diff --git a/CMakeLists.txt b/CMakeLists.txt
index fd502b10d65c97230bd1cd5924035cea0eb9269e..a35142cc4287b83322d1b7d741efcfbf59549d68 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -360,6 +360,8 @@ if (BUILD_TOOLS AND NOT MSVC)
install(FILES
tools/dnc/dnc.1
tools/dsh/dsh.1
+ tools/dvpn/dvpn.1
+ tools/dhtnet_crtmgr/dhtnet-crtmgr.1
DESTINATION ${CMAKE_INSTALL_MANDIR}/man1)
install(FILES README.md DESTINATION ${docdir})
diff --git a/tools/dhtnet_crtmgr/README.md b/tools/dhtnet_crtmgr/README.md
index de65364efbd9eea1e3c0d4240c2556f6af92ef75..ae9b3e80f12ae62ce277aeb25494cd2064856a06 100644
--- a/tools/dhtnet_crtmgr/README.md
+++ b/tools/dhtnet_crtmgr/README.md
@@ -15,11 +15,11 @@ The DHTNet Certificate Manager is a command-line tool designed to manage certifi
## Option
- `-h, --help`: Display this help message and then exit.
- `-v, --version`: Show the version of the program.
-- `-p, --privatekey`: Provide the path to the private key as an argument.
-- `-c, --certificate`: Provide the path to the certificate as an argument.
-- `-o, --output`: Provide the path where the generated certificate should be saved as an argument.
+- `-p, --privatekey [FILE]`: Provide the path to the private key as an argument.
+- `-c, --certificate [FILE]`: Provide the path to the certificate as an argument.
+- `-o, --output [FOLDER]`: Provide the path where the generated certificate should be saved as an argument.
- `-a, --identifier`: Display the user identifier.
-- `-n, --name`: Provide the name of the certificate to be generated.
+- `-n, --name [NAME]`: Provide the name of the certificate to be generated.
- `-s, --setup`: Create an CA and an certificate.
- `-i, --interactive`: Create certificate using interactive mode.
diff --git a/tools/dhtnet_crtmgr/dhtnet-crtmgr.1 b/tools/dhtnet_crtmgr/dhtnet-crtmgr.1
new file mode 100644
index 0000000000000000000000000000000000000000..9616a48ae3aab1d504df4fcdaad2150a719b3362
--- /dev/null
+++ b/tools/dhtnet_crtmgr/dhtnet-crtmgr.1
@@ -0,0 +1,71 @@
+.TH DHTNET-CRTMGR 1 "July 2024"
+.SH NAME
+dhtnet-crtmgr \- DHTNet Certificate Manager
+.SH SYNOPSIS
+.B dhtnet-crtmgr
+[OPTIONS]...
+.SH DESCRIPTION
+\fBdhtnet-crtmgr\fR is a command-line utility designed to manage certificates for the DHTNet network.
+It enables users to generate, sign, and configure certificates for secure communication across the network.
+
+For easy setup and testing purpose, you can use \fBdhtner-crtmgr \-\-interactive\fR to generate a self-signed certificate for server and/or client.
+.SH OPTIONS
+
+.TP
+.B \-h, \-\-help
+Display help information and exit.
+
+.TP
+.B \-v, \-\-version
+Show program version.
+
+.TP
+.B \-i, \-\-interactive
+Generate a self-signed certificate interactively and edit configuration to use it.
+
+.TP
+.B \-a, \-\-identifier
+Print the identifier of the certificate in stdout. This identifier is the one used to reach node on DHT network.
+Require options \fB\-c\fR and \fB\-p\fR to be set.
+
+.TP
+.B \-s, \-\-setup
+Generate a CA and a certificate signed with this CA. Require \fB\-o\fR option. If used with \fB\-c\fR and \fB\-p\fR, will generate a certificate signed with the CA given by these options.
+
+Will create sub-folders \fICA\fR and \fIid\fR in the output folder given at \fB\-o\fR.
+
+.TP
+.B \-o, \-\-output \fIFOLDER\fR
+Define the output folder for the generated certificate.
+
+.TP
+.B \-c, \-\-certificate \fIFILE\fR
+Define the certificate file to use. Usually a \fI.crt\fR file.
+
+.TP
+.B \-p, \-\-privatekey \fIFILE\fR
+Define the private key file to use. Usually a \fI.pem\fR file.
+
+.TP
+.B \-n, \-\-name \fINAME\fR
+Define the name of the certificate. Will be used to generate \fINAME.crt\fR and \fINAME.pem\fR. Doesn't work with \fB\-s, \-\-setup\fR but must be used with \fB\-o, \-\-output\fR.
