tofu

package
v0.2.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 11, 2024 License: MIT Imports: 12 Imported by: 3

Documentation

Overview

Package tofu implements trust on first use using hosts and fingerprints.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Host added in v0.1.12

type Host struct {
	Hostname    string // hostname
	Algorithm   string // fingerprint algorithm e.g. sha256
	Fingerprint string // fingerprint
}

Host represents a host entry with a fingerprint using a certain algorithm.

func NewHost added in v0.1.12

func NewHost(hostname string, raw []byte) Host

NewHost returns a new host with a SHA256 fingerprint of the provided raw data.

func ParseHost added in v0.1.12

func ParseHost(text []byte) (Host, error)

ParseHost parses a host from the provided text.

func (Host) String added in v0.1.12

func (h Host) String() string

String returns a string representation of the host.

func (*Host) UnmarshalText added in v0.1.12

func (h *Host) UnmarshalText(text []byte) error

UnmarshalText unmarshals the host from the provided text.

type HostWriter added in v0.1.12

type HostWriter struct {
	// contains filtered or unexported fields
}

HostWriter writes host entries to an io.WriteCloser.

HostWriter is safe for concurrent use by multiple goroutines.

func NewHostWriter added in v0.1.12

func NewHostWriter(w io.WriteCloser) *HostWriter

NewHostWriter returns a new host writer that writes to the provided io.WriteCloser.

func OpenHostsFile added in v0.1.14

func OpenHostsFile(path string) (*HostWriter, error)

OpenHostsFile returns a new host writer that appends to the file at the given path. The file is created if it does not exist.

func (*HostWriter) Close added in v0.1.12

func (h *HostWriter) Close() error

Close closes the underlying io.Closer.

func (*HostWriter) WriteHost added in v0.1.12

func (h *HostWriter) WriteHost(host Host) error

WriteHost writes the host to the underlying io.Writer.

type KnownHosts

type KnownHosts struct {
	// contains filtered or unexported fields
}

KnownHosts represents a list of known hosts. The zero value for KnownHosts represents an empty list ready to use.

KnownHosts is safe for concurrent use by multiple goroutines.

func (*KnownHosts) Add added in v0.1.12

func (k *KnownHosts) Add(h Host)

Add adds a host to the list of known hosts.

func (*KnownHosts) Entries added in v0.1.12

func (k *KnownHosts) Entries() []Host

Entries returns the known host entries sorted by hostname.

func (*KnownHosts) Load added in v0.1.12

func (k *KnownHosts) Load(path string) error

Load loads the known hosts entries from the provided path.

func (*KnownHosts) Lookup added in v0.1.12

func (k *KnownHosts) Lookup(hostname string) (Host, bool)

Lookup returns the known host entry corresponding to the given hostname.

func (*KnownHosts) Parse added in v0.1.12

func (k *KnownHosts) Parse(r io.Reader) error

Parse parses the provided io.Reader and adds the parsed hosts to the list. Invalid entries are ignored.

For more control over errors encountered during parsing, use bufio.Scanner in combination with ParseHost. For example:

var knownHosts tofu.KnownHosts
scanner := bufio.NewScanner(r)
for scanner.Scan() {
    host, err := tofu.ParseHost(scanner.Bytes())
    if err != nil {
        // handle error
    } else {
        knownHosts.Add(host)
    }
}
err := scanner.Err()
if err != nil {
    // handle error
}

func (*KnownHosts) TOFU added in v0.1.12

func (k *KnownHosts) TOFU(hostname string, cert *x509.Certificate) error

TOFU implements basic trust on first use.

If the host is not on file, it is added to the list. If the fingerprint does not match the one on file, an error is returned.

func (*KnownHosts) WriteTo added in v0.1.12

func (k *KnownHosts) WriteTo(w io.Writer) (int64, error)

WriteTo writes the list of known hosts to the provided io.Writer.

type PersistentHosts added in v0.1.14

type PersistentHosts struct {
	// contains filtered or unexported fields
}

PersistentHosts represents a persistent set of known hosts.

func LoadPersistentHosts added in v0.1.14

func LoadPersistentHosts(path string) (*PersistentHosts, error)

LoadPersistentHosts loads persistent hosts from the file at the given path.

func NewPersistentHosts added in v0.1.14

func NewPersistentHosts(hosts *KnownHosts, writer *HostWriter) *PersistentHosts

NewPersistentHosts returns a new persistent set of known hosts that stores known hosts in hosts and writes new hosts to writer.

func (*PersistentHosts) Add added in v0.1.14

func (p *PersistentHosts) Add(h Host) error

Add adds a host to the list of known hosts. It returns an error if the host could not be persisted.

func (*PersistentHosts) Close added in v0.1.14

func (p *PersistentHosts) Close() error

Close closes the underlying HostWriter.

func (*PersistentHosts) Entries added in v0.1.14

func (p *PersistentHosts) Entries() []Host

Entries returns the known host entries sorted by hostname.

func (*PersistentHosts) Lookup added in v0.1.14

func (p *PersistentHosts) Lookup(hostname string) (Host, bool)

Lookup returns the known host entry corresponding to the given hostname.

func (*PersistentHosts) TOFU added in v0.1.14

func (p *PersistentHosts) TOFU(hostname string, cert *x509.Certificate) error

TOFU implements trust on first use with a persistent set of known hosts.

If the host is not on file, it is added to the list. If the fingerprint does not match the one on file, an error is returned.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL