pkg

package

v0.19.0 Latest Latest Go to latest Published: May 15, 2024 License: MIT Imports: 31 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/semgrep/semgrep-network-broker

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetRequestBodyJSON(body io.Reader) (map[string]interface{}, error)
func GetRequestFields(c *gin.Context) log.Fields
func LoggerWithConfig(logger *log.Logger, notlogged []string) gin.HandlerFunc
func LookupHttpMethod(method string) uint
type Allowlist
- func (allowlist Allowlist) FindMatch(method string, url *url.URL) (*AllowlistItem, bool)
type AllowlistItem
- func (config AllowlistItem) Matches(method string, url *url.URL) bool
type Base64String
- func (bs Base64String) MarshalJSON() ([]byte, error)
type BitSet
- func (bs *BitSet) Set(i uint) error
- func (bs BitSet) Test(i uint) bool
type BitTester
type Config
- func LoadConfig(configFiles []string, deploymentId int) (*Config, error)
type FilteredRelayConfig
- func (config *FilteredRelayConfig) FindMatch(headers *http.Header, value map[string]interface{}) (*FilteredRelayConfig, bool, error)
type GitHub
type GitLab
type HeartbeatConfig
- func (config *HeartbeatConfig) Start(tnet *netstack.Net, userAgent string) (func(), error)
type HttpClientConfig
- func (hcc *HttpClientConfig) BuildRoundTripper() (http.RoundTripper, error)
type HttpMethods
- func ParseHttpMethods(methods []string) HttpMethods
- func (methods HttpMethods) Test(i uint) bool
type InboundProxyConfig
- func (config *InboundProxyConfig) Start(tnet *netstack.Net) error
type LoggingConfig
type OutboundProxyConfig
- func (config *OutboundProxyConfig) Start() error
type SensitiveBase64String
- func (sbs SensitiveBase64String) MarshalJSON() ([]byte, error)
- func (sbs SensitiveBase64String) String() string
type WireguardBase
- func (base WireguardBase) GenerateConfig() string
- func (base *WireguardBase) ResolvePeerEndpoints() error
- func (config *WireguardBase) Start() (*netstack.Net, func() error, error)
type WireguardPeer
- func (peer WireguardPeer) Validate() error
- func (peer WireguardPeer) WriteTo(sb io.StringWriter)

Constants ¶

View Source

const (
	MethodUnknown uint = iota
	MethodGet
	MethodHead
	MethodPost
	MethodPut
	MethodPatch
	MethodDelete
	MethodConnect
	MethodOptions
	MethodTrace
)

View Source

const RedactedString = "REDACTED"

Variables ¶

This section is empty.

Functions ¶

func GetRequestBodyJSON ¶

func GetRequestBodyJSON(body io.Reader) (map[string]interface{}, error)

func GetRequestFields ¶

func GetRequestFields(c *gin.Context) log.Fields

func LoggerWithConfig ¶

func LoggerWithConfig(logger *log.Logger, notlogged []string) gin.HandlerFunc

func LookupHttpMethod ¶

func LookupHttpMethod(method string) uint

Types ¶

type Allowlist ¶

type Allowlist []AllowlistItem

func (Allowlist) FindMatch ¶

func (allowlist Allowlist) FindMatch(method string, url *url.URL) (*AllowlistItem, bool)

type AllowlistItem ¶

type AllowlistItem struct {
	URL                   string            `mapstructure:"url" json:"url"`
	Methods               HttpMethods       `mapstructure:"methods" json:"methods"`
	SetRequestHeaders     map[string]string `mapstructure:"setRequestHeaders" json:"setRequestHeaders"`
	RemoveResponseHeaders []string          `mapstructure:"removeResponseHeaders" json:"removeRequestHeaders"`
	LogRequestBody        bool              `mapstructure:"logRequestBody" json:"logRequestBody"`
	LogRequestHeaders     bool              `mapstructure:"logRequestHeaders" json:"logRequestHeaders"`
	LogResponseBody       bool              `mapstructure:"logResponseBody" json:"logResponseBody"`
	LogResponseHeaders    bool              `mapstructure:"logResponseHeaders" json:"logResponseHeaders"`
}

