vault

package
v3.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 25, 2024 License: GPL-3.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Current = v2_5_x
)
View Source
const DefaultMaxSyncMemory = 2 * 1024 * uint64(1024*1024)
View Source
const (
	ForbiddenRollout = 0.6046602879796196
)

Variables

View Source
var ErrDecryptFailed = errors.New("failed to decrypt vault")
View Source
var ErrUnmarshal = errors.New("vault contents are corrupt")
View Source
var RandomToken = crypto.RandomToken // nolint:gochecknoglobals

RandomToken is a function that returns a random token. By default, we use crypto.RandomToken to generate tokens.

Functions

func GetDefaultSyncWorkerCount

func GetDefaultSyncWorkerCount() int

func GetHelper

func GetHelper(vaultDir string) (string, error)

func GetShouldSkipKeychainTest added in v3.13.0

func GetShouldSkipKeychainTest(vaultDir string) (bool, error)

func GetVaultKey added in v3.1.0

func GetVaultKey(kc *keychain.Keychain) ([]byte, error)

func NewVaultKey added in v3.1.0

func NewVaultKey(kc *keychain.Keychain) ([]byte, error)

func SetHelper

func SetHelper(vaultDir, helper string) error

func SetShouldSkipKeychainTest added in v3.13.0

func SetShouldSkipKeychainTest(vaultDir string, skip bool) error

func SetVaultKey added in v3.1.0

func SetVaultKey(kc *keychain.Keychain, key []byte) error

Types

type AddressMode

type AddressMode int
const (
	CombinedMode AddressMode = iota
	SplitMode
)

func (AddressMode) String

func (mode AddressMode) String() string

type Cert

type Cert struct {
	Cert, Key []byte
}

type Certs

type Certs struct {
	Bridge Cert

	// If non-empty, the path to the PEM-encoded certificate file.
	CustomCertPath string
	CustomKeyPath  string
}

type Data

type Data struct {
	Settings Settings
	Users    []UserData
	Cookies  []byte
	Certs    Certs
	Migrated bool
}

type Data_2_3_x

type Data_2_3_x struct {
	Settings Settings_2_3_x
	Users    []UserData_2_3_x
}

type Data_2_4_x

type Data_2_4_x struct {
	Settings Settings_2_4_x
	Users    []UserData_2_4_x
}

type File

type File struct {
	Version Version
	Data    []byte
}

File holds a versioned, serialized data.

type KeychainSettings added in v3.13.0

type KeychainSettings struct {
	Helper      string // The helper used for keychain.
	DisableTest bool   // Is the keychain test on startup disabled?
}

KeychainSettings holds settings related to the keychain. It is serialized in the vault directory.

func LoadKeychainSettings added in v3.13.0

func LoadKeychainSettings(vaultDir string) (KeychainSettings, error)

LoadKeychainSettings load keychain settings from the vaultDir folder, or returns a default one if the file does not exists or is invalid.

func (KeychainSettings) Save added in v3.13.0

func (k KeychainSettings) Save(vaultDir string) error

Save saves the keychain settings in a file in the vaultDir folder.

type PasswordArchive added in v3.3.0

type PasswordArchive struct {
	// we store the SHA-256 sum as string for readability and JSON marshalling of map[[32]byte][]byte will not be allowed, thus breaking vault-editor.
	Archive map[string][]byte
}

PasswordArchive maps a list email address hashes to passwords. The type is not defined as a map alias to prevent having to handle nil default values when vault was created by an older version of the application.

type Settings

type Settings struct {
	GluonDir string

	IMAPPort int
	SMTPPort int
	IMAPSSL  bool
	SMTPSSL  bool

	UpdateChannel updater.Channel
	UpdateRollout float64

	ColorScheme       string
	ProxyAllowed      bool
	ShowAllMail       bool
	Autostart         bool
	AutoUpdate        bool
	TelemetryDisabled bool

