Evgeny Poberezkin
b76ef03dbe
ntf: server stats ( #487 )
...
* nts: server stats
* ntf: collect stats, refactor
* rename property
* fixes
2022-08-01 08:42:23 +01:00
Evgeny Poberezkin
cde8a11693
update stats logging and make it opt-in ( #472 )
...
* update stats logging and make it opt-in
* hSetBuffering
* update var name
2022-07-15 13:21:02 +01:00
Evgeny Poberezkin
bc26dc1d68
save and restore server stats on restart ( #460 )
2022-07-04 10:45:35 +01:00
Evgeny Poberezkin
77f1d45021
fix invalid ini syntax ( #452 )
2022-07-01 22:38:39 +01:00
Evgeny Poberezkin
91802fe94f
Merge branch 'master' into f/notifications
2022-06-12 16:49:56 +01:00
Evgeny Poberezkin
0a71822dd0
v2.3.0: save and restore messages when the server is restarted ( #395 )
...
* save and restore messages when server is restarted
* read file line by line
* add import
* optmize restoring messages by reading the whole file
* update version to 2.3.0
* update scripts
* add script
* update readme
2022-06-12 15:59:14 +01:00
Evgeny Poberezkin
c1348aa54f
SMP connection handshake v2 ( #390 )
...
* SMP connection handshake v2
* hadshake v2 [mostly] works
* all tests pass, some race conditions remain
* fix build
* fix race conditions, send CON after all HELLOs in duplexHandshake mode
* add comments
* comment
* add comments
2022-06-09 13:47:07 +01:00
Evgeny Poberezkin
fd410280b5
gracefully close sockets on client disconnection ( #373 )
...
* gracefully close sockets on client disconnection
* remove -threaded
2022-05-24 19:38:14 +01:00
Evgeny Poberezkin
49070fffe0
make server compatible with old ini files ( #372 )
...
* make server compatible with old ini files
* fix
* clean up
2022-05-18 18:30:06 +01:00
Evgeny Poberezkin
4e4eea34f9
server: configuration to expire inactive clients in ini file ( #369 )
...
* server: configuration to expire inactive clients in ini file
* corrections
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com>
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com>
2022-05-11 15:43:54 +04:00
Evgeny Poberezkin
ace94d7c69
log server stats ( #367 )
...
* log server stats
* separate stats updates from the existing transactions
2022-04-30 13:47:21 +01:00
Evgeny Poberezkin
1064e9c315
disconnect inactive clients ( #366 )
...
* disconnect inactive clients
* update test description
* use one thread per client to disconnect inactive clients
* remove comments
* more comments
2022-04-30 10:56:01 +01:00
Evgeny Poberezkin
60d0f19121
Merge branch 'master' into notifications-server
2022-04-20 08:23:26 +01:00
Evgeny Poberezkin
68f52c47dd
message TTL and periodic expiration; setting to prevent creation of the new queues ( #355 )
...
* message TTL and periodic expiration; setting to prevent creation of the new queues
* fix expiration interval
2022-04-20 08:14:26 +01:00
Evgeny Poberezkin
fb26916eea
ntf-server CLI, re-use SMP server CLI as a library ( #347 )
...
* ntf-server CLI, re-use SMP server CLI as a library
* add executable name
2022-04-03 10:37:32 +01:00
JRoberts
337d5bdfe7
add "SMP server on Linux" section to README ( #337 )
2022-03-26 19:57:18 +04:00
Evgeny Poberezkin
4a66f68c55
reduce server message queue quota to 128 messages ( #323 )
2022-02-26 17:49:21 +04:00
Evgeny Poberezkin
b777a4fd93
split the server dependencies from the agent ( #310 )
...
