+@cindex about
@strong{NNCP} (Node to Node copy) is a collection of utilities
simplifying secure store-and-forward files, mail and command exchanging.
See also this page @ref{Об утилитах, on russian}.
+@cindex F2F
+@cindex friend-to-friend
+@cindex E2E
+@cindex end-to-end
+@cindex darknet
+@cindex DTN
+@cindex delay tolerant
+@cindex dead drop
+@cindex onion encryption
This utilities are intended to help build up small size (dozens of
nodes) ad-hoc @url{https://en.wikipedia.org/wiki/Friend-to-friend,
friend-to-friend} (F2F) statically routed
Look for possible @ref{Use cases, use cases}!
+@cindex GPL
+@cindex free software
+@cindex licence
NNCP is @url{https://www.gnu.org/philosophy/pragmatic.html, copylefted}
@url{https://www.gnu.org/philosophy/free-sw.html, free software}
licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GNU GPLv3}.
@node Administration
+@cindex administration
@unnumbered Administration
NNCP uses following files/directories you should be aware of:
All of that cleaning tasks can be done with @ref{nncp-rm} utility.
+ @cindex shared spool
+ @cindex setgid
+ @pindex umask
@anchor{Shared spool}
If you want to share single spool directory with multiple grouped
Unix users, then you can @command{setgid} it and assure that umask
@ref{Log} file, for example @file{/var/spool/nncp/log}. It should be
rotated. Choose you own preferable way to do it.
+ @pindex newsyslog
Example @url{https://www.newsyslog.org/manual.html, newsyslog}'s entry:
@example
/var/spool/nncp/log 644 7 100 * BCYN
*/1 * * * * nncp-reass -all -noprogress
@end example
+@pindex daemontools
+@pindex supervise
+@pindex multilog
@item
Possibly long running @ref{nncp-daemon}, @ref{nncp-caller},
@ref{nncp-toss}, @ref{nncp-check} daemons. As all software, they can
# mv /var/service/.nncp-toss /var/service/nncp-toss
@end example
+@pindex inetd
@item
@ref{nncp-daemon} can also be run as
@url{https://en.wikipedia.org/wiki/Inetd, inetd} service on UUCP's port:
uucp stream tcp6 nowait nncpuser /usr/local/bin/nncp-daemon nncp-daemon -quiet -ucspi
@end example
+@cindex UCSPI
+@pindex tcpserver
@item
Or it can be also run as a @command{daemontools} daemon under
@url{http://cr.yp.to/ucspi-tcp.html, UCSPI-TCP}. In the example
@node Build-instructions
+@cindex building
@section Build instructions
Make sure that Go is installed. For example to install it from packages:
$ redo all
@end example
+@pindex info
After that you should get various @command{bin/nncp-*} binaries and
@command{bin/hjson-cli} command (only for your convenience, not
necessary installation). For example, documentation for
@command{nncp-bundle} command can be get with
@command{info doc/nncp.info -n nncp-bundle}.
+@pindex redo
+@pindex apenwarr/redo
+@pindex apenwarr/do
+@pindex redo-c
+@pindex baredo
+@pindex goredo
It uses @url{http://cr.yp.to/redo.html, redo} build system for that
examples. You can use one of its various implementations, or at least
minimalistic POSIX shell @command{contrib/do} (just replace
from that project), @url{https://github.com/leahneukirchen/redo-c, redo-c},
@url{https://github.com/gotroyb127/baredo, baredo}.
-There is @command{install} target respecting @env{$DESTDIR}. It will
-install binaries and info-documentation:
+@vindex PREFIX
+@vindex DESTDIR
+@vindex GO
+@vindex MAKEINFO
+@vindex PLANTUML
+@vindex PREFIX
+@vindex SENDMAIL
+@vindex CFGPATH
+@vindex SPOOLPATH
+@vindex LOGPATH
+@vindex BINDIR
+@vindex INFODIR
+@vindex DOCDIR
+@file{config} file contains some environment variables that are
+respected during installation:
+@env{$PREFIX},
+@env{$DESTDIR},
+@env{$GO},
+@env{$MAKEINFO},
+@env{$PLANTUML},
+@env{$PREFIX},
+@env{$SENDMAIL},
+@env{$CFGPATH},
+@env{$SPOOLPATH},
+@env{$LOGPATH},
+@env{$BINDIR},
+@env{$INFODIR},
+@env{$DOCDIR}.
