So latest GServerV2 is 2.4.0 that was released in february 2011?

Maybe we should think about a new release.
But did not try to rebuild GServer yet… maybe I should.

Lol OK. Thinking about it now.

you’re more than welcome to work on it

I wanted to assign that task to 2ndwolf though…

I guess the hard part is to go through the log since february 2011 to build a changelog?
I might try to do that part… (should I just kept my mouth shut?)

I sure see deprecated warnings when compiling (without boost).
If I go that way, I would probably have to test with MinGW to see if it does not make things incompatibles.
I guess an official need to be compiled with BOOST to handle multiple GServer on one site.
Edit: Most are about appending _s to normally insecure functions like strcpy to secured functions.
Looks like there is lib for that for GCC:
But I wonder if these are not part of GCC now… if it is C11… I did not follow really about C11.

I wonder if we should go to take premake 5 that is in alpha to generate VS 2013 solution file.
For me, letting VS convert 2010 to 2013 has work fine… we are using premake 4.3 and 4.4 is still marked beta.

Switching to newer premake aint gonna fix shit.

its open source so hell they could both work on it lol

New gserver release won’t be our saving grace.

it won’t but it will be interesting to see what people can do with it

Well, I believe it would be more appropriate to say that I am illegaly modifiying and republising the published code than to say that it is open-source, which would suggest some license give me the right to do what I do.

There is in fact a license that allows you to edit the gserver.

I just searched it, and did not found it. Except for the libraries we use. As far as I remember, this is a delicate subject.
Edit: Oh I see: on the the project is marked to the left as being under GPLv2, and seems to cover all the code there. Hum… ok.

While you’re at it, please make modifications to allow us to write to text files, that’d be great thanks. Nalin said it’d be too greater security risk but if you restricted it to just one isolated folder it’d be fine.
You can do great things, I believe in you!

If that is done wrong then you are giving write permissions on the computer to pretty much anyone who can upload a NPC. At which point the gserver turns into a backdoor.

Sounds like you’d need to be pretty incompetent as a programmer to allow such a fault in security. Surely some ‘trivial’ restrictions would easily cover such a hole.

That’s what you say up until you get hacked

So if we came up with the solution of limiting writing to a fixed directory and stripping file names of any file navigation syntax i.e. triggeraction 0,0,gr.writeToFile,sample.txt,“Hello world.”;
We’re going to say that it’s too insecure?
Not to derail this thread too far off track but I’d appreciate an explanation about such things.

I’m not saying don’t do it. I’m saying don’t fuck it up. I’m also not sure why you are demanding an explanation for my skepticism towards a potential security flaw.

Well, to clarify, the basic idea of a release is for people to easily download a version without having to git clone a repository and building it themselves.
So that people use something near what developers have/use (with bugs fixed and new features).
But, the idea of a release do indeed give the opportunity to fix/add some simple stuff before releasing.
For me, that means:

Is there a good reason why client v2.2.2 is the default rather than v2.3.1?
Maybe allow both by default?

2.3 had some annoying ‘player-z’ bugs…

Also I just the gserver built on my machine :o

Edit: After inspecting the triggerhack code, it turns out you can already read and write to the log directory lol.