trust

package
v0.34.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 13, 2020 License: AGPL-3.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrExclusion is an error class for exclusion related errors
	ErrExclusion = errs.Class("exclusion")
)
View Source 
var (
	// ErrFileSource is an error class for file source errors
	ErrFileSource = errs.Class("file source")
)
View Source 
var (
	// ErrHTTPSource is an error class for HTTP source errors
	ErrHTTPSource = errs.Class("HTTP source")
)
View Source 
var (
	// ErrSatelliteURL is an error class for satellite URL related errors
	ErrSatelliteURL = errs.Class("invalid satellite URL")
)
View Source 
var (
	// ErrStaticSource is an error class for static source errors
	ErrStaticSource = errs.Class("static source")
)
View Source 
var (
	Error = errs.Class("trust")
)

Error is the default error class

Functions

func SaveCacheData added in v0.28.0 

func SaveCacheData(path string, data *CacheData) error

SaveCacheData persists the cache data to the given path

func URLMatchesHTTPSourceHost added in v0.27.0 

func URLMatchesHTTPSourceHost(urlHost, sourceHost string) bool

URLMatchesHTTPSourceHost takes the Satellite URL host and the host of the HTTPSource URL and determines if the SatelliteURL matches or is in the same domain as the HTTPSource URL.

Types

type Cache added in v0.28.0 

type Cache struct {
	// contains filtered or unexported fields
}

Cache caches source information about trusted satellites

func LoadCache added in v0.28.0 

func LoadCache(path string) (*Cache, error)

LoadCache loads a cache from a file on disk. If the file is not present, the cache is still loaded. If the file cannot be read for any other reason, the function will return an error. LoadCache ensures the containing directory exists.

func (*Cache) Lookup added in v0.28.0 

func (cache *Cache) Lookup(key string) (entries []Entry, ok bool)

Lookup takes a cache key and returns entries associated with that key. If the key is unset in the cache, false is returned for ok. Otherwise the entries are returned with ok returned as true.

func (*Cache) Path added in v0.28.0 

func (cache *Cache) Path() string

Path returns the path on disk to the file containing the cache

func (*Cache) Save added in v0.28.0 

func (cache *Cache) Save(ctx context.Context) (err error)

Save persists the cache to disk

func (*Cache) Set added in v0.28.0 

func (cache *Cache) Set(key string, entries []Entry)

Set sets the entries in the cache for the provided key

type CacheData added in v0.28.0 

type CacheData struct {
	Entries map[string][]Entry `json:"entries"`
}

CacheData represents the data stored in the cache

func LoadCacheData added in v0.28.0 

func LoadCacheData(path string) (*CacheData, error)

LoadCacheData loads the cache data from the given path

func NewCacheData added in v0.28.0 

func NewCacheData() *CacheData

NewCacheData returns an new CacheData

type Config added in v0.28.0 

type Config struct {
	Sources         Sources       `help:"list of trust sources" devDefault:"" releaseDefault:"https://tardigrade.io/trusted-satellites"`
	Exclusions      Exclusions    `help:"list of trust exclusions" devDefault:"" releaseDefault:""`
	RefreshInterval time.Duration `help:"how often the trust pool should be refreshed" default:"6h"`
	CachePath       string        `help:"file path where trust lists should be cached" default:"${CONFDIR}/trust-cache.json"`
}

Config is the trust configuration

type Entry added in v0.27.0 

type Entry struct {
	// SatelliteURL is the URL of the satellite
	SatelliteURL SatelliteURL

	// Authoritative indicates whether this entry came from an authoritative
	// source. This impacts how URLS are aggregated.
	Authoritative bool `json:"authoritative"`
}

Entry represents a trust entry

type Exclusions added in v0.28.0 

type Exclusions struct {
	Rules Rules
}

Exclusions is a list of excluding rules that implements pflag.Value

func (*Exclusions) Set added in v0.28.0 

func (exclusions *Exclusions) Set(value string) error

Set implements pflag.Value by parsing a comma separated list of exclusions

func (*Exclusions) String added in v0.28.0 

func (exclusions *Exclusions) String() string

String returns the string representation of the config

func (Exclusions) Type added in v0.28.0 

func (exclusions Exclusions) Type() string

Type returns the type of the pflag.Value

type FileSource added in v0.27.0 

type FileSource struct {
	// contains filtered or unexported fields
}

FileSource represents a trust source contained in a file on disk

func NewFileSource added in v0.27.0 

func NewFileSource(path string) *FileSource

NewFileSource creates a new FileSource that loads a trust list from the given path.

func (*FileSource) FetchEntries added in v0.27.0 

func (source *FileSource) FetchEntries(ctx context.Context) (_ []Entry, err error)

FetchEntries implements the Source interface and returns entries from a the file source on disk. The entries returned are authoritative.

