View Issue Details

IDProjectCategoryView StatusLast Update
0005669GNUnetrest servicepublic2021-02-21 11:01
Reporterschanzen Assigned Toschanzen  
PrioritynormalSeverityminorReproducibilityalways
Status assignedResolutionopen 
Summary0005669: REST service is not multiuser enabled
DescriptionThe service potentially exposes a users GNUnet services to other users (on the same system) through the REST service.

the GNUnet architecture is comprised of services which communicate via IPC. On UNIX systems, the communications happen via UNIX sockets.
The architecture distinguishes user components and system components.
System components are processes used by all users of the same system and user components are processes of the user.
https://gnunet.org/en/architecture.html

An example for a system component would be the basic connectivity service such as core or transport.
An example for a user component would be the "identity" service which store's a user's identities (public/private key pairs).
Each user runs his own identity service.

The problem with the current REST service is that it listens on a specific port: 7776.
So there can only be one process (service) => It must be a system service.
However, the identity REST API must use the correct identity service for the user calling the API.

Hence, the goal is to extend the REST service to:

1. Authenticate the user (e.g. using PAM and setuid()). For example using HTTP Basic Authentication
2. Load the user-specific GNUnet service configuration to connect to the (correct) user services.

It may also be a good idea to have the option for a "single user" mode for the REST service which does not require a password.
Tagsgsoc

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-03-27 17:13 schanzen New Issue
2019-03-27 17:13 schanzen Status new => assigned
2019-03-27 17:13 schanzen Assigned To => schanzen
2021-02-14 11:12 schanzen Description Updated
2021-02-21 11:01 schanzen Tag Attached: gsoc