+
+There is @command{install} target for binaries and info-documentation
+installation:
@example
# PREFIX=/usr/local redo install
@end example
+@vindex nofsnotify
+@cindex kqueue
+@cindex epoll
+@vindex GO_CFLAGS
NNCP depends on @code{github.com/fsnotify/fsnotify} library, that is
solely relies on OS-specific mechanisms. There is possibility that you
have either broken or unsupported ones. You can still build NNCP with
$ GO_CFLAGS="-tags nofsnotify" redo ...
@end example
+@vindex noyggdrasil
You can also disable Yggdrasil support with @code{-tags noyggdrasil}.
@node Bundles
+@cindex bundles
+@cindex tapes
+@cindex streaming media
@unnumbered Bundles
Usual @ref{nncp-xfer} command requires filesystem it can operate on.
@end itemize
+@pindex pax
+@pindex tar
Technically bundle is valid POSIX.1-2001
@url{https://pubs.opengroup.org/onlinepubs/9699919799/utilities/pax.html#tag_20_92_13_01, pax archive}
with directory/files hierarchy identical to that is used in
@node Call
+@cindex call
+@vindex calls
@unnumbered Call configuration
Call is a rule when and how node can be called by @ref{nncp-caller}.
@table @emph
+@vindex cron
@item cron
@include cronexpr.texi
+@vindex nice
@item nice
Optional. Use that @ref{Niceness, niceness} during the call (255 is used
otherwise).
+@vindex xx
+@vindex rx
+@vindex tx
@item xx
Optional. Either @verb{|rx|} or @verb{|tx|}. Tells only to either to
receive or to transmit data during that call.
+@vindex addr
@item addr
Optional. Call only that address, instead of trying all from
@ref{CfgAddrs, @emph{addrs}} configuration option. It can be either key
Optional. Override @ref{CfgMaxOnlineTime, @emph{maxonlinetime}}
configuration option when calling.
+@vindex autotoss
@item autotoss, -doseen, -nofile, -nofreq, -noexec, -notrns
Optionally enable auto tossing: run tosser on node's spool every second
during the call. You can control either are @file{seen/} files must be
created, or skip any kind of packet processing.
+@vindex when-tx-exists
@item when-tx-exists
Call only if packets for sending exists. The check of outbound packets
existence is performed @strong{every} time we are going to make a call,
@emph{cron} configuration decides that it is time to make a call, with
@emph{when-tx-exists} option it checks packets existence first.
+@vindex nock
@anchor{CfgNoCK}
@item nock
NoCK (no-checksumming) tells not to do checksumming of received files,
that you have to make a call to remote node after checksumming is done,
to send notification about successful packet reception.
+@vindex mcd-ignore
@anchor{CfgMCDIgnore}
@item mcd-ignore
Ignore @ref{MCD} announcements: do not add MCD addresses for possible
@node CfgAreas
+@vindex areas
@section Configuration areas options
@ref{Multicast} areas configuration only used with multicast packets.
The only required field is the @code{id}. You can not process multicast
packets that has unknown area identification.
+@vindex subs
@code{subs} contains a list of recipients you must relay incoming
multicast packet on.
@node Configuration directory
+@cindex configuration directory
@section Configuration directory
Optionally you can convert configuration file to the directory layout
internal JSON representation. However it can not be encrypted with the
@ref{nncp-cfgenc}.
+@cindex private keys
That layout should be much more machine friendly and scriptable. Each
string parameters is stored as a single line plain text file. String
arrays are newline-separated plain text files. Dictionaries are
@node CfgGeneral
+@cindex general configuration options
@section Configuration general options
Those options are in the root of configuration dictionary.
@end verbatim
@table @code
+
+@vindex spool
@item spool
Absolute path to the @ref{Spool, spool} directory.
+
+@vindex log
+@vindex FD log file descriptor
@item log
Either:
@itemize
@item @code{FD:XXX}, where @code{XXX} is a decimal file descriptor
to write records too
@end itemize
+
+@vindex umask
@item umask
Will force all invoked commands to override their umask to specified
octal mask. Useful for using with @ref{Shared spool, shared spool directories}.
+
+@vindex noprogress
@item noprogress
When enabled, disables progress showing for many commands by default.
You can always force its showing with @option{-progress} command line
option anyway.
+
+@vindex nohdr
@anchor{CfgNoHdr}
@item nohdr
@strong{nohdr} option disables @ref{HdrFile, @file{hdr/}} files usage.
+
@end table
And optional @ref{MCD, MultiCast Discovery} options:
@table @code
+
+@vindex mcd-listen
@anchor{CfgMCDListen}
@item mcd-listen
Specifies list of network interfaces regular expression
@ref{nncp-caller} will listen for incoming @ref{MCD} announcements.
