Opened 4 years ago

Closed 3 years ago

#1574 closed enhancement (fixed)

SAM 3.2

Reported by: zzz Owned by: zzz
Priority: minor Milestone: 0.9.24
Component: apps/SAM Version: 0.9.19
Keywords: Cc:
Parent Tickets:

Description (last modified by zzz)

ports, protocol, sharing a session with stream/datagram/raw, per-datagram options, ...

Some of this is required to support libtorrent DHT

ports is #1323

orignal is also requesting sessions that can be disconnected and re-established, a la BOB

need detailed proposals for all of the above

Subtickets

#677: Error writing out the SAM keys to sam.keysdefectclosedmkvore
#1106: Add SSL and auth options for SAMdefectclosedmkvore
#1318: Extending SAM to Allow Creation of More Secure Destinationsenhancementclosedzzz
#1323: Ports support in SAMenhancementclosedmkvore
#1325: SAM - Parsing of Propertiesdefectclosedmkvore
#1573: SAM no half-opened tcp connections detectionenhancementclosedzzz
#1669: Java 7defectclosedzzz

Change History (19)

comment:1 Changed 4 years ago by zzz

  • Description modified (diff)

comment:2 Changed 4 years ago by zzz

Add a subticket #1323.

comment:3 Changed 4 years ago by zzz

  • Description modified (diff)

comment:4 Changed 4 years ago by zzz

Proposal:

  • For SESSION CREATE: new options FROM_PORT=nnnn and TO_PORT=nnnn to set default ports
  • For SESSION CREATE STYLE=RAW: new option PROTOCOL=nnn to set default protocol
  • For STREAM CONNECT, DATAGRAM SEND, and RAW SEND: new options FROM_PORT=nnnn and TO_PORT=nnnn to override defaults for that connection
  • For RAW SEND: new option PROTOCOL=nnn to override default protocol
  • For DATAGRAM RECEIVED, RAW RECEIVED, and forwarded or received streams and datagrams when SILENT=false: appended to the first line is FROM_PORT=nnnn TO_PORT=nnnn
  • For RAW RECEIVED: appended to the first line is PROTOCOL=nnn

comment:5 Changed 4 years ago by zzz

Add a subticket #1573.

comment:6 Changed 4 years ago by zzz

To resolve #1573, we could add:

PING [arbitrary text]

to be sent by either side on the control port, with the response:

PONG [arbitrary text from the ping]

comment:7 Changed 4 years ago by zzz

Add a subticket #1106.

comment:8 Changed 4 years ago by zzz

To resolve #1106, we could add:

  • -s on the command line to make the command socket be SSL (same as we do for routerconsole)
  • For authorization, client adds USER=xxx PASSWORD=yyy to the HELLO parameters. On failure the server will reply with an I2P_ERROR and a message.
  • For STREAM FORWARD, client adds SSL=true to use an SSL socket

Datagrams over SSL will have to wait for Java 9 DTLS:

http://openjdk.java.net/projects/jdk9/
http://openjdk.java.net/jeps/219

comment:9 Changed 4 years ago by zzz

Add a subticket #1318.

comment:10 Changed 4 years ago by zzz

Add a subticket #1325.

comment:11 Changed 4 years ago by zzz

Addition to comment 4, based on input from orignal:

  • For STREAM ACCEPT: new option TO_PORT=nnnn to accept connections on that port only

comment:12 Changed 4 years ago by zzz

Orignal requests that multiple concurrent pending STREAM ACCEPTs are allowed on the same session ID (even with the same port). It isn't clear (either in the spec or the code) if these are allowed now.

comment:13 Changed 4 years ago by zzz

Above changes copied to the spec http://i2p-projekt.i2p/en/docs/api/samv3 marked as an unimplemented proposal.

comment:14 Changed 4 years ago by zzz

work started in branch i2p.i2p.zzz.sam, low priority, won't be done anytime soon

comment:15 Changed 4 years ago by zzz

Making significant progress in sam branch.

SSL is a problem because SAM is SocketChannel? based, but there's no such thing as an SSLSocketChannel. psi proposed implementing a full asynch one based on SSLEngine, but that sounds like a lot of work and he can't commit to doing it. I proposed a simple blocking-only extension of SocketChannel? that takes an existing SSLSocket in the constructor. A third alternative is to rip all the Channel stuff out of SAM, but that sounds counterproductive.

I implemented my proposal but it can only work on either Java 6 or Java 7+, as Java added new abstract methods taking new classes as arguments in 7.

So the branch as checked-in won't compile as I haven't checked in my extensions.

Will continue work on implementing/testing all the protocol changes, but others won't be able to test until we make a decision or I back out the SSL stuff. We were planning to move to Java 7 this summer, we should disuss at Toronto.

comment:16 Changed 4 years ago by zzz

Add a subticket #1669.

comment:17 Changed 3 years ago by zzz

Add a subticket #677.

comment:18 Changed 3 years ago by zzz

  • Milestone changed from undecided to 0.9.24
  • Owner changed from mkvore to zzz
  • Status changed from new to accepted

propped in 0.9.23-3, #1325 is the only remaining subticket

comment:19 Changed 3 years ago by zzz

  • Resolution set to fixed
  • Status changed from accepted to closed

complete in 0.9.23-5 393206459ddcbf106fdb5fcc75c5e9746cc2146c

Note: See TracTickets for help on using tickets.