From 77e27dcb90b4e7db7828481a3f853d7f9ddf5335 Mon Sep 17 00:00:00 2001 From: Amna Date: Wed, 24 Jul 2024 13:09:40 -0400 Subject: [PATCH] tools/*: update docs (man, readme, --help) There was huge number of inconsistencies between documentation, helpers and options parsing. Unified arguments and docs + package them. Change-Id: Icf1097e2130882e4de831db21d3fb16603266229 --- CMakeLists.txt | 2 + tools/dhtnet_crtmgr/README.md | 8 ++-- tools/dhtnet_crtmgr/dhtnet-crtmgr.1 | 71 +++++++++++++++++++++++++++++ tools/dhtnet_crtmgr/main.cpp | 46 +++++++++---------- tools/dnc/README.md | 36 ++++++++++----- tools/dnc/dnc.1 | 46 +++++++++++++------ tools/dnc/main.cpp | 34 +++++++------- tools/dsh/README.md | 14 +++--- tools/dsh/dsh.1 | 64 +++++++++++++++++++++----- tools/dsh/main.cpp | 26 ++++++----- tools/dvpn/README.md | 20 ++++---- tools/dvpn/dvpn.1 | 45 ++++++++++++------ tools/dvpn/main.cpp | 48 +++++++++---------- 13 files changed, 309 insertions(+), 151 deletions(-) create mode 100644 tools/dhtnet_crtmgr/dhtnet-crtmgr.1 diff --git a/CMakeLists.txt b/CMakeLists.txt index fd502b10..a35142cc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -360,6 +360,8 @@ if (BUILD_TOOLS AND NOT MSVC) install(FILES tools/dnc/dnc.1 tools/dsh/dsh.1 + tools/dvpn/dvpn.1 + tools/dhtnet_crtmgr/dhtnet-crtmgr.1 DESTINATION ${CMAKE_INSTALL_MANDIR}/man1) install(FILES README.md DESTINATION ${docdir}) diff --git a/tools/dhtnet_crtmgr/README.md b/tools/dhtnet_crtmgr/README.md index de65364e..ae9b3e80 100644 --- a/tools/dhtnet_crtmgr/README.md +++ b/tools/dhtnet_crtmgr/README.md @@ -15,11 +15,11 @@ The DHTNet Certificate Manager is a command-line tool designed to manage certifi ## Option - `-h, --help`: Display this help message and then exit. - `-v, --version`: Show the version of the program. -- `-p, --privatekey`: Provide the path to the private key as an argument. -- `-c, --certificate`: Provide the path to the certificate as an argument. -- `-o, --output`: Provide the path where the generated certificate should be saved as an argument. +- `-p, --privatekey [FILE]`: Provide the path to the private key as an argument. +- `-c, --certificate [FILE]`: Provide the path to the certificate as an argument. +- `-o, --output [FOLDER]`: Provide the path where the generated certificate should be saved as an argument. - `-a, --identifier`: Display the user identifier. -- `-n, --name`: Provide the name of the certificate to be generated. +- `-n, --name [NAME]`: Provide the name of the certificate to be generated. - `-s, --setup`: Create an CA and an certificate. - `-i, --interactive`: Create certificate using interactive mode. diff --git a/tools/dhtnet_crtmgr/dhtnet-crtmgr.1 b/tools/dhtnet_crtmgr/dhtnet-crtmgr.1 new file mode 100644 index 00000000..9616a48a --- /dev/null +++ b/tools/dhtnet_crtmgr/dhtnet-crtmgr.1 @@ -0,0 +1,71 @@ +.TH DHTNET-CRTMGR 1 "July 2024" +.SH NAME +dhtnet-crtmgr \- DHTNet Certificate Manager +.SH SYNOPSIS +.B dhtnet-crtmgr +[OPTIONS]... +.SH DESCRIPTION +\fBdhtnet-crtmgr\fR is a command-line utility designed to manage certificates for the DHTNet network. +It enables users to generate, sign, and configure certificates for secure communication across the network. + +For easy setup and testing purpose, you can use \fBdhtner-crtmgr \-\-interactive\fR to generate a self-signed certificate for server and/or client. +.SH OPTIONS + +.TP +.B \-h, \-\-help +Display help information and exit. + +.TP +.B \-v, \-\-version +Show program version. + +.TP +.B \-i, \-\-interactive +Generate a self-signed certificate interactively and edit configuration to use it. + +.TP +.B \-a, \-\-identifier +Print the identifier of the certificate in stdout. This identifier is the one used to reach node on DHT network. +Require options \fB\-c\fR and \fB\-p\fR to be set. + +.TP +.B \-s, \-\-setup +Generate a CA and a certificate signed with this CA. Require \fB\-o\fR option. If used with \fB\-c\fR and \fB\-p\fR, will generate a certificate signed with the CA given by these options. + +Will create sub-folders \fICA\fR and \fIid\fR in the output folder given at \fB\-o\fR. + +.TP +.B \-o, \-\-output \fIFOLDER\fR +Define the output folder for the generated certificate. + +.TP +.B \-c, \-\-certificate \fIFILE\fR +Define the certificate file to use. Usually a \fI.crt\fR file. + +.TP +.B \-p, \-\-privatekey \fIFILE\fR +Define the private key file to use. Usually a \fI.pem\fR file. + +.TP +.B \-n, \-\-name \fINAME\fR +Define the