Create game prior to authenticate
Options
I have been plagued by a bug with game creation and joining pretty much since I started using Photon. Today I finally found the bug. If I am correct it could suggest a bigger problem in Photon.
The issue was reproducible using the Unity3d editor with the .NET client and a Load Balancing Server. I have a shortcut to connect to the server and create a game when I run the editor. I found that if you wait until the client is connected to the server, but then change focus off the editor before or during the game creation, the game would be infected with a logical problem preventing other players from joining. Once a user joins a game they get added to a list of joining players and they are supposed to be removed once the join is complete. The removal is performed by an id comparison, but it fails if the user's id has changed in between connecting and creating the game.
In this case, what was happening is that the command to create the game was arriving after the ConnectedToMasterServer state but before Authenticated. Prior to Authentication the user id is null so the game would be created with a null user joining that would never be removed.
The problem can be fixed by waiting until after the state reaches Authenticated to create a game, which is perfectly reasonable. Although this problem has made me wonder why it is possible to create a game prior to authentication. This seems like a security breach.
The issue was reproducible using the Unity3d editor with the .NET client and a Load Balancing Server. I have a shortcut to connect to the server and create a game when I run the editor. I found that if you wait until the client is connected to the server, but then change focus off the editor before or during the game creation, the game would be infected with a logical problem preventing other players from joining. Once a user joins a game they get added to a list of joining players and they are supposed to be removed once the join is complete. The removal is performed by an id comparison, but it fails if the user's id has changed in between connecting and creating the game.
In this case, what was happening is that the command to create the game was arriving after the ConnectedToMasterServer state but before Authenticated. Prior to Authentication the user id is null so the game would be created with a null user joining that would never be removed.
2015-03-09 17:19:01,447 [10] DEBUG Photon.LoadBalancing.MasterServer.Lobby.GameState [(null)] - Added peer: gameId=DevelopmentBattle, userId=, joiningPeers=1
2015-03-09 17:19:01,744 [17] DEBUG Photon.LoadBalancing.MasterServer.Lobby.GameState [(null)] - User joined on game server: gameId=DevelopmentBattle, userId=DreadTalon 2015-03-09 17:19:01,744 [17] DEBUG Photon.LoadBalancing.MasterServer.Lobby.GameState [(null)] - User not found in joining list: gameId=DevelopmentBattle, userId=DreadTalon
The problem can be fixed by waiting until after the state reaches Authenticated to create a game, which is perfectly reasonable. Although this problem has made me wonder why it is possible to create a game prior to authentication. This seems like a security breach.
0
Comments
-
That is an interesting find! This definitely looks like a problem we should avoid/fix.
I will point my server colleagues to this post. They don't check the DotNet forum obviously.
Give us another few days for evaluation. I hope we can give you feedback soon.
In worst case, I will simply disable OpCreateGame until the client side is authenticated.0
