From b5e7652459c88eddb78ce31d9abec2e9c76cdd51 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Sun, 8 Jan 2017 20:29:14 +0300 Subject: [PATCH] Documentation draft --- AUTHORS | 1 + INSTALL | 1 + NEWS | 1 + README | 29 +++ common.mk | 2 +- doc/.gitignore | 2 + doc/Makefile | 20 ++ doc/cfg.texi | 4 + doc/cmds.texi | 62 ++++++ doc/comparison.texi | 105 +++++++++++ doc/fdl.txt | 451 ++++++++++++++++++++++++++++++++++++++++++++ doc/index.texi | 75 ++++++++ doc/pkt.texi | 156 +++++++++++++++ doc/sp.texi | 16 ++ doc/style.css | 10 + doc/usecases.texi | 214 +++++++++++++++++++++ 16 files changed, 1148 insertions(+), 1 deletion(-) create mode 100644 AUTHORS create mode 100644 INSTALL create mode 100644 NEWS create mode 100644 README create mode 100644 doc/.gitignore create mode 100644 doc/Makefile create mode 100644 doc/cfg.texi create mode 100644 doc/cmds.texi create mode 100644 doc/comparison.texi create mode 100644 doc/fdl.txt create mode 100644 doc/index.texi create mode 100644 doc/pkt.texi create mode 100644 doc/sp.texi create mode 100644 doc/style.css create mode 100644 doc/usecases.texi diff --git a/AUTHORS b/AUTHORS new file mode 100644 index 0000000..f047789 --- /dev/null +++ b/AUTHORS @@ -0,0 +1 @@ +* Sergey Matveev diff --git a/INSTALL b/INSTALL new file mode 100644 index 0000000..1333ed7 --- /dev/null +++ b/INSTALL @@ -0,0 +1 @@ +TODO diff --git a/NEWS b/NEWS new file mode 100644 index 0000000..1333ed7 --- /dev/null +++ b/NEWS @@ -0,0 +1 @@ +TODO diff --git a/README b/README new file mode 100644 index 0000000..5641e37 --- /dev/null +++ b/README @@ -0,0 +1,29 @@ +NNCP (Node to Node copy) is a collection of utilities simplifying +secure store-and-forward files and mail exchanging. + +This utilities are intended to help build up small size (dozens of +nodes) ad-hoc friend-to-friend (F2F) statically routed darknet networks +for fire-and-forget secure reliable files, file requests and Internet +mail transmission. All packets are integrity checked, end-to-end +encrypted (E2EE), explicitly authenticated by known participants public +keys. Onion encryption is applied to relayed packets. Each node acts +both as a client and server, can use push and poll behaviour model. + +Out-of-box offline sneakernet/floppynet, dead drops and air-gapped +computers support. But online TCP daemon with full-duplex resumable data +transmission exists. + +NNCP is copylefted free software: see the file COPYING for copying +conditions. It should work on all POSIX-compatible systems. Easy +integration with existing SMTP servers. Single YAML configuration file. + +Home page: http://www.nncpgo.org/ + +Please send questions regarding the use of NNCP, bug reports and +patches to nncp-devel mailing list: +https://lists.cypherpunks.ru/pipermail/nncp-devel/ + +Development Git source code repository currently is located here: +http://git.cypherpunks.ru/cgit.cgi/nncp.git/ + +For further information please read either doc/nncp.info or doc/nncp.texi. diff --git a/common.mk b/common.mk index 3c253c3..08c5844 100644 --- a/common.mk +++ b/common.mk @@ -79,7 +79,7 @@ install: all doc cp -f doc/nncp.info $(INFODIR) chmod 644 $(INFODIR)/nncp.info mkdir -p $(DOCDIR) - cp -f -L AUTHORS INSTALL NEWS README README.RU $(DOCDIR) + cp -f -L AUTHORS INSTALL NEWS README $(DOCDIR) chmod 644 $(DOCDIR)/* install-strip: install diff --git a/doc/.gitignore b/doc/.gitignore new file mode 100644 index 0000000..8f28565 --- /dev/null +++ b/doc/.gitignore @@ -0,0 +1,2 @@ +nncp.info +nncp.html diff --git a/doc/Makefile b/doc/Makefile new file mode 100644 index 0000000..90f5a37 --- /dev/null +++ b/doc/Makefile @@ -0,0 +1,20 @@ +all: nncp.info nncp.html + +MAKEINFO ?= makeinfo + +nncp.info: *.texi + $(MAKEINFO) -o nncp.info index.texi + +CSS != cat style.css + +nncp.html: *.texi + rm -f nncp.html/*.html + $(MAKEINFO) --html \ + --set-customization-variable CSS_LINES='$(CSS)' \ + --set-customization-variable SHOW_TITLE=0 \ + --set-customization-variable USE_ACCESSKEY=0 \ + --set-customization-variable DATE_IN_HEADER=1 \ + --set-customization-variable TOP_NODE_UP_URL=index.html \ + --set-customization-variable CLOSE_QUOTE_SYMBOL=\" \ + --set-customization-variable OPEN_QUOTE_SYMBOL=\" \ + -o nncp.html index.texi diff --git a/doc/cfg.texi b/doc/cfg.texi new file mode 100644 index 0000000..3f114c5 --- /dev/null +++ b/doc/cfg.texi @@ -0,0 +1,4 @@ +@node Configuration +@unnumbered Configuration file + +TODO. diff --git a/doc/cmds.texi b/doc/cmds.texi new file mode 100644 index 0000000..af9369a --- /dev/null +++ b/doc/cmds.texi @@ -0,0 +1,62 @@ +@node Commands +@unnumbered Commands + +@node nncp-call +@section nncp-call + +TODO. + +@node nncp-check +@section nncp-check + +TODO. + +@node nncp-daemon +@section nncp-daemon + +TODO. + +@node nncp-file +@section nncp-file + +TODO. + +@node nncp-freq +@section nncp-freq + +TODO. + +@node nncp-log +@section nncp-log + +TODO. + +@node nncp-mail +@section nncp-mail + +TODO. + +@node nncp-newnode +@section nncp-newnode + +TODO. + +@node nncp-pkt +@section nncp-pkt + +TODO. + +@node nncp-stat +@section nncp-stat + +TODO. + +@node nncp-toss +@section nncp-toss + +TODO. + +@node nncp-xfer +@section nncp-xfer + +TODO. diff --git a/doc/comparison.texi b/doc/comparison.texi new file mode 100644 index 0000000..5ecb1a8 --- /dev/null +++ b/doc/comparison.texi @@ -0,0 +1,105 @@ +@node Comparison +@unnumbered Comparison with existing solutions + +Here is comparison with @url{https://en.wikipedia.org/wiki/UUCP, UUCP} +(Unix to Unix copy), FTN (@url{https://en.wikipedia.org/wiki/FidoNet, +FidoNet} Technology Networks) and @url{https://en.wikipedia.org/wiki/SMTP, SMTP} +(because it is also store-and-forward solution). + +@multitable @columnfractions 0.40 0.15 0.15 0.15 0.15 +@headitem @tab UUCP @tab FTN @tab NNCP @tab SMTP + +@item Ease of setup @tab Medium @tab Hard @tab Easy @tab Hard +@item Mail transmission @tab @strong{Yes} @tab @strong{Yes} @tab @strong{Yes} @tab @strong{Yes} +@item News transmission @tab @strong{Yes} @tab @strong{Yes} @tab No @tab No +@item File transmission @tab @strong{Yes} @tab @strong{Yes} @tab @strong{Yes} @tab No +@item Remote command execution @tab @strong{Yes} @tab No @tab No @tab No +@item Resumable downloads @tab @strong{Yes} @tab @strong{Yes} @tab @strong{Yes} @tab No +@item Packets