MayaTheShy/Starworld
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
main
Starworld/docs/SESSION_2025-11-10_HMAC_INVESTIGATION.md
MayaTheShy ca8c4ae4e5
Some checks failed
CI / build-and-test (push) Has been cancelled
Details
fix: document HMAC verification investigation and connection persistence issues
2025-11-10 01:54:45 -05:00

7.5 KiB
Raw Permalink Blame History

Session Summary: November 10, 2025 - HMAC Verification Investigation

Session Goal

Fix the "Removing silent node" issue where connections to Overte domain server are killed after 11-18 seconds.

Work Timeline

Phase 1: Local ID Bug Discovery (FIXED )

Problem: Connection killed after 16 seconds with "Haven't heard from" messages.

Investigation:

  • Discovered we were parsing Local ID from wrong offset (bytes 32-33 instead of 34-35)
  • Used wrong byte order (ntohs() on already little-endian data)

Solution:

// Before (WRONG):
uint16_t localID = ntohs(*reinterpret_cast<const uint16_t*>(data + 32));

// After (CORRECT):
uint16_t localID;
std::memcpy(&localID, data + 34, sizeof(uint16_t));

Result: Local ID now matches server assignment (e.g., 21193 == 21193)

Phase 2: HMAC Verification Issue Discovery (BLOCKED )

Problem: After fixing Local ID, connection still killed after 11-18 seconds. Server logs show "Packet hash mismatch".

Investigation:

  1. Server logs revealed: Expected hash: "" Actual: "3a68dfa68aa10e6e17e6464f462e46da"
  2. Empty expected hash means server's node has NO HMAC authentication configured
  3. Traced through Overte source code to understand verification logic

Root Cause Identified:

// From Overte's LimitedNodeList.cpp:362-378
auto sourceNodeHMACAuth = sourceNode->getAuthenticateHash();
if (!sourceNodeHMACAuth || packetHashPart != expectedHash) {
    // Reject packet - THIS IS THE PROBLEM
}

If node has no HMAC auth (sourceNodeHMACAuth is null), packets are ALWAYS rejected!

Why Node Has No HMAC:

// From DomainGatekeeper.cpp:670
limitedNodeList->addOrUpdateNode(...);  // No connectionSecret → uses QUuid()

// From Node.cpp:200-214
void Node::setConnectionSecret(const QUuid& connectionSecret) {
    if (_connectionSecret == connectionSecret) {
        return;  // Early return - already null UUID!
    }
    // This code never executes for new nodes
}

Phase 3: HMAC Implementation Attempts

Attempt 1: Send 16 zero bytes as hash

  • Result: Mismatch (empty string ≠ 16 zero bytes)

Attempt 2: Calculate HMAC-MD5 with null UUID as key

  • Implemented complete OpenSSL HMAC calculation
  • Result: Mismatch (empty string ≠ calculated hash)

Attempt 3: Send 17-byte packet without hash slot

  • Result: Server reads garbage from payload as hash

Attempt 4: Send non-sourced packets (no Local ID)

  • Result: Server can't identify sender, doesn't update "last heard"

Attempt 5: Send DomainListRequest as keep-alive

  • Result: Server responds but doesn't count as activity

Technical Achievements

Implemented

  1. Local ID Parsing Fix

    • Correct offset (34-35)
    • Little-endian byte order
    • Verified against server assignment

  2. HMAC-MD5 Implementation

    • OpenSSL integration
    • Proper hash calculation with UUID key
    • 16-byte slot reservation and payload relocation
    • Code is correct per Overte protocol spec

  3. Deep Protocol Understanding

    • NLPacket structure for sourced/non-sourced packets
    • HMAC verification flow in server code
    • Connection secret initialization (or lack thereof)
    • QDataStream serialization format

Blocked

  1. Connection Persistence
    • Cannot maintain connection beyond 18 seconds
    • Server-side HMAC configuration issue
    • Client implementation is correct

The Deadlock

Catch-22 Situation:

  1. Need sourced packets to update "last heard" timestamp
  2. Sourced packets have structure: [header(8)][hash(16)][payload...]
  3. Server tries to verify hash even though node has no HMAC configured
  4. Expected hash is empty string (null HMAC auth)
  5. Packet always has 16 bytes at hash offset
  6. Any value → mismatch → packet rejected
  7. Result: "Silent node" → killed after 16s

