162 posts
Posted 03 May 2014 - 10:32 PM
I'm new to coding and thought I'd make an API dedicated to making coding a little easier. So far it just has a few functions based off of repetitive things I've been putting into code. If you can think of a function to add tell me.
Reset
Usage: apple.reset()
Clears the screen and if it's colored it changes the colors to default. Also sets cursor to top left.
Receive
Usage: if apple.receive(message, ID) then…
Waits for specified message then returns true. Can optionally wait for ID to send that message.
http API Check
Usage: if apple.httpCheck() then…
Will return true or false based off of whether or not the HTTP API is enabled.
File Merge
Usage: apple.fMerge(file1, file2)
Takes the contents of file1 and file2 then combines them and puts them back in file1.
pastebin get AqUvfNXi apple
Edited on 05 May 2014 - 06:56 AM
162 posts
Posted 03 May 2014 - 10:49 PM
Can you explain what this does?
162 posts
Posted 03 May 2014 - 11:45 PM
Can you explain what this does?
It's an API I'm making just for the sake of making coding relatively easier. For now it just has things that have come in use for things I'm making in my single player world which is why I want suggestions. The individual functions are explained above.
571 posts
Location
Some Fish Bowl in Ohio.
Posted 04 May 2014 - 12:42 AM
Add a check for http and color.
162 posts
Posted 04 May 2014 - 02:29 AM
Add a check for http and color.
It doesn't use the http API, the end is the pastebin code to get the program. It already checks for color when resetting to default colors.
EDIT: Now that I know what you originally meant, just thought I'd let you know term.isColor() already checks whether or not it's color.
Edited on 04 May 2014 - 08:08 PM
571 posts
Location
Some Fish Bowl in Ohio.
Posted 04 May 2014 - 02:56 AM
Add a check for http and color.
It doesn't use the http API, the end is the pastebin code to get the program. It already checks for color when resetting to default colors.
I meant add a function in your API to check for http.
162 posts
Posted 04 May 2014 - 03:59 AM
I meant add a function in your API to check for http.
Okay that makes more sense,
570 posts
Posted 04 May 2014 - 09:13 PM
I can imagine that this would come in handy when it has more functions. However, I don't think I'd want to ship my program with an API just to make my life easier. So perhaps you could write a tool that merges a program with your API? Speaking of which, you could make a file merging function.
162 posts
Posted 04 May 2014 - 09:46 PM
API updated. Added http api check function.
47 posts
Location
Quebec, Canada
Posted 04 May 2014 - 09:48 PM
Receive
Usage: if apple.receive(message) then…
Waits for specified message then returns true.
Advanced Receive
Usage: if apple.aReceive(id, message) then…
Waits for specified ID to send specified message.
Why don't you merge these functions in a single one instead ?
You could check whether the type of the first argument is a string, if so then
it is the message. Otherwise, if it is a number then it is the id.
function apple.receive(nId, sMessage)
if type(nId) == "number" and type(sMessage) == "string" then
--# Pauses until it receives a specified message from a specified id.
elseif type(nId) == "string" then
--# Pauses until it receives a specified message.
end
end
Another solution would be to check if the first argument is nil.
function apple.receive(nId, sMessage)
if nId == nil then
--# Wait for the specified message
elseif type(nId) == "number" and type(sMessage) == "string" then
--# Wait for the specified message from the specified id.
end
end
Edited on 04 May 2014 - 07:49 PM
162 posts
Posted 04 May 2014 - 09:52 PM
I can imagine that this would come in handy when it has more functions. However, I don't think I'd want to ship my program with an API just to make my life easier. So perhaps you could write a tool that merges a program with your API? Speaking of which, you could make a file merging function.
I'm still not 100% sure but one computercraft wiki look up later, it appears fs.combine() already does this, if I'm wrong please correct me.
Receive
Usage: if apple.receive(message) then…
Waits for specified message then returns true.
Advanced Receive
Usage: if apple.aReceive(id, message) then…
Waits for specified ID to send specified message.
