View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001942 | GNUnet | GNS | public | 2011-11-22 20:10 | 2012-11-05 18:34 |
| Reporter | Christian Grothoff | Assigned To | schanzen | ||
| Priority | normal | Severity | feature | Reproducibility | N/A |
| Status | closed | Resolution | fixed | ||
| Product Version | Git master | ||||
| Target Version | 0.9.4 | ||||
| Summary | 0001942: VPN uses insecure DNS for '.gnunet' | ||||
| Description | The current implementation simply stores DNS records in the DHT. There are no considerations for how to secure records and establish some level of trust by the user in the DNS responses for the .gnunet TLD. We have a (non-trivial) design in mind, this bug note just serves as a reminder that it needs to be documented, implemented and tested. | ||||
| Tags | No tags attached. | ||||
|
|
Resolving VPN services using GNS is now possible using a GNUNET_GNS_RECORD_VPN Data format: addressfamily (uint32_t)|protocol (uint32_t)|peerid (hash) |servicedesc (hash) String format: addressfamily:protocol:peerid:servicedesc string format is not really user readable. af and protocol could be made readable... the rest not. But the record should be added via GUI anyway. The resolver will return the tmp IP(v6) address. This functionality needs testing (and a test). |
|
|
The Data format should not contain the addressfamily. The record type on lookup (A,AAAA) already determines this. Furthermore the serice descrition should be a string. We can hash this string in when we call the VPN API. This makes the record data more readable. The protocol field should be displayed as PROTO_{UDP,TCP} respectively. The test for the VPN delegation should be in the src/vpn directory because the VPN gnunet plugin is compiled after the GNS plugin. The test can use MHD to simulate a HTTP service and we can use curl to access this service via a .gnunet name. GNS will then map the name to the generated temporary VPN IP address. |
|
|
Tests in SVN for examples. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2011-11-22 20:10 | Christian Grothoff | New Issue | |
| 2011-11-22 20:10 | Christian Grothoff | Status | new => assigned |
| 2011-11-22 20:10 | Christian Grothoff | Assigned To | => toelke |
| 2011-11-22 20:17 | Christian Grothoff | Assigned To | toelke => |
| 2011-11-22 20:17 | Christian Grothoff | Status | assigned => confirmed |
| 2012-02-21 21:55 | Christian Grothoff | Target Version | => 0.9.3 |
| 2012-02-21 22:33 | Christian Grothoff | Status | confirmed => assigned |
| 2012-02-21 22:33 | Christian Grothoff | Category | VPN service => GNS |
| 2012-02-21 22:33 | Christian Grothoff | Assigned To | => schanzen |
| 2012-04-01 11:39 | Christian Grothoff | Target Version | 0.9.3 => 0.9.4 |
| 2012-06-18 23:27 | schanzen | Note Added: 0006096 | |
| 2012-06-21 14:16 | schanzen | Note Added: 0006123 | |
| 2012-06-26 19:44 | schanzen | Note Added: 0006158 | |
| 2012-06-26 19:44 | schanzen | Status | assigned => resolved |
| 2012-06-26 19:44 | schanzen | Resolution | open => fixed |
| 2012-11-05 18:34 | Christian Grothoff | Status | resolved => closed |
