1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
Server maintains a queue of outbound packets for each user
Packets which are older than the applicable max_queue_time are discarded
Each incoming request to the server takes up to max_batch_down bytes
from the queue and returns them as the POST response body payload
Each incoming request contains up to max_batch_up bytes of payload.
It's a multipart/form-data.
Authentication: clock-based lifetime-limited bearer tokens.
Encryption and integrity checking: none. Use a real VPN over this!
Routing assistance: none in hippotat; can be requested on client
from userv-ipif via `vroutes' parameter. Use with secnet polypath
ideally uses the special support in secnet 0.4.x.
Client form parameters (multipart/form-data):
m metadata, newline-separated list (text file) of
client ip address (textual)
token
target_requests_outstanding
http_timeout
mtu } not supplied
max_batch_down } by older
max_batch_up } clients
d data (SLIP format, with SLIP_ESC and `-' swapped)
Authentication token is:
<time_t in hex with no leading 0s> <hmac in base64>
(separated by a single space). The hmac is
HMAC(secret, <time_t in hex>)
and the hash function is SHA256
Possible future nonce-based authentication:
server keeps big nonce counter for each client
meaning is:
nonce counter is most recent nonce client has sent
also server keeps bitmap of the previous ?64 nonces,
whether client has sent them
difficult because client-generated nonces would have to never go
backwaards which basically means never-rewinding state on the client.
|
