Opened 6 years ago
Closed 5 years ago
#1574 closed enhancement (fixed)
SAM 3.2
Reported by: | zzz | Owned by: | zzz |
---|---|---|---|
Priority: | minor | Milestone: | 0.9.24 |
Component: | apps/SAM | Version: | 0.9.19 |
Keywords: | Cc: | ||
Parent Tickets: | Sensitive: | no |
Description (last modified by )
ports, protocol, sharing a session with stream/datagram/raw, per-datagram options, …
Some of this is required to support libtorrent DHT
ports is #1323
orignal is also requesting sessions that can be disconnected and re-established, a la BOB
need detailed proposals for all of the above
Subtickets
#677: Error writing out the SAM keys to sam.keys | closed | mkvore |
#1106: Add SSL and auth options for SAM | closed | mkvore |
#1318: Extending SAM to Allow Creation of More Secure Destinations | closed | zzz |
#1323: Ports support in SAM | closed | mkvore |
#1325: SAM - Parsing of Properties | closed | mkvore |
#1573: SAM no half-opened tcp connections detection | closed | zzz |
#1669: Java 7 | closed | zzz |
Change History (19)
comment:1 Changed 6 years ago by
Description: | modified (diff) |
---|
comment:2 Changed 6 years ago by
comment:3 Changed 6 years ago by
Description: | modified (diff) |
---|
comment:4 Changed 6 years ago by
Proposal:
- For SESSION CREATE: new options FROM_PORT=nnnn and TO_PORT=nnnn to set default ports
- For SESSION CREATE STYLE=RAW: new option PROTOCOL=nnn to set default protocol
- For STREAM CONNECT, DATAGRAM SEND, and RAW SEND: new options FROM_PORT=nnnn and TO_PORT=nnnn to override defaults for that connection
- For RAW SEND: new option PROTOCOL=nnn to override default protocol
- For DATAGRAM RECEIVED, RAW RECEIVED, and forwarded or received streams and datagrams when SILENT=false: appended to the first line is FROM_PORT=nnnn TO_PORT=nnnn
- For RAW RECEIVED: appended to the first line is PROTOCOL=nnn
- For DATAGRAM_SEND and RAW_SEND: new options SEND_TAGS=nnn, TAG_THRESHOLD=nnn, EXPIRES=nnnnnnn, and SEND_LEASESET=true|false. These will be passed to I2CP if supported. See http://i2p-projekt.i2p/en/docs/spec/i2cp#msg_SendMessageExpires for details
comment:6 Changed 6 years ago by
To resolve #1573, we could add:
PING [arbitrary text]
to be sent by either side on the control port, with the response:
PONG [arbitrary text from the ping]
comment:8 Changed 6 years ago by
To resolve #1106, we could add:
- -s on the command line to make the command socket be SSL (same as we do for routerconsole)
- For authorization, client adds USER=xxx PASSWORD=yyy to the HELLO parameters. On failure the server will reply with an I2P_ERROR and a message.
- For STREAM FORWARD, client adds SSL=true to use an SSL socket
Datagrams over SSL will have to wait for Java 9 DTLS:
http://openjdk.java.net/projects/jdk9/
http://openjdk.java.net/jeps/219
comment:11 Changed 6 years ago by
Addition to comment 4, based on input from orignal:
- For STREAM ACCEPT: new option TO_PORT=nnnn to accept connections on that port only
comment:12 Changed 6 years ago by
Orignal requests that multiple concurrent pending STREAM ACCEPTs are allowed on the same session ID (even with the same port). It isn't clear (either in the spec or the code) if these are allowed now.
comment:13 Changed 6 years ago by
Above changes copied to the spec http://i2p-projekt.i2p/en/docs/api/samv3 marked as an unimplemented proposal.
comment:14 Changed 6 years ago by
work started in branch i2p.i2p.zzz.sam, low priority, won't be done anytime soon
comment:15 Changed 6 years ago by
Making significant progress in sam branch.
SSL is a problem because SAM is SocketChannel? based, but there's no such thing as an SSLSocketChannel. psi proposed implementing a full asynch one based on SSLEngine, but that sounds like a lot of work and he can't commit to doing it. I proposed a simple blocking-only extension of SocketChannel? that takes an existing SSLSocket in the constructor. A third alternative is to rip all the Channel stuff out of SAM, but that sounds counterproductive.
I implemented my proposal but it can only work on either Java 6 or Java 7+, as Java added new abstract methods taking new classes as arguments in 7.
So the branch as checked-in won't compile as I haven't checked in my extensions.
Will continue work on implementing/testing all the protocol changes, but others won't be able to test until we make a decision or I back out the SSL stuff. We were planning to move to Java 7 this summer, we should disuss at Toronto.
comment:18 Changed 5 years ago by
Milestone: | undecided → 0.9.24 |
---|---|
Owner: | changed from mkvore to zzz |
Status: | new → accepted |
propped in 0.9.23-3, #1325 is the only remaining subticket
comment:19 Changed 5 years ago by
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
complete in 0.9.23-5 393206459ddcbf106fdb5fcc75c5e9746cc2146c
Add a subticket #1323.