Questions about the UI - daemon communication protocol

Suggestions and discussion of future versions
User avatar
kkmic
New User
New User
Posts: 7
Joined: Tue Oct 20, 2015 10:08 am
OS or Distro: Raspbian

Questions about the UI - daemon communication protocol

Postby kkmic » Thu Aug 11, 2016 10:41 am

Hi,

Regarding the protocol used by the GTK client and the daemon when communicating:

I have asked about it on the IRC the other day and bendikro pointed me to this page: http://deluge.readthedocs.io/en/develop/core/rpc.html.

Thanks for that!

After reading it, I have noticed that there is no RPC method that seems to be used for authentication, and after a bit code digging I have pieced together the following simplified scenario of a client-daemon session:
  1. The client opens a SSL socket to the server (and it does not seem to validate the certificate in any way).
  2. The client uses the 'daemon.login' RPC method to authenticate.
  3. Assuming correct credentials, the client will listen for events from the daemon and send RPC requests as needed.
  4. The connection is closed by either party at the end.

My questions are:
  1. Is the 'daemon.login' method documented somewhere? If so, please point me in the right direction
  2. Are there any other methods that are used during authentication, besides the 'daemon.login' one?
  3. Is the SSL certificate really not validated by the client when connecting or I have read the code wrong?
  4. Where are the events emitted by the daemon documented

User avatar
kkmic
New User
New User
Posts: 7
Joined: Tue Oct 20, 2015 10:08 am
OS or Distro: Raspbian

Re: Questions about the UI - daemon communication protocol

Postby kkmic » Wed Aug 17, 2016 7:31 am

Bump.

If my questions need further clarification, please tell me.

The basic idea is that I am looking to implement the protocol in my Java application.

Considering that my experience with Python is extremely limited, I would really appreciate some help in understanding the protocol.

Jay-C
Member
Member
Posts: 10
Joined: Sat Dec 07, 2013 11:30 am
OS or Distro: Ubuntu 14.04

Re: Questions about the UI - daemon communication protocol

Postby Jay-C » Thu Jun 15, 2017 8:11 am

I can answer 3 for you. Saying that "all communication between the GTK UI and daemon is encrypted" is misleading. The certificate is generated automatically and is self-signed, so it can per definition not be validated, so it can just as easy be a man-in-the-middle trying to intercept your traffic. This setup only protects against a passive adversary. This might be enough for a trusted local network, but you should not expose the daemon control port to the internet. Use SSH tunneling instead.
// Jay-C


Return to “Development”

Who is online

Users browsing this forum: No registered users and 6 guests