Documentation
¶
Index ¶
- func LoadConfiguration(location string) (Groups, RegistrationPolicy, error)
- type AddressResolver
- type AuthoritativeServer
- type BeaconWriter
- type Discoverer
- type ForwardServer
- type Group
- type GroupID
- type Groups
- type InterfacePolicy
- type LookupResolver
- type Lookuper
- type RPC
- type Register
- type Registration
- type RegistrationPolicy
- type RegistrationResolver
- type Registry
- type RegistryServer
- type Roles
- type SegmentRegistration
- type SegmentRequest
- type Servers
- type Store
- type Storer
- type Verifier
- type VerifierAdapter
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func LoadConfiguration ¶ added in v0.7.0
func LoadConfiguration(location string) (Groups, RegistrationPolicy, error)
LoadConfiguration loads the hidden paths configuration indicated by the location. If the location starts with http:// or https:// the configuration is fetched via HTTP.
Types ¶
type AddressResolver ¶
type AddressResolver interface {
// Resolve creates an address with a path to the remote ISD-AS that is
// specified.
Resolve(context.Context, addr.IA) (net.Addr, error)
}
AddressResolver helps to resolve addresses in a remote AS.
type AuthoritativeServer ¶
type AuthoritativeServer struct {
// Groups is the current set of groups.
Groups map[GroupID]*Group
// DB is used to read hidden segments.
DB Store
// LocalIA is the ISD-AS this server is run in.
LocalIA addr.IA
}
AuthoritativeServer serves segments from the database.
func (AuthoritativeServer) Segments ¶
func (s AuthoritativeServer) Segments(ctx context.Context, req SegmentRequest) ([]*seg.Meta, error)
Segments returns the segments for the request or errors out if there was an error.
type BeaconWriter ¶
type BeaconWriter struct {
// InternalErrors counts errors that happened before being able to send a
// segment to a remote. This can be during terminating the segment, looking
// up the remote etc. If the counter is nil errors are not counted.
InternalErrors metrics.Counter
// Registered counts the amount of registered segments. A label is used to
// indicate the status of the registration.
Registered metrics.Counter
// Intfs gives access to the interfaces this CS beacons over.
Intfs *ifstate.Interfaces
// Extender is used to terminate the beacon.
Extender beaconing.Extender
// RPC is used to send the segment to the remote. For public registrations
// the entry with an empty group ID as key is used.
RPC Register
// Pather is used to construct paths to the originator of a beacon.
Pather beaconing.Pather
// RegistrationPolicy is the hidden path registration policy.
RegistrationPolicy RegistrationPolicy
// AddressResolver is used to resolve remote ASes.
AddressResolver AddressResolver
}
BeaconWriter terminates segments and registers them at remotes. The remotes can either be a public core segment registry or a hidden segment registry.
func (*BeaconWriter) Write ¶
func (w *BeaconWriter) Write(ctx context.Context, segments []beacon.Beacon, peers []uint16) (beaconing.WriteStats, error)
Write iterates the segments channel and for each of the segments: it extends it, it finds the remotes via the registration policy, it finds a path for each remote, it sends the segment via the found path. Peers are the peer interfaces in this AS.
type Discoverer ¶
Discoverer can be used to find remote discovery services.
type ForwardServer ¶
type ForwardServer struct {
Groups map[GroupID]*Group
LocalAuth Lookuper
LocalIA addr.IA
RPC RPC
Resolver AddressResolver
Verifier Verifier
}
ForwardServer handles hidden path segment lookup requests from daemons. For each group id of the request, it requests the segments at the the respective autoritative registry.
func (ForwardServer) Segments ¶
func (s ForwardServer) Segments(ctx context.Context, req SegmentRequest) ([]*seg.Meta, error)
Segments serves segments for the given request. It finds per group ID the authoritative server and makes the QUIC grpc call. It does not support local cache.
type Group ¶
type Group struct {
// ID is a 64-bit unique identifier of the group. It is the concatenation of
// the owner AS number and a hex encoded 16-bit suffix.
ID GroupID
// Owner is the AS ID of the owner of the hidden path group. The Owner AS is
// responsible for maintaining the hidden path group configuration and
// distributing it to all entities that require it.
Owner addr.IA
// Writers contains all ASes in the group that are allowed to register hidden
// paths.
Writers map[addr.IA]struct{}
// Readers contains all ASes in the group which are allowed to read hidden
// path information.
Readers map[addr.IA]struct{}
// Registries contains all ASes in the group at which Writers register hidden
// paths.