name of the certificate. Will be used to generate \fINAME.crt\fR and \fINAME.pem\fR. Doesn't work with \fB\-s, \-\-setup\fR but must be used with \fB\-o, \-\-output\fR. + +.SH EXAMPLES + +Use interactive mode to generate a self-signed certificate: +.B dhtnet-crtmgr \-\-interactive + +Generate a CA in \fIoutput_folder\fR: +.B dhtnet-crtmgr \-\-name \fImy_ca\fB \-\-output \fIoutput_folder\fR + +Generate a key signed by previously generated CA: +.B dhtnet-crtmgr \-\-certificate \fIoutput_folder/my_ca.crt\fB \-\-privateKey \fIoutput_folder/my_ca.pem\fB \-\-name \fImy_key\fB \-\-output \fIkeys_folder\fR + +Print the identifier of this newly generated key: +.B dhtnet-crtmgr \-\-certificate \fIkeys_folder/my_key.crt\fB \-\-privateKey \fIkeys_folder/my_key.pem\fB \-\-identifier\fR + +.SH "SEE ALSO" +.TP +.BR dnc(1), +.BR dsh(1), +.BR dvpn(1) diff --git a/tools/dhtnet_crtmgr/main.cpp b/tools/dhtnet_crtmgr/main.cpp index cdccd219..968a9364 100644 --- a/tools/dhtnet_crtmgr/main.cpp +++ b/tools/dhtnet_crtmgr/main.cpp @@ -33,9 +33,9 @@ struct dhtnet_crtmgr_params bool help {false}; bool version {false}; std::filesystem::path ca {}; - std::filesystem::path id {}; + std::filesystem::path output {}; std::filesystem::path privatekey {}; - bool pkid {false}; + bool identifier {false}; std::string name {}; bool setup {false}; bool interactive {false}; @@ -43,11 +43,11 @@ struct dhtnet_crtmgr_params static const constexpr struct option long_options[] = {{"help", no_argument, nullptr, 'h'}, {"version", no_argument, nullptr, 'v'}, - {"CA", required_argument, nullptr, 'c'}, - {"id", required_argument, nullptr, 'o'}, + {"certificate", required_argument, nullptr, 'c'}, + {"output", required_argument, nullptr, 'o'}, {"privatekey", required_argument, nullptr, 'p'}, {"name", required_argument, nullptr, 'n'}, - {"pkid", no_argument, nullptr, 'a'}, + {"identifier", no_argument, nullptr, 'a'}, {"setup", no_argument, nullptr, 's'}, {"interactive", no_argument, nullptr, 'i'}, {nullptr, 0, nullptr, 0}}; @@ -57,7 +57,7 @@ parse_args(int argc, char** argv) { dhtnet_crtmgr_params params; int opt; - while ((opt = getopt_long(argc, argv, "hasvi:c:o:p:n:", long_options, nullptr)) != -1) { + while ((opt = getopt_long(argc, argv, "hvasic:o:p:n:", long_options, nullptr)) != -1) { switch (opt) { case 'h': params.help = true; @@ -69,13 +69,13 @@ parse_args(int argc, char** argv) params.ca = optarg; break; case 'o': - params.id = optarg; + params.output = optarg; break; case 'p': params.privatekey = optarg; break; case 'a': - params.pkid = true; + params.identifier = true; break; case 'n': params.name = optarg; @@ -92,7 +92,7 @@ parse_args(int argc, char** argv) } } - if (params.id.empty() && !params.pkid && !params.help && !params.version && !params.interactive) { + if (params.output.empty() && !params.identifier && !params.help && !params.version && !params.interactive) { std::cerr << "Error: The path to save the generated certificate is not provided.\n Please specify the path using the -o option.\n"; exit(EXIT_FAILURE); } @@ -200,8 +200,8 @@ main(int argc, char** argv) "\nOptions:\n" " -h, --help Display this help message and then exit.\n" " -v, --version Show the version of the program.\n" - " -p, --privatekey [PATH] Provide the path to the private key as an argument.\n" - " -c, --certificate [PATH] Provide the path to the certificate as an argument.\n" + " -p, --privatekey [FILE] Provide the path to the private key as an argument.\n" + " -c, --certificate [FILE] Provide the path to the certificate as an argument.\n" " -o, --output [FOLDER] Provide the path where the generated certificate should be saved as an argument.\n" " -a, --identifier Display the user identifier.\n" " -n, --name [NAME] Provide the name of the certificate to be generated.\n" @@ -215,7 +215,7 @@ main(int argc, char** argv) return EXIT_SUCCESS; } // check if the public key id is requested - if (params.pkid) { + if (params.identifier) { if (params.ca.empty() || params.privatekey.empty()) { fmt::print(stderr, "Error: The path to the private key and the certificate is not provided.\n Please specify the path for the private key and the certificate using the -p and -c options.\n"); exit(EXIT_FAILURE); @@ -355,14 +355,14 @@ main(int argc, char** argv) } } params.setup = true; - params.id = folder; + params.output = folder; } } // check if the setup is requested if (params.setup) { // create CA with name ca-server - std::filesystem::path path_ca = params.id / "CA"; + std::filesystem::path path_ca = params.output / "CA"; auto ca = dhtnet::generateIdentity(path_ca, "ca-server"); if (!ca.first || !ca.second) { fmt::print(stderr, "Error: Could not generate CA.