ArmA Server Side Scripting

[Silverr 0]

Please, do simple example for next task:

Player has not signed addon, I wish automatically kick such person. What do I need?

I just add these strings to server.cfg

verifySignatures=1;

onHackedData="kick id";

onDifferentData="kick id";

onUnsignedData="kick id";

Instead of kick id use kick _this select 0. As usual, arguments are passed to the event handler as an array in _this.

Nothing happend again, players disconnected with "Signature check timed out" reason after 25-30min of playing. I disable firewall and have no idea what to do next step.

[Nutty_101 0]

has anyone gotten this to work. also are any of the commands open to scripts outside this isolated VM?

[sicilian 0]

Please, do simple example for next task:

Player has not signed addon, I wish automatically kick such person. What do I need?

I just add these strings to server.cfg

verifySignatures=1;

onHackedData="kick id";

onDifferentData="kick id";

onUnsignedData="kick id";

Nothing happend, time to time most players disconnected with "Signature check timed out" reason. What is it? On my server only 2303-2304 UDP is opened. May be checking use other ports?

verifySignatures=1; should be enough for your example to kick the player...

I would guess trying it again with verifySignatures=0; and try each event alone not all together to know which of them has been fired!

[1436 1]

Try this in server.cfg not in arma.cfg

//log & cheaters

LogFile = "server_console.log";

checkfile=0; //1=slow 0=defult

onHackedData = "ban (_this select 0)";  //auto ban hacked addons

onDifferentData = "kick (_this select 0)"; //auto kick modified files

kickDuplicate=1; // do not allow duplicate id

[sicilian 0]

Has anyone found the "global script folder" yet???

[Silverr 0]

verifySignatures=1; option may kick player even if he is Ok. For example I do it yesterday in my server: start the evolution mission, and every player who connected and immideately jumped into slot and press ready - was kicked, because their PC's in this moment loading map and island instead give responce to server about signatures. Such players see "you have been kicked" message after loading of mission and island is complete. And other users see message "Signature check timed out" "user xxx kicked".

Only solution to stay in game is wait in pool for a while (about 2-3minutes) and only after this period of time press "ready" button for loading mission and island. Its awful.

[deady 0]

Been experimenting with this.

With onHackedData="" the server will just announce that xxx has wrong signature and let them continue playing, leaving it up the admin to decide (which i like).

But with onUnsignedData="" the server will kick. Well actually it says "Session Lost" - bug?

I wanted to allow people to play but warn me what files failed verification, but it seems this isn't possible and anyone with a custom mod will be kicked no matter what.

Also, the way the biki is worded suggests you can do anything you can in a normal script:

Quote[/b] ]"The scripting language shares the core (overall structure and syntax, arithmetic operations, control structures) with the scripting used in the game. The are a few commands specific to Server Side Scripting:"

I seriously doubt you can only use kick and ban - if so, there is zero use to onUserConnected and OnUserDisconnected.  The fact those 2 handlers exist suggests you can do a lot more with these events, we just haven't been given any good examples from the devs yet.

[Synide 0]

@Deady...

Yes indeed if you have...

<table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">verifySignatures=1;

onUnsignedData="";

People connecting to your server should recieve a similar message to the following... And, get kicked when they press 'Ok'.

If you want (for a short time anyway) verifySignatures ON and clients that fail the onUnsignedData event. (meaning they have a pbo present that does not have any associated signature) You can do the following...

<table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">verifySignatures=1;

onUnsignedData="{}";

And, people will get the same/similar message as above but, when they press 'Ok' instead of getting 'kicked' they will be allowed onto the server.

Then later when the DSSignFile tool is released and the various Mod makers and/or AddOn makers you deem trustworthy have produced their signature files you can install them on your server and alter your server.cfg file to...

<table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">verifySignatures=1;

onUnsignedData="kick (_this select 0)";

cool?

PS. Personally I have... atm anyway..

<table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">

verifySignatures=1;

onHackedData="kick (_this select 0)";

onUnsignedData="{}";

[deady 0]

Ah ok.

Pretty amusing we have to confuse the server with invalid commands to get it to do what we want

Thanks

[suma 8]

You can "confuse" it even with a valid command, if you wish. However, to avoid default behaviour, you need to provide a non-empty handler. The handler can do nothing, it could something like onUnsignedData="0", onUnsignedData=";" or onUnsignedData="{}", or anything else which is not empty, but does nothing (I guess even onUnsignedData=" " could probably work).

[deady 0]

Ok Suma.

While you're here, could you give us any examples of doing something other than kicking or banning? Can you launch scripts from it or not? And if you can where should the script be?

What use do you have in mind for onuserconnected and onuserdisconnected?

[Synide 0]

Also, we've noticed that if the verifySignatures is ON and the network response asking for a signature 'times-out'.

The server is firing the onHackedData event. (which was set to 'kick (_this select 0)' and now is set to '{}'

I can't see (even a dev) way around that though as you have to put a stake in the ground somewhere.

Alot of 'time-outs' would be genuine but just as many might not.

sidenote:

Maybe in forthcoming patches the Admin 'VM' could have more functionality to become more of a 'lobby' for the Server.

Might be a bit of a man-power/resource/time issue with that idea though.