prioritizing @tab @strong{Yes} @tab No @tab @strong{Yes} @tab No +@item Mail compression @tab No @tab @strong{Yes} @tab @strong{Yes} @tab No +@item SMTP integration @tab @strong{Yes} @tab No @tab @strong{Yes} @tab N/A +@item Push/poll @tab @strong{Both} @tab @strong{Both} @tab @strong{Both} @tab Push +@item Delay tolerant @tab @strong{Yes} @tab @strong{Yes} @tab @strong{Yes} @tab No +@item Intended network size @tab Dozens @tab Global @tab Dozens @tab Global +@item Routing @tab Manual/static @tab Automatic @tab Manual/static @tab Automatic +@item PSTN support @tab @strong{Yes} @tab @strong{Yes} @tab Possible @tab No +@item Anonymous peers @tab @strong{Yes} @tab No @tab No @tab @strong{Yes} +@item Peers authentication @tab PAP @tab PAP/CHAP @tab public-key @tab No +@item Packets encryption @tab No @tab No @tab @strong{Yes} @tab No +@item Metadata privacy @tab No @tab No @tab @strong{Yes} @tab No +@item Packets integrity check @tab No @tab No @tab @strong{Yes} @tab No +@item Sneakernet friendliness @tab No @tab No @tab @strong{Yes} @tab No + +@end multitable + +@table @strong + +@item Ease of setup + UUCP can be setup rather easily with few configuration files + and few lines in each of them. But you have to add some encryption + and authentication overlay for securing you data transmission. + + FTN is hard to setup because it is totally different world of + software comparing to Unix one. Even mail editor will be something + like GoldEd, not an ordinary email client. Moreover, there is no + out-of-box encryption and strong authentication involved. + + NNCP requires single YAML file editing and nothing more. + +@item News transmission + SMTP does not know anything about news, NNTP and so forth. Neither + does NNCP, because they are not used very much nowadays. + +@item File transmission + SMTP could transfer files only Base64-encoding them -- this is very + inefficient. + +@item Packets prioritizing + UUCP and NNCP will push higher priority ("grade" in UUCP + terminology) packets first. You mail will pass, even when many + gigabytes files is queued in parallel. + +@item SMTP integration + Mail servers like @url{http://www.postfix.org/, Postfix} offers + documentation and configuration file examples how to use it with + UUCP. @url{http://www.exim.org/, Exim} and + @url{http://www.sendmail.com/sm/open_source/, Sendmail} could be + integrated with UUCP rather easily too. For using NNCP, just replace + UUCP commands with NNCP ones. + +@item Push/poll + With SMTP, you have to wait online when remote peers will push you + the messages. There are extensions to the protocol allowing + poll-model, but they are not used everywhere. This is very important + to be independent from specified model and be able to exchange the + data with possibility you have. + +@item Delay tolerant + SMTP will drop messages that can not be delivered for a long time + (several days). Others are + @url{https://en.wikipedia.org/wiki/Delay-tolerant_networking, + tolerant} for the long delays. + +@item Routing + UUCP and NNCP does not known nothing about routing. You have to + explicitly tell how to send (what hops to use) packets to each node. + +@item PSTN support + UUCP and FidoNet always have been working with modems out-of-box. + Only many years later they gained support for working over TCP/IP + connections. SMTP works only over TCP/IP. NNCP currently has only + TCP daemon, but nothing prohibits using of another 8-bit aware + online transport. + +@item Anonymous peers + NNCP and FTN are friend-to-friend networks exclusively. This is very + secure and mitigates many possible man-in-the-middle attacks. + +@item Sneakernet friendliness + No one, except NNCP, supports data exchanging via removable storages + likes flash drives, CD-ROMs, tapes and hard drives. It can be + emulated for many FTN software, by manually copying files in its + inbound/outbound directories. But UUCP and SMTP software requires + more manual work to do so. + +@end table diff --git a/doc/fdl.txt b/doc/fdl.txt new file mode 100644 index 0000000..2f7e03c --- /dev/null +++ b/doc/fdl.txt @@ -0,0 +1,451 @@ + + GNU Free Documentation License + Version 1.3, 3 November 2008 + + + Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc. + + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +0. PREAMBLE + +The purpose of this License is to make a manual, textbook, or other +functional and useful document "free" in the sense of freedom: to +assure everyone the effective freedom to copy and redistribute it, +with or without modifying it, either commercially or noncommercially. +Secondarily, this License preserves for the author and publisher a way +to get credit for their work, while not being considered responsible +for modifications made by others. + +This License is a kind of "copyleft", which means that derivative +works of the document must themselves be free in the same sense. It +complements the GNU General Public License, which is a copyleft +license designed for free software. + +We have designed this License in order to use it for manuals for free +software, because free software needs free documentation: a free +program should come with manuals providing the same freedoms that the +software does. But this License is not limited to software manuals; +it can be used for any textual work, regardless of subject matter or +whether it is published as a printed book. We recommend this License +principally for works whose purpose is instruction or reference. + + +1. APPLICABILITY AND DEFINITIONS + +This License applies to any manual or other work, in any medium, that +contains a notice placed by the copyright holder saying it can be +distributed under the terms of this License. Such a notice grants a +world-wide, royalty-free license, unlimited in duration, to use that +work under the conditions stated herein. The "Document", below, +refers to any such manual or work. Any member of the public is a +licensee, and is addressed as "you". You accept the license if you +copy, modify or distribute the work in a way requiring permission +under copyright law. + +A "Modified Version" of the Document means any work containing the +Document or a portion of it, either copied verbatim, or with +modifications and/or translated into another language. + +A "Secondary Section" is a named appendix or a front-matter section of +the Document that deals exclusively with the relationship of the +publishers or authors of the Document to the Document's overall +subject (or to related matters) and contains nothing that could fall +directly within that overall subject. (Thus, if the Document is in +part a textbook of mathematics, a Secondary Section may not explain +any mathematics.) The relationship could be a matter of historical +connection with the subject or with related matters, or of legal, +commercial, philosophical, ethical or political position regarding +them. + +The "Invariant Sections" are certain Secondary Sections whose titles +are designated, as being those of Invariant Sections, in the notice +that says that the Document is released under this License. If a +section does not fit the above definition of Secondary then it is not +allowed to be designated as Invariant. The Document may contain zero +Invariant Sections. If the Document does not identify any Invariant +Sections then there are none. + +The "Cover Texts" are certain short passages of text that are listed, +as Front-Cover Texts or Back-Cover Texts, in the notice that says that +the Document is released under this License. A Front-Cover Text may +be at most 5 words, and a Back-Cover Text may be at most 25 words. + +A "Transparent" copy of the Document means a machine-readable copy, +represented in a format whose specification is available to the +general public, that is suitable for revising the document +straightforwardly with generic text editors or (for images composed of +pixels) generic paint programs or (for drawings) some widely available +drawing editor, and that is suitable for input to text formatters or +for automatic translation to a variety of formats suitable for input +to text formatters. A copy made in an otherwise Transparent file +format whose markup, or absence of markup, has been arranged to thwart +or discourage subsequent modification by readers is not Transparent. +An image format is not Transparent if used for any substantial amount +of text. A copy that is not "Transparent" is called "Opaque". + +Examples of suitable formats for Transparent copies include plain +ASCII without markup, Texinfo input format, LaTeX input format, SGML +or XML using a publicly available DTD, and standard-conforming simple +HTML, PostScript or PDF designed for human modification. Examples of +transparent image formats include PNG, XCF and JPG. Opaque formats +include proprietary formats that can be read and edited only by +proprietary word processors, SGML or XML for which the DTD and/or +processing tools are not generally available, and the +machine-generated HTML, PostScript or PDF produced by some word +processors for output purposes only. + +The "Title Page" means, for a printed book, the title page itself, +plus such following pages as are needed to hold, legibly, the material +this License requires to appear in the title page. For works in +formats which do not have any title page as such, "Title Page" means +the text near the most prominent appearance of the work's title, +preceding the beginning of the body of the text. + +The "publisher" means any person or entity that distributes copies of +the Document to the public. + +A section "Entitled XYZ" means a named subunit of the Document whose +title either is precisely XYZ or contains XYZ in parentheses following +text that translates XYZ in another language. (Here XYZ stands for a +specific section name mentioned below, such as "Acknowledgements", +"Dedications", "Endorsements", or "History".) To "Preserve the Title" +of such a section when you modify the Document means that it remains a +section "Entitled XYZ" according to this definition. + +The Document may include Warranty Disclaimers next to the notice which +states that this License applies to the Document. These Warranty +Disclaimers are considered to be included by reference in this +License, but only as regards disclaiming warranties: any other +implication that these Warranty Disclaimers may have is void and has +no effect on the meaning of this License. + +2. VERBATIM COPYING + +You may copy and distribute the Document in any medium, either +commercially or noncommercially, provided that this License, the +copyright notices, and the license notice saying this License applies +to the Document are reproduced in all copies, and that you add no +other conditions whatsoever to those of this License. You may not use +technical measures to obstruct or control the reading or further +copying of the copies you make or distribute. However, you may accept +compensation in exchange for copies. If you distribute a large enough +number of copies you must also follow the conditions in section 3. + +You may also lend copies, under the same conditions stated above, and +you may publicly display copies. + + +3. COPYING IN QUANTITY + +If you publish printed copies (or copies in media that commonly have +printed covers) of the Document, numbering more than 100, and the +Document's license notice requires Cover Texts, you must enclose the +copies in covers that carry, clearly and legibly, all these Cover +Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on +the back cover. Both covers must also clearly and legibly identify +you as the publisher of these copies. The front cover must present +the full title with all words of the title equally prominent and +visible. You may add other material on the covers in addition. +Copying with changes limited to the covers, as long as they preserve +the title of the Document and satisfy these conditions, can be treated +as verbatim copying in other respects. + +If the required texts for either cover are too voluminous to fit +legibly, you should put the first ones listed (as many as fit +reasonably) on the actual cover, and continue the rest onto adjacent +pages. + +If you publish or distribute Opaque copies of the Document numbering +more than 100, you must either include a machine-readable Transparent +copy along with each Opaque copy, or state in or with each Opaque copy +a computer-network location from which the general network-using +public has access to download using public-standard network protocols +a complete