Each incoming request contains up to max_batch_up bytes of payload.
It's a multipart/form-data.
-Authentication: for now, plaintext password
+Authentication: for now, plaintext secret
Routing assistance: none in hippotat; can be requested on client
from userv-ipif via `vroutes' parameter. Use with secnet polypath
Used by server to select the appropriate parts of the
rest of the configuration. Ignored by the client.
- password
+ secret
Looked up in the usual way, but used by client and server to
determine which possible peerings to try to set up, and which to
ignore.
(LIMIT sections do not count.)
The server queue packets for, and accept requests from, each
- putative client for which the config search yields a password.
+ putative client for which the config search yields a secret.
Each client will create a local interface, and try to communicate
with the server, for each possible pair (putative server,
- putative client) for which the config search yields a password.
+ putative client) for which the config search yields a secret.
ipif
Command to run to create and communicate with local network
umask 077
-pd=/etc/hippotat/passwords.d
+pd=/etc/hippotat/secrets.d
test -d $pd || \
install -m 750 -o root -g Debian-hippotat -d $pd
b'Content-Type: text/plain; charset="utf-8"' + crlf +
b'Content-Disposition: form-data; name="m"' + crlf + crlf +
str(cl.c.client) .encode('ascii') + crlf +
- cl.c.password + crlf +
+ cl.c.secret + crlf +
str(cl.c.target_requests_outstanding)
.encode('ascii') + crlf +
str(cl.c.http_timeout) .encode('ascii') + crlf +
ci = ipaddr(ci_s)
desca['ci'] = ci
cl = clients[ci]
- if pw != cl.cc.password: raise ValueError('bad password')
+ if pw != cl.cc.secret: raise ValueError('bad secret')
desca['pwok']=True
if tro != cl.cc.target_requests_outstanding:
# [<client-ip4-or-ipv6-address>]
-# password = <password> # used by both, must match
+# secret = <secret> # used by both, must match
[LIMIT]
max_batch_down = 262144
cc.__dict__[key] = min(val,lim)
def cfg_process_client_common(cc,ss,cs,ci):
- # returns sections to search in, iff password is defined, otherwise None
+ # returns sections to search in, iff secret is defined, otherwise None
cc.ci = ci
sections = ['%s %s' % (ss,cs),
ss,
'COMMON']
- try: pwsection = cfg_search_section('password', sections)
+ try: pwsection = cfg_search_section('secret', sections)
except NoOptionError: return None
- pw = cfg1get(pwsection, 'password')
- cc.password = pw.encode('utf-8')
+ pw = cfg1get(pwsection, 'secret')
+ cc.secret = pw.encode('utf-8')
cfg_process_client_limited(cc,ss,sections,'target_requests_outstanding')
cfg_process_client_limited(cc,ss,sections,'http_timeout')
def read_defconfig():
readconfig('/etc/hippotat/config.d', False)
- readconfig('/etc/hippotat/passwords.d', False)
+ readconfig('/etc/hippotat/secrets.d', False)
readconfig('/etc/hippotat/master.cfg', False)
def oc_defconfig(od,os, value, op):
[SERVER]
server = chiark
-# -- in passwords.d/chiark-zealot (on zealot and chiark)
+# -- in secrets.d/chiark-zealot (on zealot and chiark)
[chiark 192.0.2.4]
-password = sesame
+secret = sesame
# zealot knows it's 192.0.2.4 because that's the only client
-# for which it has a password
+# for which it has a secret
[SERVER]
addrs = 203.0.113.46
-# -- in passwords.d/password (on both client and server)
+# -- in secrets.d/secret (on both client and server)
[172.24.230.195]
-password = sesame
+secret = sesame
# nc -n -v -l -p 8100 -c 'dd of=/dev/null'
[192.0.2.3]
-password = sesame
+secret = sesame
[192.0.2.3]
ipif = PATH=/usr/local/sbin:/sbin:/usr/sbin:$PATH really ./fake-userv /home/ian/things/Userv/userv-utils.git/ipif/service \* -- %(local)s,%(peer)s,%(mtu)s,slip '%(rnets)s'
# ./hippotat -D -c test.cfg
[192.0.2.4]
-#password = zorkmids
+#secret = zorkmids
# dd if=/dev/urandom bs=1024 count=16384 | nc -q 0 -n -v 192.0.2.1 8100