Initial import of net/waste. Due to it's currently still dubious legal

status restrict distribution (src and binary). Descr: WASTE is a software product and protocol that enables secure distributed communication for small (on the order of 10-50 nodes) trusted groups of users. WASTE is designed to enable small companies and small teams within larger companies to easily communicate and collaborate in a secure and efficient fashion, independent of physical network topology.
author: jschauma <jschauma@pkgsrc.org> 2003-06-05 01:00:45 +0000
committer: jschauma <jschauma@pkgsrc.org> 2003-06-05 01:00:45 +0000
commit: 20d3f31596c38a6bdab5bf55981be53d49dcf947 (patch)
tree: bfd61c75b28adc8ce731d6d0aa9d01da0b362a4b /net/waste
parent: 304ff7de4a6e53572b496b3fe2d57550b1b1315e (diff)
download: pkgsrc-20d3f31596c38a6bdab5bf55981be53d49dcf947.tar.gz
9 files changed, 647 insertions, 0 deletions
diff --git a/net/waste/DESCR b/net/waste/DESCR
new file mode 100644
index 00000000000..cfa1b378949
--- /dev/null
+++ b/net/waste/DESCR
@@ -0,0 +1,6 @@
+WASTE is a software product and protocol that enables secure distributed
+communication for small (on the order of 10-50 nodes) trusted groups of users.
+
+WASTE is designed to enable small companies and small teams within larger
+companies to easily communicate and collaborate in a secure and efficient
+fashion, independent of physical network topology.
diff --git a/net/waste/Makefile b/net/waste/Makefile
new file mode 100644
index 00000000000..ac73c288b53
--- /dev/null
+++ b/net/waste/Makefile
@@ -0,0 +1,41 @@
+# $NetBSD: Makefile,v 1.1.1.1 2003/06/05 01:00:45 jschauma Exp $
+#
+
+DISTNAME=	waste-source
+PKGNAME=	waste-1.0
+CATEGORIES=	net
+# AOL pulled the plug on Nullsoft
+# MASTER_SITES=	http://www.nullsoft.com/free/waste/
+# HOMEPAGE=	http://www.nullsoft.com/free/waste/
+MASTER_SITES=	http://www.dhorrocks2003.pwp.blueyonder.co.uk/ \
+		http://www.blibbleblobble.co.uk/Misc/ \
+		http://edwards.servehttp.com:969/waste/ \
+		http://www.cleanstick.org/jon/junk/ \
+		http://www.samsimpson.com/ \
+		http://cyber.law.harvard.edu/blogs/gems/home/ \
+		http://www.sifnt.net/ \
+		ftp://ftp.wiresec.net/waste/ \
+		http://slackerbitch.free.fr/waste/
+
+MAINTAINER=	jschauma@netbsd.org
+HOMEPAGE=	http://www.dhorrocks2003.pwp.blueyonder.co.uk/
+COMMENT=	secure file sharing network
+
+WRKSRC=		${WRKDIR}/waste
+
+RESTRICTED=     Unclear legal status: AOL claims Nullsoft did not \
+		release the software at all, while others regard it as \
+		licensed under the GPL
+
+NO_SRC_ON_FTP=          ${RESTRICTED}
+NO_BIN_ON_FTP=          ${RESTRICTED}
+NO_SRC_ON_CDROM=        ${RESTRICTED}
+NO_BIN_ON_CDROM=        ${RESTRICTED}
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/wastesrv ${PREFIX}/sbin/wastesrv
+	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/waste
+	${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/waste
+
+.include "../../mk/pthread.buildlink2.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/net/waste/PLIST b/net/waste/PLIST
new file mode 100644
index 00000000000..8adcb1858fc
--- /dev/null
+++ b/net/waste/PLIST
@@ -0,0 +1,4 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2003/06/05 01:00:45 jschauma Exp $
+sbin/wastesrv
+share/doc/waste/README
+@dirrm share/doc/waste
diff --git a/net/waste/distinfo b/net/waste/distinfo
new file mode 100644
index 00000000000..ef4d3120178
--- /dev/null
+++ b/net/waste/distinfo
@@ -0,0 +1,9 @@
+$NetBSD: distinfo,v 1.1.1.1 2003/06/05 01:00:45 jschauma Exp $
+
+SHA1 (waste-source.tar.gz) = 93583fb2577ee08f331d438bc1aa84aaa83d6386
+Size (waste-source.tar.gz) = 214730 bytes
+SHA1 (patch-aa) = 7feca021fc0dc27dd9afa3585a7de546a1ffe6b9
+SHA1 (patch-ab) = 078632b83f41e20fd129d592d638300e5cf364d6
+SHA1 (patch-ac) = ee2ce447f4c27be68fde47861a1e74965f3d4ea3
+SHA1 (patch-ad) = 186a602f74728378d1de01e3eb35b4880cd821ac
+SHA1 (patch-ae) = 2d21c439a1635ccad9824811d553bb9d33f04a67
diff --git a/net/waste/patches/patch-aa b/net/waste/patches/patch-aa
new file mode 100644
index 00000000000..d2866c2135c
--- /dev/null
+++ b/net/waste/patches/patch-aa
@@ -0,0 +1,28 @@
+$NetBSD: patch-aa,v 1.1.1.1 2003/06/05 01:00:45 jschauma Exp $
+
+--- /dev/null	2003-05-31 11:34:06.000000000 -0400
++++ Makefile	2003-05-31 11:52:33.000000000 -0400
+@@ -0,0 +1,23 @@
++OBJS = asyncdns.o config.o connection.o filedb.o listen.o m_chat.o m_file.o m_keydist.o m_ping.o m_search.o m_upload.o mqueue.o mqueuelist.o netkern.o sha.o util.o xfers.o xferwnd.o srchwnd.o srvmain.o blowfish.o m_lcaps.o
++
++
++RSAOBJS = nn.o prime.o r_random.o rsa.o # md5c.o
++
++DEBUGFLAG = -s
++#CXXFLAGS = -O2 $(DEBUGFLAG) -pipe -march=pentiumpro
++#CFLAGS = -O2 $(DEBUGFLAG) -pipe -march=pentiumpro
++
++all: wastesrv
++
++
++wastesrv: $(OBJS) $(RSAOBJS)
++	$(CC) $(DEBUGFLAG) -pthread ${LDFLAGS} -o wastesrv $(OBJS) $(RSAOBJS)
++
++md5c.o: rsa/md5c.c
++nn.o: rsa/nn.c
++prime.o: rsa/prime.c
++r_random.o: rsa/r_random.c
++rsa.o: rsa/rsa.c
++
++clean:
++	-rm *.o wastesrv
diff --git a/net/waste/patches/patch-ab b/net/waste/patches/patch-ab
new file mode 100644
index 00000000000..a03bbbfd74d
--- /dev/null
+++ b/net/waste/patches/patch-ab
@@ -0,0 +1,14 @@
+$NetBSD: patch-ab,v 1.1.1.1 2003/06/05 01:00:45 jschauma Exp $
+
+--- xfers.cpp.orig	2003-05-31 11:54:02.000000000 -0400
++++ xfers.cpp	2003-05-31 11:54:27.000000000 -0400
+@@ -30,6 +30,9 @@
+ #define IS_VALID(x) (m_validbf[(x)>>3]&(1<<(x&7)))
+ #define SET_VALID(x) m_validbf[(x)>>3]|=(1<<(x&7))
+ 
++#ifdef __NetBSD__
++#define RemoveDirectory(x) rmdir(x)
++#endif
+ 
+ XferSend::XferSend(C_MessageQueueList *mql,T_GUID *guid, C_FileSendRequest *req, char *fn)
+ { 
diff --git a/net/waste/patches/patch-ac b/net/waste/patches/patch-ac
new file mode 100644
index 00000000000..c29d5ed6aba
--- /dev/null
+++ b/net/waste/patches/patch-ac
@@ -0,0 +1,15 @@
+$NetBSD: patch-ac,v 1.1.1.1 2003/06/05 01:00:45 jschauma Exp $
+
+--- srvmain.cpp.orig	2003-05-31 11:55:08.000000000 -0400
++++ srvmain.cpp	2003-05-31 11:55:47.000000000 -0400
+@@ -28,7 +28,10 @@
+ */
+ 
+ #include "main.h"
++
++#ifndef __NetBSD__
+ #include "md5.h"
++#endif
+ 
+ #include "m_upload.h"
+ #include "m_chat.h"
diff --git a/net/waste/patches/patch-ad b/net/waste/patches/patch-ad
new file mode 100644
index 00000000000..383d98175c8
--- /dev/null
+++ b/net/waste/patches/patch-ad
@@ -0,0 +1,233 @@
+$NetBSD: patch-ad,v 1.1.1.1 2003/06/05 01:00:46 jschauma Exp $
+
+--- rsa/nn.h.orig	2003-05-31 12:16:15.000000000 -0400
++++ rsa/nn.h	2003-05-31 12:16:25.000000000 -0400
+@@ -1,114 +1,114 @@
+-/* NN.H - header file for NN.C
+- */
+-
+-/* Copyright (C) RSA Laboratories, a division of RSA Data Security,
+-     Inc., created 1991. All rights reserved.
+- */
+-
+-/* Type definitions.
+- */
+-typedef UINT4 NN_DIGIT;
+-typedef UINT2 NN_HALF_DIGIT;
+-
+-/* Constants.
+-
+-   Note: MAX_NN_DIGITS is long enough to hold any RSA modulus, plus
+-   one more digit as required by R_GeneratePEMKeys (for n and phiN,
+-   whose lengths must be even). All natural numbers have at most
+-   MAX_NN_DIGITS digits, except for double-length intermediate values
+-   in NN_Mult (t), NN_ModMult (t), NN_ModInv (w), and NN_Div (c).
+- */
+-/* Length of digit in bits */
+-#define NN_DIGIT_BITS 32
+-#define NN_HALF_DIGIT_BITS 16
+-/* Length of digit in bytes */
+-#define NN_DIGIT_LEN (NN_DIGIT_BITS / 8)
+-/* Maximum length in digits */
+-#define MAX_NN_DIGITS \
+-  ((MAX_RSA_MODULUS_LEN + NN_DIGIT_LEN - 1) / NN_DIGIT_LEN + 1)
+-/* Maximum digits */
+-#define MAX_NN_DIGIT 0xffffffff
+-#define MAX_NN_HALF_DIGIT 0xffff
+-
+-/* Macros.
+- */
+-#define LOW_HALF(x) ((x) & MAX_NN_HALF_DIGIT)
+-#define HIGH_HALF(x) (((x) >> NN_HALF_DIGIT_BITS) & MAX_NN_HALF_DIGIT)
+-#define TO_HIGH_HALF(x) (((NN_DIGIT)(x)) << NN_HALF_DIGIT_BITS)
+-#define DIGIT_MSB(x) (unsigned int)(((x) >> (NN_DIGIT_BITS - 1)) & 1)
+-#define DIGIT_2MSB(x) (unsigned int)(((x) >> (NN_DIGIT_BITS - 2)) & 3)
+-
+-/* CONVERSIONS
+-   NN_Decode (a, digits, b, len)   Decodes character string b into a.
+-   NN_Encode (a, len, b, digits)   Encodes a into character string b.
+-
+-   ASSIGNMENTS
+-   NN_Assign (a, b, digits)        Assigns a = b.
+-   NN_ASSIGN_DIGIT (a, b, digits)  Assigns a = b, where b is a digit.
+-   NN_AssignZero (a, b, digits)    Assigns a = 0.
+-   NN_Assign2Exp (a, b, digits)    Assigns a = 2^b.
+-     
+-   ARITHMETIC OPERATIONS
+-   NN_Add (a, b, c, digits)        Computes a = b + c.
+-   NN_Sub (a, b, c, digits)        Computes a = b - c.
+-   NN_Mult (a, b, c, digits)       Computes a = b * c.
+-   NN_LShift (a, b, c, digits)     Computes a = b * 2^c.
+-   NN_RShift (a, b, c, digits)     Computes a = b / 2^c.
+-   NN_Div (a, b, c, cDigits, d, dDigits)  Computes a = c div d and b = c mod d.
+-
+-   NUMBER THEORY
+-   NN_Mod (a, b, bDigits, c, cDigits)  Computes a = b mod c.
+-   NN_ModMult (a, b, c, d, digits) Computes a = b * c mod d.
+-   NN_ModExp (a, b, c, cDigits, d, dDigits)  Computes a = b^c mod d.
+-   NN_ModInv (a, b, c, digits)     Computes a = 1/b mod c.
+-   NN_Gcd (a, b, c, digits)        Computes a = gcd (b, c).
+-
+-   OTHER OPERATIONS
+-   NN_EVEN (a, digits)             Returns 1 iff a is even.
+-   NN_Cmp (a, b, digits)           Returns sign of a - b.
+-   NN_EQUAL (a, digits)            Returns 1 iff a = b.
+-   NN_Zero (a, digits)             Returns 1 iff a = 0.
+-   NN_Digits (a, digits)           Returns significant length of a in digits.
+-   NN_Bits (a, digits)             Returns significant length of a in bits.