	LastVersion string
	FirstStart  bool

	MaxSyncMemory uint64

	LastUserAgent string

	LastHeartbeatSent time.Time

	PasswordArchive PasswordArchive

	// **WARNING**: These entry can't be removed until they vault has proper migration support.
	SyncWorkers int
	SyncAttPool int
}

type Settings_2_3_x

type Settings_2_3_x struct {
	GluonDir string

	IMAPPort string
	SMTPPort string
}

type Settings_2_4_x

type Settings_2_4_x struct {
	GluonDir string

	IMAPPort int
	SMTPPort int
}

type SyncStatus

type SyncStatus struct {
	HasLabels        bool
	HasMessages      bool
	LastMessageID    string
	FailedMessageIDs []string
}

func (SyncStatus) IsComplete

func (status SyncStatus) IsComplete() bool

type User

type User struct {
	// contains filtered or unexported fields
}

func (*User) AddFailedMessageID added in v3.0.6

func (user *User) AddFailedMessageID(messageID string) error

AddFailedMessageID adds a message ID to the list of failed message IDs.

func (*User) AddressMode

func (user *User) AddressMode() AddressMode

AddressMode returns the user's address mode.

func (*User) AuthRef

func (user *User) AuthRef() string

AuthRef returns the user's auth refresh token.

func (*User) AuthUID

func (user *User) AuthUID() string

AuthUID returns the user's auth UID.

func (*User) BridgePass

func (user *User) BridgePass() []byte

BridgePass returns the user's bridge password as raw token bytes (unencoded).

func (*User) Clear

func (user *User) Clear() error

Clear clears the user's auth secrets.

func (*User) ClearSyncStatusDeprecated added in v3.7.1

func (user *User) ClearSyncStatusDeprecated() error

ClearSyncStatusDeprecated clears the user's sync status.

func (*User) ClearSyncStatusWithoutEventID added in v3.7.1

func (user *User) ClearSyncStatusWithoutEventID() error

ClearSyncStatusWithoutEventID clears the user's sync status without modifying EventID.

func (*User) Close

func (user *User) Close() error

Close closes the user. This allows it to be removed from the vault.

func (*User) EventID

func (user *User) EventID() string

EventID returns the last processed event ID of the user.

func (*User) GetGluonIDs

func (user *User) GetGluonIDs() map[string]string

func (*User) GetShouldResync added in v3.12.0

func (user *User) GetShouldResync() bool

func (*User) GetSyncStatusDeprecated added in v3.7.1

func (user *User) GetSyncStatusDeprecated() SyncStatus

GetSyncStatusDeprecated returns the user's sync status.

func (*User) GluonKey

func (user *User) GluonKey() []byte

GluonKey returns the key needed to decrypt the user's gluon database.

func (*User) KeyPass

func (user *User) KeyPass() []byte

KeyPass returns the user's (salted) key password.

func (*User) PrimaryEmail added in v3.0.12

func (user *User) PrimaryEmail() string

PrimaryEmail returns the user's primary email address.

func (*User) RemFailedMessageID added in v3.0.6

func (user *User) RemFailedMessageID(messageID string) error

RemFailedMessageID removes a message ID from the list of failed message IDs.

func (*User) RemoveGluonID

func (user *User) RemoveGluonID(addrID, gluonID string) error

func (*User) SetAddressMode

func (user *User) SetAddressMode(mode AddressMode) error

SetAddressMode sets the address mode for the given user.

func (*User) SetAuth

func (user *User) SetAuth(authUID, authRef string) error

SetAuth sets the auth secrets for the given user.

func (*User) SetBridgePass added in v3.0.7

func (user *User) SetBridgePass(newPass []byte) error

SetBridgePass saves bridge password as raw token bytes (unecoded).

func (*User) SetEventID

func (user *User) SetEventID(eventID string) error

SetEventID sets the event ID for the given user.

