Skip to content

@aep aep released this Feb 11, 2019 · 31 commits to master since this release

carrier now supports "principal" identities.

these are a light version of delegated identities with the same use case
but backwards compatible with pre 0.8 clients.

you can now specify two different secrets in carrier.toml like so:

secret     = "oX...."
principal =  "oX...."

the secret is still bound to one computer and will be used to synchronize with the network, but the principal can be shared among many peers and is used to establish a peer to peer session with for example conduit or shell.

users with cloud environments can now use the same secret as principal, while using different peer identities in each container.

Due to the security implications of sharing a principal key, we recommend users restrict their principal key access to the absolute minimum and never store it in on disk. Preferably use something like hashicorp vault.

Assets 6

@aep aep released this Feb 4, 2019 · 38 commits to master since this release

0.8 is a complete rewrite based on osaka instead of tokio.

binary size has been reduced drastically and the code base is much simpler now

Assets 6

@aep aep released this Dec 27, 2018 · 43 commits to master since this release

negotiable timeouts

keepalive= in /opt/devguard/axon.toml will negotiate timeouts to this value on seconds.

set it to a low value to work around aggressive firewalls
set it to a high value to avoid costly network traffic over 3g for example

if you're using a conduit integration, this can be set from conduit via Channel::config and does not need to be changed on each IoT device.

sender sleeps

supports ultra low power devices by indicating this peer will sleep until the next timeout period.
set via Channel::config. The other side will not terminate the connection during the period, even if acks are outstanding. Also added the Channel::on_idle callback that allows delaying a shutdown until all ACKs have been sent out.

port forwarding

carrier forward can now attach to a remote tcp port. can be used in combination with ssh to do a full socks tunnel.

cli headers

carrier get now supports passing arbitrary headers via -H.
for example:

$ carrier get oWXuXRxNnSPZ83ZftcHXyCnT3RH55BdGWs5fEffxmmiC6qd /v0/system_stats -H POLL_INTERVAL 2

clock sources

clock can now be sourced from either ~/.devguard/clock or system time, to support multiple use cases with ephermal sysclock (embedded) or ephermal storage (kubernetes)


carrier push now correctly respects MTU boundaries

Assets 7

@aep aep released this Sep 18, 2018 · 43 commits to master since this release

minor bugfix for slow terminals (especially on osx)

Assets 6
You can’t perform that action at this time.