+
+@vindex mcd-send
@anchor{CfgMCDSend}
@item mcd-send
Specifies list of network interfaces regular expressions, and intervals
in seconds, where @ref{nncp-daemon} will send @ref{MCD} announcements.
@end table
+@cindex yggdrasil aliases
@anchor{CfgYggdrasilAliases}
Optional @ref{Yggdrasil}-related aliases are used for convenience and
keeping private keys away being used directly in command line. Each
@node Configuration
+@cindex configuration file
@unnumbered Configuration file
+@cindex Hjson
NNCP uses single file configuration file in @url{https://hjson.org/,
Hjson} format (see also section about @ref{Configuration directory,
directory layout}) . Initially it is created with @ref{nncp-cfgnew}
}
@end verbatim
+@cindex JSON
+@pindex hjson-cli
+@pindex gojq
+@pindex gjo
Do not forget that Hjson can be safely converted to JSON and vice versa
(loosing formatting and comments of course). By default
@command{hjson-cli} utility from @code{github.com/hjson/hjson-go} is
@node CfgNeigh
+@cindex neighbour configuration options
@section Configuration neighbour options
+@vindex neigh
@strong{neigh} section contains all known neighbours information. It
always has @strong{self} neighbour that is copy of our node's public
data (public keys). It is useful for copy-paste sharing with your
If present, then node can be online called using @ref{Sync,
synchronization protocol}. Contains authentication public key.
+@vindex exec
+@pindex sendmail
@anchor{CfgExec}
- @item exec
+@item exec
Dictionary consisting of handles and corresponding command line
arguments. In example above there are @command{sendmail} handles,
@command{warcer}, @command{wgeter} and @command{flag} one. Remote
feeding @verb{|hello world\n|} to that started @command{sendmail}
process.
+@vindex incoming
@anchor{CfgIncoming}
@item incoming
Full path to directory where all file uploads will be saved. May be
omitted to forbid file uploading on that node.
+@vindex freq
@anchor{CfgFreq}
@item freq
@table @code
transmission.
@end table
+@vindex via
@anchor{CfgVia}
@item via
An array of node identifiers that will be used as a relay to that
nodes. May be omitted if direct connection exists and no relaying is
required.
+@vindex addrs
@anchor{CfgAddrs}
@item addrs
Dictionary containing known network addresses of the node. Each key
May be omitted if either no direct connection exists, or
@ref{nncp-call} is used with forced address specifying.
+@vindex rxrate
+@vindex txrate
@anchor{CfgXxRate}
@item rxrate/txrate
If greater than zero, then at most *rate packets per second will be
bandwidth traffic shaper: each packet has at most 64 KiB payload
size. If omitted -- no rate limits.
+@vindex onlinedeadline
@anchor{CfgOnlineDeadline}
@item onlinedeadline
Online connection deadline of nodes inactivity in seconds. It is the
delays), wait for appearing packets ready to send and notifying
remote side about their appearance.
+@vindex maxonlinetime
@anchor{CfgMaxOnlineTime}
@item maxonlinetime
If greater than zero, then it is maximal time of single connection.
@node CfgNotify
+@cindex email notification
+@cindex notification configuration options
+@cindex logging handles
@section Configuration notification options
That section controls what notifications are enabled and how must be
@node CfgSelf
+@cindex self-node configuration keypairs
@section Configuration self-node keypairs
@strong{self} section contains our node's private keypairs.
+@vindex ExchPrv
+@vindex ExchPub
+@vindex SignPrv
+@vindex SignPub
@strong{exch*} and @strong{sign*} are used during @ref{Encrypted,
encrypted} packet creation.
+@vindex NoisePrv
+@vindex NoisePub
@strong{noise*} are used during @ref{Sync, synchronization protocol}
working in @ref{nncp-call}, @ref{nncp-caller}, @ref{nncp-daemon}.
@node Chunked
+@cindex chunked
@unnumbered Chunked files
There is ability to transfer huge files with dividing them into smaller
Splitting is done with @ref{nncp-file, nncp-file -chunked} command and
reassembling with @ref{nncp-reass} command.
