Extended File Requests with NNCP

2025-01-04

NNCP can request files from a neighbor using the nncp-freq command. If Bob has configured his node to accept file requests from Alice, then she can send an freq packet to Bob, and his node will automatically create a file packet for Alice in return.

To configure file requests, NNCP sets options in the 'neigh' configuration section. The node must actively specify a directory from which a given neighbor can request files. There is no default setting for all neighbors. This allows fine control over who can request files from where, and the need to explicitly set an option means the default configuration for NNCP is the most secure: no neighbors are allowed to request files at all.

File requests using nncp-freq have a few limitations:

• A neighbor can only request files from one directory, so any files the neighbor wants must be moved into the directory ahead of time.
• The command can only request files, not directories.
• A neighbor can only request one file at a time. If he wants another file, he needs to create another packet.
• The path of the source file (including name) must be known by the neighbor. The command does not accept wildcards.

To get around some of these limitations, I use nncp-exec instead. I find exec packets to be more robust than other kinds of packets: they can take input from a pipe or stdin, and they pass some environment variables to the program being executed on the node.

The following shell script provides the same functionality as nncp-freq and is a stripped down version of the script I use myself.

#!/usr/bin/env sh
SPOOL_DIR="/var/spool/nncp"
CFG="/usr/local/etc/nncp.hjson"
while IFS= read -r PATH; do
    if [ -e "$PATH" ]; then
        nncp-file -cfg "$CFG" \
                  -spool "${SPOOL_DIR}" \
                  -noprogress \
                  "$PATH" \
                  "${NNCP_SENDER}":
    fi
done
exit

Note that we don't need to tell nncp-file which neigher to send to, because it can use the $NNCP_SENDER environment variable provided by the exec packet. This variable is actually the ID of the neighbor; NNCP can use a raw ID instead of a neighbor alias in any of its commands.

Modify the SPOOL_DIR and CFG values as necessary, then save the script somewhere where NNCP can read and execute it, for example '/home/nncp/exec/request.sh'.

Edit your configuration to allow your neighbors to run the script:

{request: ["/home/nncp/exec/request.sh"]}

A neighbor can now request packets using the script as follows:

$ nncp-exec -noprogress [your node] request

The neighbor can input a list of files and directories into the command directly with stdin, or he can pipe a list of files and directories to automate the process.

Upon receipt of the exec packet, the node calls the create-packets.sh script, and the script cycles through each path, creating a separate file packet for each one. If the node is running the NNCP daemon, the neighbor can call back and receive the packets all at once. I've added several options to my version at home, such as the ablity to share packets via Syncthing or croc, and cleanup of old packets before creating new ones.

This script removes the first three limitations of nncp-freq listed above. It allows a neighbor to request a file from any valid path. That path can be a directory as well as a file--nncp-file will creates a pax archive of the directory before creating a packet from the archive. The neighbor can also request multiple files and directories in one invocation. The last limitation remains, though: target paths must still be known by the neighbor ahead of time, and the paths cannot contain wildcards.

Be careful! By using this script, a neighbor can request anything on the filesystem that NNCP can read, which is very insecure. I recommend either modifying the script to only allow access to a subset of paths, or only allowing neighbors you control (and therefore trust) to use it.

=> Up One Level | Home

[Last updated: 2025-01-04]