func (AllowlistItem) Matches ¶

func (config AllowlistItem) Matches(method string, url *url.URL) bool

type Base64String ¶

type Base64String []byte

func (Base64String) MarshalJSON ¶

func (bs Base64String) MarshalJSON() ([]byte, error)

type BitSet ¶

type BitSet uint16

func (*BitSet) Set ¶

func (bs *BitSet) Set(i uint) error

func (BitSet) Test ¶

func (bs BitSet) Test(i uint) bool

type BitTester ¶

type BitTester interface {
	Test(i uint) bool
}

type Config ¶

type Config struct {
	Inbound  InboundProxyConfig  `mapstructure:"inbound" json:"inbound"`
	Outbound OutboundProxyConfig `mapstructure:"outbound" json:"outbound"`
}

func LoadConfig ¶

func LoadConfig(configFiles []string, deploymentId int) (*Config, error)

type FilteredRelayConfig ¶

type FilteredRelayConfig struct {
	DestinationURL    string                `mapstructure:"destinationUrl"`
	JSONPath          string                `mapstructure:"jsonPath"`
	Contains          []string              `mapstructure:"contains"`
	Equals            []string              `mapstructure:"equals"`
	HasPrefix         []string              `mapstructure:"hasPrefix"`
	HeaderEquals      map[string]string     `mapstructure:"headerEquals"`
	HeaderNotEquals   map[string]string     `mapstructure:"headerNotEquals"`
	AdditionalConfigs []FilteredRelayConfig `mapstructure:"additionalConfigs"` // this is awful, but we can refactor this in the near future

	LogRequestBody     bool `mapstructure:"logRequestBody" json:"logRequestBody"`
	LogRequestHeaders  bool `mapstructure:"logRequestHeaders" json:"logRequestHeaders"`
	LogResponseBody    bool `mapstructure:"logResponseBody" json:"logResponseBody"`
	LogResponseHeaders bool `mapstructure:"logResponseHeaders" json:"logResponseHeaders"`
}

func (*FilteredRelayConfig) FindMatch ¶

func (config *FilteredRelayConfig) FindMatch(headers *http.Header, value map[string]interface{}) (*FilteredRelayConfig, bool, error)

type GitHub ¶

type GitHub struct {
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`
	Token   string `mapstructure:"token" json:"token"`
}

type GitLab ¶

type GitLab struct {
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`
	Token   string `mapstructure:"token" json:"token"`
}

type HeartbeatConfig ¶

type HeartbeatConfig struct {
	URL                       string `mapstructure:"url" json:"url" validate:"format=url"`
	IntervalSeconds           int    `mapstructure:"intervalSeconds" json:"intervalSeconds" validate:"gte=30" default:"60"`
	TimeoutSeconds            int    `mapstructure:"timeoutSeconds" json:"timeoutSeconds" validate:"gt=0" default:"5"`
	PanicAfterFailureCount    int    `mapstructure:"panicAfterFailureCount" json:"panicAfterFailureCount" validate:"gte=0"`
	FirstHeartbeatMustSucceed bool   `mapstructure:"firstHeartbeatMustSucceed" json:"firstHeartbeatMustSucceed"`
}

func (*HeartbeatConfig) Start ¶

func (config *HeartbeatConfig) Start(tnet *netstack.Net, userAgent string) (func(), error)

type HttpClientConfig ¶ added in v0.16.0

type HttpClientConfig struct {
	AdditionalCACerts []string `mapstructure:"additionalCACerts" json:"additionalCACerts"`
}

func (*HttpClientConfig) BuildRoundTripper ¶ added in v0.16.0

func (hcc *HttpClientConfig) BuildRoundTripper() (http.RoundTripper, error)

