sdp – secure datagram protocol

bind –a #Espec /net

The sdp device provides the interface to the Secure Datagram Protocol (SDP). SDP (un)compresses and (de–)encrypts packets. Spec is an integer from 0 to 15 identifying a stack. Each stack is independent of all others: the only information transfer between them is via programs that mount multiple stacks. Normally a system uses only one stack. However multiple stacks can be used for debugging new networks or implementing firewalls or proxy services.

The top level directory contains a clone file, a log file, and subdirectories numbered from zero to the number of connections opened for this protocol.

Opening the clone file reserves a connection. The file descriptor returned from the open(2) will point to the control file, ctl, of the newly allocated connection. Reading ctl returns a text string representing the number of the connection. Connections may be used either to listen for incoming calls or to initiate calls to other machines.

A connection is controlled by writing text strings to the associated ctl file. After a connection has been established data may be read from and written to data. A connection can be actively established using the connect message (see also dial(2)). A connection can be established passively by first using an announce message (see dial(2)) to bind to a local port and then opening the listen file (see dial(2)) to receive incoming calls.

The following control messages are supported:
accept file       Accept an incoming encrypted connection on file, typically a data file.
dial file         Initiate a new encrypted connection on file, typically a UDP data file.
drop permil      Randomly drop approximately one of every permil output packets, thus simulating network errors.
cipher algorithm   Use ciphering algorithm; choices are null, des_56_cbc, rc4_128, and rc4_256.
auth algorithm     Use authentication algorithm; choices are null, hmac_sha1_96, and hmac_md5_96.
comp algorithm     Use compression algorithm; choices are null and thwack.
insecret secret   Use secret to decrypt incoming packets.
outsecret secretUse secret to encrypt outgoing packets.

dial(2), ip(3)
Robust Data Compression of Network Packets, Sean Dorward and Sean Quilan, Bell Labs, Lucent Technologies, http://plan9.bell–