+
+.SH EXAMPLES
+
+Use interactive mode to generate a self-signed certificate:
+.B dhtnet-crtmgr \-\-interactive
+
+Generate a CA in \fIoutput_folder\fR:
+.B dhtnet-crtmgr \-\-name \fImy_ca\fB \-\-output \fIoutput_folder\fR
+
+Generate a key signed by previously generated CA:
+.B dhtnet-crtmgr \-\-certificate \fIoutput_folder/my_ca.crt\fB \-\-privateKey \fIoutput_folder/my_ca.pem\fB \-\-name \fImy_key\fB \-\-output \fIkeys_folder\fR
+
+Print the identifier of this newly generated key:
+.B dhtnet-crtmgr \-\-certificate \fIkeys_folder/my_key.crt\fB \-\-privateKey \fIkeys_folder/my_key.pem\fB \-\-identifier\fR
+
+.SH "SEE ALSO"
+.TP
+.BR dnc(1),
+.BR dsh(1),
+.BR dvpn(1)
diff --git a/tools/dhtnet_crtmgr/main.cpp b/tools/dhtnet_crtmgr/main.cpp
index cdccd21915d3bad6ec285bd23aa5d2abad389cc9..968a9364473bc181e2a6ecbdd828e52716aebbdf 100644
--- a/tools/dhtnet_crtmgr/main.cpp
+++ b/tools/dhtnet_crtmgr/main.cpp
@@ -33,9 +33,9 @@ struct dhtnet_crtmgr_params
bool help {false};
bool version {false};
std::filesystem::path ca {};
- std::filesystem::path id {};
+ std::filesystem::path output {};
std::filesystem::path privatekey {};
- bool pkid {false};
+ bool identifier {false};
std::string name {};
bool setup {false};
bool interactive {false};
@@ -43,11 +43,11 @@ struct dhtnet_crtmgr_params
static const constexpr struct option long_options[]
= {{"help", no_argument, nullptr, 'h'},
{"version", no_argument, nullptr, 'v'},
- {"CA", required_argument, nullptr, 'c'},
- {"id", required_argument, nullptr, 'o'},
+ {"certificate", required_argument, nullptr, 'c'},
+ {"output", required_argument, nullptr, 'o'},
{"privatekey", required_argument, nullptr, 'p'},
{"name", required_argument, nullptr, 'n'},
- {"pkid", no_argument, nullptr, 'a'},
+ {"identifier", no_argument, nullptr, 'a'},
{"setup", no_argument, nullptr, 's'},
{"interactive", no_argument, nullptr, 'i'},
{nullptr, 0, nullptr, 0}};
@@ -57,7 +57,7 @@ parse_args(int argc, char** argv)
{
dhtnet_crtmgr_params params;
int opt;
- while ((opt = getopt_long(argc, argv, "hasvi:c:o:p:n:", long_options, nullptr)) != -1) {
+ while ((opt = getopt_long(argc, argv, "hvasic:o:p:n:", long_options, nullptr)) != -1) {
switch (opt) {
case 'h':
params.help = true;
@@ -69,13 +69,13 @@ parse_args(int argc, char** argv)
params.ca = optarg;
break;
case 'o':
- params.id = optarg;
+ params.output = optarg;
break;
case 'p':
params.privatekey = optarg;
break;
case 'a':
- params.pkid = true;
+ params.identifier = true;
break;
case 'n':
params.name = optarg;
@@ -92,7 +92,7 @@ parse_args(int argc, char** argv)
}
}
- if (params.id.empty() && !params.pkid && !params.help && !params.version && !params.interactive) {
+ if (params.output.empty() && !params.identifier && !params.help && !params.version && !params.interactive) {
std::cerr << "Error: The path to save the generated certificate is not provided.\n Please specify the path using the -o option.\n";
exit(EXIT_FAILURE);
}
@@ -200,8 +200,8 @@ main(int argc, char** argv)
"\nOptions:\n"
" -h, --help Display this help message and then exit.\n"
" -v, --version Show the version of the program.\n"
- " -p, --privatekey [PATH] Provide the path to the private key as an argument.\n"
- " -c, --certificate [PATH] Provide the path to the certificate as an argument.\n"
+ " -p, --privatekey [FILE] Provide the path to the private key as an argument.\n"
+ " -c, --certificate [FILE] Provide the path to the certificate as an argument.\n"
" -o, --output [FOLDER] Provide the path where the generated certificate should be saved as an argument.\n"
" -a, --identifier Display the user identifier.\n"
" -n, --name [NAME] Provide the name of the certificate to be generated.\n"
@@ -215,7 +215,7 @@ main(int argc, char** argv)
return EXIT_SUCCESS;
}
// check if the public key id is requested
- if (params.pkid) {
+ if (params.identifier) {
if (params.ca.empty() || params.privatekey.empty()) {
fmt::print(stderr, "Error: The path to the private key and the certificate is not provided.\n Please specify the path for the private key and the certificate using the -p and -c options.\n");
exit(EXIT_FAILURE);
@@ -355,14 +355,14 @@ main(int argc, char** argv)
}
}
params.setup = true;
- params.id = folder;
+ params.output = folder;
}
}
// check if the setup is requested
if (params.setup) {
// create CA with name ca-server
- std::filesystem::path path_ca = params.id / "CA";
+ std::filesystem::path path_ca = params.output / "CA";
auto ca = dhtnet::generateIdentity(path_ca, "ca-server");
if (!ca.first || !ca.second) {
fmt::print(stderr, "Error: Could not generate CA.\n");
@@ -370,7 +370,7 @@ main(int argc, char** argv)
}
fmt::print("Generated CA in {}: {} {}\n", path_ca, "ca-server", ca.second->getId());
// create identity with name id-server
- std::filesystem::path path_id = params.id / "id";
+ std::filesystem::path path_id = params.output / "id";
auto identity = dhtnet::generateIdentity(path_id, "id-server", ca);
