148 lines
2.9 KiB
Plaintext
148 lines
2.9 KiB
Plaintext
|
.TH SDP 3
|
||
|
.SH NAME
|
||
|
sdp \- secure datagram protocol
|
||
|
.SH SYNOPSIS
|
||
|
.nf
|
||
|
.B bind -a #E\fIspec\fP /net
|
||
|
.sp 0.3v
|
||
|
.B /net/sdp/clone
|
||
|
.B /net/sdp/log
|
||
|
.BI /net/sdp/ n
|
||
|
.BI /net/sdp/ n /data
|
||
|
.BI /net/sdp/ n /control
|
||
|
.BI /net/sdp/ n /ctl
|
||
|
.BI /net/sdp/ n /rstats
|
||
|
.BI /net/sdp/ n /stats
|
||
|
.BI /net/sdp/ n /status
|
||
|
\&...
|
||
|
.fi
|
||
|
.SH DESCRIPTION
|
||
|
The
|
||
|
.I sdp
|
||
|
device provides the interface to the Secure Datagram Protocol (SDP).
|
||
|
SDP (un)compresses and (de-)encrypts packets.
|
||
|
.I Spec
|
||
|
is an integer from 0 to 15 identifying a stack.
|
||
|
Each stack is independent of all others:
|
||
|
the only information transfer between them is via programs that
|
||
|
mount multiple stacks.
|
||
|
Normally a system uses only one stack.
|
||
|
However multiple stacks can be used for debugging
|
||
|
new networks or implementing firewalls or proxy
|
||
|
services.
|
||
|
.PP
|
||
|
The top level directory contains a
|
||
|
.B clone
|
||
|
file, a
|
||
|
.B log
|
||
|
file, and subdirectories numbered from zero to the number of connections
|
||
|
opened for this protocol.
|
||
|
.PP
|
||
|
Opening the
|
||
|
.B clone
|
||
|
file reserves a connection. The file descriptor returned from the
|
||
|
.IR open (2)
|
||
|
will point to the control file,
|
||
|
.BR ctl ,
|
||
|
of the newly allocated connection.
|
||
|
Reading
|
||
|
.B ctl
|
||
|
returns a text
|
||
|
string representing the number of the
|
||
|
connection.
|
||
|
Connections may be used either to listen for incoming calls
|
||
|
or to initiate calls to other machines.
|
||
|
.PP
|
||
|
A connection is controlled by writing text strings to the associated
|
||
|
.B ctl
|
||
|
file.
|
||
|
After a connection has been established data may be read from
|
||
|
and written to
|
||
|
.BR data .
|
||
|
A connection can be actively established using the
|
||
|
.B connect
|
||
|
message (see also
|
||
|
.IR dial (2)).
|
||
|
A connection can be established passively by first
|
||
|
using an
|
||
|
.B announce
|
||
|
message (see
|
||
|
.IR dial (2))
|
||
|
to bind to a local port and then
|
||
|
opening the
|
||
|
.B listen
|
||
|
file (see
|
||
|
.IR dial (2))
|
||
|
to receive incoming calls.
|
||
|
.PP
|
||
|
The following control messages are supported:
|
||
|
.TF "outsecret \fIsecret
|
||
|
.PD
|
||
|
.TP
|
||
|
.BI accept " file"
|
||
|
Accept an incoming encrypted connection on
|
||
|
.IR file ,
|
||
|
typically a
|
||
|
.B data
|
||
|
file.
|
||
|
.TP
|
||
|
.BI dial " file"
|
||
|
Initiate a new encrypted connection on
|
||
|
.IR file ,
|
||
|
typically a UDP
|
||
|
.B data
|
||
|
file.
|
||
|
.TP
|
||
|
.BI drop " permil"
|
||
|
Randomly drop approximately one of every
|
||
|
.I permil
|
||
|
output packets,
|
||
|
thus simulating network errors.
|
||
|
.TP
|
||
|
.BI cipher " algorithm"
|
||
|
Use ciphering
|
||
|
.IR algorithm ;
|
||
|
choices are
|
||
|
.LR null ,
|
||
|
.LR des_56_cbc ,
|
||
|
.LR rc4_128 ,
|
||
|
and
|
||
|
.LR rc4_256 .
|
||
|
.TP
|
||
|
.BI auth " algorithm"
|
||
|
Use authentication
|
||
|
.IR algorithm ;
|
||
|
choices are
|
||
|
.LR null ,
|
||
|
.LR hmac_sha1_96 ,
|
||
|
and
|
||
|
.LR hmac_md5_96 .
|
||
|
.TP
|
||
|
.BI comp " algorithm"
|
||
|
Use compression
|
||
|
.IR algorithm ;
|
||
|
choices are
|
||
|
.L null
|
||
|
and
|
||
|
.LR thwack .
|
||
|
.TP
|
||
|
.BI insecret " secret"
|
||
|
Use
|
||
|
.I secret
|
||
|
to decrypt incoming packets.
|
||
|
.TP
|
||
|
.BI outsecret " secret"
|
||
|
Use
|
||
|
.I secret
|
||
|
to encrypt outgoing packets.
|
||
|
.
|
||
|
.SH "SEE ALSO"
|
||
|
.IR dial (2),
|
||
|
.IR ip (3)
|
||
|
.br
|
||
|
.IR "Robust Data Compression of Network Packets" ,
|
||
|
Sean Dorward and Sean Quilan, Bell Labs, Lucent Technologies,
|
||
|
.BR http://plan9.bell-labs.com/who/seanq/networkcomp.pdf .
|
||
|
.SH SOURCE
|
||
|
.B /sys/src/9/port/devsdp.c
|