proxy

package
v0.3.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 23, 2023 License: Apache-2.0 Imports: 50 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	SASLPlain       = "PLAIN"
	SASLOAuthBearer = "OAUTHBEARER"
	SASLSCRAM256    = "SCRAM-SHA-256"
	SASLSCRAM512    = "SCRAM-SHA-512"
	SASLSGSSAPI     = "GSSAPI"
	SASLIAMAAUTH    = "AWS_MSK_IAM"
)
View Source 
const (
	TOK_ID_KRB_AP_REQ   = 256
	GSS_API_GENERIC_TAG = 0x60
)

Variables

View Source 
var SHA256 scram.HashGeneratorFcn = func() hash.Hash { return sha256.New() }

Workaround for xdg-go not having accepted this pull request: https://github.com/xdg-go/scram/pull/1/commits

View Source 
var SHA512 scram.HashGeneratorFcn = func() hash.Hash { return sha512.New() }

Functions

func NewCollector 

func NewCollector(connSet *ConnSet) prometheus.Collector

Types

type AuthClient added in v0.0.2 

type AuthClient struct {
	// contains filtered or unexported fields
}

type AuthServer added in v0.0.2 

type AuthServer struct {
	// contains filtered or unexported fields
}

type AwsMSKIamAuth added in v0.3.4 

type AwsMSKIamAuth struct {
	// contains filtered or unexported fields
}

AwsMSKIamAuth implements the SASLAuthByProxy interface and performs AWS IAM based authentication for MSK clusters.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is a type to handle connecting to a Server. All fields are required unless otherwise specified.

func NewClient 

func NewClient(conns *ConnSet, c *config.Config, netAddressMappingFunc config.NetAddressMappingFunc, localPasswordAuthenticator apis.PasswordAuthenticator, localTokenAuthenticator apis.TokenInfo, saslTokenProvider apis.TokenProvider, gatewayTokenProvider apis.TokenProvider, gatewayTokenInfo apis.TokenInfo) (*Client, error)

func (*Client) Close 

func (c *Client) Close()

func (*Client) DialAndAuth added in v0.0.2 

func (c *Client) DialAndAuth(brokerAddress string) (net.Conn, error)

func (*Client) Run 

func (c *Client) Run(connSrc <-chan Conn) error

Run causes the client to start waiting for new connections to connSrc and proxy them to the destination instance. It blocks until connSrc is closed.

type Conn 

type Conn struct {
	BrokerAddress   string
	LocalConnection net.Conn
}

Conn represents a connection from a client to a specific instance.

type ConnSet 

type ConnSet struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

A ConnSet tracks net.Conns associated with a provided ID.

func NewConnSet 

func NewConnSet() *ConnSet

NewConnSet initializes a new ConnSet and returns it.

func (*ConnSet) Add 

func (c *ConnSet) Add(id string, conn net.Conn)

Add saves the provided conn and associates it with the given string identifier.

func (*ConnSet) Close 

func (c *ConnSet) Close() error

Close closes every net.Conn contained in the set.

func (*ConnSet) Conns 

func (c *ConnSet) Conns(ids ...string) []net.Conn

Conns returns all active connections associated with the provided ids.

func (*ConnSet) Count 

func (c *ConnSet) Count() map[string]int

Count returns number of connection pro identifier

func (*ConnSet) IDs 

func (c *ConnSet) IDs() []string

IDs returns a slice of all identifiers which still have active connections.

func (*ConnSet) Remove 

func (c *ConnSet) Remove(id string, conn net.Conn) error

Remove undoes an Add operation to have the set forget about a conn. Do not Remove an id/conn pair more than it has been Added.

func (*ConnSet) String 

func (c *ConnSet) String() string

String returns a debug string for the ConnSet.

type DeadlineReadWriteCloser 

type DeadlineReadWriteCloser interface {
	io.ReadWriteCloser
	SetWriteDeadline(t time.Time) error
	SetReadDeadline(t time.Time) error
	SetDeadline(t time.Time) error
}

type DeadlineReader 

type DeadlineReader interface {
	io.Reader
	SetReadDeadline(t time.Time) error
}

type DeadlineReaderWriter 

type DeadlineReaderWriter interface {
	DeadlineReader
	DeadlineWriter
	SetDeadline(t time.Time) error
}

type DeadlineWriter 

type DeadlineWriter interface {
	io.Writer
	SetWriteDeadline(t time.Time) error
}

type DefaultRequestHandler added in v0.0.5 

type DefaultRequestHandler struct {
}

type DefaultResponseHandler added in v0.0.5 

type DefaultResponseHandler struct {
}

type Dialer added in v0.0.4 

type Dialer interface {
	Dial(network, addr string) (c net.Conn, err error)
}

type KerberosClient added in v0.3.3 

type KerberosClient interface {
	Login() error
	GetServiceTicket(spn string) (messages.Ticket, types.EncryptionKey, error)
	Domain() string
	CName() types.PrincipalName
	Destroy()
}

type KerberosGoKrb5Client added in v0.3.3 

type KerberosGoKrb5Client struct {
	krb5client.Client
}

func (*KerberosGoKrb5Client) CName added in v0.3.3 

func (c *KerberosGoKrb5Client) CName() types.PrincipalName

func (*KerberosGoKrb5Client) Domain added in v0.3.3 

func (c *KerberosGoKrb5Client) Domain() string

type ListenFunc 

type ListenFunc func(cfg config.ListenerConfig) (l net.Listener, err error)

type Listeners 

type Listeners struct {
	// contains filtered or unexported fields
}

func NewListeners 

func NewListeners(cfg *config.Config) (*Listeners, error)

func (*Listeners) GetNetAddressMapping 

func (p *Listeners) GetNetAddressMapping(brokerHost string, brokerPort int32) (listenerHost string, listenerPort int32, err error)

func (*Listeners) ListenDynamicInstance 

func (p *Listeners) ListenDynamicInstance(brokerAddress string) (string, int32, error)

func (*Listeners) ListenInstances 

func (p *Listeners) ListenInstances(cfgs []config.ListenerConfig) (<-chan Conn, error)

type LocalSasl added in v0.0.2 

type LocalSasl struct {
	// contains filtered or unexported fields
}

func NewLocalSasl added in v0.1.0 

func NewLocalSasl(params LocalSaslParams) *LocalSasl

type LocalSaslAuth added in v0.1.0 

type LocalSaslAuth interface {
	// contains filtered or unexported methods
}

type LocalSaslOauth added in v0.1.0 

type LocalSaslOauth struct {
	// contains filtered or unexported fields
}

func NewLocalSaslOauth added in v0.1.0 

func NewLocalSaslOauth(tokenAuthenticator apis.TokenInfo) *LocalSaslOauth

type LocalSaslParams added in v0.1.0 

type LocalSaslParams struct {
	// contains filtered or unexported fields
}

type LocalSaslPlain added in v0.1.0 

type LocalSaslPlain struct {
	// contains filtered or unexported fields
}

func NewLocalSaslPlain added in v0.1.0 

func NewLocalSaslPlain(localAuthenticator apis.PasswordAuthenticator) *LocalSaslPlain

type Mechanism added in v0.3.4 

type Mechanism struct {
	// The sigv4.Signer of aws-sdk-go-v2 to use when signing the request. Required.
	Signer *signer.Signer
	// The aws.Config.Credentials or config.CredentialsProvider of aws-sdk-go-v2. Required.
	Credentials aws.CredentialsProvider
	// The region where the msk cluster is hosted, e.g. "us-east-1". Required.
	Region string
}

Mechanism implements signing for the AWS_MSK_IAM mechanism, based on the official java implementation: https://github.com/aws/aws-msk-iam-auth

func (*Mechanism) SASLToken added in v0.3.4 

func (m *Mechanism) SASLToken(ctx context.Context, host string) ([]byte, error)

type ProcessorConfig 

type ProcessorConfig struct {
	MaxOpenRequests       int
	NetAddressMappingFunc config.NetAddressMappingFunc
	RequestBufferSize     int
	ResponseBufferSize    int
	WriteTimeout          time.Duration
	ReadTimeout           time.Duration
	LocalSasl             *LocalSasl
	AuthServer            *AuthServer
	ForbiddenApiKeys      map[int16]struct{}
	ProducerAcks0Disabled bool
}

type RequestHandler added in v0.0.5 

type RequestHandler interface {
	// contains filtered or unexported methods
}

type RequestsLoopContext added in v0.0.5 

type RequestsLoopContext struct {
	// contains filtered or unexported fields
}

type ResponseHandler added in v0.0.5 

type ResponseHandler interface {
	// contains filtered or unexported methods
}

type ResponsesLoopContext added in v0.0.5 

type ResponsesLoopContext struct {
	// contains filtered or unexported fields
}

type SASLAuthByProxy added in v0.1.0 

type SASLAuthByProxy interface {
	// contains filtered or unexported methods
}

func NewAwsMSKIamAuth added in v0.3.4 

func NewAwsMSKIamAuth(
	clientId string,
	readTimeout,
	writeTimeout time.Duration,
	awsConfig *proxyconfig.AWSConfig,
) (SASLAuthByProxy, error)

type SASLGSSAPIAuth added in v0.3.3 

type SASLGSSAPIAuth struct {
	// contains filtered or unexported fields
}

type SASLHandshake added in v0.1.0 

type SASLHandshake struct {
	// contains filtered or unexported fields
}

type SASLOAuthBearerAuth added in v0.1.0 

type SASLOAuthBearerAuth struct {
	// contains filtered or unexported fields
}

type SASLPlainAuth 

type SASLPlainAuth struct {
	// contains filtered or unexported fields
}

type SASLSCRAMAuth added in v0.1.3 

type SASLSCRAMAuth struct {

	// authz id used for SASL/SCRAM authentication
	SCRAMAuthzID string
	// contains filtered or unexported fields
}

type SaslAuthV0RequestHandler added in v0.0.5 

type SaslAuthV0RequestHandler struct {
}

type SaslAuthV0ResponseHandler added in v0.0.5 

type SaslAuthV0ResponseHandler struct {
}

type SaslOAuthBearer added in v0.1.0 

type SaslOAuthBearer struct{}

func (SaslOAuthBearer) GetClientInitialResponse added in v0.1.0 

func (p SaslOAuthBearer) GetClientInitialResponse(saslAuthBytes []byte) (token string, authzid string, extensions map[string]string, err error)

func (SaslOAuthBearer) ToBytes added in v0.1.0 

func (p SaslOAuthBearer) ToBytes(tokenValue string, authorizationId string, saslExtensions map[string]string) []byte

type TCPConnOptions 

type TCPConnOptions struct {
	KeepAlive       time.Duration
	ReadBufferSize  int
	WriteBufferSize int
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.