+- */
+-void NN_Decode PROTO_LIST
+-  ((NN_DIGIT *, unsigned int, unsigned char *, unsigned int));
+-void NN_Encode PROTO_LIST
+-  ((unsigned char *, unsigned int, NN_DIGIT *, unsigned int));
+-
+-void NN_Assign PROTO_LIST ((NN_DIGIT *, NN_DIGIT *, unsigned int));
+-void NN_AssignZero PROTO_LIST ((NN_DIGIT *, unsigned int));
+-void NN_Assign2Exp PROTO_LIST ((NN_DIGIT *, unsigned int, unsigned int));
+-
+-NN_DIGIT NN_Add PROTO_LIST
+-  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
+-NN_DIGIT NN_Sub PROTO_LIST
+-  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
+-void NN_Mult PROTO_LIST ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
+-void NN_Div PROTO_LIST
+-  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int, NN_DIGIT *,
+-    unsigned int));
+-NN_DIGIT NN_LShift PROTO_LIST 
+-  ((NN_DIGIT *, NN_DIGIT *, unsigned int, unsigned int));
+-NN_DIGIT NN_RShift PROTO_LIST
+-  ((NN_DIGIT *, NN_DIGIT *, unsigned int, unsigned int));
+-
+-void NN_Mod PROTO_LIST
+-  ((NN_DIGIT *, NN_DIGIT *, unsigned int, NN_DIGIT *, unsigned int));
+-void NN_ModMult PROTO_LIST 
+-  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
+-void NN_ModExp PROTO_LIST 
+-  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int, NN_DIGIT *,
+-    unsigned int));
+-void NN_ModInv PROTO_LIST
+-  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
+-void NN_Gcd PROTO_LIST ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
+-
+-int NN_Cmp PROTO_LIST ((NN_DIGIT *, NN_DIGIT *, unsigned int));
+-int NN_Zero PROTO_LIST ((NN_DIGIT *, unsigned int));
+-unsigned int NN_Bits PROTO_LIST ((NN_DIGIT *, unsigned int));
+-unsigned int NN_Digits PROTO_LIST ((NN_DIGIT *, unsigned int));
+-
+-#define NN_ASSIGN_DIGIT(a, b, digits) {NN_AssignZero (a, digits); a[0] = b;}
+-#define NN_EQUAL(a, b, digits) (! NN_Cmp (a, b, digits))
+-#define NN_EVEN(a, digits) (((digits) == 0) || ! (a[0] & 1))
++/* NN.H - header file for NN.C
++ */
++
++/* Copyright (C) RSA Laboratories, a division of RSA Data Security,
++     Inc., created 1991. All rights reserved.
++ */
++
++/* Type definitions.
++ */
++typedef UINT4 NN_DIGIT;
++typedef UINT2 NN_HALF_DIGIT;
++
++/* Constants.
++
++   Note: MAX_NN_DIGITS is long enough to hold any RSA modulus, plus
++   one more digit as required by R_GeneratePEMKeys (for n and phiN,
++   whose lengths must be even). All natural numbers have at most
++   MAX_NN_DIGITS digits, except for double-length intermediate values
++   in NN_Mult (t), NN_ModMult (t), NN_ModInv (w), and NN_Div (c).
++ */
++/* Length of digit in bits */
++#define NN_DIGIT_BITS 32
++#define NN_HALF_DIGIT_BITS 16
++/* Length of digit in bytes */
++#define NN_DIGIT_LEN (NN_DIGIT_BITS / 8)
++/* Maximum length in digits */
++#define MAX_NN_DIGITS \
++  ((MAX_RSA_MODULUS_LEN + NN_DIGIT_LEN - 1) / NN_DIGIT_LEN + 1)
++/* Maximum digits */
++#define MAX_NN_DIGIT 0xffffffff
++#define MAX_NN_HALF_DIGIT 0xffff
++
++/* Macros.
++ */
++#define LOW_HALF(x) ((x) & MAX_NN_HALF_DIGIT)
++#define HIGH_HALF(x) (((x) >> NN_HALF_DIGIT_BITS) & MAX_NN_HALF_DIGIT)
++#define TO_HIGH_HALF(x) (((NN_DIGIT)(x)) << NN_HALF_DIGIT_BITS)
++#define DIGIT_MSB(x) (unsigned int)(((x) >> (NN_DIGIT_BITS - 1)) & 1)
++#define DIGIT_2MSB(x) (unsigned int)(((x) >> (NN_DIGIT_BITS - 2)) & 3)
++
++/* CONVERSIONS
++   NN_Decode (a, digits, b, len)   Decodes character string b into a.
++   NN_Encode (a, len, b, digits)   Encodes a into character string b.
++
++   ASSIGNMENTS
++   NN_Assign (a, b, digits)        Assigns a = b.
++   NN_ASSIGN_DIGIT (a, b, digits)  Assigns a = b, where b is a digit.