Possible Solutions (Not Implemented)

Server-Side Fixes

  1. Disable HMAC verification for Agent/Interface nodes
  2. Fix verification logic: if (auth && mismatch) instead of if (!auth || mismatch)
  3. Add Ping to NonVerifiedPackets list

Client-Side (Requires Protocol Knowledge)

  1. Find missing handshake that assigns real connection secret
  2. Request HMAC setup during DomainConnectRequest
  3. Connect to different server without HMAC requirement

Code Changes Made

Files Modified

  1. src/NLPacketCodec.cpp

    • Implemented writeVerificationHash() with OpenSSL HMAC-MD5
    • Fixed setSourceID() to properly size packet

  2. src/NLPacketCodec.hpp

    • Added writeVerificationHash() declaration

  3. src/OverteClient.cpp

    • Fixed Local ID parsing (offset 34, little-endian)
    • Added extensive debug logging
    • Experimented with hash insertion/removal

Documentation Updated

  1. docs/NETWORK_PROTOCOL_INVESTIGATION.md

    • Complete analysis of HMAC verification deadlock
    • Packet structure diagrams
    • Server source code references
    • Experiments and results

  2. README.md

    • Updated status to reflect HMAC issue
    • Added known issue section

  3. docs/CHANGELOG.md

    • Added November 10 changes
    • Documented Local ID fix
    • Listed HMAC implementation
    • Added known issues section

  4. docs/IMPLEMENTATION_COMPLETE.md

    • Updated status (not actually complete)
    • Listed blocked features

  5. docs/DEVELOPER_GUIDE.md

    • Added troubleshooting for "silent node" issue

Server Log Evidence

Successful Connection

Nov 10 01:46:22: Added "Agent" (I) {a072ebe8...}(22884)
Nov 10 01:46:22: Activating symmetric socket ("UDP ""127.0.0.1":54639)
Nov 10 01:46:22: Allowed connection from node a072ebe8... on "UDP ""127.0.0.1":54639

HMAC Rejection

Nov 10 01:46:28: Packet hash mismatch on 3 (Ping) - Sender QUuid({a072ebe8...})
Nov 10 01:46:28: Packet len: 33 Expected hash: "" Actual: "ed53c908b1e6df8834d127f28b701708"

Connection Termination

Nov 10 01:46:41: Removing silent node "Agent" (I) {a072ebe8...}(22884)
    Last Heard Microstamp: 1762757182529098 (18931993us ago)
Nov 10 01:46:41: Killed "Agent" (I) {a072ebe8...}(22884)

Recommendations

Immediate Next Steps

  1. Contact server administrator to disable HMAC verification or configure it properly
  2. Test with different Overte servers to see if this is universal or server-specific
  3. Analyze official client packets to find missing protocol step

Long-term Solutions

  1. Patch server to fix verification logic for nodes without HMAC
  2. Implement connection secret negotiation if such protocol exists
  3. Document HMAC requirements in Overte protocol specification

Conclusion

Client Status: Implementation complete and correct Server Status: Configuration issue prevents persistence Blocker: Server-side HMAC verification deadlock

The Starworld client correctly implements:

  • DomainConnectRequest handshake
  • Local ID parsing and assignment
  • Source ID in packet headers
  • HMAC-MD5 hash calculation
  • Packet structure per Overte protocol

The issue is NOT in our code but in the server's HMAC configuration. The server requires HMAC verification for sourced packets but doesn't initialize HMAC authentication for newly connected nodes, creating an impossible situation.

Time Invested: ~3-4 hours of debugging and protocol analysis Outcome: Root cause identified; requires server-side fix or configuration change

Files to Review Tomorrow

  • docs/NETWORK_PROTOCOL_INVESTIGATION.md - Full technical analysis
  • src/NLPacketCodec.cpp:125-160 - HMAC implementation
  • src/OverteClient.cpp:950-960 - Local ID parsing fix

Good night! 🌙

Reference in New Issue View Git Blame Copy Permalink