Documentation ¶
Index ¶
- func LoadConfiguration(location string) (Groups, RegistrationPolicy, error)
- type AddressResolver
- type AuthoritativeServer
- type BeaconWriter
- type Discoverer
- type ForwardServer
- type Group
- type GroupID
- type Groups
- type InterfacePolicy
- type LookupResolver
- type Lookuper
- type RPC
- type Register
- type Registration
- type RegistrationPolicy
- type RegistrationResolver
- type Registry
- type RegistryServer
- type Roles
- type SegmentRegistration
- type SegmentRequest
- type Servers
- type Store
- type Storer
- type Verifier
- type VerifierAdapter
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func LoadConfiguration ¶
func LoadConfiguration(location string) (Groups, RegistrationPolicy, error)
LoadConfiguration loads the hidden paths configuration indicated by the location. If the location starts with http:// or https:// the configuration is fetched via HTTP.
Types ¶
type AddressResolver ¶
type AddressResolver interface { // Resolve creates an address with a path to the remote ISD-AS that is // specified. Resolve(context.Context, addr.IA) (net.Addr, error) }
AddressResolver helps to resolve addresses in a remote AS.
type AuthoritativeServer ¶
type AuthoritativeServer struct { // Groups is the current set of groups. Groups map[GroupID]*Group // DB is used to read hidden segments. DB Store // LocalIA is the ISD-AS this server is run in. LocalIA addr.IA }
AuthoritativeServer serves segments from the database.
func (AuthoritativeServer) Segments ¶
func (s AuthoritativeServer) Segments(ctx context.Context, req SegmentRequest) ([]*seg.Meta, error)
Segments returns the segments for the request or errors out if there was an error.
type BeaconWriter ¶
type BeaconWriter struct { // InternalErrors counts errors that happened before being able to send a // segment to a remote. This can be during terminating the segment, looking // up the remote etc. If the counter is nil errors are not counted. InternalErrors metrics.Counter // Registered counts the amount of registered segments. A label is used to // indicate the status of the registration. Registered metrics.Counter // Intfs gives access to the interfaces this CS beacons over. Intfs *ifstate.Interfaces // Extender is used to terminate the beacon. Extender beaconing.Extender // RPC is used to send the segment to the remote. For public registrations // the entry with an empty group ID as key is used. RPC Register // Pather is used to construct paths to the originator of a beacon. Pather beaconing.Pather // RegistrationPolicy is the hidden path registration policy. RegistrationPolicy RegistrationPolicy // AddressResolver is used to resolve remote ASes. AddressResolver AddressResolver }
BeaconWriter terminates segments and registers them at remotes. The remotes can either be a public core segment registry or a hidden segment registry.
func (*BeaconWriter) Write ¶
func (w *BeaconWriter) Write(ctx context.Context, segments []beacon.Beacon, peers []uint16) (beaconing.WriteStats, error)
Write iterates the segments channel and for each of the segments: it extends it, it finds the remotes via the registration policy, it finds a path for each remote, it sends the segment via the found path. Peers are the peer interfaces in this AS.
type Discoverer ¶
Discoverer can be used to find remote discovery services.
type ForwardServer ¶
type ForwardServer struct { Groups map[GroupID]*Group LocalAuth Lookuper LocalIA addr.IA RPC RPC Resolver AddressResolver Verifier Verifier }
ForwardServer handles hidden path segment lookup requests from daemons. For each group id of the request, it requests the segments at the the respective autoritative registry.
func (ForwardServer) Segments ¶
func (s ForwardServer) Segments(ctx context.Context, req SegmentRequest) ([]*seg.Meta, error)
Segments serves segments for the given request. It finds per group ID the authoritative server and makes the QUIC grpc call. It does not support local cache.
type Group ¶
type Group struct { // ID is a 64-bit unique identifier of the group. It is the concatenation of // the owner AS number and a hex encoded 16-bit suffix. ID GroupID // Owner is the AS ID of the owner of the hidden path group. The Owner AS is // responsible for maintaining the hidden path group configuration and // distributing it to all entities that require it. Owner addr.IA // Writers contains all ASes in the group that are allowed to register hidden // paths. Writers map[addr.IA]struct{} // Readers contains all ASes in the group which are allowed to read hidden // path information. Readers map[addr.IA]struct{} // Registries contains all ASes in the group at which Writers register hidden // paths. Registries map[addr.IA]struct{} }
Group is a group of ASes that share hidden path information.
