m2dev-server/docs/healthchecks.md

Healthchecks

This repository contains the operational wrapper for the headless login healthcheck. The underlying smoke client lives in m2dev-server-src.

What Exists

Source repository:

• tests/login_smoke.cpp
• binary target: metin_login_smoke

Runtime repository:

• deploy/healthcheck/metin-login-healthcheck.sh

Installed on the VPS:

• /usr/local/sbin/metin-login-healthcheck

What The Headless Healthcheck Verifies

The check performs the real two-step Metin login flow without a GUI client and then exercises the in-game mall open path:

1. Connect to the auth socket.
2. Complete the secure handshake.
3. Send login credentials.
4. Receive AUTH_SUCCESS and the login key.
5. Open a second connection to the channel socket.
6. Complete the secure handshake again.
7. Send LOGIN2 with login + login_key.
8. Verify EMPIRE.
9. Verify LOGIN_SUCCESS4.
10. Select a character slot.
11. Send ENTERGAME.
12. Verify MAIN_CHARACTER, PHASE_GAME, TIME, and CHANNEL.
13. Send /mall_password 000000 through the encrypted chat path.
14. Verify MALL_OPEN.

This is an end-to-end gameplay-path verification, not just a TCP port check.

How The Wrapper Works

metin-login-healthcheck.sh does the following:

• creates a temporary account in MariaDB
• lets metin_login_smoke create a temporary character when the account is empty
• runs metin_login_smoke
• verifies a successful auth + channel + ENTERGAME flow
• verifies that the shared safebox/mall DB load bootstrap can open the mall with the default empty password
• deletes the temporary account and temporary character rows on exit
• passes the configured client version expected by the server

It is intended for manual admin use on the VPS.

Usage

On the VPS:

ssh mt2
/usr/local/sbin/metin-login-healthcheck

The smoke binary can also be run directly:

sudo -iu mt2.jakubkadlec.dev \
  /home/mt2.jakubkadlec.dev/metin/build/server-src/bin/metin_login_smoke \
  173.249.9.66 11000 11011 <login> <password>

Or with password passed through the environment:

sudo -iu mt2.jakubkadlec.dev env METIN_LOGIN_SMOKE_PASSWORD='<password>' \
  /home/mt2.jakubkadlec.dev/metin/build/server-src/bin/metin_login_smoke \
  173.249.9.66 11000 11011 <login> --password-env=METIN_LOGIN_SMOKE_PASSWORD

If you want the smoke client to create a temporary character when the account is empty:

sudo -iu mt2.jakubkadlec.dev env METIN_LOGIN_SMOKE_PASSWORD='<password>' \
  /home/mt2.jakubkadlec.dev/metin/build/server-src/bin/metin_login_smoke \
  173.249.9.66 11000 11011 <login> --password-env=METIN_LOGIN_SMOKE_PASSWORD \
  --create-character-name=smoketestchar \
  --client-version=1215955205 \
  --mall-password=000000

Useful direct flags:

• --json returns a machine-readable summary including timings and emitted events
• --expect-auth-failure=STATUS treats an auth failure such as NOID or WRONGPWD as a successful negative test
• --expect-channel-failure=STATUS treats a channel failure as a successful negative test
• --mall-password=PASSWORD after ENTERGAME, opens the in-game mall via encrypted chat command and verifies MALL_OPEN

Example negative auth test:

sudo -iu mt2.jakubkadlec.dev env METIN_LOGIN_SMOKE_PASSWORD='wrongpass' \
  /home/mt2.jakubkadlec.dev/metin/build/server-src/bin/metin_login_smoke \
  173.249.9.66 11000 11011 someuser --password-env=METIN_LOGIN_SMOKE_PASSWORD \
  --expect-auth-failure=WRONGPWD --json

Security Notes

This does not open a new public network surface. It is a local operational tool.

Current guardrails:

• no new listening port
• root-only installed wrapper (/usr/local/sbin/metin-login-healthcheck, mode 700)
• temporary credentials
• cleanup trap removes the test account
• wrapper passes the password through environment instead of command-line plaintext
• secrets are not committed to git

Remaining trust boundary:

• anyone with effective root access can still inspect or run the check
• therefore this tool assumes root is already trusted