[nanomsg] more updates

  • From: Garrett D'Amore <garrett@xxxxxxxxxx>
  • To: nanomsg@xxxxxxxxxxxxx
  • Date: Sat, 26 Apr 2014 19:46:35 -0700

I’ve done some more updates.

Transports are now in separate packages as I proposed.  TLS is in a package 
called “bitbucket.org/gdamore/mangos/transport/tlstcp” 

The reason its called “tlstcp” instead of just “tls” is two fold.

1. Its darned inconvenient when this package collides with crypto/tls.  (You 
can use renames on the import line, but … that’s kind of ugly.)

2. There may be other transports that use TLS on top of … (notably probably 
*not* DTLS, but one could imagine TLS on top of IPC, etc.  Not sure what value 
that would have, but I *can* think of actual use cases.)

To load a transport, you can import it (e.g. import 
“bitbucket.org/gdamore/mangos/transport/tcp”) then pass that package’s 
“NewTransport()” result to the new AddTransport() method for Socket.  So it 
looks like:

        sock.AddTransport(tcp.NewTransport())

Also, there is an “all” package underneath transport/ that will load all 
transports on a socket.  It goes like this:

        all.AddTransports(sock)

macat and the test suite use this all package.

The macat program now properly has lots of options relating to TLS.  You can 
specify certs, CAs, even the TLS protocol version.  (I’ve not added ciphersuite 
selection yet, but I will.)  Note that macat assumes you want *mutual* 
authentication unless you go out of your way to say otherwise.  This is very 
intentional, since the uses cases here are probably specifically unlike 
traditional HTTPS where you have random unknown clients.    You can disable 
this by providing —insecure (or -k).   Note also that a server *must* have its 
own certificate presented.  Again, very intentional.  I tried to use curl’s 
switches since I figure they are the most likely to be familiar to folks using 
SSL.

Here’s the man page for macat.1:

macat(1)                            mangos                            macat(1)



NAME
       macat − command line interface to the mangos messaging

SYNOPSIS
       macat   [−v|−−verbose]  [−q|−−silent] [−−push] [−−pull] [−−pub] [−−sub]
       [−−req] [−−rep] [−−surveyor] [−−respondent] [−−bus]  [−−pair]  [−−star]
       [−−bind  ADDR]  [−−connect ADDR] [−X|−−bind‐ipc PATH] [−x|−−connect‐ipc
       PATH] [−L|−−bind‐local  PORT]  [−l|−−connect‐local  PORT]  [−−subscribe
       PREFIX] [−−recv‐timeout SEC] [−−send‐timeout SEC] [−d|−−send‐delay SEC]
       [−−raw]  [−A|−−ascii]  [−Q|−−quoted]  [−−msgpack]  [−i|−−interval  SEC]
       [−D|−−data  DATA]  [−F|−−file  FILE]  [−−sslv3]  [−−tlsv1]  [−−tlsv1.1]
       [−−tlsv1.1] [−−tlsv1.2] [−E|−−cert FILE] [−−key FILE]  [−−cacert  FILE]
       [−k|−−insecure] [−−help]

DESCRIPTION
       macat is a command‐line interface to send and receive data via the man‐
       gos implementation of the SP (nanomsg) protocols.  It is designed to be
       suitable for use as a drop‐in replacement for nanocat(1).


OPTIONS
       −v,−−verbose
              Increase verbosity

       −q,−−silent
              Decrease verbosity

       −−push Use PUSH socket type

       −−pull Use PULL socket type

       −−pub  Use PUB socket type

       −−sub  Use SUB socket type

       −−req  Use REQ socket type

       −−rep  Use REP socket type

       −−surveyor
              Use SURVEYOR socket type

       −−respondent
              Use RESPONDENT socket type

       −−bus  Use BUS socket type

       −−pair Use PAIR socket type

       −−star Use STAR socket type

       −−bind ADDR
              Bind socket to ADDR

       −−connect ADDR
              Connect socket to ADDR

       −X,−−bind‐ipc PATH
              Bind socket to IPC PATH

       −x,−−connect‐ipc PATH
              Connect socket to IPC PATH

       −L,−−bind‐local PORT
              Bind socket to TCP localhost PORT

       −l,−−connect‐local PORT
              Connect socket to TCP localhost PORT

       −−subscribe PREFIX
              Subcribe to PREFIX (default is wildcard)

       −−recv‐timeout SEC
              Set receive timeout

       −−send‐timeout SEC
              Set send timeout

       −d,−−send‐delay SEC
              Set initial send delay

       −−raw  Raw output, no delimiters

       −A,−−ascii
              ASCII output, one per line

       −Q,−−quoted
              Quoted output, one per line

       −−msgpack
              Msgpacked binay output (see msgpack.org)

       −i,−−interval SEC
              Send DATA every SEC seconds

       −D,−−data DATA
              Data to send

       −F,−−file FILE
              Send contents of FILE

       −−sslv3
              Force SSLv3 when using SSL/TLS

       −−tlsv1
              Force TLSv1.x when using SSL/TLS

       −−tlsv1.1
              Force TLSv1.0 when using SSL/TLS

       −−tlsv1.1
              Force TLSv1.1 when using SSL/TLS

       −−tlsv1.2
              Force TLSv1.2 when using SSL/TLS

       −E,−−cert FILE
              Use certificate in FILE for SSL/TLS

       −−key FILE
              Use private key in FILE for SSL/TLS

       −−cacert FILE
              Use CA certicate(s) in FILE for SSL/TLS

       −k,−−insecure
              Do not validate TLS/SSL peer certificate

       −−help show usage message

AUTHOR
       Garrett D’Amore



mangos                          April 26, 2014                        macat(1)


-- 
Garrett D'Amore
Sent with Airmail

Other related posts:

  1. Home
  2. nanomsg
  3. Archive
  4. 04-2014