func (*User) SetGluonID

func (user *User) SetGluonID(addrID, gluonID string) error

func (*User) SetHasLabels

func (user *User) SetHasLabels(hasLabels bool) error

SetHasLabels sets whether the user's labels have been synced.

func (*User) SetHasMessages

func (user *User) SetHasMessages(hasMessages bool) error

SetHasMessages sets whether the user's messages have been synced.

func (*User) SetKeyPass

func (user *User) SetKeyPass(keyPass []byte) error

SetKeyPass sets the user's (salted) key password.

func (*User) SetLastMessageID

func (user *User) SetLastMessageID(messageID string) error

SetLastMessageID sets the last synced message ID for the given user.

func (*User) SetPrimaryEmail added in v3.0.12

func (user *User) SetPrimaryEmail(email string) error

SetPrimaryEmail sets the user's primary email address.

func (*User) SetShouldSync added in v3.12.0

func (user *User) SetShouldSync(shouldResync bool) error

func (*User) SyncStatus

func (user *User) SyncStatus() SyncStatus

SyncStatus return's the user's sync status.

func (*User) UserID

func (user *User) UserID() string

func (*User) Username

func (user *User) Username() string

type UserData

type UserData struct {
	UserID       string
	Username     string
	PrimaryEmail string

	GluonKey    []byte
	GluonIDs    map[string]string
	BridgePass  []byte // raw token represented as byte slice (needs to be encoded)
	AddressMode AddressMode

	AuthUID string
	AuthRef string
	KeyPass []byte

	SyncStatus SyncStatus
	EventID    string

	// **WARNING**: This value can't be removed until we have vault migration support.
	UIDValidity map[string]imap.UID

	ShouldResync bool // Whether user should re-sync on log-in (this is triggered by the `repair` button)
}

UserData holds information about a single bridge user. The user may or may not be logged in.

type UserData_2_3_x

type UserData_2_3_x struct {
	ID   string
	Name string

	GluonKey  []byte
	SplitMode bool
}

type UserData_2_4_x

type UserData_2_4_x struct {
	UserID   string
	Username string

	GluonKey  string
	SplitMode bool
}

type Vault

type Vault struct {
	// contains filtered or unexported fields
}

Vault is an encrypted data vault that stores bridge and user data.

func New

func New(vaultDir, gluonCacheDir string, key []byte, panicHandler async.PanicHandler) (*Vault, error, error)

New constructs a new encrypted data vault at the given filepath using the given encryption key. The first error is a corruption error for an existing vault, the second errors refrain to all other errors.

func (*Vault) AddUser

func (vault *Vault) AddUser(userID, username, primaryEmail, authUID, authRef string, keyPass []byte) (*User, error)

AddUser creates a new user in the vault with the given ID, username and password. A gluon key is generated using the package's token generator. If a password is found in the password archive for this user, it is restored, otherwise a new bridge password is generated using the package's token generator.

func (*Vault) Close

func (vault *Vault) Close() error

func (*Vault) DeleteUser

func (vault *Vault) DeleteUser(userID string) error

DeleteUser removes the given user from the vault.

func (*Vault) ForUser

func (vault *Vault) ForUser(parallelism int, fn func(*User) error) error

ForUser executes a callback for each user in the vault.

func (*Vault) GetAutoUpdate

func (vault *Vault) GetAutoUpdate() bool

GetAutoUpdate sets whether the bridge should automatically update.

func (*Vault) GetAutostart

func (vault *Vault) GetAutostart() bool

GetAutostart sets whether the bridge should autostart.

func (*Vault) GetBridgeTLSCert

func (vault *Vault) GetBridgeTLSCert() ([]byte, []byte)

GetBridgeTLSCert returns the PEM-encoded certificate for the bridge. If CertPEMPath is set, it will attempt to read the certificate from the file. Otherwise, or on read/validation failure, it will return the certificate from the vault.