type HttpMethods ¶

type HttpMethods BitSet

func ParseHttpMethods ¶

func ParseHttpMethods(methods []string) HttpMethods

func (HttpMethods) Test ¶

func (methods HttpMethods) Test(i uint) bool

type InboundProxyConfig ¶

type InboundProxyConfig struct {
	Wireguard       WireguardBase    `mapstructure:"wireguard" json:"wireguard"`
	Allowlist       Allowlist        `mapstructure:"allowlist" json:"allowlist"`
	ProxyListenPort int              `mapstructure:"proxyListenPort" json:"proxyListenPort" validate:"gte=0" default:"80"`
	Logging         LoggingConfig    `mapstructure:"logging" json:"logging"`
	Heartbeat       HeartbeatConfig  `mapstructure:"heartbeat" json:"heartbeat"`
	GitHub          *GitHub          `mapstructure:"github" json:"github"`
	GitLab          *GitLab          `mapstructure:"gitlab" json:"gitlab"`
	HttpClient      HttpClientConfig `mapstructure:"httpClient" json:"httpClient"`
}

func (*InboundProxyConfig) Start ¶

func (config *InboundProxyConfig) Start(tnet *netstack.Net) error

type LoggingConfig ¶

type LoggingConfig struct {
	SkipPaths          []string `mapstructure:"skipPaths" json:"skipPaths"`
	LogRequestBody     bool     `mapstructure:"logRequestBody" json:"logRequestBody"`
	LogRequestHeaders  bool     `mapstructure:"logRequestHeaders" json:"logRequestHeaders"`
	LogResponseBody    bool     `mapstructure:"logResponseBody" json:"logResponseBody"`
	LogResponseHeaders bool     `mapstructure:"logResponseHeaders" json:"logResponseHeaders"`
}

type OutboundProxyConfig ¶

type OutboundProxyConfig struct {
	Relay      map[string]FilteredRelayConfig `mapstructure:"relay" json:"relay"`
	Logging    LoggingConfig                  `mapstructure:"logging" json:"logging"`
	ListenPort int                            `mapstructure:"listenPort" json:"listenPort" validate:"gte=0" default:"8080"`
}

func (*OutboundProxyConfig) Start ¶

func (config *OutboundProxyConfig) Start() error

type SensitiveBase64String ¶

type SensitiveBase64String []byte

func (SensitiveBase64String) MarshalJSON ¶

func (sbs SensitiveBase64String) MarshalJSON() ([]byte, error)

func (SensitiveBase64String) String ¶

func (sbs SensitiveBase64String) String() string

type WireguardBase ¶

type WireguardBase struct {
	LocalAddress string                `mapstructure:"localAddress" json:"localAddress" validate:"format=ip"`
	Dns          []string              `mapstructure:"dns" json:"dns" validate:"empty=true > format=ip"`
	Mtu          int                   `mapstructure:"mtu" json:"mtu" validate:"gte=0" default:"1420"`
	PrivateKey   SensitiveBase64String `mapstructure:"privateKey" json:"privateKey" validate:"empty=false"`
	ListenPort   int                   `mapstructure:"listenPort" json:"listenPort" validate:"gte=0"`
	Peers        []WireguardPeer       `mapstructure:"peers" json:"peers" validate:"empty=false"`
	Verbose      bool                  `mapstructure:"verbose" json:"verbose"`
}

func (WireguardBase) GenerateConfig ¶

func (base WireguardBase) GenerateConfig() string

func (*WireguardBase) ResolvePeerEndpoints ¶

func (base *WireguardBase) ResolvePeerEndpoints() error

func (*WireguardBase) Start ¶

func (config *WireguardBase) Start() (*netstack.Net, func() error, error)

type WireguardPeer ¶

type WireguardPeer struct {
	PublicKey                   Base64String `mapstructure:"publicKey" json:"publicKey" validate:"empty=false"`
	Endpoint                    string       `mapstructure:"endpoint" json:"endpoint"`
	AllowedIps                  string       `mapstructure:"allowedIps" json:"allowedIps" validate:"format=cidr"`
	PersistentKeepaliveInterval int          `mapstructure:"persistentKeepaliveInterval" json:"persistentKeepaliveInterval" validate:"gt=0" default:"20"`
	DisablePersistentKeepalive  bool         `mapstructure:"disablePersistentKeepalive" json:"disablePersistentKeepalive"`
	// contains filtered or unexported fields
}

func (WireguardPeer) Validate ¶

func (peer WireguardPeer) Validate() error

func (WireguardPeer) WriteTo ¶

func (peer WireguardPeer) WriteTo(sb io.StringWriter)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL