tools/dnc: add authorized services on server side The client requests to open a socket on ip:port on the server side via the channel name. On connexion request, the server checks if the ip:port requested is authorized. Also add a new option in config files to configure allow-list. Change-Id: I85253fce83874e3c1b83e545d9e4139e04a09972

commit: 2ee14f029fa845c1483ce2e009e0d3f777893c0f [log] [tgz]
author: Amna <amna.snene@savoirfairelinux.com> Wed Jul 24 15:15:55 2024 -0400
committer: Louis Maillard <louis.maillard@savoirfairelinux.com> Thu Jul 25 14:41:15 2024 -0400
tree: 6851a18835ad7a7f3a092703d51e489c7a34d8c6
parent: 77e27dcb90b4e7db7828481a3f853d7f9ddf5335 [diff]
diff --git a/extras/packaging/gnu-linux/debian/postinst b/extras/packaging/gnu-linux/debian/postinst
index 33a7e8e..39ad146 100644
--- a/extras/packaging/gnu-linux/debian/postinst
+++ b/extras/packaging/gnu-linux/debian/postinst

@@ -68,6 +68,15 @@
             echo "# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server"
             echo "anonymous: false"
             echo ""
+            echo "# List of authorized services"
+            echo "# Each service is defined by an IP and a port"
+            echo "authorized_services:"
+            echo "  - ip: \"127.0.0.1\""
+            echo "    port: 22"
+            echo "  # - ip: \"127.0.0.1\""
+            echo "  #   port: 80"
+            echo "  # - ip: \"127.0.0.1\""
+            echo "  #   port: 443"
             echo ""
         } > /etc/dhtnet/dnc.yaml
     fi
commit	2ee14f029fa845c1483ce2e009e0d3f777893c0f	[log] [tgz]
author	Amna <amna.snene@savoirfairelinux.com>	Wed Jul 24 15:15:55 2024 -0400
committer	Louis Maillard <louis.maillard@savoirfairelinux.com>	Thu Jul 25 14:41:15 2024 -0400
tree	6851a18835ad7a7f3a092703d51e489c7a34d8c6
parent	77e27dcb90b4e7db7828481a3f853d7f9ddf5335 [diff]