\n"); @@ -370,7 +370,7 @@ main(int argc, char** argv) } fmt::print("Generated CA in {}: {} {}\n", path_ca, "ca-server", ca.second->getId()); // create identity with name id-server - std::filesystem::path path_id = params.id / "id"; + std::filesystem::path path_id = params.output / "id"; auto identity = dhtnet::generateIdentity(path_id, "id-server", ca); if (!identity.first || !identity.second) { fmt::print(stderr, "Error: Could not generate certificate.\n"); @@ -382,36 +382,36 @@ main(int argc, char** argv) if (params.ca.empty() || params.privatekey.empty()) { if (params.name.empty()) { - auto ca = dhtnet::generateIdentity(params.id, "ca"); + auto ca = dhtnet::generateIdentity(params.output, "ca"); if (!ca.first || !ca.second) { fmt::print(stderr, "Error: Could not generate CA.\n"); return EXIT_FAILURE; } - fmt::print("Generated certificate in {}: {} {}\n", params.id, "ca", ca.second->getId()); + fmt::print("Generated certificate in {}: {} {}\n", params.output, "ca", ca.second->getId()); }else{ - auto ca = dhtnet::generateIdentity(params.id, params.name); + auto ca = dhtnet::generateIdentity(params.output, params.name); if (!ca.first || !ca.second) { fmt::print(stderr, "Error: Could not generate CA.\n"); return EXIT_FAILURE; } - fmt::print("Generated certificate in {}: {} {}\n", params.id, params.name, ca.second->getId()); + fmt::print("Generated certificate in {}: {} {}\n", params.output, params.name, ca.second->getId()); } }else{ auto ca = dhtnet::loadIdentity(params.privatekey, params.ca); if (params.name.empty()) { - auto id = dhtnet::generateIdentity(params.id, "certificate", ca); + auto id = dhtnet::generateIdentity(params.output, "certificate", ca); if (!id.first || !id.second) { fmt::print(stderr, "Error: Could not generate certificate.\n"); return EXIT_FAILURE; } - fmt::print("Generated certificate in {}: {} {}\n", params.id, "certificate", id.second->getId()); + fmt::print("Generated certificate in {}: {} {}\n", params.output, "certificate", id.second->getId()); }else{ - auto id = dhtnet::generateIdentity(params.id, params.name, ca); + auto id = dhtnet::generateIdentity(params.output, params.name, ca); if (!id.first || !id.second) { fmt::print(stderr, "Error: Could not generate certificate.\n"); return EXIT_FAILURE; } - fmt::print("Generated certificate in {}: {} {}\n", params.id, params.name, id.second->getId()); + fmt::print("Generated certificate in {}: {} {}\n", params.output, params.name, id.second->getId()); } } return EXIT_SUCCESS; diff --git a/tools/dnc/README.md b/tools/dnc/README.md index de8e7b3b..159b8689 100644 --- a/tools/dnc/README.md +++ b/tools/dnc/README.md @@ -10,24 +10,34 @@ - Incorporates TURN (Traversal Using Relays around NAT) server support for effective NAT traversal. - Manages identities for enhanced security during DHT network interactions. +## Connection Process + +1. **Launch Server and Share Public ID (Server-side):** The server must be launched, and its public ID (hash key) should be shared with the clients who want to connect to it. +2. **Initiate Connection and Request Remote Socket (Client-side):** The client starts a peer-to-peer connection within the DHT network using the server's public ID and requests the server to open a socket at the specified `` and ``. +3. **Check Certificate:** If anonymous mode is off, the server verifies the client's certificate to ensure it matches the server’s CA. If anonymous mode is on, no certificate check is performed. +4. **Authorize Request:** The server checks if the requested `:` is authorized based on its rules. +5. **Create Socket:** + - **If Authorized:** The server opens a socket at the specified `:` and links it to the DHT socket. + - **If Not Authorized:** The server rejects the connection. + ### Usage Options **dnc** supports a range of command-line arguments: - `-h, --help`: Display help information and exit. - `-v, --version`: Show the version of the program. -- `-P, --port`: Define the port for socket creation. -- `-i, --ip`: Define the IP address for socket creation. +- `-P, --port [PORT]`: Define the port for socket creation. +- `-i, --ip [IP]`: Define the IP address for socket creation. - `-l, --listen`: Launch the program in listening mode. -- `-b, --bootstrap`: Set the bootstrap node. -- `-t, --turn_host`: Define the TURN server host. -- `-u, --turn_user`: Define the TURN server username. -- `-w, --turn_pass`: Define the TURN server password. -- `-r, --turn_realm`: Specify the TURN server realm. -- `-c, --certificate`: Specify the Certificate. -- `-p, --privateKey`: Provide a private key. -- `-d, --configuration`: Define the dnc configuration with a YAML file path. -- `-a, --anonymous_cnx`: Activate anonymous connection mode. +- `-b, --bootstrap [ADDRESS]`: Set the bootstrap node. +- `-t, --turn_host [ADDRESS]`: Define the TURN server host. +- `-u, --turn_user [USER]`: Define the TURN server username. +- `-w, --turn_pass [SECRET]`: Define the TURN server password. +- `-r, --turn_realm [REALM]`: Specify the TURN server realm. +- `-c, --certificate [FILE]`: Specify the Certificate. +- `-p, --privateKey [FILE]`: Provide a private key. +- `-d, --configuration [FILE]`: Define the dnc configuration with a YAML file path. +- `-a, --anonymous`: Activate anonymous connection mode. - `-vv, --verbose`: Enable verbose mode. For additional options, use the `-d` flag with a YAML configuration file: @@ -36,8 +46,10 @@ dnc -d ``` Note: If anonymous mode is off, the server's CA must be shared with the client. +The authorized services `:` can only be specified in the YAML configuration file. If none are specified, the server will accept all connections. + ## Establishing SSH Connections -To facilitate SSH connections to a remote device, dnc establishes a DHT network connection followed by socket creation on port 22, assuming an OpenSSH server is operational. +To facilitate SSH connections to a remote device, dnc establishes a DHT network connection followed by socket creation on port 22 by default, assuming an OpenSSH server is operational. ### Prerequisites - **OpenSSH Installation** diff --git a/tools/dnc/dnc.1 b/tools/dnc/dnc.1 index a24cf674..c6b7aaee 100644 --- a/tools/dnc/dnc.1 +++ b/tools/dnc/dnc.1 @@ -17,49 +17,64 @@ dnc \- Distributed Netcat .TP .B \- Manages identities for secure interactions. -.SH "USAGE OPTIONS" +.SH "OPTIONS" + .TP .B \-h, \-\-help Display help information and exit. + .TP .B \-v, \-\-version Show program version. + .TP -.B \-P, \-\-port +.B \-P, \-\-port \fIPORT\fR Define the port for socket creation. + .TP -.B \-i, \-\-ip +.B \-i, \-\-ip \fIADDRESS\fR Define the IP address for socket creation. + .TP .B \-l, \-\-listen Launch in listening mode. + .TP -.B \-b, \-\-bootstrap +.B \-b, \-\-bootstrap \fIADDRESS\fR Set the bootstrap node. + .TP -.B \-p, \-\-privateKey -Provide a private key. -.TP -.B \-t, \-\-turn_host +.B \-t, \-\-turn_host \fIADDRESS\fR Define the TURN server host. + .TP -.B \-u, \-\-turn_user +.B \-u, \-\-turn_user \fIUSER\fR Define the TURN server username. + .TP -.B \-w, \-\-turn_pass +.B \-w, \-\-turn_pass \fISECRET\fR Define the TURN server password. + .TP -.B \-r, \-\-turn_realm +.B \-r, \-\-turn_realm \fIREALM\fR Specify the TURN server realm. + .TP -.B \-c, \-\-certificate +.B \-p, \-\-privateKey \fIFILE\fR +Provide a private key. + +.TP +.B \-c, \-\-certificate \fIFILE\fR Specify the certificate. + .TP -.B \-d, \-\-dnc_configuration +.B \-d, \-\-configuration \fIFILE\fR Define the dnc configuration with a YAML file path. + .TP -.B \-a, \-\-anonymous_cnx +.B \-a, \-\-anonymous Activate anonymous connection mode. + .TP .B \-vv, \-\-verbose Enable verbose mode. @@ -88,5 +103,6 @@ To connect to a remote server: .SH "SEE ALSO" .TP .BR ssh(1), -.BR netcat(1) +.BR netcat(1), +.BR dhtnet-crtmgr (1) diff --git a/tools/dnc/main.cpp b/tools/dnc/main.cpp index ea7659da..e8a89e97 100644 --- a/tools/dnc/main.cpp +++ b/tools/dnc/main.cpp @@ -64,9 +64,9 @@ static const constexpr struct option long_options[] {"turn_user", required_argument, nullptr, 'u'}, {"turn_pass", required_argument, nullptr, 'w'}, {"turn_realm", required_argument, nullptr, 'r'}, - {"cert", required_argument, nullptr, 'c'}, + {"certificate", required_argument, nullptr, 'c'}, {"configuration", required_argument, nullptr, 'd'}, - {"anonymous_cnx", no_argument, nullptr, 'a'}, + {"anonymous", no_argument, nullptr, 'a'}, {nullptr, 0, nullptr, 0}}; dhtnc_params @@ -212,21 +212,21 @@ main(int argc, char** argv) if (params.help) { fmt::print("Usage: dnc [options] [PEER_ID]\n" "\nOptions:\n" - " -h, --help Show this help message and exit.\n" - " -v, --version Display the program version.\n" - " -P, --port Specify the port option with an argument.\n" - " -i, --ip Specify the ip option with an argument.\n" - " -l, --listen Start the program in listen mode.\n" - " -b, --bootstrap Specify the bootstrap option with an argument.\n" - " -t, --turn_host Specify the turn_host option with an argument.\n" - " -u, --turn_user Specify the turn_user option with an argument.\n" - " -w, --turn_pass Specify the turn_pass option with an argument.\n" - " -r, --turn_realm Specify the turn_realm option with an argument.\n" - " -c, --certificate Specify the certificate option with an argument.\n" - " -d, --configuration Specify the configuration option with an argument.\n" - " -p, --privateKey Specify the privateKey option with an argument.\n" - " -a, --anonymous_cnx Enable the anonymous mode.\n" - " -vv, --verbose Enable verbose mode.\n"); + " -h, --help Show this help message and exit.\n" + " -v, --version Display the program version.\n" + " -P, --port [PORT] Specify the port option with an argument.\n" + " -i, --ip [ADDRESS] Specify the ip option with an argument.\n" + " -l, --listen Start the program in listen mode.\n" + " -b, --bootstrap [ADDRESS] Specify the bootstrap option with an argument.\n" + " -t, --turn_host [ADDRESS] Specify the turn_host option with an argument.\n" + " -u, --turn_user [USER] Specify the turn_user option with an argument.\n" + " -w, --turn_pass [SECRET] Specify the turn_pass option with an argument.\n" + " -r, --turn_realm [REALM] Specify the turn_realm option with an argument.\n" + " -c, --certificate [FILE] Specify the certificate option with an argument.\n" + " -d, --configuration [FILE] Specify the configuration option with an argument.\n" + " -p, --privateKey [FILE] Specify the privateKey option with an argument.\n" + " -a, --anonymous Enable the anonymous mode.\n" + " -vv, --verbose Enable verbose mode.\n"); return EXIT_SUCCESS; } diff --git a/tools/dsh/README.md b/tools/dsh/README.md index a6098b8f..3302f959 100644 --- a/tools/dsh/README.md +++ b/tools/dsh/README.md @@ -18,15 +18,15 @@ - `-v, --version`: Display the version of the program. - `-l, --listen`: Launch the program in listen mode, waiting for incoming connections. - `-b, --bootstrap [ADDRESS]`: Specify the address of the bootstrap node for DHT network initialization. -- `-s, --binary [PATH]`: Specify the binary to execute upon establishing a connection. -- `-p, --privateKey [PATH]`: Define the path to the private key. -- `-c, --certificate [PATH]`: Specify the path to the certificate. +- `-s, --binary [COMMAND]`: Specify the binary to execute upon establishing a connection. +- `-p, --privateKey [FILE]`: Define the path to the private key. +- `-c, --certificate [FILE]`: Specify the path to the certificate. - `-t, --turn_host [HOST]`: Define the TURN server host for NAT traversal. -- `-u, --turn_user [USERNAME]`: Specify the TURN server username for authentication. -- `-w, --turn_pass [PASSWORD]`: Define the TURN server password for authentication. +- `-u, --turn_user [USER]`: Specify the TURN server username for authentication. +- `-w, --turn_pass [SECRET]`: Define the TURN server password for authentication. - `-r, --turn_realm [REALM]`: Specify the TURN server realm for additional security. -- `-d, --configuration [PATH]`: Define the path to the YAML configuration file for dsh. -- `-a, --anonymous_cnx`: Activate anonymous connection mode. +- `-d, --configuration [FILE]`: Define the path to the YAML configuration file for dsh. +- `-a, --anonymous`: Activate anonymous connection mode. For example, to connect to a remote peer and specify a custom configuration in the YAML configuration file, you can use the following command: diff --git a/tools/dsh/dsh.1 b/tools/dsh/dsh.1 index 80fda578..003f1af8 100644 --- a/tools/dsh/dsh.1 +++ b/tools/dsh/dsh.1 @@ -3,42 +3,82 @@ dsh \- Distributed Shell .SH SYNOPSIS .B dsh -.RI "[-h|--help] [-V|--version] [-l|--listen] [-b|--bootstrap ] [-s|--binary ] [-I|--id_path ]" -.RI "" +[OPTIONS]... .SH DESCRIPTION \fBdsh\fR is a Distributed Shell program that enables peers to establish connections with other peers in a Distributed Hash Table (DHT) network and execute a binary on the remote target. + +.B +is the identifiant of the target peer or device in the DHT network with which the connection should be established. +It is required when not running in listen mode. .PP \fBdsh\fR allows you to: .IP - Execute commands on remote peers in a DHT network. + - Establish connections with peers