hiddenpath

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 10, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func LoadConfiguration

func LoadConfiguration(location string) (Groups, RegistrationPolicy, error)

LoadConfiguration loads the hidden paths configuration indicated by the location. If the location starts with http:// or https:// the configuration is fetched via HTTP.

Types

type AddressResolver

type AddressResolver interface {
	// Resolve creates an address with a path to the remote ISD-AS that is
	// specified.
	Resolve(context.Context, addr.IA) (net.Addr, error)
}

AddressResolver helps to resolve addresses in a remote AS.

type AuthoritativeServer

type AuthoritativeServer struct {
	// Groups is the current set of groups.
	Groups map[GroupID]*Group
	// DB is used to read hidden segments.
	DB Store
	// LocalIA is the ISD-AS this server is run in.
	LocalIA addr.IA
}

AuthoritativeServer serves segments from the database.

func (AuthoritativeServer) Segments

func (s AuthoritativeServer) Segments(ctx context.Context,
	req SegmentRequest) ([]*seg.Meta, error)

Segments returns the segments for the request or errors out if there was an error.

type BeaconWriter

type BeaconWriter struct {
	// InternalErrors counts errors that happened before being able to send a
	// segment to a remote. This can be during terminating the segment, looking
	// up the remote etc. If the counter is nil errors are not counted.
	InternalErrors metrics.Counter
	// Registered counts the amount of registered segments. A label is used to
	// indicate the status of the registration.
	Registered metrics.Counter
	// Intfs gives access to the interfaces this CS beacons over.
	Intfs *ifstate.Interfaces
	// Extender is used to terminate the beacon.
	Extender beaconing.Extender
	// RPC is used to send the segment to the remote. For public registrations
	// the entry with an empty group ID as key is used.
	RPC Register
	// Pather is used to construct paths to the originator of a beacon.
	Pather beaconing.Pather
	// RegistrationPolicy is the hidden path registration policy.
	RegistrationPolicy RegistrationPolicy
	// AddressResolver is used to resolve remote ASes.
	AddressResolver AddressResolver
}

BeaconWriter terminates segments and registers them at remotes. The remotes can either be a public core segment registry or a hidden segment registry.

func (*BeaconWriter) Write

func (w *BeaconWriter) Write(ctx context.Context, segments []beacon.Beacon,
	peers []uint16) (beaconing.WriteStats, error)

Write iterates the segments channel and for each of the segments: it extends it, it finds the remotes via the registration policy, it finds a path for each remote, it sends the segment via the found path. Peers are the peer interfaces in this AS.

type Discoverer

type Discoverer interface {
	Discover(ctx context.Context, dsAddr net.Addr) (Servers, error)
}

Discoverer can be used to find remote discovery services.

type ForwardServer

type ForwardServer struct {
	Groups    map[GroupID]*Group
	LocalAuth Lookuper
	LocalIA   addr.IA
	RPC       RPC
	Resolver  AddressResolver
	Verifier  Verifier
}

ForwardServer handles hidden path segment lookup requests from daemons. For each group id of the request, it requests the segments at the the respective autoritative registry.

func (ForwardServer) Segments

func (s ForwardServer) Segments(ctx context.Context,
	req SegmentRequest) ([]*seg.Meta, error)

Segments serves segments for the given request. It finds per group ID the authoritative server and makes the QUIC grpc call. It does not support local cache.

type Group

type Group struct {
	// ID is a 64-bit unique identifier of the group. It is the concatenation of
	// the owner AS number and a hex encoded 16-bit suffix.
	ID GroupID
	// Owner is the AS ID of the owner of the hidden path group. The Owner AS is
	// responsible for maintaining the hidden path group configuration and
	// distributing it to all entities that require it.
	Owner addr.IA
	// Writers contains all ASes in the group that are allowed to register hidden
	// paths.
	Writers map[addr.IA]struct{}
	// Readers contains all ASes in the group which are allowed to read hidden
	// path information.
	Readers map[addr.IA]struct{}
	// Registries contains all ASes in the group at which Writers register hidden
	// paths.
	Registries map[addr.IA]struct{}
}

Group is a group of ASes that share hidden path information.

func (*Group) GetRegistries

func (g *Group) GetRegistries() []addr.IA

func (*Group) Validate

func (g *Group) Validate() error

Validate validates the group.

type GroupID

type GroupID struct {
	OwnerAS addr.AS
	Suffix  uint16
}

GroupID is unique 64bit identification of the group.

func GroupIDFromUint64

func GroupIDFromUint64(id uint64) GroupID

GroupIDFromUint64 creates the group ID from the uint64 representation.

func ParseGroupID

func ParseGroupID(s string) (GroupID, error)

ParseGroupID parses the string representation of the group ID.

func (GroupID) String

func (id GroupID) String() string

func (GroupID) ToUint64

func (id GroupID) ToUint64() uint64

ToUint64 returns the uint64 representation of the group ID.

type Groups

type Groups map[GroupID]*Group

Groups is a list of hidden path groups.

func LoadHiddenPathGroups

func LoadHiddenPathGroups(location string) (Groups, error)

LoadHiddenPathGroups loads the hiddenpath groups configuration file.

func (Groups) MarshalYAML

func (g Groups) MarshalYAML() (interface{}, error)

MarshalYAML implements yaml marshalling.

func (Groups) Roles

func (g Groups) Roles(ia addr.IA) Roles

Roles returns the roles the given ISD-AS has in this set of groups.

func (Groups) UnmarshalYAML

func (g Groups) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML implements the yaml unmarshaller for the Groups type.

func (Groups) Validate

func (g Groups) Validate() error

Validate validates all groups in the map.

type InterfacePolicy

type InterfacePolicy struct {
	// The policy for registering the segment publicly.
	Public bool
	// The policies for the different hidden path groups.
	Groups map[GroupID]*Group
}

InterfacePolicy defines the registration policy for an ingress interface.

type LookupResolver

type LookupResolver struct {
	Router     snet.Router
	Discoverer Discoverer
}

LookupResolver resolves the address of a hidden segment lookup server in an IA.

func (LookupResolver) Resolve

func (r LookupResolver) Resolve(ctx context.Context, ia addr.IA) (net.Addr, error)

Resolve resolves a hidden segment lookup server in the remote IA.

type Lookuper

type Lookuper interface {
	Segments(context.Context, SegmentRequest) ([]*seg.Meta, error)
}

Lookuper is used to lookup segments.

type RPC

type RPC interface {
	HiddenSegments(context.Context, SegmentRequest, net.Addr) ([]*seg.Meta, error)
}

RPC is used to fetch hidden segments from a remote and to register segments to a remote.

type Register

type Register interface {
	RegisterSegment(context.Context, SegmentRegistration, net.Addr) error
}

Register is used to register segments to a remote.

type Registration

type Registration struct {
	// Segments are the segments to be registered.
	Segments []*seg.Meta
	// GroupID is the hiddenpath group ID under which the segments should be
	// registered.
	GroupID GroupID
	// Peer is the address of the writer of the segments.
	Peer *snet.SVCAddr
}

Registration is a hidden segment registration.

type RegistrationPolicy

type RegistrationPolicy map[uint64]InterfacePolicy

RegistrationPolicy describes the policy for registering segments. The map is keyed by ingress interface ID.

func (RegistrationPolicy) MarshalYAML

func (p RegistrationPolicy) MarshalYAML() (interface{}, error)

MarshalYAML implements the yaml marshaller interface.

func (RegistrationPolicy) UnmarshalYAML

func (p RegistrationPolicy) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML implements YAML unmarshaling for the registration policy type.

func (RegistrationPolicy) Validate

func (p RegistrationPolicy) Validate() error

Validate validates the registration policy.

type RegistrationResolver

type RegistrationResolver struct {
	Router     snet.Router
	Discoverer Discoverer
}

RegistrationResolver resolves the address of a hidden segment registration server in an IA.

func (RegistrationResolver) Resolve

func (r RegistrationResolver) Resolve(ctx context.Context, ia addr.IA) (net.Addr, error)

Resolve resolves a hidden segment registration server in the remote IA.

type Registry

type Registry interface {
	Register(context.Context, Registration) error
}

Registry handles registrations.

type RegistryServer

type RegistryServer struct {
	// Groups is the current set of groups.
	Groups map[GroupID]*Group
	// DB is used to write received segments.
	DB Store
	// Verifier is used to verify the received segments.
	Verifier Verifier
	// LocalIA is the IA this handler is in.
	LocalIA addr.IA
}

RegistryServer handles hidden segment registrations.

func (RegistryServer) Register

func (h RegistryServer) Register(ctx context.Context, reg Registration) error

Register registers the given registration.

type Roles

type Roles struct {
	Owner    bool
	Registry bool
	Reader   bool
	Writer   bool
}

Roles indicates roles in a hidden path group(s).

func (Roles) None

func (r Roles) None() bool

None returns true if no role is set.

type SegmentRegistration

type SegmentRegistration struct {
	GroupID GroupID
	Seg     seg.Meta
}

SegmentRegistration is a registration for hidden segments.

type SegmentRequest

type SegmentRequest struct {
	// GroupIDs are the hidden path group IDs for which the segments are
	// requested.
	GroupIDs []GroupID
	// DstIA is the destination ISD-AS of the segments that are requested.
	DstIA addr.IA
	// Peer is ISD-AS of the requesting peer.
	Peer addr.IA
}

SegmentRequest is a request for hidden segments.

type Servers

type Servers struct {
	// Lookup is the list of lookup addresses.
	Lookup []*net.UDPAddr
	// Registration is the list of registration addresses.
	Registration []*net.UDPAddr
}

Servers is a list of discovered remote hidden segment server.

type Store

type Store interface {
	// Get gets the segments that end at the given IA and are in one of the given
	// hidden path groups.
	Get(context.Context, addr.IA, []GroupID) ([]*seg.Meta, error)
	// Put puts the given segments in the database and associates them with the
	// given hidden path group ID.
	Put(context.Context, []*seg.Meta, GroupID) error
}

Store is the interface to the hidden segment database.

type Storer

type Storer struct {
	DB pathdb.DB
}

Storer implements the path DB interface for a hidden segments.

func (*Storer) Get

func (s *Storer) Get(ctx context.Context, ia addr.IA,
	groups []GroupID) ([]*seg.Meta, error)

Get returns segments from the store using a db provider.

func (*Storer) Put

func (s *Storer) Put(ctx context.Context, segs []*seg.Meta, g GroupID) error

Put stores segments in the store using a db provider.

type Verifier

type Verifier interface {
	// Verify fetches the crypto material from the server and verifies the segments.
	Verify(ctx context.Context, segments []*seg.Meta, server net.Addr) error
}

Verifier is used to verify a segments reply.

type VerifierAdapter

type VerifierAdapter struct {
	Verifier infra.Verifier
}

VerifierAdapter adapts and infra.Verifier to the hidden path verifier interface.

func (VerifierAdapter) Verify

func (v VerifierAdapter) Verify(ctx context.Context, segments []*seg.Meta, server net.Addr) error

Verify verifies the segments. It returns an error if a verification of any of the segments fails.

Directories

Path Synopsis
mock_grpc
Package mock_grpc is a generated GoMock package.
Package mock_grpc is a generated GoMock package.
Package mock_hiddenpath is a generated GoMock package.
Package mock_hiddenpath is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL