-
Notifications
You must be signed in to change notification settings - Fork 0
Protocol Issues
Yes. The idea is that once a Nonce is requested by a client, that Nonce is stored in the server's memory as a session for a period of time. If the client fails to respond with the correct knock sequence, either due to an invalid sequence or time out, then the session is removed. If the server receives a Nonce that is not in the server's memory as a session, the packet is ignored. Because the Nonce is a UUID, it is improbable for the server to generate duplicate Nonces within a short time frame.
Yes. All packets are verified using HMAC. That way, no outside entity can keep requesting Nonces and filling up the server's memory session pool.
No. Any client with the shared secret can request as many Nonces as they wish. Because the client has a shared secret, it is assumed that the client is trustworthy.
Yes. The number of users the server can support is simply the amount of sessions the server wishes to have active. To support 10 users, all that is needed is a data structure that can support up to 10 active sessions.