Documentation ¶
Index ¶
- Constants
- Variables
- func CreateHubSignet(toolID string, securityLevel int) (private, public *jess.Signet, err error)
- func LanesEqual(a, b []*Lane) bool
- func MakeHubDBKey(mapName, hubID string) string
- func MakeHubMsgDBKey(mapName string, msgType MsgType, hubID string) string
- func QueryRawGossipMsgs(mapName string, msgType MsgType) (it *iterator.Iterator, err error)
- func RemoveHub(mapName string, hubID string) error
- func SaveHubMsg(id string, mapName string, msgType MsgType, data []byte) error
- func SetNavigatorAccess(fn func(mapName, hubID string) *Hub)
- func SignHubMsg(msg []byte, env *jess.Envelope, enableTofu bool) ([]byte, error)
- func SortLanes(l []*Lane)
- type Announcement
- type Hub
- func ApplyAnnouncement(hub *Hub, data []byte, mapName string, scope Scope, selfcheck bool) (_ *Hub, forward bool, err error)
- func ApplyStatus(hub *Hub, data []byte, mapName string, scope Scope, selfcheck bool) (_ *Hub, forward bool, err error)
- func EnsureHub(r record.Record) (*Hub, error)
- func GetHub(mapName string, hubID string) (*Hub, error)
- func GetHubByKey(key string) (*Hub, error)
- func OpenHubMsg(hub *Hub, data []byte, mapName string, tofu bool) (msg []byte, sendingHub *Hub, err error)
- func ParseBootstrapHub(bootstrapTransport string, mapName string) (*Hub, error)
- func (h *Hub) AddLane(newLane *Lane) error
- func (h *Hub) GetInfo() *Announcement
- func (h *Hub) GetLaneTo(hubID string) *Lane
- func (h *Hub) GetSignet(id string, recipient bool) (*jess.Signet, error)
- func (h *Hub) GetStatus() *Status
- func (h *Hub) Name() string
- func (h *Hub) RemoveLane(hubID string) error
- func (hub *Hub) Save() error
- func (h *Hub) SelectSignet() *jess.Signet
- func (h *Hub) String() string
- func (h *Hub) StringWithoutLocking() string
- func (h *Hub) Verified() bool
- type HubMsg
- type Intel
- type Key
- type Lane
- type MsgType
- type ParsedIntel
- type Scope
- type SingleTrustStore
- type Status
- type Transport
Constants ¶
const ( MsgTypeAnnouncement = "announcement" MsgTypeStatus = "status" )
Variables ¶
var ( // ErrMissingInfo signifies that the hub is missing the HubAnnouncement. ErrMissingInfo = errors.New("hub is missing Announcement") // ErrMissingTransports signifies that the hub announcement did not specify any transports. ErrMissingTransports = errors.New("hub announcement is missing transports") // ErrMissingIPs signifies that the hub announcement did not specify any IPs. ErrMissingIPs = errors.New("hub announcement is missing IPs") // ErrTemporaryValidationError is returned when a validation error might be temporary. ErrTemporaryValidationError = errors.New("temporary validation error") )
var BaselineCharset = regexp.MustCompile(
`^[` +
` !#()*+,\-\./0-9:=?@A-Z[\]^_a-z{|}~` +
`ŠŒŽšœžŸ¡¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿ` +
`]*$`,
)
Functions ¶
func CreateHubSignet ¶
CreateHubSignet creates a signet with the correct ID for usage as a Hub Identity.
func LanesEqual ¶ added in v0.3.0
LanesEqual returns whether the given []*Lane are equal.
func MakeHubDBKey ¶ added in v0.3.0
func MakeHubMsgDBKey ¶ added in v0.3.0
func QueryRawGossipMsgs ¶ added in v0.3.0
func SaveHubMsg ¶ added in v0.3.0
SaveHubMsg saves a raw (and signed) message received by another Hub.
func SetNavigatorAccess ¶
SetNavigatorAccess sets a shortcut function to access hubs from the navigator instead of having go through the database. This also reduces the number of object in RAM and better caches parsed attributes.
func SignHubMsg ¶
SignHubMsg signs the given serialized hub msg with the given configuration.
Types ¶
type Announcement ¶ added in v0.3.0
type Announcement struct { // Primary Key // hash of public key // must be checked if it matches the public key ID string // via jess.LabeledHash // PublicKey *jess.Signet // PublicKey // if not part of signature // Signature *jess.Letter Timestamp int64 // Unix timestamp in seconds // Node Information Name string // name of the node Group string // person or organisation, who is in control of the node (should be same for all nodes of this person or organisation) ContactAddress string // contact possibility (recommended, but optional) ContactService string // type of service of the contact address, if not email // currently unused, but collected for later use Hosters []string // hoster supply chain (reseller, hosting provider, datacenter operator, ...) Datacenter string // datacenter will be bullshit checked // Network Location and Access // If node is behind NAT (or similar), IP addresses must be configured IPv4 net.IP // must be global and accessible IPv6 net.IP // must be global and accessible Transports []string // Policies - default permit Entry []string // {"+ ", "- *"} Exit []string }
Announcement is the main message type to publish Hub Information. This only changes if updated manually.
func (*Announcement) Copy ¶ added in v0.3.0
func (a *Announcement) Copy() (*Announcement, error)
Copy returns a deep copy of the Announcement.
func (*Announcement) Equal ¶ added in v0.3.0
func (a *Announcement) Equal(b *Announcement) bool
Equal returns whether the given Announcements are equal.
type Hub ¶
type Hub struct { sync.Mutex record.Base ID string PublicKey *jess.Signet Map string Info *Announcement Status *Status FirstSeen time.Time VerifiedIPs bool InvalidInfo bool InvalidStatus bool }
Hub represents a network node in the SPN.
func ApplyAnnouncement ¶ added in v0.3.0
func ApplyAnnouncement(hub *Hub, data []byte, mapName string, scope Scope, selfcheck bool) (_ *Hub, forward bool, err error)
ApplyAnnouncement applies the announcement to the Hub if it passes all the checks. If no Hub is provided, it is loaded from the database or created.
func ApplyStatus ¶ added in v0.3.0
func ApplyStatus(hub *Hub, data []byte, mapName string, scope Scope, selfcheck bool) (_ *Hub, forward bool, err error)
ApplyStatus applies a status update if it passes all the checks.
func GetHubByKey ¶ added in v0.3.0
func OpenHubMsg ¶
func OpenHubMsg(hub *Hub, data []byte, mapName string, tofu bool) (msg []byte, sendingHub *Hub, err error)
OpenHubMsg opens a signed hub msg and verifies the signature using the provided hub or the local database. If TOFU is enabled, the signature is always accepted, if valid.
func ParseBootstrapHub ¶ added in v0.3.0
func (*Hub) GetInfo ¶ added in v0.3.0
func (h *Hub) GetInfo() *Announcement
GetInfo returns the hub info.
func (*Hub) GetSignet ¶
GetSignet returns the public key identified by the given ID from the Hub Status.
func (*Hub) Name ¶ added in v0.3.0
Name returns a human-readable version of a Hub's name. This name will likely consist of two parts: the given name and the ending of the ID to make it unique.
func (*Hub) RemoveLane ¶ added in v0.3.0
RemoveLane removes a Lane from the Hub Status.
func (*Hub) SelectSignet ¶
SelectSignet selects the public key to use for initiating connections to that Hub.
func (*Hub) StringWithoutLocking ¶ added in v0.3.0
String returns a human-readable representation of the Hub without locking it.
type HubMsg ¶
type HubMsg struct { record.Base sync.Mutex ID string Map string Type MsgType Data []byte Received int64 }
HubMsg stores raw Hub messages.
type Intel ¶ added in v0.3.0
type Intel struct { // BootstrapHubs is list of transports that also contain an IP and the Hub's ID. BootstrapHubs []string // TrustedHubs is a list of Hub IDs that are specially designated for more sensitive tasls, such as handling unencrypted traffic. TrustedHubs []string // AdviseOnlyTrustedHubs advises to only use trusted Hubs regardless of intended purpose. AdviseOnlyTrustedHubs bool // AdviseOnlyTrustedHomeHubs advises to only use trusted Hubs for Home Hubs. AdviseOnlyTrustedHomeHubs bool // AdviseOnlyTrustedDestinationHubs advises to only use trusted Hubs for Destination Hubs. AdviseOnlyTrustedDestinationHubs bool // HubAdvisory always affects all Hubs. HubAdvisory []string // HomeHubAdvisory is only taken into account when selecting a Home Hub. HomeHubAdvisory []string // DestinationHubAdvisory is only taken into account when selecting a Destination Hub. DestinationHubAdvisory []string // contains filtered or unexported fields }
Intel holds a collection of various security related data collections on Hubs.
func ParseIntel ¶ added in v0.3.0
ParseIntel parses Hub intelligence data.
func (*Intel) ParseAdvisories ¶ added in v0.3.0
ParseAdvisories parses all advisory endpoint lists.
func (*Intel) Parsed ¶ added in v0.3.0
func (i *Intel) Parsed() *ParsedIntel
Parsed returns the collection of parsed intel data.
type Key ¶ added in v0.3.0
Key represents a semi-ephemeral public key used for 0-RTT connection establishment.
type Lane ¶ added in v0.3.0
type Lane struct { ID string // ID of peer Capacity int // max available bandwidth in Mbit/s (measure actively!) Latency int // ping in msecs }
Lane represents a connection to another Hub.
type ParsedIntel ¶ added in v0.3.0
type ParsedIntel struct { // HubAdvisory always affects all Hubs. HubAdvisory endpoints.Endpoints // HomeHubAdvisory is only taken into account when selecting a Home Hub. HomeHubAdvisory endpoints.Endpoints // DestinationHubAdvisory is only taken into account when selecting a Destination Hub. DestinationHubAdvisory endpoints.Endpoints }
ParsedIntel holds a collection of parsed intel data.
type SingleTrustStore ¶
SingleTrustStore is a simple truststore that always returns the same Signet.
type Status ¶ added in v0.3.0
type Status struct { Timestamp int64 // Routing Information Keys map[string]*Key // public keys (with type) Lanes []*Lane // Connections to other Hubs. // Load describes max(CPU, Memory) in percent, averages over the last hour // only update if change is significant in terms of impact on routing // do not update more often than once an hour Load int }
Status is the message type used to update changing Hub Information. Changes are made automatically.
type Transport ¶
Transport represents a "endpoint" that others can connect to. This allows for use of different protocols, ports and infrastructure integration.
func ParseTransport ¶
ParseTransport parses a transport definition.