++   NN_AssignZero (a, b, digits)    Assigns a = 0.
++   NN_Assign2Exp (a, b, digits)    Assigns a = 2^b.
++     
++   ARITHMETIC OPERATIONS
++   NN_Add (a, b, c, digits)        Computes a = b + c.
++   NN_Sub (a, b, c, digits)        Computes a = b - c.
++   NN_Mult (a, b, c, digits)       Computes a = b * c.
++   NN_LShift (a, b, c, digits)     Computes a = b * 2^c.
++   NN_RShift (a, b, c, digits)     Computes a = b / 2^c.
++   NN_Div (a, b, c, cDigits, d, dDigits)  Computes a = c div d and b = c mod d.
++
++   NUMBER THEORY
++   NN_Mod (a, b, bDigits, c, cDigits)  Computes a = b mod c.
++   NN_ModMult (a, b, c, d, digits) Computes a = b * c mod d.
++   NN_ModExp (a, b, c, cDigits, d, dDigits)  Computes a = b^c mod d.
++   NN_ModInv (a, b, c, digits)     Computes a = 1/b mod c.
++   NN_Gcd (a, b, c, digits)        Computes a = gcd (b, c).
++
++   OTHER OPERATIONS
++   NN_EVEN (a, digits)             Returns 1 iff a is even.
++   NN_Cmp (a, b, digits)           Returns sign of a - b.
++   NN_EQUAL (a, digits)            Returns 1 iff a = b.
++   NN_Zero (a, digits)             Returns 1 iff a = 0.
++   NN_Digits (a, digits)           Returns significant length of a in digits.
++   NN_Bits (a, digits)             Returns significant length of a in bits.
++ */
++void NN_Decode PROTO_LIST
++  ((NN_DIGIT *, unsigned int, unsigned char *, unsigned int));
++void NN_Encode PROTO_LIST
++  ((unsigned char *, unsigned int, NN_DIGIT *, unsigned int));
++
++void NN_Assign PROTO_LIST ((NN_DIGIT *, NN_DIGIT *, unsigned int));
++void NN_AssignZero PROTO_LIST ((NN_DIGIT *, unsigned int));
++void NN_Assign2Exp PROTO_LIST ((NN_DIGIT *, unsigned int, unsigned int));
++
++NN_DIGIT NN_Add PROTO_LIST
++  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
++NN_DIGIT NN_Sub PROTO_LIST
++  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
++void NN_Mult PROTO_LIST ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
++void NN_Div PROTO_LIST
++  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int, NN_DIGIT *,
++    unsigned int));
++NN_DIGIT NN_LShift PROTO_LIST 
++  ((NN_DIGIT *, NN_DIGIT *, unsigned int, unsigned int));
++NN_DIGIT NN_RShift PROTO_LIST
++  ((NN_DIGIT *, NN_DIGIT *, unsigned int, unsigned int));
++
++void NN_Mod PROTO_LIST
++  ((NN_DIGIT *, NN_DIGIT *, unsigned int, NN_DIGIT *, unsigned int));
++void NN_ModMult PROTO_LIST 
++  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
++void NN_ModExp PROTO_LIST 
++  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int, NN_DIGIT *,
++    unsigned int));
++void NN_ModInv PROTO_LIST
++  ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
++void NN_Gcd PROTO_LIST ((NN_DIGIT *, NN_DIGIT *, NN_DIGIT *, unsigned int));
++
++int NN_Cmp PROTO_LIST ((NN_DIGIT *, NN_DIGIT *, unsigned int));
++int NN_Zero PROTO_LIST ((NN_DIGIT *, unsigned int));
++unsigned int NN_Bits PROTO_LIST ((NN_DIGIT *, unsigned int));
++unsigned int NN_Digits PROTO_LIST ((NN_DIGIT *, unsigned int));
++
++#define NN_ASSIGN_DIGIT(a, b, digits) {NN_AssignZero (a, digits); a[0] = b;}
++#define NN_EQUAL(a, b, digits) (! NN_Cmp (a, b, digits))
++#define NN_EVEN(a, digits) (((digits) == 0) || ! (a[0] & 1))
diff --git a/net/waste/patches/patch-ae b/net/waste/patches/patch-ae
new file mode 100644
index 00000000000..7f81946f894
--- /dev/null
+++ b/net/waste/patches/patch-ae
@@ -0,0 +1,297 @@
+$NetBSD: patch-ae,v 1.1.1.1 2003/06/05 01:00:47 jschauma Exp $
+
+This document created from "waste design.doc" using antiword
+
+--- /dev/null	2003-05-31 12:24:31.000000000 -0400
++++ README	2003-05-31 12:24:37.000000000 -0400
+@@ -0,0 +1,290 @@
++
++
++WASTE.doc v1.0
++
++5/28/03
++(this .doc is just a basic overview about how WASTE works)
++
++
++
++
++What is WASTE?