Transparent copy of the Document, free of added material. +If you use the latter option, you must take reasonably prudent steps, +when you begin distribution of Opaque copies in quantity, to ensure +that this Transparent copy will remain thus accessible at the stated +location until at least one year after the last time you distribute an +Opaque copy (directly or through your agents or retailers) of that +edition to the public. + +It is requested, but not required, that you contact the authors of the +Document well before redistributing any large number of copies, to +give them a chance to provide you with an updated version of the +Document. + + +4. MODIFICATIONS + +You may copy and distribute a Modified Version of the Document under +the conditions of sections 2 and 3 above, provided that you release +the Modified Version under precisely this License, with the Modified +Version filling the role of the Document, thus licensing distribution +and modification of the Modified Version to whoever possesses a copy +of it. In addition, you must do these things in the Modified Version: + +A. Use in the Title Page (and on the covers, if any) a title distinct + from that of the Document, and from those of previous versions + (which should, if there were any, be listed in the History section + of the Document). You may use the same title as a previous version + if the original publisher of that version gives permission. +B. List on the Title Page, as authors, one or more persons or entities + responsible for authorship of the modifications in the Modified + Version, together with at least five of the principal authors of the + Document (all of its principal authors, if it has fewer than five), + unless they release you from this requirement. +C. State on the Title page the name of the publisher of the + Modified Version, as the publisher. +D. Preserve all the copyright notices of the Document. +E. Add an appropriate copyright notice for your modifications + adjacent to the other copyright notices. +F. Include, immediately after the copyright notices, a license notice + giving the public permission to use the Modified Version under the + terms of this License, in the form shown in the Addendum below. +G. Preserve in that license notice the full lists of Invariant Sections + and required Cover Texts given in the Document's license notice. +H. Include an unaltered copy of this License. +I. Preserve the section Entitled "History", Preserve its Title, and add + to it an item stating at least the title, year, new authors, and + publisher of the Modified Version as given on the Title Page. If + there is no section Entitled "History" in the Document, create one + stating the title, year, authors, and publisher of the Document as + given on its Title Page, then add an item describing the Modified + Version as stated in the previous sentence. +J. Preserve the network location, if any, given in the Document for + public access to a Transparent copy of the Document, and likewise + the network locations given in the Document for previous versions + it was based on. These may be placed in the "History" section. + You may omit a network location for a work that was published at + least four years before the Document itself, or if the original + publisher of the version it refers to gives permission. +K. For any section Entitled "Acknowledgements" or "Dedications", + Preserve the Title of the section, and preserve in the section all + the substance and tone of each of the contributor acknowledgements + and/or dedications given therein. +L. Preserve all the Invariant Sections of the Document, + unaltered in their text and in their titles. Section numbers + or the equivalent are not considered part of the section titles. +M. Delete any section Entitled "Endorsements". Such a section + may not be included in the Modified Version. +N. Do not retitle any existing section to be Entitled "Endorsements" + or to conflict in title with any Invariant Section. +O. Preserve any Warranty Disclaimers. + +If the Modified Version includes new front-matter sections or +appendices that qualify as Secondary Sections and contain no material +copied from the Document, you may at your option designate some or all +of these sections as invariant. To do this, add their titles to the +list of Invariant Sections in the Modified Version's license notice. +These titles must be distinct from any other section titles. + +You may add a section Entitled "Endorsements", provided it contains +nothing but endorsements of your Modified Version by various +parties--for example, statements of peer review or that the text has +been approved by an organization as the authoritative definition of a +standard. + +You may add a passage of up to five words as a Front-Cover Text, and a +passage of up to 25 words as a Back-Cover Text, to the end of the list +of Cover Texts in the Modified Version. Only one passage of +Front-Cover Text and one of Back-Cover Text may be added by (or +through arrangements made by) any one entity. If the Document already +includes a cover text for the same cover, previously added by you or +by arrangement made by the same entity you are acting on behalf of, +you may not add another; but you may replace the old one, on explicit +permission from the previous publisher that added the old one. + +The author(s) and publisher(s) of the Document do not by this License +give permission to use their names for publicity for or to assert or +imply endorsement of any Modified Version. + + +5. COMBINING DOCUMENTS + +You may combine the Document with other documents released under this +License, under the terms defined in section 4 above for modified +versions, provided that you include in the combination all of the +Invariant Sections of all of the original documents, unmodified, and +list them all as Invariant Sections of your combined work in its +license notice, and that you preserve all their Warranty Disclaimers. + +The combined work need only contain one copy of this License, and +multiple identical Invariant Sections may be replaced with a single +copy. If there are multiple Invariant Sections with the same name but +different contents, make the title of each such section unique by +adding at the end of it, in