1. 05 Apr, 2002 1 commit
    • Chad Barb's avatar
      Added SSL to capture (enabled with -DWITHSSL) · 2e536ba3
      Chad Barb authored
      To tip (or tiptunnel on a normal acl,) capture behaves the same.
      However, if a client connects and presents "USESSL" as the first six characters of their
      connection key, both sides initiate SSL negotiation.
      The server then attempts to get the key again. The second one is used for the check.
      
      SSL initialization is done on the first attempt by a client to connect via SSL.
      Capture assumes $(prefix)/etc/capture/cert.pem contains its certificate unless
      the '-c <certfile>' option is used.. if the certificate is not found or invalid, that
      connection fails, but normal connections will still succeed (and it will try to find the file
      again, next time an SSL connection is attempted.)
      
      On the client side, tiptunnel only uses ssl if there is a "ssl-server-cert:"
      property in the acl file. This is the SHA hash of the certificate that the capture server is
      expected to have (in hex.) If the certificate presented by the server does not hash to the
      same value, the connection is dropped.
      2e536ba3
  2. 11 Feb, 2002 1 commit
  3. 09 Jan, 2002 2 commits
  4. 16 Aug, 2001 1 commit
  5. 13 Aug, 2001 1 commit
  6. 09 Aug, 2001 1 commit
  7. 24 Jul, 2001 1 commit
    • Leigh Stoller's avatar
      Checkpoint new version of capture/tip that is sockets based instead · 34499cb6
      Leigh Stoller authored
      of pty/tty based (since they have several annoying problems
      associated). Note that permission is granted via the use of an "acl"
      file; /dev/tip/machine.acl, which must be set to the group of the
      project the node is in, so the user can read out the process id number
      and the random bits that are used by capture to grant permission to
      use (tip sends the random bits across first thing). This handshake is
      due to change to a request/challenge scheme as described by Dave in
      email to the testbed list.
      34499cb6
  8. 26 Jun, 2001 2 commits
  9. 05 Jan, 2001 1 commit
  10. 03 Jan, 2001 1 commit
  11. 02 Jan, 2001 2 commits
  12. 30 Dec, 2000 1 commit
  13. 10 Oct, 2000 1 commit
    • David G Andersen's avatar
      Initial import of the "capture" source into the testbed repository. · fec832e8
      David G Andersen authored
      Note that this has a hardcoded value for NBPG, a define that's only
      present in the digiboard headers.  In the interest of minimal source
      code changes (heh, heh, heh) I left it alone. :p
      
      Works on *bsd, and now Linux.  Manpage included at no charge,
      though if someone wants to figure out why the manpage only
      works under BSD ("Because Dave is an idiot" is not an acceptable
      answer, true as it may be), that'd be cool.
      fec832e8