func (*Vault) GetColorScheme

func (vault *Vault) GetColorScheme() string

GetColorScheme sets the color scheme to be used by the bridge GUI.

func (*Vault) GetCookies

func (vault *Vault) GetCookies() ([]byte, error)

func (*Vault) GetFirstStart

func (vault *Vault) GetFirstStart() bool

GetFirstStart returns whether this is the first time the bridge has been started.

func (*Vault) GetGluonCacheDir added in v3.0.12

func (vault *Vault) GetGluonCacheDir() string

GetGluonCacheDir sets the directory where the gluon should store its data.

func (*Vault) GetIMAPPort

func (vault *Vault) GetIMAPPort() int

GetIMAPPort sets the port that the IMAP server should listen on.

func (*Vault) GetIMAPSSL

func (vault *Vault) GetIMAPSSL() bool

GetIMAPSSL sets whether the IMAP server should use SSL.

func (*Vault) GetLastHeartbeatSent added in v3.2.0

func (vault *Vault) GetLastHeartbeatSent() time.Time

GetLastHeartbeatSent returns the last time heartbeat was sent.

func (*Vault) GetLastUserAgent added in v3.2.0

func (vault *Vault) GetLastUserAgent() string

GetLastUserAgent returns the last user agent recorded by bridge.

func (*Vault) GetLastVersion

func (vault *Vault) GetLastVersion() *semver.Version

GetLastVersion returns the last version of the bridge that was run.

func (*Vault) GetMaxSyncMemory added in v3.1.0

func (vault *Vault) GetMaxSyncMemory() uint64

GetMaxSyncMemory returns the maximum amount of memory the sync process should use.

func (*Vault) GetOrAddUser added in v3.3.0

func (vault *Vault) GetOrAddUser(userID, username, primaryEmail, authUID, authRef string, keyPass []byte) (*User, bool, error)

GetOrAddUser retrieves an existing user and updates the authRef and keyPass or creates a new user. Returns the user and whether the user did not exist before.

func (*Vault) GetProxyAllowed

func (vault *Vault) GetProxyAllowed() bool

GetProxyAllowed sets whether the bridge is allowed to use alternative routing.

func (*Vault) GetSMTPPort

func (vault *Vault) GetSMTPPort() int

GetSMTPPort sets the port that the SMTP server should listen on.

func (*Vault) GetSMTPSSL

func (vault *Vault) GetSMTPSSL() bool

GetSMTPSSL sets whether the SMTP server should use SSL.

func (*Vault) GetShowAllMail

func (vault *Vault) GetShowAllMail() bool

GetShowAllMail sets whether the bridge should show the All Mail folder.

func (*Vault) GetTelemetryDisabled added in v3.2.0

func (vault *Vault) GetTelemetryDisabled() bool

GetTelemetryDisabled checks whether telemetry is disabled.

func (*Vault) GetUpdateChannel

func (vault *Vault) GetUpdateChannel() updater.Channel

GetUpdateChannel sets the update channel.

func (*Vault) GetUpdateRollout

func (vault *Vault) GetUpdateRollout() float64

GetUpdateRollout sets the update rollout.

func (*Vault) GetUser

func (vault *Vault) GetUser(userID string, fn func(*User)) error

GetUser provides access to a vault user. It returns an error if the user does not exist.

func (*Vault) GetUserIDs

func (vault *Vault) GetUserIDs() []string

GetUserIDs returns the user IDs and usernames of all users in the vault.

func (*Vault) HasUser

func (vault *Vault) HasUser(userID string) bool

HasUser returns true if the vault contains a user with the given ID.

func (*Vault) Migrated

func (vault *Vault) Migrated() bool

func (*Vault) NewUser

func (vault *Vault) NewUser(userID string) (*User, error)

NewUser returns a new vault user. It must be closed before it can be deleted.