if (!identity.first || !identity.second) {
fmt::print(stderr, "Error: Could not generate certificate.\n");
@@ -382,36 +382,36 @@ main(int argc, char** argv)
if (params.ca.empty() || params.privatekey.empty()) {
if (params.name.empty()) {
- auto ca = dhtnet::generateIdentity(params.id, "ca");
+ auto ca = dhtnet::generateIdentity(params.output, "ca");
if (!ca.first || !ca.second) {
fmt::print(stderr, "Error: Could not generate CA.\n");
return EXIT_FAILURE;
}
- fmt::print("Generated certificate in {}: {} {}\n", params.id, "ca", ca.second->getId());
+ fmt::print("Generated certificate in {}: {} {}\n", params.output, "ca", ca.second->getId());
}else{
- auto ca = dhtnet::generateIdentity(params.id, params.name);
+ auto ca = dhtnet::generateIdentity(params.output, params.name);
if (!ca.first || !ca.second) {
fmt::print(stderr, "Error: Could not generate CA.\n");
return EXIT_FAILURE;
}
- fmt::print("Generated certificate in {}: {} {}\n", params.id, params.name, ca.second->getId());
+ fmt::print("Generated certificate in {}: {} {}\n", params.output, params.name, ca.second->getId());
}
}else{
auto ca = dhtnet::loadIdentity(params.privatekey, params.ca);
if (params.name.empty()) {
- auto id = dhtnet::generateIdentity(params.id, "certificate", ca);
+ auto id = dhtnet::generateIdentity(params.output, "certificate", ca);
if (!id.first || !id.second) {
fmt::print(stderr, "Error: Could not generate certificate.\n");
return EXIT_FAILURE;
}
- fmt::print("Generated certificate in {}: {} {}\n", params.id, "certificate", id.second->getId());
+ fmt::print("Generated certificate in {}: {} {}\n", params.output, "certificate", id.second->getId());
}else{
- auto id = dhtnet::generateIdentity(params.id, params.name, ca);
+ auto id = dhtnet::generateIdentity(params.output, params.name, ca);
if (!id.first || !id.second) {
fmt::print(stderr, "Error: Could not generate certificate.\n");
return EXIT_FAILURE;
}
- fmt::print("Generated certificate in {}: {} {}\n", params.id, params.name, id.second->getId());
+ fmt::print("Generated certificate in {}: {} {}\n", params.output, params.name, id.second->getId());
}
}
return EXIT_SUCCESS;
diff --git a/tools/dnc/README.md b/tools/dnc/README.md
index de8e7b3bf1d932ea531c27305efb9e34aaa0bf98..159b86891bd62f95e4191af2015a0ae2466e2af0 100644
--- a/tools/dnc/README.md
+++ b/tools/dnc/README.md
@@ -10,24 +10,34 @@
- Incorporates TURN (Traversal Using Relays around NAT) server support for effective NAT traversal.
- Manages identities for enhanced security during DHT network interactions.
+## Connection Process
+
+1. **Launch Server and Share Public ID (Server-side):** The server must be launched, and its public ID (hash key) should be shared with the clients who want to connect to it.
+2. **Initiate Connection and Request Remote Socket (Client-side):** The client starts a peer-to-peer connection within the DHT network using the server's public ID and requests the server to open a socket at the specified `<ip>` and `<port>`.
+3. **Check Certificate:** If anonymous mode is off, the server verifies the client's certificate to ensure it matches the server’s CA. If anonymous mode is on, no certificate check is performed.
+4. **Authorize Request:** The server checks if the requested `<ip>:<port>` is authorized based on its rules.
+5. **Create Socket:**
+ - **If Authorized:** The server opens a socket at the specified `<ip>:<port>` and links it to the DHT socket.
+ - **If Not Authorized:** The server rejects the connection.
+
### Usage Options
**dnc** supports a range of command-line arguments:
- `-h, --help`: Display help information and exit.
- `-v, --version`: Show the version of the program.
-- `-P, --port`: Define the port for socket creation.
-- `-i, --ip`: Define the IP address for socket creation.
+- `-P, --port [PORT]`: Define the port for socket creation.
+- `-i, --ip [IP]`: Define the IP address for socket creation.
- `-l, --listen`: Launch the program in listening mode.
-- `-b, --bootstrap`: Set the bootstrap node.
-- `-t, --turn_host`: Define the TURN server host.
-- `-u, --turn_user`: Define the TURN server username.
-- `-w, --turn_pass`: Define the TURN server password.
-- `-r, --turn_realm`: Specify the TURN server realm.
-- `-c, --certificate`: Specify the Certificate.
-- `-p, --privateKey`: Provide a private key.
-- `-d, --configuration`: Define the dnc configuration with a YAML file path.
-- `-a, --anonymous_cnx`: Activate anonymous connection mode.
+- `-b, --bootstrap [ADDRESS]`: Set the bootstrap node.
+- `-t, --turn_host [ADDRESS]`: Define the TURN server host.
+- `-u, --turn_user [USER]`: Define the TURN server username.
+- `-w, --turn_pass [SECRET]`: Define the TURN server password.
+- `-r, --turn_realm [REALM]`: Specify the TURN server realm.
+- `-c, --certificate [FILE]`: Specify the Certificate.
+- `-p, --privateKey [FILE]`: Provide a private key.
+- `-d, --configuration [FILE]`: Define the dnc configuration with a YAML file path.
