wip

diff --git a/PROTOCOL b/PROTOCOL
index c1ef03b..6b12e4f 100644 (file)
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -18,3 +18,15 @@ Client form parameters (multipart/form-data):
                        password
                        target_requests_outstanding
  d              data (SLIP format)
+
+
+
+Future nonce-based authentication:
+
+server keeps big nonce counter for each client
+meaning is:
+ nonce counter is most recent nonce client has sent
+also server keeps bitmap of the previous ?64 nonces,
+ whether client has sent them
+
+client picks.... xxx

diff --git a/server b/server
index d36a84e..b746bc2 100755 (executable)
--- a/server
+++ b/server
@@ -136,28 +136,20 @@ class IphttpResource(twisted.web.resource.Resource):
   isLeaf = True
   def render_POST(self, request):
     # find client, update config, etc.
-    ci = ipaddr(request.args['i'])
-    c = clients[ci]
-    pw = request.args['pw']
-    if pw != c.pw: raise ValueError('bad password')
-
-    # update config
-    
-    xxx check sanity, do not update
-    for r, w in (('mbd', 'max_batch_down'),
-                 ('mqt', 'max_queue_time'),
-                 ('mrt', 'max_request_time'),
-                 ('tro', 'target_requests_outstanding')):
-      try: v = request.args[r]
-      except KeyError: continue
-      v = int(v)
-      c.__dict__[w] = v
+    metadata = request.args['m']
+    (ci_s, pw, tro) = metadata.split(b'\n')[0:3]
+    ci = ipaddr(ci_s])
+    cl = clients[ci]
+    if pw != cl.pw: raise ValueError('bad password')
+
+    if pw != cl.target_requests_outstanding:
+      raise ...
 
     try: d = request.args['d']
     except KeyError: d = ''
 
-    c.process_arriving_data(d)
-    c.new_request(request)
+    cl.process_arriving_data(d)
+    cl.new_request(request)
 
   def render_GET(self, request):
     return b'<html><body>hippotat</body></html>'