* split the server dependencies from the agent
* remove redundant imports
* fix Main.hs
2022-01-21 17:33:47 +00:00
Evgeny Poberezkin
26a01dfc40
explicitely set line buffering in stdout/stderr to log each lines when output is redirected to files ( #290 )
2022-01-14 08:34:34 +00:00
Efim Poberezkin
3909c7b10e
remove Subject Alternative Names from server certificate ( #281 )
2022-01-11 20:48:27 +04:00
Efim Poberezkin
d48da40f7e
add IP and FQDN to online certificate ( #278 )
2022-01-11 16:35:06 +04:00
Efim Poberezkin
14afa24a0a
disable websockets by default ( #277 )
2022-01-11 11:21:02 +04:00
Efim Poberezkin
4727e568d5
fix x509 call to be compatible with openssl version 1.1.1 ( #253 )
2022-01-03 20:59:53 +04:00
Evgeny Poberezkin
f3523bbba9
make KeyHash non-optional, verify KeyHash in SMP handshake, use StrEncoding class ( #250 )
...
* make KeyHash non-optional, StrEncoding class
* change server URI format in agent config, refactor with StrEncoding
* refactor Crypto using checkAlgorithm
* refactor parsing connection requests
* prepare to validate CA fingerprint sent in client handshake
* KeyHash check in handshake
* rename type to CliCommand
* server validates keyhash sent by the client
* validate -a option when parsing
* more of StrEncoding
2022-01-02 22:24:43 +00:00
Efim Poberezkin
33bb38299b
refactor server Main.hs ( #248 )
2022-01-02 21:49:40 +04:00
Evgeny Poberezkin
5e29e3698e
binary SMP protocol encoding, split Command type to two types ( #245 )
...
* binary SMP protocol encoding (server tests fail)
* use 1 byte for bytestring length when encoding/decoding
* Encoding class, binary tags
* update server tests
* negotiate SMP version in client/server handshake
* add version columns to queues and connections
* split parsing SMP client commands and server responses to different functions
* check uniqueness of protocol tags
* split client commands and server responses/messages to separate types
* update types in SMP client
* remove pattern synonyms for SMP errors
* simplify getHandshake
* update SMP protocol encoding in protocol spec
* encode time as a number of seconds (64-bit integer) since epoch
2022-01-01 13:10:19 +00:00
Evgeny Poberezkin
73cad5a6c4
simple per-queue e2e encryption with NaCl crypto_box ( #242 )
...
* simple per-queue e2e encryption with NaCl crypto_box
* add e2e keys and DH secrets to schema
* agree and save shared DH secret per queue (not used yet)
* protocol changes for uniform padding and message part lengths
* correct message structure diagrams
* make per-queue E2E encryption non-optional
* refactor crypto keys
* use NaCl crypto_box for per-queue E2E encryption, remove RSA keys from queues
* remove RSA support
* merge migration with E2E DH keys
* clean up
* remove unused methods
* parsing/serializing agent messages
* remove sender timestamp from DB and code
* clean up
* slean up
* s/SMPConfMsg/SMPConfirmation/
* serializeAgentMessage = serializeClientMessage . agentToClientMsg
* simplify error handling
* update protocol docs
2021-12-29 14:27:10 +00:00
Efim Poberezkin
14954df6b9
print version on server initialization & start-up ( #240 )
2021-12-24 15:44:40 +04:00
Efim Poberezkin
0c866105d2
chain of two certificates - offline (identity) and online; switch certificates to v3 ( #238 )
2021-12-23 21:20:41 +04:00
Efim Poberezkin
e2cd370513
certificate validation on client side; check stored fingerprint on server start-up; non-optional fingerprint parsing ( #234 , closes #155 )
...
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
2021-12-22 23:24:58 +04:00
Efim Poberezkin
129246c9e6
unencrypted SMP transport over TLS; simplified handshake ( #229 )
...
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
2021-12-19 13:04:44 +04:00
Evgeny Poberezkin
e0acb42a28
Merge branch 'stable'
2021-12-17 15:44:58 +00:00
Evgeny Poberezkin
5f7fe8b0dc
remove client from servers subscribers map after client disconnection ( #228 )
...
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com>
2021-12-17 16:28:48 +04:00
Evgeny Poberezkin
323fb1f03c
remove SMP server signing responses ( #226 )
...