+@vindex .nncp.meta
+@vindex .nncp.chunk
Chunked @file{FILE} produces @file{FILE.nncp.meta},
@file{FILE.nncp.chunk0}, @file{FILE.nncp.chunk1}, @dots{} files. All
@file{.nncp.chunkXXX} can be concatenated together to produce original
@ref{MTH} checksum of each chunk
@end multitable
+@cindex ZFS recordsize
@anchor{ChunkedZFS}
It is strongly advisable to reassemble incoming chunked files on
@url{https://en.wikipedia.org/wiki/ZFS, ZFS} dataset with deduplication
@node Commands
+@cindex commands
@unnumbered Commands
Nearly all commands have the following common options:
@table @option
+@vindex NNCPCFG
@item -cfg
Path to configuration file. May be overridden by @env{$NNCPCFG}
environment variable. If file file is an encrypted @ref{EBlob,
Override @ref{CfgVia, via} configuration option for destination node.
Specified nodes must be separated with comma: @verb{|NODE1,NODE2|}.
With @verb{|-via -|} you can disable relaying at all.
+@vindex NNCPSPOOL
@item -spool
Override path to spool directory. May be specified by
@env{$NNCPSPOOL} environment variable.
+@vindex NNCPLOG
@item -log
Override path to logfile. May be specified by @env{$NNCPLOG}
environment variable.
@node nncp-bundle
+@pindex nncp-bundle
@section nncp-bundle
@example
@node nncp-call
+@pindex nncp-call
@section nncp-call
@example
@node nncp-caller
+@pindex nncp-caller
@section nncp-caller
@example
@node nncp-cfgdir
+@pindex nncp-cfgdir
@section nncp-cfgdir
@example
@node nncp-cfgenc
+@pindex nncp-cfgenc
@section nncp-cfgenc
@example
@node nncp-cfgmin
+@cindex stripped configuration
+@cindex minimized configuration
+@pindex nncp-cfgmin
@section nncp-cfgmin
@example
@node nncp-cfgnew
+@pindex nncp-cfgnew
@section nncp-cfgnew
@example
@node nncp-check
+@pindex nncp-check
@section nncp-check
@example
@node nncp-cronexpr
+@pindex nncp-cronexpr
@section nncp-cronexpr
@example
@node nncp-daemon
+@pindex nncp-daemon
@section nncp-daemon
@example
@node nncp-exec
+@pindex nncp-exec
@section nncp-exec
@example
}
@end verbatim
+@vindex NNCP_SELF
+@vindex NNCP_SENDER
+@vindex NNCP_NICE
then executing @verb{|echo My message | nncp-exec -replynice 123 REMOTE
sendmail root@localhost|} will lead to execution of:
@node nncp-file
+@pindex nncp-file
@section nncp-file
@example
@node nncp-freq
+@pindex nncp-freq
@section nncp-freq
@example
@node nncp-hash
+@pindex nncp-hash
@section nncp-hash
@example
@node nncp-log
+@pindex nncp-log
@section nncp-log
@example
@node nncp-pkt
+@pindex nncp-pkt
@section nncp-pkt
@example
@node nncp-reass
+@pindex nncp-reass
@section nncp-reass
@example
@node nncp-rm
+@pindex nncp-rm
@section nncp-rm
@example
@node nncp-stat
+@pindex nncp-stat
@section nncp-stat
@example
@node nncp-toss
+@pindex nncp-toss
@section nncp-toss
@example
@node nncp-trns
+@pindex nncp-trns
@section nncp-trns
@example
@node nncp-xfer
+@pindex nncp-xfer
@section nncp-xfer
@example
@node Comparison
+@cindex comparison
+@cindex SMTP
+@cindex FTN
+@cindex FidoNet
+@cindex UUCP
@unnumbered Comparison with existing solutions
Here is comparison with @url{https://en.wikipedia.org/wiki/UUCP, UUCP}
UUCP and NNCP does not known nothing about routing. You have to
explicitly tell how to send (what hops to use) packets to each node.
+@cindex PSTN
@item PSTN support
UUCP and FidoNet always have been working with modems out-of-box.
Only many years later they gained support for working over TCP/IP
TCP daemon, but nothing prohibits using of another 8-bit aware
online transport.
+@cindex anonymity
+@cindex Sybil attack
@item Anonymous peers
NNCP and FTN are friend-to-friend networks exclusively. This is very
secure and mitigates many possible man-in-the-middle (MitM) and
@url{https://en.wikipedia.org/wiki/Sybil_attack, Sybil} attacks.
+@cindex sneakernet
+@cindex floppynet
@item Sneakernet friendliness
No one, except NNCP, supports data exchanging via removable storages
likes flash drives, CD-ROMs, tapes and hard drives out-of-box. It
@end table
+@cindex UUCP commands
Also there is
@url{https://changelog.complete.org/archives/10165-asynchronous-email-exim-over-nncp-or-uucp, copy of}
comparable commands of UUCP and NNCP, just for the interest:
@multitable @columnfractions 0.5 0.25 0.25
@headitem Purpose @tab UUCP @tab NNCP
+@pindex uucico
+@pindex uupoll
+@pindex uux
+@pindex uucp
+@pindex uuxqt
@item Connect to remote system
@tab @command{uucico -s}, @command{uupoll}
@tab @command{nncp-call}, @command{nncp-caller}
@node Contacts
+@cindex contacts
+@cindex maillist
+@cindex IRC
+@cindex Matrix
@unnumbered Contacts
Please send questions regarding the use of NNCP, bug reports and patches to
+@cindex cron
@anchor{CronExpr}
This is copy-pasted documentation from
@code{github.com/gorhill/cronexpr} library used there.
@node Tarballs
+@cindex tarball
+@cindex dependency
+@cindex licencing
+@cindex download
@section Prepared tarballs
You can obtain releases source code prepared tarballs from the links below.
@node EBlob
+@cindex eblob
+@cindex encrypted configuration
@unnumbered EBlob format
EBlob is an encrypted blob (binary large object, in the terms of
low-entropy characters. Low-entropy text is much more easier to
remember, and its length provides pretty enough entropy as a result.
+@cindex password
+@cindex balloon
+@cindex Argon2
Password strengthening function is applied to that passphrase to
mitigate brute-force and dictionary attacks on it. Here,
@url{https://crypto.stanford.edu/balloon/, Balloon} memory-hard password
@end copying
@node Top
+@c dummy cindex, to pass through the current info's bug, which can skip
+@c the first index entry during searching
+@cindex 0
@top NNCP
+@cindex Pedro
@verbatiminclude pedro.txt
@include about.texi
+@cindex articles
There are also articles about its usage outside this website:
@itemize
* EBlob format: EBlob
* Mirrors::
* Thanks::
+* Indices::
* Contacts and feedback: Contacts
* Copying conditions: Copying
@end menu
@include eblob.texi
@include mirrors.texi
@include thanks.texi
+@include indices.texi
@include contacts.texi
@node Copying
--- /dev/null
+@node Indices
+@unnumbered Indices
+
+@node Concepts Index
+@section Concepts Index
+@printindex cp
+
+@node Programs Index
+@section Programs Index
+@printindex pg
+
+@node Variables Index
+@section Variables Index
+@printindex vr
@node Installation
+@cindex installation
+@cindex packages
+@cindex distributions
@unnumbered Installation
Possibly NNCP package already exists for your distribution:
@itemize
+
+@cindex Arch Linux
+@cindex AUR
@item Arch Linux @url{https://aur.archlinux.org/packages/nncp, AUR}
+
+@cindex Debian
@item @url{https://tracker.debian.org/pkg/nncp, Debian packages}
+
+@cindex DragonFly
@item @url{https://github.com/DragonFlyBSD/DPorts/tree/master/net/nncp, DragonFly BSD ports}
+
+@cindex FreeBSD
@item @url{https://www.freshports.org/net/nncp/, FreeBSD ports}
+
+@cindex Guix
@item GNU @url{https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/uucp.scm, Guix}
+
+@cindex NetBSD
@item @url{https://pkgsrc.se/wip/nncp, NetBSD package}
+
+@cindex NixOS
@item @url{https://github.com/NixOS/nixpkgs/tree/master/pkgs/tools/misc/nncp, NixOS packages}
+
+@cindex Void Linux
@item @url{https://github.com/void-linux/void-packages/blob/master/srcpkgs/nncp/template, Void Linux}
@end itemize
+@cindex POSIX
NNCP should run on any POSIX-compatible operating system.
-NNCP is written on @url{https://do.dev.org/, Go} programming language
+@pindex go
+@pindex texinfo
+NNCP is written on @url{https://go.dev/, Go} programming language
and you have to install Go compiler 1.13+ version.
@url{http://cr.yp.to/redo.html, redo} build system is recommended for
convenience. @url{https://www.gnu.org/software/texinfo/, Texinfo} is
@node BitTorrent
+@cindex BitTorrent integration
@section BitTorrent and huge files
If dealing with @ref{Git}, @ref{Feeds, web feeds} and @ref{Multimedia,
consumes much time. You can not wait for downloads finish, but want to
queue them after.
+@pindex aria2
@url{http://aria2.github.io/, aria2} multi-protocol download utility
could be used for solving that issue conveniently. It supports HTTP,
HTTPS, FTP, SFTP and BitTorrent protocols, together with
accelerate HTTP*/*FTP downloads by segmented multiple parallel
connections.