parentheses, the name of the original +author or publisher of that section if known, or else a unique number. +Make the same adjustment to the section titles in the list of +Invariant Sections in the license notice of the combined work. + +In the combination, you must combine any sections Entitled "History" +in the various original documents, forming one section Entitled +"History"; likewise combine any sections Entitled "Acknowledgements", +and any sections Entitled "Dedications". You must delete all sections +Entitled "Endorsements". + + +6. COLLECTIONS OF DOCUMENTS + +You may make a collection consisting of the Document and other +documents released under this License, and replace the individual +copies of this License in the various documents with a single copy +that is included in the collection, provided that you follow the rules +of this License for verbatim copying of each of the documents in all +other respects. + +You may extract a single document from such a collection, and +distribute it individually under this License, provided you insert a +copy of this License into the extracted document, and follow this +License in all other respects regarding verbatim copying of that +document. + + +7. AGGREGATION WITH INDEPENDENT WORKS + +A compilation of the Document or its derivatives with other separate +and independent documents or works, in or on a volume of a storage or +distribution medium, is called an "aggregate" if the copyright +resulting from the compilation is not used to limit the legal rights +of the compilation's users beyond what the individual works permit. +When the Document is included in an aggregate, this License does not +apply to the other works in the aggregate which are not themselves +derivative works of the Document. + +If the Cover Text requirement of section 3 is applicable to these +copies of the Document, then if the Document is less than one half of +the entire aggregate, the Document's Cover Texts may be placed on +covers that bracket the Document within the aggregate, or the +electronic equivalent of covers if the Document is in electronic form. +Otherwise they must appear on printed covers that bracket the whole +aggregate. + + +8. TRANSLATION + +Translation is considered a kind of modification, so you may +distribute translations of the Document under the terms of section 4. +Replacing Invariant Sections with translations requires special +permission from their copyright holders, but you may include +translations of some or all Invariant Sections in addition to the +original versions of these Invariant Sections. You may include a +translation of this License, and all the license notices in the +Document, and any Warranty Disclaimers, provided that you also include +the original English version of this License and the original versions +of those notices and disclaimers. In case of a disagreement between +the translation and the original version of this License or a notice +or disclaimer, the original version will prevail. + +If a section in the Document is Entitled "Acknowledgements", +"Dedications", or "History", the requirement (section 4) to Preserve +its Title (section 1) will typically require changing the actual +title. + + +9. TERMINATION + +You may not copy, modify, sublicense, or distribute the Document +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense, or distribute it is void, and +will automatically terminate your rights under this License. + +However, if you cease all violation of this License, then your license +from a particular copyright holder is reinstated (a) provisionally, +unless and until the copyright holder explicitly and finally +terminates your license, and (b) permanently, if the copyright holder +fails to notify you of the violation by some reasonable means prior to +60 days after the cessation. + +Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + +Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, receipt of a copy of some or all of the same material does +not give you any rights to use it. + + +10. FUTURE REVISIONS OF THIS LICENSE + +The Free Software Foundation may publish new, revised versions of the +GNU Free Documentation License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in +detail to address new problems or concerns. See +http://www.gnu.org/copyleft/. + +Each version of the License is given a distinguishing version number. +If the Document specifies that a particular numbered version of this +License "or any later version" applies to it, you have the option of +following the terms and conditions either of that specified version or +of any later version that has been published (not as a draft) by the +Free Software Foundation. If the Document does not specify a version +number of this License, you may choose any version ever published (not +as a draft) by the Free Software Foundation. If the Document +specifies that a proxy can decide which future versions of this +License can be used, that proxy's public statement of acceptance of a +version permanently authorizes you to choose that version for the +Document. + +11. RELICENSING + +"Massive Multiauthor Collaboration Site" (or "MMC Site") means any +World Wide Web server that publishes copyrightable works and also +provides prominent facilities for anybody to edit those works. A +public wiki that anybody can edit is an example of such a server. A +"Massive Multiauthor Collaboration" (or "MMC") contained in the site +means any set of copyrightable works thus published on the MMC site. + +"CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 +license published by Creative Commons Corporation, a not-for-profit +corporation with a principal place of business in San Francisco, +California, as well as future copyleft versions of that license +published by that same organization. + +"Incorporate" means to publish or republish a Document, in whole or in +part, as part of another Document. + +An MMC is "eligible for relicensing" if it is licensed under this +License, and if all works that were first published under this License +somewhere other than this MMC, and subsequently incorporated in whole or +in part into the MMC, (1) had no cover texts or invariant sections, and +(2) were thus incorporated prior to November 1, 2008. + +The operator