Re: Are SOs automatically reconnected?

> Hello list,
>
> I'm trying to figure out some unusual activity on my server.
>
> If I lose connection to the server while connected to a shared object,
> then reconnect the server, is the shared object automatically reconnected,
> too? This is flash.
>
> The background is the following: For a long time I didn't have any
> security for the actual messages being exchanged in my chat room. Now
> lately someone has started to inject RTMP packets (I have no clue how)
> into the data stream between server and chat applet.
>
> So I've started to sign the communication packets, so they could not be
> spoofed. As a result, the person has started to just copy packets, to spam
> things.
>
> Since both the messages and the signature contain the connection ID I've
> started to match the sent connection ID against the real one in
> onSharedObjectSend().
>
> Now some warnings appear for spoofed messages, which COULD be a race
> condition on reconnect. If the client reconnects. It receives the
> new connection ID from the server and should not do anything before that.
> But if SOs would be automatically reconnected, some of the SO functions
> could fire with the old ID. This does sound unlikely, but some of the
> spoofing attempts come from an internal message type, which is triggered a
> lot through the SO and makes very little sense to mess with. ;)
>
> tl;dr: see second paragraph. ;)
>
> Thanks,
>
> Thomas
>
> _______________________________________________
> Red5 mailing list
> Red5@...
> http://osflash.org/mailman/listinfo/red5_osflash.org
>
>
>
> --
> Internal Virus Database is out-of-date.
> Checked by AVG. Version: 7.5.560 / Virus Database: 270.12.26/2116 -
> Release Date: 15-05-09 06:16
>