+- `-a, --anonymous`: Activate anonymous connection mode.
- `-vv, --verbose`: Enable verbose mode.
For additional options, use the `-d` flag with a YAML configuration file:
@@ -36,8 +46,10 @@ dnc -d <YAML_FILE> <PEER_IDENTIFIER>
```
Note: If anonymous mode is off, the server's CA must be shared with the client.
+The authorized services `<ip>:<port>` can only be specified in the YAML configuration file. If none are specified, the server will accept all connections.
+
## Establishing SSH Connections
-To facilitate SSH connections to a remote device, dnc establishes a DHT network connection followed by socket creation on port 22, assuming an OpenSSH server is operational.
+To facilitate SSH connections to a remote device, dnc establishes a DHT network connection followed by socket creation on port 22 by default, assuming an OpenSSH server is operational.
### Prerequisites
- **OpenSSH Installation**
diff --git a/tools/dnc/dnc.1 b/tools/dnc/dnc.1
index a24cf67485041d21df7fdf72818defd1968ee6e1..c6b7aaee68b78cd87e0fa7a1d6ed4dbf082f5984 100644
--- a/tools/dnc/dnc.1
+++ b/tools/dnc/dnc.1
@@ -17,49 +17,64 @@ dnc \- Distributed Netcat
.TP
.B \- Manages identities for secure interactions.
-.SH "USAGE OPTIONS"
+.SH "OPTIONS"
+
.TP
.B \-h, \-\-help
Display help information and exit.
+
.TP
.B \-v, \-\-version
Show program version.
+
.TP
-.B \-P, \-\-port
+.B \-P, \-\-port \fIPORT\fR
Define the port for socket creation.
+
.TP
-.B \-i, \-\-ip
+.B \-i, \-\-ip \fIADDRESS\fR
Define the IP address for socket creation.
+
.TP
.B \-l, \-\-listen
Launch in listening mode.
+
.TP
-.B \-b, \-\-bootstrap
+.B \-b, \-\-bootstrap \fIADDRESS\fR
Set the bootstrap node.
+
.TP
-.B \-p, \-\-privateKey
-Provide a private key.
-.TP
-.B \-t, \-\-turn_host
+.B \-t, \-\-turn_host \fIADDRESS\fR
Define the TURN server host.
+
.TP
-.B \-u, \-\-turn_user
+.B \-u, \-\-turn_user \fIUSER\fR
Define the TURN server username.
+
.TP
-.B \-w, \-\-turn_pass
+.B \-w, \-\-turn_pass \fISECRET\fR
Define the TURN server password.
+
.TP
-.B \-r, \-\-turn_realm
+.B \-r, \-\-turn_realm \fIREALM\fR
Specify the TURN server realm.
+
.TP
-.B \-c, \-\-certificate
+.B \-p, \-\-privateKey \fIFILE\fR
+Provide a private key.
+
+.TP
+.B \-c, \-\-certificate \fIFILE\fR
Specify the certificate.
+
.TP
-.B \-d, \-\-dnc_configuration
+.B \-d, \-\-configuration \fIFILE\fR
Define the dnc configuration with a YAML file path.
+
.TP
-.B \-a, \-\-anonymous_cnx
+.B \-a, \-\-anonymous
Activate anonymous connection mode.
+
.TP
.B \-vv, \-\-verbose
Enable verbose mode.
@@ -88,5 +103,6 @@ To connect to a remote server:
.SH "SEE ALSO"
.TP
.BR ssh(1),
-.BR netcat(1)
+.BR netcat(1),
+.BR dhtnet-crtmgr (1)
diff --git a/tools/dnc/main.cpp b/tools/dnc/main.cpp
index ea7659da6bcfb89e8a2f26bd485edd8fa9098892..e8a89e9781b48d680235a72ec9c9f3e62bfd4782 100644
--- a/tools/dnc/main.cpp
+++ b/tools/dnc/main.cpp
@@ -64,9 +64,9 @@ static const constexpr struct option long_options[]
{"turn_user", required_argument, nullptr, 'u'},
{"turn_pass", required_argument, nullptr, 'w'},
{"turn_realm", required_argument, nullptr, 'r'},
- {"cert", required_argument, nullptr, 'c'},
+ {"certificate", required_argument, nullptr, 'c'},
{"configuration", required_argument, nullptr, 'd'},
- {"anonymous_cnx", no_argument, nullptr, 'a'},
+ {"anonymous", no_argument, nullptr, 'a'},
{nullptr, 0, nullptr, 0}};
dhtnc_params
@@ -212,21 +212,21 @@ main(int argc, char** argv)
if (params.help) {
fmt::print("Usage: dnc [options] [PEER_ID]\n"
"\nOptions:\n"
- " -h, --help Show this help message and exit.\n"
- " -v, --version Display the program version.\n"
- " -P, --port Specify the port option with an argument.\n"
- " -i, --ip Specify the ip option with an argument.\n"
- " -l, --listen Start the program in listen mode.\n"
- " -b, --bootstrap Specify the bootstrap option with an argument.\n"
- " -t, --turn_host Specify the turn_host option with an argument.\n"
- " -u, --turn_user Specify the turn_user option with an argument.\n"
- " -w, --turn_pass Specify the turn_pass option with an argument.\n"
- " -r, --turn_realm Specify the turn_realm option with an argument.\n"
- " -c, --certificate Specify the certificate option with an argument.\n"
- " -d, --configuration Specify the configuration option with an argument.\n"
- " -p, --privateKey Specify the privateKey option with an argument.\n"
- " -a, --anonymous_cnx Enable the anonymous mode.\n"
- " -vv, --verbose Enable verbose mode.\n");