+@pindex aria2-downloaded.sh
You can queue you files after they are completely downloaded.
@file{aria2-downloaded.sh} contents:
@node DownloadService
+@cindex download service
+@pindex warcer.sh
+@pindex wgeter.sh
@section Downloading service
Previous sections tell about manual downloading and sending results to
@node Exim
+@cindex Exim integration
@section Integration with Exim
This section is unaltered copy-paste of
This is fairly simple in Exim.
+@pindex bsmtp
+@pindex rmail
We actually have two choices for how to do this: @command{bsmtp} or
@command{rmail} mode. bsmtp (batch SMTP) is the more modern way, and is
essentially a derivative of SMTP that explicitly can be queued
The @option{-bS} option is what tells Exim to receive BSMTP on @code{stdin}.
+@vindex MAIN_TRUSTED_USERS
Now, you need to tell Exim that nncp is a trusted user (able to set From
headers arbitrarily). Assuming you are running NNCP as the @code{nncp} user,
then add @code{MAIN_TRUSTED_USERS = nncp} to a file such as
@node Feeds
+@cindex Web feeds integration
+@cindex RSS feeds integration
+@cindex Atom feeds integration
@section Integration with Web feeds
+@pindex r2e
RSS and Atom feeds could be collected using
@url{https://github.com/wking/rss2email, rss2email} program. It converts
all incoming feed entries to email messages. Read about how to integrate
@node FreqIndex
+@cindex index files
@section Index files for freqing
In many cases you do not know exact files list on remote machine you
@node Git
+@cindex git integration
+@pindex git-bundle
@section Integration with Git
@url{https://git-scm.com/, Git} version control system already has all
@node Integration
+@cindex integration with existing software
@unnumbered Integration with existing software
Here is some examples of how you can solve popular tasks with NNCP,
@node Multimedia
+@cindex multimedia integration
+@cindex pindex youtube-dl
+@cindex pindex yt-dlp
+@cindex cindex YouTube
@section Integration with multimedia streaming
Many video and audio streams could be downloaded using
@node Postfix
+@cindex Postfix integration
+@pindex postfix
@section Integration with Postfix
This section is taken from @url{http://www.postfix.org/UUCP_README.html,
command without assistance from the shell, so there are no problems with
shell meta characters in command-line parameters.
+@pindex sendmail.sh
+@vindex Return-Path
+@pindex reformail
Pay attention to @code{flags}, containing @code{R}, telling Postfix to
include @code{Return-Path:} header. Otherwise that envelope sender
information may be lost. Possibly you will also need somehow to
@verbatiminclude sendmail.sh
+@vindex From_
+@cindex mbox
+@pindex maildrop
Also pay attention that @command{maildrop} does not like @code{From_}
mbox-style header, so you possibly want:
@node PPP
+@cindex PPP
+@cindex serial link
+@cindex serial connection
@section Serial connection
It is not trivial to run online @command{nncp-daemon},
@node WARCs
+@cindex WARC
+@pindex wget
@section Integration with Web pages
Simple HTML web page can be downloaded very easily for sending and
[@dots{}] http://www.example.com/
@end example
+@pindex tofuproxy
That command will create @file{www.example.com-XXX.warc} web archive.
It could produce specialized segmented
@url{https://en.wikipedia.org/wiki/Gzip, gzip} and
@node Integrity
+@cindex integrity check
+@cindex authenticity check
+@cindex OpenPGP
+@cindex gpg
+@cindex GnuPG
+@cindex WKD
@section Tarballs integrity check
You @strong{have to} check downloaded archives integrity and verify
@node Log
+@cindex log format
+@cindex logging
+@cindex recfile
+@pindex recutils
@unnumbered Log format
Log is a plaintext file consisting of
@node MCD
+@cindex MCD
+@cindex multicast discovery
@unnumbered MultiCast Discovery
MCD is an addition to online @ref{Sync, synchronization protocol}, that
@node Mirrors
+@cindex mirror
@unnumbered Mirrors
Main NNCP website is hosted on two geographically distant servers
of those servers supports TLS and another just proxies the traffic to
it. So TLS-capable version has less availability.
+@cindex DANE
+@cindex DNSCurve
+@cindex ca.cypherpunks.ru
It can be authenticated with
@url{http://www.ca.cypherpunks.ru/, ca.cypherpunks.ru} certificate, through the
@url{https://datatracker.ietf.org/doc/html/rfc6698, DANE} record, that
@table @asis
+@cindex quux.org
@item @url{https://nncp.mirrors.quux.org/}
Its creation @url{http://lists.cypherpunks.ru/archive/nncp-devel/2108/0310.html, announcement}.
@node MTH
+@cindex MTH
+@cindex hashing
+@cindex merkle tree
+@cindex BLAKE3
@unnumbered Merkle Tree Hashing
NNCP uses @url{https://github.com/BLAKE3-team/BLAKE3, BLAKE3} hash
@node Multicast
+@cindex multicast area
@unnumbered Multicast areas
NNCP has ability to multicast packets: send single packet to multiple
can should it to the subscribers further
@end itemize
+@vindex MsgHash
Area's message identity (@code{MsgHash}) is the hash of the encrypted
packet header. Because the area packet, containing the encrypted packet,
is relayed as-is without any modifications, that area message's hash
@node News
+@cindex news
@unnumbered News
See also this page @ref{Новости, on russian}.
@node Niceness
+@cindex niceness
+@cindex priority
@unnumbered Niceness
Each transmitted packet has niceness level, as Unix has @command{nice}
integer, or using aliases with delta modifiers:
@table @emph
+@vindex FLASH
@item FLASH (F)
Urgent priority.
+@vindex PRIORITY
@item PRIORITY (P)
High priority. Command execution/mail use that priority by default.
+@vindex NORMAL
@item NORMAL (N)
Normal priority. File requests use that priority by default.
+@vindex BULK
@item BULK (B)
Bundles shipped on a "least effort" basis. File transmission use that
priority by default.
@node Encrypted area
+@cindex encrypted area packet
@section Encrypted area packet
@ref{Multicast} area messages contains the encrypted packet, that is
@node Encrypted
+@cindex encrypted packet
+@cindex AEAD
+@cindex ChaCha20-Poly1305
@section Encrypted packet
Encrypted packets are the only files found in spools, in exchangeable
@node Packet
+@cindex packet format
+@cindex XDR
@unnumbered Packet format
All packets are
@node Plain
+@cindex plain packet
@section Plain packet
Plain packet contains either the whole file, or file request (freq), or
@node Sources
+@cindex sources
+@cindex source code
+@cindex git
@section Development source code
Development source code contains the latest version of the code. It may
@node Sync
+@cindex sync protocol
+@cindex online protocol
+@cindex synchronization
@unnumbered Synchronization protocol
So-called synchronization protocol (SP) is used in current TCP daemon's
implementation. It is used for synchronizing @ref{Spool, spool}
directory contents between two nodes.
+@cindex XMODEM
It is aimed to be very simple and effective. It uses reliable transport
like TCP connections. It must be effective both on single-duplex and
full-duplex links: for example satellites have very high throughput but
@url{https://en.wikipedia.org/wiki/XMODEM, XMODEM} does, causes
unacceptable performance degradation.
+@vindex NNCPDEADLINE
Internally it uses various timeouts and deadlines. One of them used
extensively is 10 seconds default deadline timeout. You can override it
with @env{$NNCPDEADLINE} environment variable, that could be useful with
very high delay links.
+@cindex Noise-IK
SP works on top of
@url{http://noiseprotocol.org/noise.html#interactive-patterns,
@code{Noise_IK_25519_ChaChaPoly_BLAKE2b}} protocol. Each Noise packet
@table @emph
+@cindex HALT payload
@item HALT
Stop file transmission, empty sending queue on the remote side.
Actually @emph{HALT} packet does not have any body, only the header
+------+
@end verbatim
+@cindex PING payload
@item PING
Dummy packet only used for determining workability of the connection.
+------+
@end verbatim
+@cindex INFO payload
@item INFO
Information about the file we have for transmission.
Unique file identifier, its checksum
@end multitable
+@cindex FREQ payload
@item FREQ
File transmission request. Ask remote side to queue the file for
transmission.
Offset from which remote side must transmit the file
@end multitable
+@cindex FILE payload
@item FILE
Chunk of file.
Chunk of file itself
@end multitable
+@cindex DONE payload
@item DONE
Signal remote side that we have successfully downloaded the file.
@node Spool
+@cindex spool directory
@unnumbered Spool directory
Spool directory holds @ref{Encrypted, encrypted packets} received from
@table @file
+@cindex tmp directory
@item tmp
directory contains various temporary files that under normal
circumstances are renamed to necessary files inside other directories.
@item 2WHBV3TPZHDOZGUJEH563ZEK7M33J4UESRFO4PDKWD5KZNPROABQ
is an example Base32-encoded neighbour identifier.
+@cindex rx directory
+@cindex tx directory
@item rx, tx
directories are for incoming and outgoing encrypted packets. @file{rx}
contains currently unfinished, non-checked, unprocessed, etc packets.
+@cindex lock files
@item toss.lock, rx.lock, tx.lock
Lock files. Only single process can work with @file{rx}/@file{tx}
directories at once.
encoded @ref{MTH} hash of the whole contents. It can be integrity checked
anytime.
+@cindex part files
@item LYT64MWSNDK34CVYOO7TA6ZCJ3NWI2OUDBBMX2A4QWF34FIRY4DQ.part
is an example @strong{partly} received file. It can appear only when
online transfer is used. Its filename is sent by remote side and until
file is fully downloaded -- it plays no role.
+@cindex nock files
@item LYT64MWSNDK34CVYOO7TA6ZCJ3NWI2OUDBBMX2A4QWF34FIRY4DQ.nock
non-checksummed (NoCK) @strong{fully} received file. Its checksum is
verified against its filename either by @ref{nncp-check}, or by working
online daemons. If it is correct, then its extension is trimmed.
+@cindex seen files
@item seen/LYT64MWSNDK34CVYOO7TA6ZCJ3NWI2OUDBBMX2A4QWF34FIRY4DQ
@ref{nncp-toss} utility can be invoked with @option{-seen} option,
leading to creation of @file{seen/} files, telling that the file with
manually remove them, when you do not need them (probably because they
are expired).
+@cindex hdr files
@anchor{HdrFile}
@item hdr/LYT64MWSNDK34CVYOO7TA6ZCJ3NWI2OUDBBMX2A4QWF34FIRY4DQ
If no @ref{CfgNoHdr, nohdr} option is enabled in configuration file,
@node Thanks
+@cindex thanks
@unnumbered Thanks
There are people deserving to be thanked for helping this project:
@node UsecaseAirgap
+@cindex air-gap
@section Highly secure isolated air-gap computers
If you worry much about security, then air-gapped computer could be the
@node Use cases
+@cindex use cases
@unnumbered Use cases
See also this page @ref{Сценарии, on russian}.
@node UsecaseNoLink
+@cindex extreme environments
+@cindex lack of link
@section Extreme terrestrial environments, no link
This is some kind of too slow link. Offline delivery methods is the only
@node UsecasePOP
+@cindex POP3 replacement
+@cindex IMAP4 replacement
@section Lightweight fast POP3/IMAP4 replacement
@ref{nncp-daemon} can be connected with @ref{nncp-caller} for a long
@node UsecaseQoS
+@cindex expensive link
+@cindex slow link
+@cindex bad QoS
@section Slow/expensive link for high-volume data, bad QoS
Assume that you can give your relatively cheap 2 TiB removable hard
@node UsecaseSatelliteLinks
+@cindex satellite link
@section Satellite links
Satellite links have @strong{very} high delays together with high
@node UsecaseSpy
+@cindex reconnaissance, spying, intelligence, covert operations
@section Reconnaissance, spying, intelligence, covert agents
Those guys know how Internet is a dangerous place incompatible with
@node UsecaseUnreliable
+@cindex unreliable link
@section Unreliable/expensive communication link
Assume that you have got slow modem/radio/cellular link that frequently
@node Yggdrasil
+@cindex yggdrasil
@unnumbered Yggdrasil support
NNCP is able to act as a node of
@itemize
-@item @ref{nncp-daemon} has @option{-yggdrasil yggdrasils://} option,
+@cindex yggdrasils schema
making it also as a Yggdrasil listener network node. It can
automatically connect to other peers and participate in routing. It does
not have to answer NNCP's online protocol requests at all and just can
be some intermediate routing point in the whole mesh network.
-@item @ref{nncp-call}/@ref{nncp-caller} commands understand
+@cindex yggdrasilc schema
@code{yggdrasilc://} addresses, pointing to the desired Yggdrasil's
public key (that also acts as the destination host's address). Yggdrasil
background goroutine is automatically started, connecting to the
@itemize
+@vindex PrivateKey
@item
Your private key (generated above). Yggdrasil's @code{PrivateKey} analogue.
@item
Optional non-default port you will listen on Yggdrasil's IPv6 address.
+@vindex Listen
@item
Optional list of bind addresses, used for peering between the nodes.
Yggdrasil's @code{Listen} analogue.
+@vindex Peers
@item
Optional list of peer addresses you should connect to.
Yggdrasil's @code{Peers} analogue.
+@vindex AllowedPublicKeys
@item
Optional list of allowed peer public keys, allowed for incoming peering
connections from. Yggdrasil's @code{AllowedPublicKeys} analogue.