[deady 0]

Yeah after trying this just now, i've had to turn it off again. A lot of connectors were getting kicked for Signature check timed out, even people I know with fast connections and fast computers.

So, my server is again unprotected

[sicilian 0]

Also, we've noticed that if the verifySignatures is ON and the network response asking for a signature 'times-out'.

The server is firing the onHackedData event. (which was set to 'kick (_this select 0)' and now is set to '{}'

The default behavior after a time out should never be a kick!

Instead there should be another event "onUncheckedData" or "onTimedOutCheck" where we can decide wether to start a second check or what ever we want.... and we dont have to forget that the player will be checked during the game again!

[deady 0]

Well ideally the check should complete as a priority before anything else happens or loads.

[maddogx 13]

Timeouts must never be allowed to let a player go unchecked. That would render the whole system useless. Ideally (! a timeout should always cause a kick. Perhaps one or two rechecks, just to be sure, but that number should be extremely limited. Any hacker nowadays can cause havoc within a few seconds of being on a server.

EDIT: Deady is correct - the checking process should have absolute priority to avoid unnecessary timeouts.

[sicilian 0]

Well ideally the check should complete as a priority before anything else happens or loads.

So it's better to put someone in prison until his innocence is proven...

So first everyone is guilty!  - nice world -

Quote[/b] ]

EDIT: Deady is correct - the checking process should have absolute priority to avoid unnecessary timeouts.

You forgot the timeout happened inside the check procedure...

[Silverr 0]

Guys, did you see my message on top of this screen?

"Only solution to stay in game is wait in pool for a while (about 2-3minutes) and only after this period of time press "ready" button for loading mission and island."

[deady 0]

Well ideally the check should complete as a priority before anything else happens or loads.

So it's better to put someone in prison until his innocence is proven...

So first everyone is guilty!  - nice world -

No think of it more like airport security.  You check everyone before they board the plane, not while its taking off and then throw people out if they fail.

And yeah silver, but people joining a server don't know that.

[deady 0]

We seriously need an emergency patch to make signature checking work properly on busy servers, cheating and hacking is becoming more and more common.

[.kju 3239]

hopefully with QG or 1.09 there will be improvement here..

comon BI, ,its not that hard!

[Proton 11]

I have an idea to replace verifySignatures=1 with a 'lazy' checking, because signature checking can take serious time on a heavily loaded server before connecting, somewhere in the range of 5-10 mins. People turn this feature off regularly because of that. The idea is to set verifySignatures=0 and run 'checkFile' commands in the regularCheck event handler *after* people connected, so people can connect immediately, but their files are still checked later. The only disadvantage is that until they checked, they can do harm, but in this case they got banned anyway.

Anybody has an example of a server side script which actually does something else than kick or ban? BIKI says that

The scripting language shares the core (overall structure and syntax, arithmetic operations, control structures) with the scripting used in the game.

My problem is that the command set looks like to be extremely limited or even non-existent beyond the set of 'users, ban, kick, checkFile, numberOfFiles' listed there. An exception is 'select', which works, as we can see from the examples.

However, I cannot even output a string. 'diag_log' does not work. I have seen others trying ' server globalChat "foo" ' but it does not work either. Using a wrong 'localize' does not put anything into the .rpt. 'Compile' does not work (so the trick of making a wrong line and compiling the info into the code does fail). So how in hell can I actually get some info what my event handler is doing?

regularCheck threads do get executed, as if I place there a line with a syntax error, like ending it with {, the error does show up in regular intervals in the rpt.

Edited August 6, 2010 by Proton

[Proton 11]

Playing with #exec gave some hints. If you actually let the script return a value, it shows up correctly, like '#exec 1 > 2' prints 'false'. I checked that you can define local variables. So you can try what is possible or not.

If you peek into the .exe, the 'checkFile' command has an internal help, and it looks to be incorrectly documented in the BIKI. Instead [id,name] it should be called with [id, file_index]. Issuing '#exec 0 checkFile [3,x]' (if player id is 3 from #userlist) does show up in Process Monitor as disk activity on different files with changing x, starting with the bin.pbo and core.pbo, so it is reasonable to believe that it does what expected.

Based on all of this, I tried the following in server.cfg:

verifySignatures = 0;

regularCheck="_id = _this select 0; _req = _this select 1; if ( _req < numberOfFiles _id ) then { 0 checkFile [_id, _req]; };";

This should let players in, but check each file once later. The problem is that it does not work. I have 'session lost' after loading the mission, probably at the first run of 'regularCheck', no error or kick messages in any of the logs. Whats wrong?

[Proton 11]

The reason looks like to be that checkFile does not work if verifySignatures=0. If it is 1, the regularCheck line above works. Looks like verifySignatures turns on/off the entire checking facility at once :(

[Proton 11]

If I understand correctly, long loading times cannot be created by verifySignatures. All what the client does is that it downloads the keys from the server (a few kbyte), and checks that the files were signed with that key. Only the client works, the server does not use any CPU time while checking.

It means that the load wait times are caused by something else. It happens at the latest phase of the progress bar, the waiting can take many minutes, and the game looks frozen.

Does somebody know what happens at that time? Probably the client downloads all changes what was made in the game world (like flattened trees/destroyed buildings), and publicvariable'd data.