projects / project / unetd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 75a236b) | patch
ubus: add api for generating and validating security tokens
authorFelix Fietkau <[email protected]>
Fri, 31 Jan 2025 11:01:17 +0000 (12:01 +0100)
committerFelix Fietkau <[email protected]>
Fri, 31 Jan 2025 12:42:05 +0000 (13:42 +0100)
commitf5341f3275394504a1d5a86ea3db817029f9e2f2
tree212d7e81dc768d8b5f41264c53dce7669020e930tree | snapshot
parent75a236be122ab50df4c6b8476e8db8c20e1320b1commit | diff
ubus: add api for generating and validating security tokens

These tokens can be used to authenticate communication between hosts over
the unet network. Tokens can only be decrypted by unetd on the receiver,
using the private wireguard key.
Since no time based replay checks are performed, the service that validates
the token should first send a challenge to the other side first and verify
its presence in the decrypted token data.

If a service name is passed in the call, validation enforces that both
sides must be a member of that service.

Signed-off-by: Felix Fietkau <[email protected]>
CMakeLists.txt diff | blob | history
token.c [new file with mode: 0644] blob
token.h [new file with mode: 0644] blob
ubus.c diff | blob | history
unetd.h diff | blob | history
WireGuard based VPN connection manager for OpenWrt