Why don't you merge these functions in a single one instead ?
You could check whether the type of the first argument is a string, if so then
it is the message. Otherwise, if it is a number then it is the id.
function apple.receive(nId, sMessage)
if type(nId) == "number" and type(sMessage) == "string" then
--# Pauses until it receives a specified message from a specified id.
elseif type(nId) == "string" then
--# Pauses until it receives a specified message.
end
end
Another solution would be to check if the first argument is nil.
function apple.receive(nId, sMessage)
if nId == nil then
--# Wait for the specified message
elseif type(nId) == "number" and type(sMessage) == "string" then
--# Wait for the specified message from the specified id.
end
end
That, is actually extremely useful thank you. I'll get started on that right now.
EDIT: Updated program.
Edited on 04 May 2014 - 08:04 PM
1140 posts
Location
Kaunas, Lithuania
Posted 04 May 2014 - 10:00 PM
I'm still not 100% sure but one computercraft wiki look up later, it appears fs.combine() already does this, if I'm wrong please correct me.
fs.combine takes two strings (paths) and adds (concatenates) them the correct way:
print( fs.combine( "test\\//" , "\\\\my folder/file.txt/////" ) ) -->> 'test/my folder/file.txt'
995 posts
Location
Canada
Posted 04 May 2014 - 10:04 PM
How can you know for sure which computer a message comes from, when you can spoof your id?
162 posts
Posted 04 May 2014 - 11:00 PM
How can you know for sure which computer a message comes from, when you can spoof your id?
I don't quite think you can fake an ID, but even if you can, this isn't really a security program, that function simply checks if it received a certain message, from a certain ID if you choose to add the ID it should come from.
I'm still not 100% sure but one computercraft wiki look up later, it appears fs.combine() already does this, if I'm wrong please correct me.
fs.combine takes two strings (paths) and adds (concatenates) them the correct way:
print( fs.combine( "test\\//" , "\\\\my folder/file.txt/////" ) ) -->> 'test/my folder/file.txt'
I'm still not 100% sure but one computercraft wiki look up later, it appears fs.combine() already does this, if I'm wrong please correct me.
fs.combine takes two strings (paths) and adds (concatenates) them the correct way:
print( fs.combine( "test\\//" , "\\\\my folder/file.txt/////" ) ) -->> 'test/my folder/file.txt'
Thank you for telling me. I'll get to work on that file merge that was suggested then.
88 posts
Posted 05 May 2014 - 12:23 AM
You can spoof an ID, quite easily. (I think, unless 1.6 removed that?) But even so, adding the necessary security to check would be extensive and unnecessary on both the API and the Client.
7083 posts
Location
Tasmania (AU)
Posted 05 May 2014 - 12:33 AM
CC 1.6 didn't change that and it's unlikely it'll ever change.
The idea is that what the RedNet API calls an "ID" is actually a modem channel, and users can send / receive using pretty much whatever channel they like by accessing the modem API directly. This means that anyone on your wired network, or in range of your wireless network, can intercept and read a copy of any messages they like (regardless as to where you wanted to send them), and they can send messages out as though they owned a computer with any ID they like (regardless as to whether the computers they have access to have those IDs).
162 posts
Posted 05 May 2014 - 08:58 AM
Updated program. Wasn't 100% sure how to put in Lignum's file merge idea but here's what I came up with! Any more ideas would be greatly appreciated.
EDIT: Well. I say program. It's an API.
EDIT#2: Y'know, now that I think about it, the HTTP API check is fairy useless because if you have an API from the internet then you more than likely used the pastebin function from HTTP API to get it. Unless you were too lazy to go into the config and decided to copy/paste the pastebin instead…
EDIT#3: Actually, I would assume typing 'apis' into the shell would tell you if HTTP API is enabled or not, considering if it is, it'll show up, if it isn't, it won't be listed. That actually leads me to a question, why is HTTP API default turned off?
Edited on 05 May 2014 - 07:58 AM
197 posts
Location
Czech Republic
Posted 05 May 2014 - 10:00 AM
I understand that this could be useful to you. However, I don't see any point in posting it here as this is fairly simple to do yourself and it doesn't have any real complex functions…
570 posts
Posted 05 May 2014 - 03:19 PM
That actually leads me to a question, why is HTTP API default turned off?
Since ComputerCraft 1.63 it's on by default, however there is a whitelist for accessible domains.
162 posts
Posted 05 May 2014 - 11:29 PM
I understand that this could be useful to you. However, I don't see any point in posting it here as this is fairly simple to do yourself and it doesn't have any real complex functions…
Well that's why it's here, I can't think of much to put in it so I want suggestions. Suggest something complex and I'll try my best to put it in.
47 posts
Location
Quebec, Canada
Posted 06 May 2014 - 02:58 AM
You can spoof an ID, quite easily. (I think, unless 1.6 removed that?) But even so, adding the necessary security to check would be extensive and unnecessary on both the API and the Client.
CC 1.6 didn't change that and it's unlikely it'll ever change.
The idea is that what the RedNet API calls an "ID" is actually a modem channel, and users can send / receive using pretty much whatever channel they like by accessing the modem API directly. This means that anyone on your wired network, or in range of your wireless network, can intercept and read a copy of any messages they like (regardless as to where you wanted to send them), and they can send messages out as though they owned a computer with any ID they like (regardless as to whether the computers they have access to have those IDs).
While it IS possible to spoof an id, Computercraft 1.6 added hostnames and protocols. They could be used in some way that prevents a computer from receiving a message from a potentially harmful computer, as you can find which computer id is bound to a specific hostname and as a hostname can only be used ONCE on the same protocol. You could subscribe your computer(s) to a protocol and encourage your friends to do the same. That way, you will always know you're receiving messages to them. Sending private messages is going to be a more diffult task though, I fear.
162 posts
Posted 06 May 2014 - 12:59 PM
–Cut out text stuffs.
Your profile picture…… It's Link… Wearing a headset…. Something about that is just overwhelmingly awesome to me.
1140 posts
Location
Kaunas, Lithuania
Posted 07 May 2014 - 05:51 PM
While it IS possible to spoof an id, Computercraft 1.6 added hostnames and protocols. They could be used in some way that prevents a computer from receiving a message from a potentially harmful computer, as you can find which computer id is bound to a specific hostname and as a hostname can only be used ONCE on the same protocol. You could subscribe your computer(s) to a protocol and encourage your friends to do the same. That way, you will always know you're receiving messages to them. Sending private messages is going to be a more diffult task though, I fear.
But it is still
possible to spoof hostnames and protocols. They were added to the Rednet itself, not to the modem. It means that you can still get messages with hostnames and protocols and 'hack' those or pretend to be a certain hostname, etc…
1610 posts
Posted 11 May 2014 - 04:23 PM
While it IS possible to spoof an id, Computercraft 1.6 added hostnames and protocols. They could be used in some way that prevents a computer from receiving a message from a potentially harmful computer, as you can find which computer id is bound to a specific hostname and as a hostname can only be used ONCE on the same protocol. You could subscribe your computer(s) to a protocol and encourage your friends to do the same. That way, you will always know you're receiving messages to them. Sending private messages is going to be a more diffult task though, I fear.
But it is still
possible to spoof hostnames and protocols. They were added to the Rednet itself, not to the modem. It means that you can still get messages with hostnames and protocols and 'hack' those or pretend to be a certain hostname, etc…
Overall, rednet is never going to be 100% secure and reliable. Because of how open lua is, you will always be able to change the functions to do whatever you want.
162 posts
Posted 12 May 2014 - 07:51 AM
I absolutely love how this thread has derailed from it's original topic to the security of rednet.
17 posts
Posted 25 May 2014 - 11:39 PM
I absolutely love how this thread has derailed from it's original topic to the security of rednet.
This
is the Internet…
162 posts
Posted 01 June 2014 - 12:39 PM
This is the Internet…
True. Very true.