| | 1 | Server maintains a queue of outbound packets for each user |
| | 2 | |
| | 3 | Packets which are older than the applicable max_queue_time are discarded |
| | 4 | |
| | 5 | Each incoming request to the server takes up to max_batch_down bytes |
| | 6 | from the queue and returns them as the POST response body payload |
| | 7 | |
| | 8 | Each incoming request contains up to max_batch_up bytes of payload. |
| | 9 | It's a multipart/form-data. |
| | 10 | |
| | 11 | Authentication: clock-based lifetime-limited bearer tokens. |
| | 12 | |
| | 13 | Encryption and integrity checking: none. Use a real VPN over this! |
| | 14 | |
| | 15 | Routing assistance: none in hippotat; can be requested on client |
| | 16 | from userv-ipif via `vroutes' parameter. Use with secnet polypath |
| | 17 | ideally uses the special support in secnet 0.4.x. |
| | 18 | |
| | 19 | Client form parameters (multipart/form-data): |
| | 20 | m metadata, newline-separated list (text file) of |
| | 21 | client ip address (textual) |
| | 22 | token |
| | 23 | target_requests_outstanding |
| | 24 | http_timeout |
| | 25 | d data (SLIP format, with SLIP_ESC and `-' swapped) |
| | 26 | |
| | 27 | |
| | 28 | Authentication token is: |
| | 29 | <time_t in hex with no leading 0s> <hmac in base64> |
| | 30 | (separated by a single space). The hmac is |
| | 31 | HMAC(secret, <time_t in hex>) |
| | 32 | |
| | 33 | |
| | 34 | Possible future nonce-based authentication: |
| | 35 | |
| | 36 | server keeps big nonce counter for each client |
| | 37 | meaning is: |
| | 38 | nonce counter is most recent nonce client has sent |
| | 39 | also server keeps bitmap of the previous ?64 nonces, |
| | 40 | whether client has sent them |
| | 41 | |
| | 42 | client picks.... xxx |
~mdw / hippotat / blame_incremental