From 1672ded0fa4c22a2c13cbe9f80baaf3f939bd5fa Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Wed, 22 Mar 2017 00:42:18 +0000 Subject: [PATCH] wip --- PROTOCOL | 12 ++++++++++++ server | 28 ++++++++++------------------ 2 files changed, 22 insertions(+), 18 deletions(-) diff --git a/PROTOCOL b/PROTOCOL index c1ef03b..6b12e4f 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -18,3 +18,15 @@ Client form parameters (multipart/form-data): password target_requests_outstanding d data (SLIP format) + + + +Future nonce-based authentication: + +server keeps big nonce counter for each client +meaning is: + nonce counter is most recent nonce client has sent +also server keeps bitmap of the previous ?64 nonces, + whether client has sent them + +client picks.... xxx diff --git a/server b/server index d36a84e..b746bc2 100755 --- a/server +++ b/server @@ -136,28 +136,20 @@ class IphttpResource(twisted.web.resource.Resource): isLeaf = True def render_POST(self, request): # find client, update config, etc. - ci = ipaddr(request.args['i']) - c = clients[ci] - pw = request.args['pw'] - if pw != c.pw: raise ValueError('bad password') - - # update config - - xxx check sanity, do not update - for r, w in (('mbd', 'max_batch_down'), - ('mqt', 'max_queue_time'), - ('mrt', 'max_request_time'), - ('tro', 'target_requests_outstanding')): - try: v = request.args[r] - except KeyError: continue - v = int(v) - c.__dict__[w] = v + metadata = request.args['m'] + (ci_s, pw, tro) = metadata.split(b'\n')[0:3] + ci = ipaddr(ci_s]) + cl = clients[ci] + if pw != cl.pw: raise ValueError('bad password') + + if pw != cl.target_requests_outstanding: + raise ... try: d = request.args['d'] except KeyError: d = '' - c.process_arriving_data(d) - c.new_request(request) + cl.process_arriving_data(d) + cl.new_request(request) def render_GET(self, request): return b'hippotat' -- 2.30.2