and execute binaries on their side. + .SH OPTIONS + .TP .B \-h, \-\-help Display help information for using \fBdsh\fR. + .TP -.B \-V, \-\-version +.B \-v, \-\-version Display the version information of \fBdsh\fR. + .TP .B \-l, \-\-listen Run \fBdsh\fR in listen mode, allowing the program to accept incoming network connections and perform network-related tasks on request. + .TP -.B \-b, \-\-bootstrap -Specify the address of a bootstrap node to connect to an existing DHT network. This option requires an argument. The default value is "bootstrap.jami.net" if not specified. +.B \-s, \-\-binary \fICOMMAND\fR +Specify the path to the binary that should be executed on the remote target when a connection is established. The default value is \fI"bash"\fR if not specified. + .TP -.B \-s, \-\-binary -Specify the path to the binary that should be executed on the remote target when a connection is established. This option requires an argument. The default value is "bash" if not specified. +.B \-b, \-\-bootstrap \fIADDRESS\fR +Set the bootstrap node. + .TP -.B \-I, \-\-id_path -Specify the path to the identity file, which contains information about the peer's identity and is used for DHT network interactions. This option requires an argument. The default value is "~/.dhtnet" if not specified. +.B \-t, \-\-turn_host \fIADDRESS\fR +Define the TURN server host. + .TP -.B -The peer ID argument is required when not running in listen mode. It specifies the ID of the target peer or device in the DHT network with which the connection should be established. +.B \-u, \-\-turn_user \fIUSER\fR +Define the TURN server username. + +.TP +.B \-w, \-\-turn_pass \fISECRET\fR +Define the TURN server password. + +.TP +.B \-r, \-\-turn_realm \fIREALM\fR +Specify the TURN server realm. + +.TP +.B \-p, \-\-privateKey \fIFILE\fR +Provide a private key. + +.TP +.B \-c, \-\-certificate \fIFILE\fR +Specify the certificate. + +.TP +.B \-d, \-\-configuration \fIFILE\fR +Define the dnc configuration with a YAML file path. + +.TP +.B \-a, \-\-anonymous +Activate anonymous connection mode. + .SH EXAMPLE + To connect to a remote peer and specify a custom bootstrap node, binary, and identity file, you can use the following command: .PP .B -dsh -b -s -I +dsh -b -s -c -p .SH SEE ALSO .PP +.BR dnc (1), +.BR dhtnet-crtmgr (1), .BR dshd (1) diff --git a/tools/dsh/main.cpp b/tools/dsh/main.cpp index 12dae126..5f6331a0 100644 --- a/tools/dsh/main.cpp +++ b/tools/dsh/main.cpp @@ -72,7 +72,7 @@ parse_args(int argc, char** argv) { dhtsh_params params; int opt; - while ((opt = getopt_long(argc, argv, "hvls:p:i:c:r:w:u:t:d:", long_options, nullptr)) != -1) { + while ((opt = getopt_long(argc, argv, "hvlab:s:p:c:r:w:u:t:d:", long_options, nullptr)) != -1) { switch (opt) { case 'h': params.help = true; @@ -198,17 +198,19 @@ main(int argc, char** argv) if (params.help){ fmt::print("Usage: dsh [OPTIONS] [PEER_ID]\n" "\nOptions:\n" - " -h, --help Show this help message and exit.\n" - " -v, --version Display the program version.\n" - " -l, --listen Start the program in listen mode.\n" - " -b, --bootstrap Specify the bootstrap option with an argument.\n" - " -s, --binary Specify the binary option with an argument.\n" - " -I, --privateKey Specify the privateKey option with an argument.\n" - " -c, --c Specify the certificate option with an argument.\n" - " -t, --turn_host Specify the turn_host option with an argument.\n" - " -u, --turn_user Specify the turn_user option with an argument.\n" - " -w, --turn_pass Specify the turn_pass option with an argument.\n" - " -r, --turn_realm Specify the turn_realm option with an argument.\n"); + " -h, --help Show this help message and exit.\n" + " -v, --version Display the program version.\n" + " -l, --listen Start the program in listen mode.\n" + " -b, --bootstrap [ADDRESS] Specify the bootstrap option with an argument.\n" + " -s, --binary [COMMAND] Specify the binary option with an argument.\n" + " -p, --privateKey [FILE] Specify the privateKey option with an argument.\n" + " -c, --certificate [FILE] Specify the certificate option with an argument.\n" + " -d, --configuration [FILE] Specify the configuration file option with an argument.\n" + " -t, --turn_host [ADDRESS] Specify the turn_host option with an argument.\n" + " -u, --turn_user [USER] Specify the turn_user option with an argument.\n" + " -w, --turn_pass [SECRET] Specify the turn_pass option with an argument.