* remove SMP server signing responses
* keep only one session ID
2021-12-16 07:15:45 +00:00
Efim Poberezkin
de01692ffd
enable WebSockets over TLS ( #225 )
2021-12-15 22:58:47 +04:00
Evgeny Poberezkin
5aa0e97cd9
sign server responses
2021-12-15 11:52:09 +00:00
Evgeny Poberezkin
83d352cfbe
TLS 1.3 transport ( #203 )
...
* TLS as Transport class instance with pre-defined server certificate/key
* refactor error logging
* remove Ed25519
* refactor TLS.cGet
* TLS over TCP for Transport
* Plain -> TLS
* comment
* getLn, change supported cipher
* use non fixed certificates
* comment
* check options earlier
* wording
* headers
* Update apps/smp-server/Main.hs
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
* Update apps/smp-server/Main.hs
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
* localhost -> server
* Update apps/smp-server/Main.hs
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
* remove comment
* agent key and cert fixtures WIP
* certificate and key in correct order
* exitFailure
* refactor loadServerCertificate
* remove liftIO
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com>
2021-12-15 07:48:57 +00:00
Evgeny Poberezkin
acf5c15a05
increase SMP queue ID and message ID size to 24 bytes
2021-12-12 23:17:21 +00:00
Evgeny Poberezkin
f6991539a2
add server signature keys and DH keys for server->recipient msg bodis to SMP commands (server store log and agent tests are skipped)
2021-12-12 12:22:44 +00:00
Evgeny Poberezkin
e1002d5ac0
GADTs for cryptographic keys ( #208 )
...
* GADTs for cryptographic keys
* update tests (signature timing tests still fail)
* fix signature verification timing tests
* configurable algorithm to sign commands to SMP queues (Ed448 by default)
* add dummy Ed keys, add timing tests for Ed keys
* re-enable Connection subscriptions tests
2021-11-28 11:44:22 +00:00
Evgeny Poberezkin
99b3749890
simplify RSA private key types ( #207 )
...
* simplify RSA private key types
* remove updateSignKey method
2021-11-28 07:08:47 +00:00
Efim Poberezkin
51491d9cd5
Merge branch 'master' into v4
2021-09-09 01:10:41 +10:00
Evgeny Poberezkin
d23254f44a
SMP block size via config, the client can override size set by the server ( #188 )
2021-09-03 20:16:10 +01:00
Evgeny Poberezkin
cb950ae2e4
add SMP queue quota to server config (and use TBQueue for messages) ( #182 )
2021-08-26 22:54:51 +01:00
Nikita Poberezkin
8ac4b77777
create cfg dir before server initialization ( #173 )
2021-07-25 20:29:47 +01:00
Efim Poberezkin
3d9ceff691
ask client for confirmation of sender; make establishment of connection asynchronous ( #163 )
...
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
2021-07-04 04:48:24 +10:00
Evgeny Poberezkin
5962c1bb3e
SMP server CLI commands ( #144 )
...
SMP server CLI commands
2021-05-23 13:10:00 +03:00
Evgeny Poberezkin
5b39f51203
websockets transport ( #139 )
...
* example websockets server
* example of ws client
* type class TConnection for generic TCP/WebSockets implementation
* support WebSockets transport
* rename TConnection methods
* revert runClient to not need transport arg
* pass the list of ports and transports via SMP server config
* remove TypeApplications
* s/Transport/TProxy/, s/TConnection/Transport/
* fix server with multiple transports, make SMP client use WS transport with port 80 (TODO fallback to WS)
2021-05-17 22:33:12 +01:00
Evgeny Poberezkin
772b38d154
simplify KeyHash type, store key hash in DB as binary ( #122 )
2021-05-03 12:38:31 +01:00
Evgeny Poberezkin
6ceeb2c9db
save keys as binary to db, remove legacy encoding ( #114 )
...
* save keys as binary to db, remove legacy encoding
* import list
2021-04-30 09:13:18 +01:00