summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2011-09-06 21:20:37 +0200
committermakefu <github@syntax-fehler.de>2011-09-06 21:22:12 +0200
commitc5b5d61f276a5ac4d2243db48e7e8afc5323679d (patch)
tree10eaf40be20ece60839e29be04875af2714be3cd
parentb2d864b10c9924861f9684bfc9f232f7d6c5cadb (diff)
cholerab/reaktor: add privileged functions description
privileged functions might be implemented via asymmetric encryption this is described in the privileged_function text file
-rw-r--r--cholerab/reaktor/priviliged_functions24
1 files changed, 24 insertions, 0 deletions
diff --git a/cholerab/reaktor/priviliged_functions b/cholerab/reaktor/priviliged_functions
new file mode 100644
index 00000000..a673267e
--- /dev/null
+++ b/cholerab/reaktor/priviliged_functions
@@ -0,0 +1,24 @@
+Use Case 1: Request update on Host
+=================================
+
+< user> bot: update
+< bot> /whois user
+< bot> /msg user [CHALLENGE]
+< user> /msg bot [CHALLENGE-RESPONSE]
+< bot> updating...
+< bot> now on rev XXXXX
+
+Command Flow
+----------------
+The bot has a locally stored list of [trusted] hosts along with their public
+key, preferably from the tinc/retiolum directory.
+
+The bot encrypts a 1K Byte long message with the public key of the host
+retrieved by the /whois command.
+
+This challenge is sent to the user requesting the command via private message.
+The user then decrpyts the message with its own private key and sends the
+decrpyted message to the bot.
+
+The bot then executes the requested command if the challenge is answered
+correctly