sanctuary-zero
sanctuary-zero copied to clipboard
inconsistency in chatroom ID generated at client side
Since the chatroom generated on new user login are generated at random. there may occur a clash, In such an event two users may land up in the same chatroom without explicitly joining. To create such a condition try replacing the function randgene in cnew.py to give a constant chatroom ID. Possible solution can be generating the chatroom ID from server side. Please correct, if I am wrong.
Possible solution can be generating the chatroom ID from server side. Please correct, if I am wrong.
That is a very intelligent solution to the problem. We would want to do that so that the server would create and send an ID which has not been created before. Albeit the chances of having a clash is very small (about 1 in 4,294,967,296) but it is never zero. This is a valid issue. Would you want to work on it?
A possible solution could be changing the ID generation algorithm. Maybe using, for example, sha256 for generating new ids? Of course that would make the chatroom id a lot more tedious to share, but it would lower the clashing probabilities by a lot.
I had that concern previously too. The uniqueness of SHA256 is impressive (about 1 in 340,282,366,920,938,463,463,374,607,431,768,211,456) but this comes at the cost of having to share a 32 characters long string as the chatroom identity. Already, the Fernet password is nearly as long so we could do with some lesser length but greater control at the server's end.
Possible solution can be generating the chatroom ID from server side. Please correct, if I am wrong.
That is a very intelligent solution to the problem. We would want to do that so that the server would create and send an ID which has not been created before. Albeit the chances of having a clash is very small (about 1 in 4,294,967,296) but it is never zero. This is a valid issue. Would you want to work on it?
Yes, you can assign it to me
There you go. @adhyay2000. I have assigned this issue to you.
I have modified the code to have a server side verification and registration. The server also maintain a list of available chatrooms that can be used to restrict the same named chatroom.
please review the code and provide feedback.