func (*Group) GetRegistries ¶
type GroupID ¶
GroupID is unique 64bit identification of the group.
func GroupIDFromUint64 ¶
GroupIDFromUint64 creates the group ID from the uint64 representation.
func ParseGroupID ¶
ParseGroupID parses the string representation of the group ID.
type Groups ¶
Groups is a list of hidden path groups.
func LoadHiddenPathGroups ¶
LoadHiddenPathGroups loads the hiddenpath groups configuration file.
func (Groups) MarshalYAML ¶
MarshalYAML implements yaml marshalling.
func (Groups) UnmarshalYAML ¶
UnmarshalYAML implements the yaml unmarshaller for the Groups type.
type InterfacePolicy ¶
type InterfacePolicy struct { // The policy for registering the segment publicly. Public bool // The policies for the different hidden path groups. Groups map[GroupID]*Group }
InterfacePolicy defines the registration policy for an ingress interface.
type LookupResolver ¶
type LookupResolver struct { Router snet.Router Discoverer Discoverer }
LookupResolver resolves the address of a hidden segment lookup server in an IA.
type RPC ¶
type RPC interface {
HiddenSegments(context.Context, SegmentRequest, net.Addr) ([]*seg.Meta, error)
}
RPC is used to fetch hidden segments from a remote and to register segments to a remote.
type Registration ¶
type Registration struct { // Segments are the segments to be registered. Segments []*seg.Meta // GroupID is the hiddenpath group ID under which the segments should be // registered. GroupID GroupID // Peer is the address of the writer of the segments. Peer *snet.SVCAddr }
Registration is a hidden segment registration.
type RegistrationPolicy ¶
type RegistrationPolicy map[uint64]InterfacePolicy
RegistrationPolicy describes the policy for registering segments. The map is keyed by ingress interface ID.
func (RegistrationPolicy) MarshalYAML ¶
func (p RegistrationPolicy) MarshalYAML() (interface{}, error)
MarshalYAML implements the yaml marshaller interface.
func (RegistrationPolicy) UnmarshalYAML ¶
func (p RegistrationPolicy) UnmarshalYAML(unmarshal func(interface{}) error) error
UnmarshalYAML implements YAML unmarshaling for the registration policy type.
func (RegistrationPolicy) Validate ¶
func (p RegistrationPolicy) Validate() error
Validate validates the registration policy.
type RegistrationResolver ¶
type RegistrationResolver struct { Router snet.Router Discoverer Discoverer }
RegistrationResolver resolves the address of a hidden segment registration server in an IA.
type Registry ¶
type Registry interface {
Register(context.Context, Registration) error
}
Registry handles registrations.
type RegistryServer ¶
type RegistryServer struct { // Groups is the current set of groups. Groups map[GroupID]*Group // DB is used to write received segments. DB Store // Verifier is used to verify the received segments. Verifier Verifier // LocalIA is the IA this handler is in. LocalIA addr.IA }
RegistryServer handles hidden segment registrations.
func (RegistryServer) Register ¶
func (h RegistryServer) Register(ctx context.Context, reg Registration) error
Register registers the given registration.
type SegmentRegistration ¶
SegmentRegistration is a registration for hidden segments.
type SegmentRequest ¶
type SegmentRequest struct { // GroupIDs are the hidden path group IDs for which the segments are // requested. GroupIDs []GroupID // DstIA is the destination ISD-AS of the segments that are requested. DstIA addr.IA // Peer is ISD-AS of the requesting peer. Peer addr.IA }
SegmentRequest is a request for hidden segments.
type Servers ¶
type Servers struct { // Lookup is the list of lookup addresses. Lookup []*net.UDPAddr // Registration is the list of registration addresses. Registration []*net.UDPAddr }
Servers is a list of discovered remote hidden segment server.
type Store ¶
type Store interface { // Get gets the segments that end at the given IA and are in one of the given // hidden path groups. Get(context.Context, addr.IA, []GroupID) ([]*seg.Meta, error) // Put puts the given segments in the database and associates them with the // given hidden path group ID. Put(context.Context, []*seg.Meta, GroupID) error }
Store is the interface to the hidden segment database.
type Storer ¶
Storer implements the path DB interface for a hidden segments.
type Verifier ¶
type Verifier interface { // Verify fetches the crypto material from the server and verifies the segments. Verify(ctx context.Context, segments []*seg.Meta, server net.Addr) error }
Verifier is used to verify a segments reply.
type VerifierAdapter ¶
VerifierAdapter adapts and infra.Verifier to the hidden path verifier interface.