func (*Vault) Path added in v3.1.0

func (vault *Vault) Path() string

func (*Vault) Reset

func (vault *Vault) Reset(gluonDir string) error

func (*Vault) SetAutoUpdate

func (vault *Vault) SetAutoUpdate(autoUpdate bool) error

SetAutoUpdate sets whether the bridge should automatically update.

func (*Vault) SetAutostart

func (vault *Vault) SetAutostart(autostart bool) error

SetAutostart sets whether the bridge should autostart.

func (*Vault) SetBridgeTLSCertKey added in v3.0.21

func (vault *Vault) SetBridgeTLSCertKey(cert, key []byte) error

SetBridgeTLSCertKey sets the path to PEM-encoded certificates for the bridge.

func (*Vault) SetBridgeTLSCertPath added in v3.1.0

func (vault *Vault) SetBridgeTLSCertPath(certPath, keyPath string) error

SetBridgeTLSCertPath sets the path to PEM-encoded certificates for the bridge.

func (*Vault) SetColorScheme

func (vault *Vault) SetColorScheme(colorScheme string) error

SetColorScheme sets the color scheme to be used by the bridge GUI.

func (*Vault) SetCookies

func (vault *Vault) SetCookies(cookies []byte) error

func (*Vault) SetFirstStart

func (vault *Vault) SetFirstStart(firstStart bool) error

SetFirstStart sets whether this is the first time the bridge has been started.

func (*Vault) SetGluonDir

func (vault *Vault) SetGluonDir(dir string) error

SetGluonDir sets the directory where the gluon should store its data.

func (*Vault) SetIMAPPort

func (vault *Vault) SetIMAPPort(port int) error

SetIMAPPort sets the port that the IMAP server should listen on.

func (*Vault) SetIMAPSSL

func (vault *Vault) SetIMAPSSL(ssl bool) error

SetIMAPSSL sets whether the IMAP server should use SSL.

func (*Vault) SetLastHeartbeatSent added in v3.2.0

func (vault *Vault) SetLastHeartbeatSent(timestamp time.Time) error

SetLastHeartbeatSent store the last time heartbeat was sent.

func (*Vault) SetLastUserAgent added in v3.2.0

func (vault *Vault) SetLastUserAgent(userAgent string) error

SetLastUserAgent store the last user agent recorded by bridge.

func (*Vault) SetLastVersion

func (vault *Vault) SetLastVersion(version *semver.Version) error

SetLastVersion sets the last version of the bridge that was run.

func (*Vault) SetMaxSyncMemory added in v3.1.0

func (vault *Vault) SetMaxSyncMemory(maxMemory uint64) error

SetMaxSyncMemory sets the maximum amount of memory the sync process should use.

func (*Vault) SetMigrated

func (vault *Vault) SetMigrated() error

func (*Vault) SetProxyAllowed

func (vault *Vault) SetProxyAllowed(allowed bool) error

SetProxyAllowed sets whether the bridge is allowed to use alternative routing.

func (*Vault) SetSMTPPort

func (vault *Vault) SetSMTPPort(port int) error

SetSMTPPort sets the port that the SMTP server should listen on.

func (*Vault) SetSMTPSSL

func (vault *Vault) SetSMTPSSL(ssl bool) error

SetSMTPSSL sets whether the SMTP server should use SSL.

func (*Vault) SetShowAllMail

func (vault *Vault) SetShowAllMail(showAllMail bool) error

SetShowAllMail sets whether the bridge should show the All Mail folder.

func (*Vault) SetTelemetryDisabled added in v3.2.0

func (vault *Vault) SetTelemetryDisabled(telemetryDisabled bool) error

SetTelemetryDisabled sets whether telemetry is disabled.

func (*Vault) SetUpdateChannel

func (vault *Vault) SetUpdateChannel(channel updater.Channel) error

SetUpdateChannel sets the update channel.

func (*Vault) SetUpdateRollout

func (vault *Vault) SetUpdateRollout(rollout float64) error

SetUpdateRollout sets the update rollout.

type Version

type Version int

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL