if he refuses to identify himself).  There are a lot of 
> > possible responses: connect refused, user hidden, no user present on that 
> > port, and so on.  Only in the last two cases should you (normally) throw 
> > users off, as that indicates that you've got someone up to no good on the 
> > other side.
> > 
> > ------------------------------------------------------------------
> > Barid Bel Medar                               icarus@berkshire.net
> > Knights of the Cosmos            Shayol Ghul Resort and Health Spa
> > ------------------------------------------------------------------
> > "I  am  returning  this otherwise good typing paper to you because
> > someone has printed gibberish all over it and  put  your  name  at
> > the top." - English Professor, Ohio University
> > ------------------------------------------------------------------
> > 
> > 
> 

------------------------------------------------------------------
Barid Bel Medar                               icarus@berkshire.net
Knights of the Cosmos            Shayol Ghul Resort and Health Spa
------------------------------------------------------------------
"I  am  returning  this otherwise good typing paper to you because
someone has printed gibberish all over it and  put  your  name  at
the top." - English Professor, Ohio University
------------------------------------------------------------------



This archive was generated by hypermail 2b30 : 12/18/00 PST