+ " -h, --help Show this help message and exit.\n"
+ " -v, --version Display the program version.\n"
+ " -P, --port [PORT] Specify the port option with an argument.\n"
+ " -i, --ip [ADDRESS] Specify the ip option with an argument.\n"
+ " -l, --listen Start the program in listen mode.\n"
+ " -b, --bootstrap [ADDRESS] Specify the bootstrap option with an argument.\n"
+ " -t, --turn_host [ADDRESS] Specify the turn_host option with an argument.\n"
+ " -u, --turn_user [USER] Specify the turn_user option with an argument.\n"
+ " -w, --turn_pass [SECRET] Specify the turn_pass option with an argument.\n"
+ " -r, --turn_realm [REALM] Specify the turn_realm option with an argument.\n"
+ " -c, --certificate [FILE] Specify the certificate option with an argument.\n"
+ " -d, --configuration [FILE] Specify the configuration option with an argument.\n"
+ " -p, --privateKey [FILE] Specify the privateKey option with an argument.\n"
+ " -a, --anonymous Enable the anonymous mode.\n"
+ " -vv, --verbose Enable verbose mode.\n");
return EXIT_SUCCESS;
}
diff --git a/tools/dsh/README.md b/tools/dsh/README.md
index a6098b8f33fd0a26e43700a77291af58083e997d..3302f959193532ea061ace2f472a0e4e10ecf208 100644
--- a/tools/dsh/README.md
+++ b/tools/dsh/README.md
@@ -18,15 +18,15 @@
- `-v, --version`: Display the version of the program.
- `-l, --listen`: Launch the program in listen mode, waiting for incoming connections.
- `-b, --bootstrap [ADDRESS]`: Specify the address of the bootstrap node for DHT network initialization.
-- `-s, --binary [PATH]`: Specify the binary to execute upon establishing a connection.
-- `-p, --privateKey [PATH]`: Define the path to the private key.
-- `-c, --certificate [PATH]`: Specify the path to the certificate.
+- `-s, --binary [COMMAND]`: Specify the binary to execute upon establishing a connection.
+- `-p, --privateKey [FILE]`: Define the path to the private key.
+- `-c, --certificate [FILE]`: Specify the path to the certificate.
- `-t, --turn_host [HOST]`: Define the TURN server host for NAT traversal.
-- `-u, --turn_user [USERNAME]`: Specify the TURN server username for authentication.
-- `-w, --turn_pass [PASSWORD]`: Define the TURN server password for authentication.
+- `-u, --turn_user [USER]`: Specify the TURN server username for authentication.
+- `-w, --turn_pass [SECRET]`: Define the TURN server password for authentication.
- `-r, --turn_realm [REALM]`: Specify the TURN server realm for additional security.
-- `-d, --configuration [PATH]`: Define the path to the YAML configuration file for dsh.
-- `-a, --anonymous_cnx`: Activate anonymous connection mode.
+- `-d, --configuration [FILE]`: Define the path to the YAML configuration file for dsh.
+- `-a, --anonymous`: Activate anonymous connection mode.
For example, to connect to a remote peer and specify a custom configuration in the YAML configuration file, you can use the following command:
diff --git a/tools/dsh/dsh.1 b/tools/dsh/dsh.1
index 80fda57812ab293c1d556cfe107461d30791ac54..003f1af84d7108fa165d6907f0c297179922062e 100644
--- a/tools/dsh/dsh.1
+++ b/tools/dsh/dsh.1
@@ -3,42 +3,82 @@
dsh \- Distributed Shell
.SH SYNOPSIS
.B dsh
-.RI "[-h|--help] [-V|--version] [-l|--listen] [-b|--bootstrap <BOOTSTRAP_ADDRESS>] [-s|--binary <BINARY_PATH>] [-I|--id_path <IDENTITY_PATH>]"
-.RI "<PEER_ID>"
+[OPTIONS]... <PEER_ID>
.SH DESCRIPTION
\fBdsh\fR is a Distributed Shell program that enables peers to establish connections with other peers in a Distributed Hash Table (DHT) network and execute a binary on the remote target.
+
+.B <PEER_ID>
+is the identifiant of the target peer or device in the DHT network with which the connection should be established.
+It is required when not running in listen mode.
.PP
\fBdsh\fR allows you to:
.IP
- Execute commands on remote peers in a DHT network.
+
- Establish connections with peers and execute binaries on their side.
+
.SH OPTIONS
+
.TP
.B \-h, \-\-help
Display help information for using \fBdsh\fR.
+
.TP
-.B \-V, \-\-version
+.B \-v, \-\-version
Display the version information of \fBdsh\fR.
+
.TP
.B \-l, \-\-listen
Run \fBdsh\fR in listen mode, allowing the program to accept incoming network connections and perform network-related tasks on request.
+
.TP
-.B \-b, \-\-bootstrap <BOOTSTRAP_ADDRESS>
-Specify the address of a bootstrap node to connect to an existing DHT network. This option requires an argument. The default value is "bootstrap.jami.net" if not specified.