++
++
++WASTE is a tool that is designed to permit secure distributed collaboration
++and  communications for small trusted groups of people. WASTE allows users
++to communicate and transfer information easily and effortlessly. WASTE
++requires very little administration, and no central server or central
++administration is required.
++
++Currently the amount of setup required for each user is significant that
++WASTE is designed for the more computer-literate users or "power users".
++Having said this, it's worth noting that the audience of WASTE is not
++limited to such users, as these users are "tastemakers" and will help their
++less experienced friends get set up.
++
++What kind of functionality does WASTE enable?
++
++WASTE provides a generic virtual secure private network that other services
++can be built upon. Currently the following services have been implemented
++for use on the network and are very functional:
++Instant Messaging - allows users to communicate with other users on a
++private WASTE network in much the same way as when using AIM/ICQ/etc. This
++feature is primarily accessed through the main WASTE window.
++Group chat - allows two or more users to chat on a WASTE network in much
++the same way as when using AIM/ICQ/IRC/etc. This feature is primarily
++accessed through the main WASTE window.
++Distributed presence - allows users to see what other users are currently
++on a private WASTE network. This feature is primarily accessed through the
++main WASTE window, and facilitates ease in Instant Messaging.
++File browsing - allows users to browse a virtual directory structure for
++each user on the network. Each user can specify a list of directories to
++make available to other users on the network. This feature is primarily
++accessed through the WASTE Browser window.
++File searching - allows users to search other users' databases. Each user
++can specify a list of directories to make available to other users on the
++network. Currently searching for filenames and directory names is all that
++is supported, but full-text searching and meta-searching would be easily
++added. This feature is primarily accessed through the WASTE Browser window.
++
++File transfer - allows users to transfer files to or from other users.
++Files can be found via the file browsing and file searching features, or
++files can be uploaded to other users manually. This feature is accessed
++through many interfaces, and can be managed with the WASTE File Transfer
++window.
++Key distribution - allows hosts on the WASTE network to exchange public
++keys so that they can directly connect to each other (which helps the
++network optimize itself)
++
++Many other services and capabilities can be added to the WASTE network,
++these are just the basics that have been implemented.
++
++How does WASTE enable these services?
++
++WASTE routes all data through a distributed ad-hoc network. The network
++structure can adapt for traffic, and is fairly organized based on capacity.
++When moving large amounts of data, the network is redundant and load-
++balanced (though the load balancing is currently sub-optimal, it does
++work). Because all data transfer is accomplished through this distributed
++network, firewalls do not impair function as long as there are sufficient
++hosts on the network that are accessible from everywhere.
++
++WASTE keeps the private network private by only connecting or allowing
++connections between known users, and by using strong encryption to secure
++those links.
++
++Once a WASTE network is up, users do not have to worry about IP addresses
++to connect to, firewalled machines, or other network topologies. As long as
++the user can connect to any other host on the WASTE network, the user can
++access all of the services of the WASTE network. All of this happens
++automatically.
++
++WASTE network architecture
++
++WASTE is built upon an underlying distributed network architecture that is
++similar to that of Gnutella. It consists of a distributed "peer to peer"
++network that allows communication between hosts based on the model of
++broadcast request routed reply, where a host sends out a broadcast message
++to the network, and zero or more hosts send routed replies that follow the
++path of the broadcast message back to the sender. WASTE uses 128 bit IDs
++for each new broadcast message, so that each node can track which broadcast
++messages it has seen, and so that it can route routed messages back to
++where the original broadcast message came from. Due to the logic of each
++node on the network, if there are multiple paths to a particular node from
++another node, the path that took the least time to broadcast is used for
++the routed reply.
++
++Nodes on the WASTE network can decide whether or not to rebroadcast or
++route traffic based on their connection type (modem nodes communicating
++with nodes on T1s/DSL will generally not want to route).
++
++Each node organizes a queue of messages for each connection, and
++prioritizes messages in the queue as appropriate for optimal network
++performance.
++
++WASTE has a basic protocol for sending messages that involves the following
++information per message:
++16 byte MD5 of message
++      For verifying the integrity of the messages
++1 byte TTL of message
++      Used to prevent broadcast messages from saturating the network in the
++      rare instance where multiple hosts have their routing tables
++      overflowed, or a slow node gets very far behind in broadcasting.
++1 byte message priority
++      Tells how to prioritize the message in sending (0=highest, 255=lowest)
++4 byte message type
++      Contains information on what kind of message this is, as well whether
++      or not it is a broadcast message, routed message, or local message.
++2 byte message length (max of 32kb for routed messages, 2kb for broadcast
++messages)
++16 byte (128 bit) message ID
++<message length bytes> message data, dependent on the message type
++
++
++WASTE service implementations
++
++WASTE currently provides numerous basic services for users on the network.
++Here are basic descriptions of how each service is implemented:
++
++Instant Messaging - text messages are broadcasted on the WASTE network,
++with information on the sender and the recipient. Routed replies inform the
++sender of the instant message when the recipient has received the message,
++and how long it took to go round trip.
++Group chat - text messages are broadcasted on the WASTE network, with
++information on the sender and the destination channel name. Automated
++notification messages, such as when a user joins or parts a channel, are
++sent via the same means. Routed replies are sent when a user receives a
++channel message, so that the sender can see who on the channel has gotten
++the message, and if not, the client can determine that the user has "pinged
++out".
++Distributed presence - Two methods are used to let each user have a
++reliable prediction of who is on the network at any given time. The first
++method consists of each user periodically broadcasting (especially on each
++new connection brought up) its existence on the network, so that other
++users can see when a new user comes on, and detect when the user is no
++longer broadcasting their existence. The second method is a user can send a
++broadcast message to request replies with user names. This allows a user to
++quickly get a full list of who is on the network. Users detect when other
++users go offline when no activity from that user has been seen in a
++specified amount of time.
++File browsing - File browsing is accomplished by sending a broadcast
++message with a browse path to the network, to which each host may send
++routed replies with any results it may have.
++File searching - File searching is accomplished by sending a broadcast
++message with a search specification to the network, to which each host may
++send routed replies with any results it may have.
++File transfer - Efficiently implementing file transfer is a bit more
++complex than the other services, but it also demonstrates the flexibility
++of the underlying network architecture.
++
++      When a node wishes to download a file (or portion of a file) from
++      another node, the requesting node broadcasts a message with
++      information on which file it is requesting (including host ID, length,
++      file index, filename hash, etc), which portions of the file it wants
++      sent (in 4kb blocks, up to 64 per request (these are run-length
++      encoded for size considerations), and so on.
++
++      When a node that has the file receives the broadcast message
++      requesting a file, it routes one or more replies, that include
++      information on the file that it is sending, and up to 64 of the 4k
++      blocks of the file. If the file is larger than 64 blocks, or if any of
++      the blocks are lost during transit (which the receiver can detect by
++      timing out or other means), then the receiver can request more blocks
++      (when it does so, it also includes information on what the last
++      request was, so that the sender can efficiently manage the download).
++      Because each request for more blocks consists of a new broadcast
++      message, the route that blocks get sent back to the receiver can
++      change throughout the transmission of a file.
++
++      The sender and receiver in a file transfer can compute SHA-1 hashes of
++      the file data, to ensure reliable transfer.
++
++      Finally, to accomplish an upload, the sender sends a broadcast message
++      to the recipient requesting the upload, which the recipient can
++      optionally accept. Once the recipient accepts the upload, the
++      recipient downloads the file as it would any other.
++
++Key distribution - WASTE also distributes public keys for connection
++negotiation by periodically broadcasting them on the network. If a host
++encounters a new public key on the network, it can optionally accept it
++(often with user approval), and can optionally send a routed reply to the
++message with its own public key.
++
++
++
++
++
++WASTE network design limitations
++
++
++The underlying design of the WASTE network and the basic services that run
++on it requires that the following conditions be met for the WASTE network
++to function well:
++The number of nodes on the network should be small, since the amount of
++traffic on the network scales more than linearly with the number of users.
++Each node on the network should trust other users on the network, since
++messages are inherently broadcasted (often unnecessarily) to many nodes on
++the network, and data is routinely routed through other nodes on the
++network.
++
++
++WASTE cryptography
++
++Since WASTE requires a small trusted network to function efficiently, it
++benefits greatly from cryptography. Using public-key encryption for session
++key negotiation and user authentication allows both the prevention of
++unknown users from joining the network as well link data security to
++prevent unknown users from "sniffing" network traffic.
++
++WASTE also provides for an additional "network name or ID" that can be used
++to secure a network against people who do not have the name or ID. This can
++be useful if you wish to easily prevent multiple networks from merging, or
++change it to easily remove access of user(s) without having to make
++everybody ban those user(s) public keys.