Registries map[addr.IA]struct{}
}
Group is a group of ASes that share hidden path information.
func (*Group) GetRegistries ¶
type GroupID ¶
GroupID is unique 64bit identification of the group.
func GroupIDFromUint64 ¶
GroupIDFromUint64 creates the group ID from the uint64 representation.
func ParseGroupID ¶
ParseGroupID parses the string representation of the group ID.
type Groups ¶
Groups is a list of hidden path groups.
func LoadHiddenPathGroups ¶
LoadHiddenPathGroups loads the hiddenpath groups configuration file.
func (Groups) MarshalYAML ¶
MarshalYAML implements yaml marshalling.
func (Groups) Roles ¶ added in v0.7.0
Roles returns the roles the given ISD-AS has in this set of groups.
func (Groups) UnmarshalYAML ¶
UnmarshalYAML implements the yaml unmarshaller for the Groups type.
type InterfacePolicy ¶
type InterfacePolicy struct {
// The policy for registering the segment publicly.
Public bool
// The policies for the different hidden path groups.
Groups map[GroupID]*Group
}
InterfacePolicy defines the registration policy for an ingress interface.
type LookupResolver ¶ added in v0.7.0
type LookupResolver struct {
Router snet.Router
Discoverer Discoverer
}
LookupResolver resolves the address of a hidden segment lookup server in an IA.
type RPC ¶
type RPC interface {
HiddenSegments(context.Context, SegmentRequest, net.Addr) ([]*seg.Meta, error)
}
RPC is used to fetch hidden segments from a remote and to register segments to a remote.
type Registration ¶
type Registration struct {
// Segments are the segments to be registered.
Segments []*seg.Meta
// GroupID is the hiddenpath group ID under which the segments should be
// registered.
GroupID GroupID
// Peer is the address of the writer of the segments.
Peer *snet.SVCAddr
}
Registration is a hidden segment registration.
type RegistrationPolicy ¶
type RegistrationPolicy map[uint64]InterfacePolicy
RegistrationPolicy describes the policy for registering segments. The map is keyed by ingress interface ID.
func (RegistrationPolicy) MarshalYAML ¶
func (p RegistrationPolicy) MarshalYAML() (interface{}, error)
MarshalYAML implements the yaml marshaller interface.
func (RegistrationPolicy) UnmarshalYAML ¶
func (p RegistrationPolicy) UnmarshalYAML(unmarshal func(interface{}) error) error
UnmarshalYAML implements YAML unmarshaling for the registration policy type.
func (RegistrationPolicy) Validate ¶
func (p RegistrationPolicy) Validate() error
Validate validates the registration policy.
type RegistrationResolver ¶
type RegistrationResolver struct {
Router snet.Router
Discoverer Discoverer
}
RegistrationResolver resolves the address of a hidden segment registration server in an IA.
type Registry ¶
type Registry interface {
Register(context.Context, Registration) error
}
Registry handles registrations.
type RegistryServer ¶
type RegistryServer struct {
// Groups is the current set of groups.
Groups map[GroupID]*Group
// DB is used to write received segments.
DB Store
// Verifier is used to verify the received segments.
Verifier Verifier
// LocalIA is the IA this handler is in.
LocalIA addr.IA
}
RegistryServer handles hidden segment registrations.
func (RegistryServer) Register ¶
func (h RegistryServer) Register(ctx context.Context, reg Registration) error
Register registers the given registration.
type SegmentRegistration ¶
SegmentRegistration is a registration for hidden segments.
type SegmentRequest ¶
type SegmentRequest struct {
// GroupIDs are the hidden path group IDs for which the segments are
// requested.
GroupIDs []GroupID
// DstIA is the destination ISD-AS of the segments that are requested.
DstIA addr.IA
// Peer is ISD-AS of the requesting peer.
Peer addr.IA
}
SegmentRequest is a request for hidden segments.
type Servers ¶
type Servers struct {
// Lookup is the list of lookup addresses.
Lookup []*net.UDPAddr
// Registration is the list of registration addresses.
Registration []*net.UDPAddr
}
Servers is a list of discovered remote hidden segment server.
type Store ¶
type Store interface {
// Get gets the segments that end at the given IA and are in one of the given
// hidden path groups.
Get(context.Context, addr.IA, []GroupID) ([]*seg.Meta, error)
// Put puts the given segments in the database and associates them with the
// given hidden path group ID.
Put(context.Context, []*seg.Meta, GroupID) error
}
Store is the interface to the hidden segment database.
type Storer ¶
Storer implements the path DB interface for a hidden segments.
type Verifier ¶
type Verifier interface {
// Verify fetches the crypto material from the server and verifies the segments.
Verify(ctx context.Context, segments []*seg.Meta, server net.Addr) error
}
Verifier is used to verify a segments reply.
type VerifierAdapter ¶ added in v0.7.0
VerifierAdapter adapts and infra.Verifier to the hidden path verifier interface.
Source Files
Directories