+.B \-s, \-\-binary \fICOMMAND\fR
+Specify the path to the binary that should be executed on the remote target when a connection is established. The default value is \fI"bash"\fR if not specified.
+
.TP
-.B \-s, \-\-binary <BINARY_PATH>
-Specify the path to the binary that should be executed on the remote target when a connection is established. This option requires an argument. The default value is "bash" if not specified.
+.B \-b, \-\-bootstrap \fIADDRESS\fR
+Set the bootstrap node.
+
.TP
-.B \-I, \-\-id_path <IDENTITY_PATH>
-Specify the path to the identity file, which contains information about the peer's identity and is used for DHT network interactions. This option requires an argument. The default value is "~/.dhtnet" if not specified.
+.B \-t, \-\-turn_host \fIADDRESS\fR
+Define the TURN server host.
+
.TP
-.B <PEER_ID>
-The peer ID argument is required when not running in listen mode. It specifies the ID of the target peer or device in the DHT network with which the connection should be established.
+.B \-u, \-\-turn_user \fIUSER\fR
+Define the TURN server username.
+
+.TP
+.B \-w, \-\-turn_pass \fISECRET\fR
+Define the TURN server password.
+
+.TP
+.B \-r, \-\-turn_realm \fIREALM\fR
+Specify the TURN server realm.
+
+.TP
+.B \-p, \-\-privateKey \fIFILE\fR
+Provide a private key.
+
+.TP
+.B \-c, \-\-certificate \fIFILE\fR
+Specify the certificate.
+
+.TP
+.B \-d, \-\-configuration \fIFILE\fR
+Define the dnc configuration with a YAML file path.
+
+.TP
+.B \-a, \-\-anonymous
+Activate anonymous connection mode.
+
.SH EXAMPLE
+
To connect to a remote peer and specify a custom bootstrap node, binary, and identity file, you can use the following command:
.PP
.B
-dsh -b <BOOTSTRAP_ADDRESS> -s <BINARY_PATH> -I <IDENTITY_PATH> <PEER_ID>
+dsh -b <BOOTSTRAP_ADDRESS> -s <COMMAND> -c <FILE.crt> -p <FILE.pem> <PEER_ID>
.SH SEE ALSO
.PP
+.BR dnc (1),
+.BR dhtnet-crtmgr (1),
.BR dshd (1)
diff --git a/tools/dsh/main.cpp b/tools/dsh/main.cpp
index 12dae126b11b61464349acf9abd3652d945d3ddb..5f6331a006da694729574548a740902009e3abf5 100644
--- a/tools/dsh/main.cpp
+++ b/tools/dsh/main.cpp
@@ -72,7 +72,7 @@ parse_args(int argc, char** argv)
{
dhtsh_params params;
int opt;
- while ((opt = getopt_long(argc, argv, "hvls:p:i:c:r:w:u:t:d:", long_options, nullptr)) != -1) {
+ while ((opt = getopt_long(argc, argv, "hvlab:s:p:c:r:w:u:t:d:", long_options, nullptr)) != -1) {
switch (opt) {
case 'h':
params.help = true;
@@ -198,17 +198,19 @@ main(int argc, char** argv)
if (params.help){
fmt::print("Usage: dsh [OPTIONS] [PEER_ID]\n"
"\nOptions:\n"
- " -h, --help Show this help message and exit.\n"
- " -v, --version Display the program version.\n"
- " -l, --listen Start the program in listen mode.\n"
- " -b, --bootstrap Specify the bootstrap option with an argument.\n"
- " -s, --binary Specify the binary option with an argument.\n"
- " -I, --privateKey Specify the privateKey option with an argument.\n"
- " -c, --c Specify the certificate option with an argument.\n"
- " -t, --turn_host Specify the turn_host option with an argument.\n"
- " -u, --turn_user Specify the turn_user option with an argument.\n"
- " -w, --turn_pass Specify the turn_pass option with an argument.\n"
- " -r, --turn_realm Specify the turn_realm option with an argument.\n");
+ " -h, --help Show this help message and exit.\n"
+ " -v, --version Display the program version.\n"
+ " -l, --listen Start the program in listen mode.\n"
+ " -b, --bootstrap [ADDRESS] Specify the bootstrap option with an argument.\n"
+ " -s, --binary [COMMAND] Specify the binary option with an argument.\n"
+ " -p, --privateKey [FILE] Specify the privateKey option with an argument.\n"
+ " -c, --certificate [FILE] Specify the certificate option with an argument.\n"
+ " -d, --configuration [FILE] Specify the configuration file option with an argument.\n"
+ " -t, --turn_host [ADDRESS] Specify the turn_host option with an argument.\n"
+ " -u, --turn_user [USER] Specify the turn_user option with an argument.\n"
+ " -w, --turn_pass [SECRET] Specify the turn_pass option with an argument.\n"
+ " -r, --turn_realm [REALM] Specify the turn_realm option with an argument.\n"
+ " -a, --anonymous Enable anonymous connection.\n");
return EXIT_SUCCESS;
}
if (params.version){
diff --git a/tools/dvpn/README.md b/tools/dvpn/README.md
index 1cf48a10ea459ec3e7e1692ce0d2756964a2c269..15aea4fcdaba54a29b6f0d5c79fc2756b7d222d6 100644
--- a/tools/dvpn/README.md
+++ b/tools/dvpn/README.md
@@ -26,16 +26,16 @@ Before using **dvpn**, follow these steps to update your configuration:
- `-h, --help`: Display help information
- `-V, --version`: Display the version information of **dvpn**.
