feat: support mcosu clients #641
Conversation
kiwec
requested review from
cmyui,
skrungly,
NiceAesth,
tsunyoku and
7mochi
as code owners
for more information, see https://pre-commit.ci
|
before going into the debate of if we want to support this or not. let's say we do. is the same header present on score submission? also, how can we assure that a user isn't going to just modify the source code to not pass these headers? i have a few concerns about allowing these clients to connect at all -- and regardless of if we agree to allowing them to be supported in the code, how are we going to enforce literally anything? it's an open source client without any real guarantees (lack of anticheat etc.) so we are kind of stuck in a rock between a hard place here |
No. The clients respect the If you really want to detect McOsu in score submission, it names the replay "mcosu-replay.osr".
You can't. The point of this PR is to let the clients who do pass the headers respect the admin's wishes.
This is also an open source server, any anticheat features implemented here would be visible to all, which I wouldn't recommend. However, McOsu clients behave quite differently from stable in many ways, and you could detect that and ban them if necessary. |
|
yeah i understand, i'm just afraid that we're opening a bit of a can of worms here... |
|
|
| headers={"cho-token": login_data["osu_token"]}, | ||
| headers={ | ||
| "cho-token": login_data["osu_token"], | ||
| "x-mcosu-features": f"submit={1 if app.settings.ALLOW_MCOSU_SCORES else 0}", |
There was a problem hiding this comment.
Would more features be added in the future, and what's the serialization format for these if so?
Could we extract that into a function? e.g.:
def write_mcosu_features_header(allow_submission: bool) -> str:
...headers={"x-mcosu-features": write_mcosu_features_header(allow_submission=True)}There was a problem hiding this comment.
The format is x-mcosu-features: foo=0 bar=1.
I don't plan on adding more than submit, but if servers admin request it, you could disable some McOsu features independently, for example:
- FPS mode, VR mode
- Multiplayer lobbies
- Joining/talking in chat
- Fetching online leaderboards
- Spectating players (not implemented right now)
You could also use it to signal the server supports custom protocol packets, eg. for experimental mods, but I doubt people are interested in that.
Since right now it's just submit, extracting it in a function is overkill :p
Do you mean this as in that McOsu by default is capable of connecting to private servers, and this layer of control would provide the best it could in terms of controlling McOsu's behavior? That sounds quite bad to me, I would not want such thing to exist as it makes it viable for anyone to fairly easy tamper with the intended game experience, adding cheats and whatnot in comparison to the obfuscation etc. the normal osu client provides. I'd rather ask you to remove this functionality from McOsu because let's be real, I feel like this will be used for more bad than good long-term. I mean yeah, score submission is disabled by default, but nothing's probably easier than bypassing that. And also, for the official osu! client we can be 100% sure that there won't be any game-altering or game-breaking issues, I'm not so sure I would want to rely on some 3rd party open-source software. What if McOsu has a bug that alters the game functionality and "bad" scores submit? That's stuff out of control, and stuff that feels like there's too little of an insurance things go as intended. For me as a private server owner the goal would be to try block McOsu as much as possible, and I think most server owners, including the ones you advertise on your website, would probably go with that as well, rendering this functionality pretty useless. I also feel like this drifts far off what McOsu is supposed to be, I don't really get the idea of trying to enter territory you shouldn't. |
osu!lazer is open source, osu!stable had its source code leaked also. I'm sure if the cheat apocalypse were to happen, it would've happened already. McOsu having open-source multiplayer is a net positive, when stable is frozen in time and lazer is heading into an unknown direction. It will give players the freedom to play the way they want, not the way peppy wants.
Oh yeah, let me just erase 2 months of work because you want to. lol, no.
I would store the client version on each score (along with other anti-cheat-related data). That way you can easily hide these scores from the leaderboards if need be. Surely people don't run server software without adding any anti-cheat code? That would be insane.
Prior to release, I've messaged the server owners, or else I wouldn't have listed them on the website. EZPPFarm was the only one to approve of score submission, but the others have approved the rest of multiplayer features (hence the default settings). You have to understand that I'm doing this in the most open way possible. This PR is to give more options to server admins, in the default state where people naturally cooperate with each other. It's designed specifically for you so you can block McOsu clients easily. The other route was mimicking stable 1:1 and not asking any admins for their opinion.
McKay also doesn't want to deal with multiplayer. But this isn't "forbidden" territory. The game is open source. |
saying peppy decides the direction lazer goes is kinda crazy ngl |
they also enforce a client-side anticheat. this is not a fair comparison |
|
As far as I am concerned, this is very low priority for review but I would have appreciated changes like this which introduce new behaviour to be discussed beforehand. Keeping that in mind, I do believe that this does not fall under our responsibility and I very much disagree with the approach of introducing new client-specific checks. |
with all due respect to you and the owner of EZPPFarm, me and probably others are not really surprised that they agreed. They're i think the most outlying server out of all private servers since they already do custom clients and are overall not really a good orientation to what other servers think. WIth this being said, while i really understand and appreciate the thought of making more clients accessable to the game and servers, i do not think it's a good fit for here because of the concerns raised during this discussion. |
|
Me and a maintainer briefly discussed this, and figured it might make more sense to implement this kind of support via an existing methology, rather than dedicating the functionality in banchopy. It is supposed to be a pretty general osu! server implementation, without any special shenanigans for some custom clients. IMO, consider using something like the lastfm.php endpoint, and send a flag for someone using McOsu with score-submission or similar in there so that it can be seemlessly blocked there, without adding a lot of fanfare. if flags & (LastFMFlags.MCOSU_SCORE_SUB | LastFMFlags.MCOSU_MULTI): # or maybe even a general LastFMFlags.MCOSU
player.logout()To me personally that'd seem like an acceptable approach, and makes private servers capable of blocking McOsu easily. |
|
This clearly isn't getting merged, no need to keep this open. |
Describe your changes
Added some configuration options so server owners can easily tell McOsu clients how to behave.
Defaults match how the clients behave when a server doesn't signal anything: you can connect, but not submit scores.
Related Issues / Projects
https://mcosu.kiwec.net
I'm releasing the score submission build tomorrow - code is already available on the v34.02 branch.
Checklist