bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
47
by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed. |
1 |
The Mandos server announces itself as a Zeroconf service of type |
2 |
"_mandos._tcp". The Mandos client sends a line of text where the first |
|
3 |
whitespace-separated field is the protocol version, which currently is |
|
4 |
"1". The client and server then start a TLS protocol handshake with a |
|
5 |
slight quirk: the Mandos server program acts as a TLS "client" while |
|
6 |
the connecting Mandos client acts as a TLS "server". The Mandos |
|
7 |
client must supply an OpenPGP certificate, and the fingerprint of this |
|
8 |
certificate is used by the Mandos server to look up (in a list read |
|
9 |
from a file at start time) which binary blob to give the client. No |
|
10 |
other authentication or authorization is done by the server. |
|
46
by Teddy Hogeborn
* network-protocol.txt: New. |
11 |
|
47
by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed. |
12 |
| Mandos server | | Mandos client | |
13 |
| | | <Connect> | |
|
14 |
| | <- | "1\r\n" | |
|
15 |
| <TLS handshake> | <-> | <TLS handshake> | |
|
16 |
| | <- | OpenPGP public key (part of TLS handshake) | |
|
17 |
| <Binary blob> | -> | | |
|
18 |
| <Close> | | | |