\n" + " -r, --turn_realm [REALM] Specify the turn_realm option with an argument.\n" + " -a, --anonymous Enable anonymous connection.\n"); return EXIT_SUCCESS; } if (params.version){ diff --git a/tools/dvpn/README.md b/tools/dvpn/README.md index 1cf48a10..15aea4fc 100644 --- a/tools/dvpn/README.md +++ b/tools/dvpn/README.md @@ -26,16 +26,16 @@ Before using **dvpn**, follow these steps to update your configuration: - `-h, --help`: Display help information - `-V, --version`: Display the version information of **dvpn**. - `-l, --listen`: Run **dvpn** in listen mode, allowing the program to accept incoming VPN connections. -- `-b, --bootstrap`: Specify the address of a bootstrap node to connect to an existing DHT network. -- `-t, --turn_host`: Specify the hostname or IP address of the TURN server. -- `-u, --turn_user`: Specify the username for authentication with the TURN server. -- `-w, --turn_pass`: Specify the password for authentication with the TURN server. -- `-r, --turn_realm`: Specify the realm for authentication with the TURN server. -- `-C, --vpn_configuration`: Specify the path to the vpn configuration file. -- `-p, --privateKey`: Define the path to the private key. -- `-c, --certificate`: Specify the path to the certificate. -- `-d, --configuration`: Define the path to the YAML configuration file for dvpn. -- `-a, --anonymous_cnx`: Activate anonymous connection mode. +- `-b, --bootstrap [ADDRESS]`: Specify the address of a bootstrap node to connect to an existing DHT network. +- `-t, --turn_host [ADDRESS]`: Specify the hostname or IP address of the TURN server. +- `-u, --turn_user [USER]`: Specify the username for authentication with the TURN server. +- `-w, --turn_pass [SECRET]`: Specify the password for authentication with the TURN server. +- `-r, --turn_realm [REALM]`: Specify the realm for authentication with the TURN server. +- `-C, --vpn_configuration [FILE]`: Specify the path to the vpn configuration file. +- `-p, --privateKey [FILE]`: Define the path to the private key. +- `-c, --certificate [FILE]`: Specify the path to the certificate. +- `-d, --configuration [FILE]`: Define the path to the YAML configuration file for dvpn. +- `-a, --anonymous`: Activate anonymous connection mode. To run a dvpn server, you can use the following command: ```shell diff --git a/tools/dvpn/dvpn.1 b/tools/dvpn/dvpn.1 index 6cbc73c6..67084de0 100644 --- a/tools/dvpn/dvpn.1 +++ b/tools/dvpn/dvpn.1 @@ -5,12 +5,16 @@ dvpn \- Distributed VPN .SH SYNOPSIS .B dvpn -[\-h | \-\-help] [\-\-version] [\-\-listen] [\-\-bootstrap ] [\-\-id_path ] [\-\-turn_host ] [\-\-turn_user ] [\-\-turn_pass ] [\-\-turn_realm ] [\-\-configuration_path_file ] +[OPTIONS] .SH DESCRIPTION .B dvpn is a VPN tool based on the DHTNet library, utilizing a decentralized architecture for peer discovery and communication. It supports both server and client modes, implements a TUN interface for network communication and offers configuration flexibility. +.B +is the identifiant of the target peer or device in the DHT network with which the connection should be established. +It is required when not running in listen mode. + .SH OPTIONS .TP .B \-h, \-\-help @@ -25,36 +29,44 @@ Display the version information of dvpn. Run dvpn in listen mode, allowing the program to accept incoming VPN connections. .TP -.B \-b, \-\-bootstrap +.B \-b, \-\-bootstrap \fIADDRESS\fR Specify the address of a bootstrap node to connect to an existing DHT network. Default is "bootstrap.jami.net" if not specified. .TP -.B \-I, \-\-id_path -Specify the path to the identity file used for DHT network interactions. Default is "$HOME/.dhtnet" if not specified. +.B \-t, \-\-turn_host \fIADDRESS\fR +Define the TURN server host. + +.TP +.B \-u, \-\-turn_user \fIUSER\fR +Define the TURN server username. .TP -.B \-t, \-\-turn_host -Specify the hostname or IP address of the TURN server for network traversal. +.B \-w, \-\-turn_pass \fISECRET\fR +Define the TURN server password. .TP -.B \-u, \-\-turn_user -Specify the username for authentication with the TURN server. +.B \-r, \-\-turn_realm \fIREALM\fR +Specify the TURN server realm. .TP -.B \-w, \-\-turn_pass -Specify the password for authentication with the TURN server. +.B \-c, \-\-certificate \fIFILE\fR +Specify the certificate. .TP -.B \-r, \-\-turn_realm -Specify the realm for authentication with the TURN server. +.B \-p, \-\-privateKey \fIFILE\fR +Provide a private key. .TP -.B \-c, \-\-configuration_path_file +.B \-d, \-\-configuration \fIFILE\fR +Define the dnc configuration with a YAML file path. + +.TP +.B \-C, \-\-vpn_configuration \fIFILE\fR Specify the path to the configuration file. Default is "dhtnet/tools/dvpn/test_config.yaml" if not specified. .TP -.B -The peer ID argument is required when not running in listen mode. It specifies the ID of the target peer or device in the DHT network. +.B \-a, \-\-anonymous +Activate anonymous connection mode. .SH VPN SETUP PROCESS For each connection, @@ -85,6 +97,9 @@ To connect to a dvpn server: $ sudo ./dvpn .SH SEE ALSO +.BR dnc (1), +.BR dhtnet-crtmgr (1) + The DHTNet library documentation for more details. .SH "dvpn 1.0" December 2023 DVPN(1) \ No newline at end of file diff --git a/tools/dvpn/main.cpp b/tools/dvpn/main.cpp index 38899c4e..cd5b3df2 100644 --- a/tools/dvpn/main.cpp +++ b/tools/dvpn/main.cpp @@ -60,7 +60,7 @@ static const constexpr struct option long_options[] {"turn_user", required_argument, nullptr, 'u'}, {"turn_pass", required_argument, nullptr, 'w'}, {"turn_realm", required_argument, nullptr, 'r'}, - {"vpn_configuration_file", required_argument, nullptr, 'C'}, + {"vpn_configuration", required_argument, nullptr, 'C'}, {"certificate", required_argument, nullptr, 'c'}, {"configuration", required_argument, nullptr, 'd'}, {"anonymous", no_argument, nullptr, 'a'}, @@ -71,7 +71,7 @@ parse_args(int argc, char** argv) { dhtvpn_params params; int opt; - while ((opt = getopt_long(argc, argv, "hvlw:r:u:t:p:b:c:C:d:", long_options, nullptr)) != -1) { + while ((opt = getopt_long(argc, argv, "hvlab:t:u:w:r:p:c:C:d:", long_options, nullptr)) != -1) { switch (opt) { case 'h': params.help = true; @@ -82,12 +82,12 @@ parse_args(int argc, char** argv) case 'l': params.listen = true; break; + case 'a': + params.anonymous_cnx = true; + break; case 'b': params.bootstrap = optarg; break; - case 'p': - params.privateKey = optarg; - break; case 't': params.turn_host = optarg; break; @@ -100,18 +100,18 @@ parse_args(int argc, char** argv) case 'r': params.turn_realm = optarg; break; - case 'C': - params.configuration_file = optarg; - break; case 'c': params.cert = optarg; break; + case 'p': + params.privateKey = optarg; + break; + case 'C': + params.configuration_file = optarg; + break; case 'd': params.configuration = optarg; break; - case 'a': - params.anonymous_cnx = true; - break; default: std::cerr << "Invalid option" << std::endl; exit(EXIT_FAILURE); @@ -193,19 +193,19 @@ main(int argc, char** argv) fmt::print( "Usage: dvpn [options] [PEER_ID]\n" "\nOptions:\n" - " -h, --help Show this help message and exit.\n" - " -v, --version Display the program version.\n" - " -l, --listen Start the program in listen mode.\n" - " -b, --bootstrap Specify the bootstrap option with an argument.\n" - " -p, --privateKey Specify the privateKey option with an argument.\n" - " -t, --turn_host Specify the turn_host option with an argument.\n" - " -u, --turn_user Specify the turn_user option with an argument.\n" - " -w, --turn_pass Specify the turn_pass option with an argument.\n" - " -r, --turn_realm Specify the turn_realm option with an argument.\n" - " -C, --vpn_configuration Specify the vpn_configuration path option with an argument.\n" - " -c, --certificate Specify the certificate path option with an argument.\n" - " -d, --configuration Specify the configuration path option with an argument.\n" - " -a, --anonymous Specify the anonymous option with an argument.\n" + " -h, --help Show this help message and exit.\n" + " -v, --version Display the program version.\n" + " -l, --listen Start the program in listen mode.\n" + " -b, --bootstrap [ADDRESS] Specify the bootstrap option with an argument.\n" + " -t, --turn_host [ADDRESS] Specify the turn_host option with an argument.\n" + " -u, --turn_user [USER] Specify the turn_user option with an argument.\n" + " -w, --turn_pass [SECRET] Specify the turn_pass option with an argument.\n" + " -r, --turn_realm [REALM] Specify the turn_realm option with an argument.\n" + " -C, --vpn_configuration [FILE] Specify the vpn_configuration path option with an argument.\n" + " -c, --certificate [FILE] Specify the certificate path option with an argument.\n" + " -p, --privateKey [FILE] Specify the privateKey option with an argument.\n" + " -d, --configuration [FILE] Specify the configuration path option with an argument.\n" + " -a, --anonymous Specify the anonymous option with an argument.\n" "\n"); return EXIT_SUCCESS; }