.TH SDP 3
.SH NAME
sdp \- secure datagram protocol
.SH SYNOPSIS
.nf
.B bind -a #E\fIspec\fP /net
.sp 0.3v
.B /net/sdp/clone
.B /net/sdp/log
.BI /net/sdp/ n
.BI /net/sdp/ n /data
.BI /net/sdp/ n /control
.BI /net/sdp/ n /ctl
.BI /net/sdp/ n /rstats
.BI /net/sdp/ n /stats
.BI /net/sdp/ n /status
\&...
.fi
.SH DESCRIPTION
The
.I sdp
device provides the interface to the Secure Datagram Protocol (SDP).
SDP (un)compresses and (de-)encrypts packets.
.I Spec
is an integer from 0 to 15 identifying a stack.
Each stack is independent of all others:
the only information transfer between them is via programs that
mount multiple stacks.
Normally a system uses only one stack.
However multiple stacks can be used for debugging
new networks or implementing firewalls or proxy
services.
.PP
The top level directory contains a
.B clone
file, a
.B log
file, and subdirectories numbered from zero to the number of connections
opened for this protocol.
.PP
Opening the
.B clone
file reserves a connection.  The file descriptor returned from the
.IR open (2)
will point to the control file,
.BR ctl ,
of the newly allocated connection.
Reading
.B ctl
returns a text
string representing the number of the
connection.
Connections may be used either to listen for incoming calls
or to initiate calls to other machines.
.PP
A connection is controlled by writing text strings to the associated
.B ctl
file.
After a connection has been established data may be read from
and written to
.BR data .
A connection can be actively established using the
.B connect
message (see also
.IR dial (2)).
A connection can be established passively by first
using an
.B announce
message (see
.IR dial (2))
to bind to a local port and then
opening the
.B listen
file (see
.IR dial (2))
to receive incoming calls.
.PP
The following control messages are supported:
.TF "outsecret \fIsecret
.PD
.TP
.BI accept " file"
Accept an incoming encrypted connection on
.IR file ,
typically a
.B data
file.
.TP
.BI dial " file"
Initiate a new encrypted connection on
.IR file ,
typically a UDP
.B data
file.
.TP
.BI drop " permil"
Randomly drop approximately one of every
.I permil
output packets,
thus simulating network errors.
.TP
.BI cipher " algorithm"
Use ciphering
.IR algorithm ;
choices are
.LR null ,
.LR des_56_cbc ,
.LR rc4_128 ,
and
.LR rc4_256 .
.TP
.BI auth " algorithm"
Use authentication
.IR algorithm ;
choices are
.LR null ,
.LR hmac_sha1_96 ,
and
.LR hmac_md5_96 .
.TP
.BI comp " algorithm"
Use compression
.IR algorithm ;
choices are
.L null
and
.LR thwack .
.TP
.BI insecret " secret"
Use
.I secret
to decrypt incoming packets.
.TP
.BI outsecret " secret"
Use
.I secret
to encrypt outgoing packets.
.
.SH "SEE ALSO"
.IR dial (2),
.IR ip (3)
.br
.IR "Robust Data Compression of Network Packets" ,
Sean Dorward and Sean Quilan, Bell Labs, Lucent Technologies,
.BR http://plan9.bell-labs.com/who/seanq/networkcomp.pdf .
.SH SOURCE
.B /sys/src/9/port/devsdp.c