of an MMC Site may republish an MMC contained in the site +under CC-BY-SA on the same site at any time before August 1, 2009, +provided the MMC is eligible for relicensing. + + +ADDENDUM: How to use this License for your documents + +To use this License in a document you have written, include a copy of +the License in the document and put the following copyright and +license notices just after the title page: + + Copyright (c) YEAR YOUR NAME. + Permission is granted to copy, distribute and/or modify this document + under the terms of the GNU Free Documentation License, Version 1.3 + or any later version published by the Free Software Foundation; + with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. + A copy of the license is included in the section entitled "GNU + Free Documentation License". + +If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, +replace the "with...Texts." line with this: + + with the Invariant Sections being LIST THEIR TITLES, with the + Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. + +If you have Invariant Sections without Cover Texts, or some other +combination of the three, merge those two alternatives to suit the +situation. + +If your document contains nontrivial examples of program code, we +recommend releasing these examples in parallel under your choice of +free software license, such as the GNU General Public License, +to permit their use in free software. diff --git a/doc/index.texi b/doc/index.texi new file mode 100644 index 0000000..1307c0f --- /dev/null +++ b/doc/index.texi @@ -0,0 +1,75 @@ +\input texinfo +@documentencoding UTF-8 +@settitle NNCP + +@copying +This manual is for NNCP (Node to Node copy) -- collection of utilities +simplifying secure store-and-forward files and mail exchanging. + +Copyright @copyright{} 2016-2017 @email{stargrave@@stargrave.org, Sergey Matveev} + +@quotation +Permission is granted to copy, distribute and/or modify this document +under the terms of the GNU Free Documentation License, Version 1.3 +or any later version published by the Free Software Foundation; +with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. +A copy of the license is included in the section entitled "Copying conditions". +@end quotation +@end copying + +@node Top +@top NNCP + +NNCP (Node to Node copy) is a collection of utilities simplifying +secure store-and-forward files and mail exchanging. + +This utilities are intended to help build up small size (dozens of +nodes) ad-hoc @url{https://en.wikipedia.org/wiki/Friend-to-friend, +friend-to-friend} (F2F) statically routed +@url{https://en.wikipedia.org/wiki/Darknet, darknet} networks for +fire-and-forget secure reliable files, file requests and Internet mail +transmission. All packets are integrity checked, +@url{https://en.wikipedia.org/wiki/End-to-end_encryption, end-to-end} +encrypted, explicitly authenticated by known participants public keys. +@url{https://en.wikipedia.org/wiki/Onion_routing, Onion encryption} is +applied to relayed packets. Each node acts both as a client and server, +can use push and poll behaviour model. + +Out-of-box offline @url{https://en.wikipedia.org/wiki/Sneakernet, +sneakernet/floppynet}, @url{https://en.wikipedia.org/wiki/Dead_drop, +dead drops} and @url{https://en.wikipedia.org/wiki/Air_gap_(networking), +air-gapped} computers support. But online TCP daemon with full-duplex +resumable data transmission exists. + +NNCP is @url{https://www.gnu.org/philosophy/pragmatic.html, copylefted} +@url{https://www.gnu.org/philosophy/free-sw.html, free software} +licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}. +It should work on all @url{https://en.wikipedia.org/wiki/POSIX, +POSIX}-compatible systems. Easy integration with existing +@url{https://en.wikipedia.org/wiki/SMTP, SMTP} servers. Single +@url{http://yaml.org/, YAML} configuration file. + +@menu +* Comparison with existing solutions: Comparison. +* Use cases:: +* Commands:: +* Configuration file: Configuration. +* Packet format: Packet. +* Sync protocol: Sync. +* Copying conditions:: +@end menu + +@include comparison.texi +@include usecases.texi +@include cmds.texi +@include cfg.texi +@include pkt.texi +@include sp.texi + +@node Copying conditions +@unnumbered Copying conditions + +@insertcopying +@verbatiminclude fdl.txt + +@bye diff --git a/doc/pkt.texi b/doc/pkt.texi new file mode 100644 index 0000000..87484a1 --- /dev/null +++ b/doc/pkt.texi @@ -0,0 +1,156 @@ +@node Packet +@unnumbered Packet format + +All packets are +@url{https://en.wikipedia.org/wiki/External_Data_Representation, +XDR}-encoded structures. + +@menu +* Plain packet: Plain. +* Encrypted packet: Encrypted. +@end menu + +@node Plain +@section Plain packet + +Plain packet contains either the whole file, or file request (freq), or +transition packet or email message. It is called "plain", because it +contains plaintext, but plain packets would never be stored on your hard +drive. + +Each packet has the following header: + +@verbatim + HEADER ++-------------------------------+--...---+ +| MAGIC | TYPE | PATHLEN | PATH | PAYLOAD| ++-------------------------------+--...---+ +@end verbatim + +@multitable @columnfractions 0.2 0.3 0.5 +@headitem @tab XDR type @tab Value + +@item Magic number @tab + 8-byte, fixed length opaque data @tab + @code{NNCPP0x10x00x00} + +@item Payload type @tab + unsigned integer @tab + 0 (file), 1 (freq), 2 (mail), 3 (transition) + +@item Path length @tab + unsigned integer @tab + actual length of following field's payload + +@item Path @tab + 255 byte, fixed length opaque data @tab + @itemize + @item UTF-8 encoded destination path for file transfer + @item UTF-8 encoded source path for file request + @item UTF-8 encoded, space separated, email recipients list + @item Node id the transition packet must be relayed on + @end itemize + +@end multitable + +Path has fixed size because of hiding its actual length -- it is +valuable metadata. + +Actual payload comes after that header to the very end: + +@itemize +@item File contents +@item Destination path for freq +@item @url{http://zlib.net/, zlib} compressed email +@item Whole encrypted packet we need to relay on +@end itemize + +@node Encrypted +@section Encrypted packet + +Encrypted packets are the only files found in spools, in exchangeable +storages and that are synchronized between TCP daemons. + +Each encrypted packet has the following header: + +@verbatim + HEADER ++--------------------------------------------+-------...--------+ +| MAGIC | NICE | SENDER | EPUB | SIGN | SIZE | CIPHERTEXT | MAC | ++------------------------------/------\------+-------...--------+ + / \ + +--------------------------------------------+ + | MAGIC | NICE | RCPT | SENDER | EPUB | SIZE | + +--------------------------------------------+ +@end verbatim + +@multitable @columnfractions 0.2 0.3 0.5 +@headitem @tab XDR type @tab Value + +@item Magic number @tab + 8-byte, fixed length opaque data @tab + @code{NNCPE0x10x00x00} + +@item Niceness @tab + unsigned integer @tab + 1-255, packet niceness level, its priority. + Lower value means higher precedence + +@item Sender @tab + 32-byte, fixed length opaque data @tab + Sender node's id + +@item Exchange public key @tab + 32-byte, fixed length opaque data @tab + Ephemeral curve25519 public key + +@item Signature @tab + 64-byte, fixed length opaque data @tab + ed25519 signature for that encrypted packet + +@item Size @tab + unsigned hyper integer @tab + Encrypted payload size + +@end multitable + +Signature is calculated over the following structure: + +@itemize +@item Magic number +@item Niceness +@item Recipient (32-byte recipient node's id) +@item Sender +@item Exchange public key +@item Size +@end itemize + +Actual encrypted payload comes after that header. Payload is encrypted +using @url{https://www.schneier.com/academic/twofish/, Twofish} +algorithm with 256-bit key in +@url{https://en.wikipedia.org/wiki/Counter_mode#Counter_.28CTR.29, CTR} +mode of operation with zero initialization vector (because each +encrypted packet has ephemeral exchange key). Ciphertext's length is +equal to plaintext. @url{https://blake2.net/, BLAKE2b-256} MAC is +appended to the ciphertext. + +Each node has static @strong{exchange} and @strong{signature} keypairs. +When node A want to send encrypted packet to node B, it: + +@enumerate +@item generates ephemeral @url{http://cr.yp.to/ecdh.html, curve25519} keypair +@item prepares structure for signing (underlying payload size must be +already known) +@item signs that structure using private @url{http://ed25519.cr.yp.to/, +ed25519} signature key +@item takes remote node's exchange public key and performs +Diffie-Hellman computation on this remote static public key and private +ephemeral one +@item derived ephemeral key used as an input to +@url{https://en.wikipedia.org/wiki/HKDF, HKDF}-BLAKE2b-256 key +derivation function +@item two 256-bit keys are derived from it for using with Twofish and +BLAKE2b-MAC functions +@item Twofish encryption and BLAKE2b-MACing is performed over the +plaintext. Ciphertext and MAC tag are appended to the header +@end enumerate diff --git a/doc/sp.texi b/doc/sp.texi new file mode 100644 index 0000000..ff08090 --- /dev/null +++ b/doc/sp.texi @@ -0,0 +1,16 @@ +@node Sync +@unnumbered Sync protocol + +So-called sync protocol is used in current TCP daemon's implementation. +It is aimed to be very simple and effective. It is used over reliable +transport like TCP connections. + +It must be effective both on single-duplex and full-duplex links (for +example satellites have very high throughput, but high-delay links). +Acknowledging of each received packet, like +@url{https://en.wikipedia.org/wiki/XMODEM, XMODEM} does, causes +unacceptable performance degradation. + +TODO + +http://noiseprotocol.org/noise.html#interactive-patterns diff --git a/doc/style.css b/doc/style.css new file mode 100644 index 0000000..dc94af9 --- /dev/null +++ b/doc/style.css @@ -0,0 +1,10 @@ + diff --git a/doc/usecases.texi b/doc/usecases.texi new file mode 100644 index 0000000..e498eb0 --- /dev/null +++ b/doc/usecases.texi @@ -0,0 +1,214 @@ +@node Use cases +@unnumbered Use cases + +@table @strong + +@item Occasional connection to mail server + +Assume that you have got your own @url{http://www.postfix.org/, Postfix} +SMTP server connected to the Internet. But you read and write emails on +your notebook, that is connected to it just from time to time. How can +you flush buffered mail queues when your notebook is connected? + +One possibility is to log in and run something like @command{postqueue +-f}, but by default you have got only several days so and sender will +receive notification emails that his messages still are not delivered +yet. Also you must have secure link (SSH, VPN, etc). + +Another possibility is to use POP3/IMAP4 servers, but this is too +overcomplicated and bloated for the simple task. Not an option. + +Just tell both of your Postfixes (on the server and notebook) to drop +email as a mail via NNCP to specified node. Search for @code{uucp} +related strings in @code{master.cf} and replace command to NNCP ones: + +@verbatim +nncp unix - n n - - pipe + flags=Fqhu user=nncp argv=nncp-mail -quiet $nexthop $recipient +@end verbatim + +Now, all mail will be stored in NNCP spool, that after exchanging and +tossing will call local @code{sendmail} command to deliver them just +that was happened on the same machine. + +@item Unreliable/expensive communication link + +Assume that you have got slow modem/radio/cellular link that frequently +disconnects and causes TCP timeouts. Not all HTTP servers support file +download continuation. SMTP does not support resuming at all and heavy +messages is a problem to retrieve. Moreover, each disconnect leads to +the same data retransmission again, that can be expensive to afford. + +Just send your mail and files through NNCP. You can use either offline +delivery methods -- read about them below, or you can use included NNCP +TCP daemon. + +The command below: + +@verbatim +% nncp-file file_i_want_to_send bob: +% nncp-file another_file bob:movie.avi +@end verbatim + +will queue two files for sending to @code{bob} node. Fire and forget! +Now this is daemon's job (or offline transfer) to send this file part by +part to remote system when it is available. + +@item Slow/expensive link for high-volume data + +Assume that you can give your relatively cheap 2 TiB removable hard +drive to someone each day at the morning (and take it back at the +evening). This equals to 185 Mbps good quality (without any speed +degradation) link in single direction. What about more and bigger hard +drives? This type of data transferring is called +@url{https://en.wikipedia.org/wiki/Sneakernet, sneakernet}/floppynet. + +@item Extreme terrestrial environments, no link + +This is some kind of too slow link. Offline delivery methods is the only +choice. Just send files as shown above, but use removable media for +transferring packets to other nodes. + +Assume that you send two files to @code{bob} node. Insert USB storage +device, mount it and run: + +@verbatim +% nncp-xfer -node bob /media/usbstick +@end verbatim + +to copy all outbound packets related to @code{bob}'s node. Use +@code{-force} option to forcefully create related directory on USB +storage if they are missing (for example when running for the first +time). + +If you use single storage device to transfer data both to @code{bob} and +@code{alice}, then just omit @code{-node} option to copy all existing +outgoing packets to that storage device. + +@verbatim +% nncp-xfer /media/usbstick +@end verbatim + +Unmount it and transfer somehow to Bob and Alice. When they will insert +it in their computers, they will use exactly the same command: + +@verbatim +% nncp-xfer /media/usbstick +@end verbatim + +to find all packets related to their node and copy them locally for +further processing. @code{nncp-xfer} is the only command used with +removable devices. + +@item Private, isolated MitM-resistant networks + +All Internet connections can be eavesdropped and forged. You +@strong{have to} to use encryption and authentication for securing them. +But it is very hard to secure metadata, that leaks during each online +session. When you start your shiny new software server be sure that +there could be huge quantity of bogus peers trying to perform +@url{https://en.wikipedia.org/wiki/Sybil_attack, Sybil attack}. Opennet +peer-to-peer networking is dangerous thing to do. + +The most popular cryptographic protocol in Internet is +@url{https://en.wikipedia.org/wiki/Transport_Layer_Security, TLS} that +is very hard to implement right and hard to configure for mutual +participants authentication. Not all TLS configurations and related +protocols provide @url{https://en.wikipedia.org/wiki/Forward_secrecy, +forward secrecy} property -- all previously intercepted packets could be +read if private keys are compromised. + +Friend-to-friend networks, darknets can mitigate risks related to fake +and forged nodes. However they are harder to support require more time +to be done right. + +NNCP's TCP daemon uses @url{http://noiseprotocol.org/, Noise-IK} +protocol to mutually authenticate peers and provide effective (both +participants send payload in the very first packet) secure transport +with forward secrecy property. + +@verbatim +% nncp-daemon -bind [::]:5400 +@end verbatim +will start TCP daemon listening on all interfaces for incoming +connections. + +@verbatim +% nncp-call bob +@end verbatim +will try to connect to @code{bob}'s node known TCP addresses (taken from +configuration file) and send all related outbound packets and retrieve +those the Bob has. All interrupted transfers will be automatically +resumed. + +@item Highly secure isolated air-gap computers + +If you worry much about security, then air-gapped computer could be the +only choice you can afford. Computer without any modems, wired and +wireless networks. Obviously the only possibility to exchange mail and +files is to use physically removable storage devices like CD-ROM, hard +drive, tape and USB flash drives (worst choice, due to those devices +complexity). + +Presumably you have got another own hop before that computer: another +intermediate node which performs basic verification of retrieved storage +devices, possibly by rewriting the data from USB/hard drives to CD-RWs. + +NNCP supports packets relying (transitioning) out-of-box. + +@verbatim +neigh: + bob: + [...] + addrs: + lan: [fe80::5400%igb0]:5400 + bob-airgap: + [...] + via: [bob] +@end verbatim + +That configuration file tells that we have got two known neighbours +(nodes, peers): @code{bob} and @code{bob-airgap}. @code{bob} can be +reached via online connection using @code{lan} address. +@code{bob-airgap} can be reached by sending intermediate relay packet +through the @code{bob}. + +Any command like @code{nncp-file myfile bob-airgap:} will automatically +create two packets: one for the destination endpoint, other for +intermediate relaying node. + +Pay attention that relaying node knows nothing about the packet inside, +but just its size and priority. Transition packets are encrypted too. +@code{bob} can not read @code{bob-airgap}'s packets. + +@item Reconnaissance, spying, intelligence, covert agents + +Those guys know how Internet is a dangerous place incompatible with +privacy. They require quick, fast dropping and picking of data. No +possibility of many round-trips -- just drop the data, fire-and-forget. +It could be either removable media again, or +@url{https://en.wikipedia.org/wiki/USB_dead_drop, USB dead drops}, or +@url{https://en.wikipedia.org/wiki/PirateBox, PirateBox}es, or +@url{https://en.wikipedia.org/wiki/Short-range_agent_communications, SRAC}. +Short lived short range networks like Bluetooth and WiFi can also +be pretty fast, allowing to quickly fire chunks of queued packets. + +Very important property is that compromising of those dead drops and +storages must not be fatal and even dangerous. Packets sent through the +network and exchanged via those devices are end-to-end encrypted (but +unfortunately without forward secrecy property). No filenames, mail +recipients are seen. + +All communications are done with so-called spool area: directory +containing only those unprocessed encrypted packets. After packet +transfer you still can not read any mail of get files: you have to run +another stage: tossing. Only that stage involves your private +cryptographic keys. So even if your loose your computer, storage devices +and so on -- it is not so bad, because you are not carrying private keys +with it, you do not "toss" those packets immediately on the same device. + +Tossing (reading those encrypted packets and extracting transferred +files and mail messages) could and should be done on a separate +computer. + +@end table -- 2.44.0