- `-l, --listen`: Run **dvpn** in listen mode, allowing the program to accept incoming VPN connections.
-- `-b, --bootstrap`: Specify the address of a bootstrap node to connect to an existing DHT network.
-- `-t, --turn_host`: Specify the hostname or IP address of the TURN server.
-- `-u, --turn_user`: Specify the username for authentication with the TURN server.
-- `-w, --turn_pass`: Specify the password for authentication with the TURN server.
-- `-r, --turn_realm`: Specify the realm for authentication with the TURN server.
-- `-C, --vpn_configuration`: Specify the path to the vpn configuration file.
-- `-p, --privateKey`: Define the path to the private key.
-- `-c, --certificate`: Specify the path to the certificate.
-- `-d, --configuration`: Define the path to the YAML configuration file for dvpn.
-- `-a, --anonymous_cnx`: Activate anonymous connection mode.
+- `-b, --bootstrap [ADDRESS]`: Specify the address of a bootstrap node to connect to an existing DHT network.
+- `-t, --turn_host [ADDRESS]`: Specify the hostname or IP address of the TURN server.
+- `-u, --turn_user [USER]`: Specify the username for authentication with the TURN server.
+- `-w, --turn_pass [SECRET]`: Specify the password for authentication with the TURN server.
+- `-r, --turn_realm [REALM]`: Specify the realm for authentication with the TURN server.
+- `-C, --vpn_configuration [FILE]`: Specify the path to the vpn configuration file.
+- `-p, --privateKey [FILE]`: Define the path to the private key.
+- `-c, --certificate [FILE]`: Specify the path to the certificate.
+- `-d, --configuration [FILE]`: Define the path to the YAML configuration file for dvpn.
+- `-a, --anonymous`: Activate anonymous connection mode.
To run a dvpn server, you can use the following command:
```shell
diff --git a/tools/dvpn/dvpn.1 b/tools/dvpn/dvpn.1
index 6cbc73c6e9be3490dfbcb845c64f4f872aaebb2b..67084de0ecdce5c0830e09850bce28233a54bf11 100644
--- a/tools/dvpn/dvpn.1
+++ b/tools/dvpn/dvpn.1
@@ -5,12 +5,16 @@ dvpn \- Distributed VPN
.SH SYNOPSIS
.B dvpn
-[\-h | \-\-help] [\-\-version] [\-\-listen] [\-\-bootstrap <BOOTSTRAP_ADDRESS>] [\-\-id_path <IDENTITY_PATH>] [\-\-turn_host <TURN_SERVER>] [\-\-turn_user <TURN_USERNAME>] [\-\-turn_pass <TURN_PASSWORD>] [\-\-turn_realm <TURN_REALM>] [\-\-configuration_path_file <CONF_PATH>] <PEER_ID>
+[OPTIONS] <PEER_ID>
.SH DESCRIPTION
.B dvpn
is a VPN tool based on the DHTNet library, utilizing a decentralized architecture for peer discovery and communication. It supports both server and client modes, implements a TUN interface for network communication and offers configuration flexibility.
+.B <PEER_ID>
+is the identifiant of the target peer or device in the DHT network with which the connection should be established.
+It is required when not running in listen mode.
+
.SH OPTIONS
.TP
.B \-h, \-\-help
@@ -25,36 +29,44 @@ Display the version information of dvpn.
Run dvpn in listen mode, allowing the program to accept incoming VPN connections.
.TP
-.B \-b, \-\-bootstrap <BOOTSTRAP_ADDRESS>
+.B \-b, \-\-bootstrap \fIADDRESS\fR
Specify the address of a bootstrap node to connect to an existing DHT network. Default is "bootstrap.jami.net" if not specified.
.TP
-.B \-I, \-\-id_path <IDENTITY_PATH>
-Specify the path to the identity file used for DHT network interactions. Default is "$HOME/.dhtnet" if not specified.
+.B \-t, \-\-turn_host \fIADDRESS\fR
+Define the TURN server host.
+
+.TP
+.B \-u, \-\-turn_user \fIUSER\fR
+Define the TURN server username.
.TP
-.B \-t, \-\-turn_host <TURN_SERVER>
-Specify the hostname or IP address of the TURN server for network traversal.
+.B \-w, \-\-turn_pass \fISECRET\fR
+Define the TURN server password.
.TP
-.B \-u, \-\-turn_user <TURN_USERNAME>
-Specify the username for authentication with the TURN server.
+.B \-r, \-\-turn_realm \fIREALM\fR
+Specify the TURN server realm.
.TP
-.B \-w, \-\-turn_pass <TURN_PASSWORD>
-Specify the password for authentication with the TURN server.
+.B \-c, \-\-certificate \fIFILE\fR
+Specify the certificate.
.TP
-.B \-r, \-\-turn_realm <TURN_REALM>
-Specify the realm for authentication with the TURN server.
+.B \-p, \-\-privateKey \fIFILE\fR
+Provide a private key.
.TP
-.B \-c, \-\-configuration_path_file <CONF_PATH>
+.B \-d, \-\-configuration \fIFILE\fR
+Define the dnc configuration with a YAML file path.
+
+.TP
+.B \-C, \-\-vpn_configuration \fIFILE\fR
Specify the path to the configuration file. Default is "dhtnet/tools/dvpn/test_config.yaml" if not specified.
.TP
-.B <PEER_ID>
-The peer ID argument is required when not running in listen mode. It specifies the ID of the target peer or device in the DHT network.
+.B \-a, \-\-anonymous
+Activate anonymous connection mode.
.SH VPN SETUP PROCESS
For each connection,
@@ -85,6 +97,9 @@ To connect to a dvpn server:
$ sudo ./dvpn <PEER_ID>
.SH SEE ALSO
+.BR dnc (1),
+.BR dhtnet-crtmgr (1)
+
The DHTNet library documentation for more details.
.SH "dvpn 1.0" December 2023 DVPN(1)
\ No newline at end of file
diff --git a/tools/dvpn/main.cpp b/tools/dvpn/main.cpp
index 38899c4e4208126204fdfd5c20d072cc610938e4..cd5b3df258f570474c48fda6b02f8278628f0ff1 100644
--- a/tools/dvpn/main.cpp
+++ b/tools/dvpn/main.cpp
@@ -60,7 +60,7 @@ static const constexpr struct option long_options[]
{"turn_user", required_argument, nullptr, 'u'},
{"turn_pass", required_argument, nullptr, 'w'},
{"turn_realm", required_argument, nullptr, 'r'},
- {"vpn_configuration_file", required_argument, nullptr, 'C'},
+ {"vpn_configuration", required_argument, nullptr, 'C'},
{"certificate", required_argument, nullptr, 'c'},
{"configuration", required_argument, nullptr, 'd'},
{"anonymous", no_argument, nullptr, 'a'},
@@ -71,7 +71,7 @@ parse_args(int argc, char** argv)
{
dhtvpn_params params;
int opt;
- while ((opt = getopt_long(argc, argv, "hvlw:r:u:t:p:b:c:C:d:", long_options, nullptr)) != -1) {
+ while ((opt = getopt_long(argc, argv, "hvlab:t:u:w:r:p:c:C:d:", long_options, nullptr)) != -1) {
switch (opt) {
case 'h':
params.help = true;
@@ -82,12 +82,12 @@ parse_args(int argc, char** argv)
case 'l':
params.listen = true;
break;
+ case 'a':
+ params.anonymous_cnx = true;
+ break;
case 'b':
params.bootstrap = optarg;
break;
- case 'p':
- params.privateKey = optarg;
- break;
case 't':
params.turn_host = optarg;
break;
@@ -100,18 +100,18 @@ parse_args(int argc, char** argv)
case 'r':
params.turn_realm = optarg;
break;
- case 'C':
- params.configuration_file = optarg;
- break;
case 'c':
params.cert = optarg;
break;
+ case 'p':
+ params.privateKey = optarg;
+ break;
+ case 'C':
+ params.configuration_file = optarg;
+ break;
case 'd':
params.configuration = optarg;
break;
- case 'a':
- params.anonymous_cnx = true;
- break;
default:
std::cerr << "Invalid option" << std::endl;
exit(EXIT_FAILURE);
@@ -193,19 +193,19 @@ main(int argc, char** argv)
fmt::print(
"Usage: dvpn [options] [PEER_ID]\n"
"\nOptions:\n"
- " -h, --help Show this help message and exit.\n"
- " -v, --version Display the program version.\n"
- " -l, --listen Start the program in listen mode.\n"
- " -b, --bootstrap Specify the bootstrap option with an argument.\n"
- " -p, --privateKey Specify the privateKey option with an argument.\n"
- " -t, --turn_host Specify the turn_host option with an argument.\n"
- " -u, --turn_user Specify the turn_user option with an argument.\n"
- " -w, --turn_pass Specify the turn_pass option with an argument.\n"
- " -r, --turn_realm Specify the turn_realm option with an argument.\n"
- " -C, --vpn_configuration Specify the vpn_configuration path option with an argument.\n"
- " -c, --certificate Specify the certificate path option with an argument.\n"
- " -d, --configuration Specify the configuration path option with an argument.\n"
- " -a, --anonymous Specify the anonymous option with an argument.\n"
+ " -h, --help Show this help message and exit.\n"
+ " -v, --version Display the program version.\n"
+ " -l, --listen Start the program in listen mode.\n"
+ " -b, --bootstrap [ADDRESS] Specify the bootstrap option with an argument.\n"
+ " -t, --turn_host [ADDRESS] Specify the turn_host option with an argument.\n"
+ " -u, --turn_user [USER] Specify the turn_user option with an argument.\n"
+ " -w, --turn_pass [SECRET] Specify the turn_pass option with an argument.\n"
+ " -r, --turn_realm [REALM] Specify the turn_realm option with an argument.\n"
+ " -C, --vpn_configuration [FILE] Specify the vpn_configuration path option with an argument.\n"
+ " -c, --certificate [FILE] Specify the certificate path option with an argument.\n"
+ " -p, --privateKey [FILE] Specify the privateKey option with an argument.\n"
+ " -d, --configuration [FILE] Specify the configuration path option with an argument.\n"
+ " -a, --anonymous Specify the anonymous option with an argument.\n"
"\n");
return EXIT_SUCCESS;
}