++
++WASTE uses a (hopefully) cryptographically secure random number generator
++based on the implementation in the RSA reference code. The code uses a 32
++byte state, with 16 bytes of counter and 16 bytes of system entropy
++constantly mixed in, and produces random values by using MD5.
++
++WASTE connections use RSA (with 1024 bit or greater public key sizes) for
++exchange of 56 byte Blowfish session keys, and 8 byte PCBC initialization
++vectors.
++
++The link connection negotiation, where A is connecting to B, goes something
++like this:
++
++   1. A sends B 16 random bytes (randA), or blowFish(SHA(netname),randA) if
++      a network name is used.
++   2. A sends B blowFish(randA, 20 byte SHA-1 of public key +  4 pad bytes).
++   3. B decrypts to get the SHA-1 of A's public key.
++   4. If B does not know the public key hash sent to it, B disconnects.
++   5. B sends A 16 random bytes (randB), or blowFish(SHA(netname),randB) if
++      a network name is used.
++   6. B sends A blowFish(randB,20 byte SHA-1 of public key + 4 pad bytes).
++   7. A decrypts to get the SHA-1 of B's public key.
++   8. If A does not know the public key hash sent to it, A disconnects.
++   9. A looks up B's public key hash in A's local database to find B's
++      public key (pubkey_B).
++  10. A generates sKeyA, which is 64 random bytes.
++  11. If a network name is used, A encrypts the first 56 bytes of sKeyA
++      using the SHA-1 of the network name, to produce EsKeyA. Otherwise,
++      EsKeyA is equal to sKeyA.
++  12. A sends B: RSA(pubkey_B,EsKeyA + randB)   (+ = concatenated).
++  13. B looks up A's public key hash in B's local database to find A's
++      public key (pubkey_A).
++  14. B generates sKeyB, which is 64 random bytes.
++  15. If a network name is used, B encrypts the first 56 bytes of sKeyB
++      using the SHA-1 of the network name, to produce EsKeyB. Otherwise,
++      EsKeyB is equal to sKeyB.
++  16. B sends A: RSA(pubKey_A, EsKeyB + randA), (+ = concatenated).
++  17. A decrypts using A's private key, and verifies that the last 16 bytes
++      are equal to randA.
++  18. B decrypts using B's private key, and verifies that the last 16 bytes
++      are equal to randB
++  19. If a network name is used, A decrypts the first 56 bytes of sKeyB
++      using the SHA-1 of the network name.
++  20. If a network name is used, B decrypts the first 56 bytes of sKeyA
++      using the SHA-1 of the network name.
++  21. Both A and B check to make sure that the first 56 bytes of sKeyA does
++      not equal the first 56 bytes of sKeyB. If they do (which is
++      statistically unrealistic and would lead one to believe it is an
++      attack), they disconnect.
++  22. Both A and B check to make sure the final 8 bytes of sKeyA differs
++      from the final 8 bytes of sKeyB. If they are equal, disconnect.
++  23. A uses the first 56 bytes of sKeyA XOR sKeyB to initialize Blowfish
++      for send and receive. A uses the final 8 bytes of sKeyA as the PCBC IV
++      for send, and the final 8 bytes of sKeyB as the PCBC IV for receive.
++  24. B uses the first 56 bytes of sKeyA XOR sKeyB to intialize Blowfish for
++      send and receive. B uses the final 8 bytes of sKeyB as the PCBC IV for
++      send, and the final 8 bytes of sKeyA as the PCBC IV for receive.
++  25. All further communications in both directions are encrypted using the
++      initialized Blowfish keys and PCBC IVs.
++  26. A sends B the constant 16 byte signature ("MUGWHUMPJISMSYN2")
++  27. B decrypts verifies the signature
++  28. B sends A the constant 16 byte signature ("MUGWHUMPJISMSYN2")
++  29. A decrypts and verifies the signature
++  30. Message communication begins (each message uses a MD5 to detect
++      tampering - if detected, connection is dropped)
++
++
author	jschauma <jschauma@pkgsrc.org>	2003-06-05 01:00:45 +0000
committer	jschauma <jschauma@pkgsrc.org>	2003-06-05 01:00:45 +0000
commit	20d3f31596c38a6bdab5bf55981be53d49dcf947 (patch)
tree	bfd61c75b28adc8ce731d6d0aa9d01da0b362a4b /net/waste
parent	304ff7de4a6e53572b496b3fe2d57550b1b1315e (diff)
download	pkgsrc-20d3f31596c38a6bdab5bf55981be53d49dcf947.tar.gz