Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add encrypted/authenticated IPC listener support #2122

Open
jagerman opened this issue Jan 20, 2023 · 0 comments · May be fixed by #2129
Open

Add encrypted/authenticated IPC listener support #2122

jagerman opened this issue Jan 20, 2023 · 0 comments · May be fixed by #2129
Assignees
@dr7ana
Milestone
0.10.x

Comments

@jagerman
Copy link
Member

Something that would be very useful is to be able to expose an encrypted/authenticated but public listener. This needs two config additions:

  1. We need to be able to specify the address on which we listen_curve().
  2. We need to be able to specify one (or more) public keys that will be accepted.

Something like this in the config:

[api]
bind_curve = tcp://0.0.0.0:1234
curve_pubkey = abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789

This would then use listen_curve() on that address (in addition to any of the listen_plain()s that happen from the bind options currently).

listen_curve() takes an "allow" callback: the allow callback would be looking at the public key and return AuthLevel::admin if it is in the curve_pubkey list, otherwise AuthLevel::denied to refuse the connection.

Originally posted by @jagerman in #2111 (comment)
@majestrate majestrate added this to the 0.9.12 milestone Jan 23, 2023
@dr7ana dr7ana linked a pull request Jan 30, 2023 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dr7ana dr7ana

Labels
None yet
Projects
None yet
Milestone
0.10.x
Development

Successfully merging a pull request may close this issue.

Add Support for Encrypted/Authenticated Listeners dr7ana/lokinet
3 participants
@majestrate @jagerman @dr7ana