prudp: Support legacy NEX 1 clients

prudp_endpoint.go

@@ -24,6 +24,7 @@ type PRUDPEndPoint struct {
 	ServerAccount                *Account
 	AccountDetailsByPID          func(pid *types.PID) (*Account, *Error)
 	AccountDetailsByUsername     func(username string) (*Account, *Error)
+	IsSecureEndpoint             bool
 }
 
 // RegisterServiceProtocol registers a NEX service with the endpoint
@@ -289,10 +290,25 @@ func (pep *PRUDPEndPoint) handleConnect(packet PRUDPPacketInterface) {
 
 	payload := make([]byte, 0)
 
-	if len(packet.Payload()) != 0 {
-		sessionKey, pid, checkValue, err := pep.readKerberosTicket(packet.Payload())
+	if pep.IsSecureEndpoint {
+		var decryptedPayload []byte
+		if pep.Server.PRUDPV0Settings.EncryptedConnect {
+			decryptedPayload = packet.decryptPayload()
+
+		} else {
+			decryptedPayload = packet.Payload()
+		}
+
+		decompressedPayload, err := connection.StreamSettings.CompressionAlgorithm.Decompress(decryptedPayload)
 		if err != nil {
 			logger.Error(err.Error())
+			return
+		}
+
+		sessionKey, pid, checkValue, err := pep.readKerberosTicket(decompressedPayload)
+		if err != nil {
+			logger.Error(err.Error())
+			return
 		}
 
 		connection.SetPID(pid)
@@ -311,7 +327,24 @@ func (pep *PRUDPEndPoint) handleConnect(packet PRUDPPacketInterface) {
 		payload = stream.Bytes()
 	}
 
-	ack.SetPayload(payload)
+	compressedPayload, err := connection.StreamSettings.CompressionAlgorithm.Compress(payload)
+	if err != nil {
+		logger.Error(err.Error())
+		return
+	}
+
+	var encryptedPayload []byte
+	if pep.Server.PRUDPV0Settings.EncryptedConnect {
+		encryptedPayload, err = connection.StreamSettings.EncryptionAlgorithm.Encrypt(compressedPayload)
+		if err != nil {
+			logger.Error(err.Error())
+			return
+		}
+	} else {
+		encryptedPayload = compressedPayload
+	}
+
+	ack.SetPayload(encryptedPayload)
 	ack.setSignature(ack.calculateSignature([]byte{}, packet.getConnectionSignature()))
 
 	pep.emit("connect", ack)
@@ -645,5 +678,6 @@ func NewPRUDPEndPoint(streamID uint8) *PRUDPEndPoint {
 		packetEventHandlers:          make(map[string][]func(PacketInterface)),
 		connectionEndedEventHandlers: make([]func(connection *PRUDPConnection), 0),
 		ConnectionIDCounter:          NewCounter[uint32](0),
+		IsSecureEndpoint:             false,
 	}
 }

prudp_packet_v0.go

@@ -309,7 +309,7 @@ func defaultPRUDPv0ConnectionSignature(packet *PRUDPPacketV0, addr net.Addr) ([]
 }
 
 func defaultPRUDPv0CalculateSignature(packet *PRUDPPacketV0, sessionKey, connectionSignature []byte) []byte {
-	if !packet.server.PRUDPV0Settings.IsQuazalMode {
+	if !packet.server.PRUDPV0Settings.LegacyConnectionSignature {
 		if packet.packetType == DataPacket {
 			return packet.server.PRUDPV0Settings.DataSignatureCalculator(packet, sessionKey)
 		}

prudp_v0_settings.go

@@ -7,6 +7,8 @@ import "net"
 // PRUDPV0Settings defines settings for how to handle aspects of PRUDPv0 packets
 type PRUDPV0Settings struct {
 	IsQuazalMode                  bool
+	EncryptedConnect              bool
+	LegacyConnectionSignature     bool
 	UseEnhancedChecksum           bool
 	ConnectionSignatureCalculator func(packet *PRUDPPacketV0, addr net.Addr) ([]byte, error)
 	SignatureCalculator           func(packet *PRUDPPacketV0, sessionKey, connectionSignature []byte) []byte
@@ -18,6 +20,8 @@ type PRUDPV0Settings struct {
 func NewPRUDPV0Settings() *PRUDPV0Settings {
 	return &PRUDPV0Settings{
 		IsQuazalMode:                  false,
+		EncryptedConnect:              false,
+		LegacyConnectionSignature:     false,
 		UseEnhancedChecksum:           false,
 		ConnectionSignatureCalculator: defaultPRUDPv0ConnectionSignature,
 		SignatureCalculator:           defaultPRUDPv0CalculateSignature,