func (*FileSource) Static added in v0.27.0 

func (source *FileSource) Static() bool

Static implements the Source interface. It returns true.

func (*FileSource) String added in v0.27.0 

func (source *FileSource) String() string

String implements the Source interface and returns the FileSource URL

type HTTPSource added in v0.27.0 

type HTTPSource struct {
	// contains filtered or unexported fields
}

HTTPSource represents a trust source at a http:// or https:// URL

func NewHTTPSource added in v0.27.0 

func NewHTTPSource(httpURL string) (*HTTPSource, error)

NewHTTPSource constructs a new HTTPSource from a URL. The URL must be an http:// or https:// URL. The fragment cannot be set.

func (*HTTPSource) FetchEntries added in v0.27.0 

func (source *HTTPSource) FetchEntries(ctx context.Context) (_ []Entry, err error)

FetchEntries implements the Source interface and returns entries parsed from the list retrieved over HTTP(S). The entries returned are only authoritative if the entry URL has a host that matches or is a subdomain of the source URL.

func (*HTTPSource) Static added in v0.27.0 

func (source *HTTPSource) Static() bool

Static implements the Source interface. It returns false for this source.

func (*HTTPSource) String added in v0.27.0 

func (source *HTTPSource) String() string

String implements the Source interface and returns the URL

type HostExcluder added in v0.28.0 

type HostExcluder struct {
	// contains filtered or unexported fields
}

HostExcluder excludes URLs that match a given host. If the host is a domain name then URLs in a subdomain of that domain are excluded as well.

func NewHostExcluder added in v0.28.0 

func NewHostExcluder(host string) *HostExcluder

NewHostExcluder returns a new HostExcluder

func (*HostExcluder) IsTrusted added in v0.28.0 

func (excluder *HostExcluder) IsTrusted(url SatelliteURL) bool

IsTrusted returns true if the given Satellite is trusted and false otherwise

func (*HostExcluder) String added in v0.28.0 

func (excluder *HostExcluder) String() string

String returns a string representation of the excluder

type IDExcluder added in v0.28.0 

type IDExcluder struct {
	// contains filtered or unexported fields
}

IDExcluder excludes URLs matching a given URL

func NewIDExcluder added in v0.28.0 

func NewIDExcluder(id storj.NodeID) *IDExcluder

NewIDExcluder returns a new IDExcluder

func (*IDExcluder) IsTrusted added in v0.28.0 

func (excluder *IDExcluder) IsTrusted(url SatelliteURL) bool

IsTrusted returns true if the given Satellite is trusted and false otherwise

func (*IDExcluder) String added in v0.28.0 

func (excluder *IDExcluder) String() string

String returns a string representation of the excluder

type IdentityResolver added in v0.28.0 

type IdentityResolver interface {
	// ResolveIdentity returns the peer identity of the peer located at the Node URL
	ResolveIdentity(ctx context.Context, url storj.NodeURL) (*identity.PeerIdentity, error)
}

IdentityResolver resolves peer identities from a node URL

func Dialer added in v0.28.0 

func Dialer(dialer rpc.Dialer) IdentityResolver

Dialer implements an IdentityResolver using an RPC dialer

type IdentityResolverFunc added in v0.28.0 

type IdentityResolverFunc func(ctx context.Context, url storj.NodeURL) (*identity.PeerIdentity, error)

IdentityResolverFunc is a convenience type for implementing IdentityResolver using a function literal.

func (IdentityResolverFunc) ResolveIdentity added in v0.28.0 

func (fn IdentityResolverFunc) ResolveIdentity(ctx context.Context, url storj.NodeURL) (*identity.PeerIdentity, error)

ResolveIdentity returns the peer identity of the peer located at the Node URL

type List added in v0.28.0 

type List struct {
	// contains filtered or unexported fields
}

List represents a dynamic trust list

func NewList added in v0.28.0 

func NewList(log *zap.Logger, sources []Source, rules Rules, cache *Cache) (*List, error)

NewList takes one or more sources, optional rules, and a cache and returns a new List.

func (*List) FetchURLs added in v0.28.0 

func (list *List) FetchURLs(ctx context.Context) ([]storj.NodeURL, error)

FetchURLs returns a list of Node URLS for trusted Satellites. It queries all of the configured sources for trust entries. Entries from non-fixed sources are cached. If entries cannot be retrieved from a source, a cached copy is used, if available. Otherwise, if there are no cached entries available, the call will fail. The URLS are filtered before being returned.

type Pool 

type Pool struct {
	// contains filtered or unexported fields
}

Pool implements different peer verifications.

architecture: Service

func NewPool 

func NewPool(log *zap.Logger, resolver IdentityResolver, config Config) (*Pool, error)

NewPool creates a new trust pool of the specified list of trusted satellites.

func (*Pool) GetAddress added in v0.15.0 

func (pool *Pool) GetAddress(ctx context.Context, id storj.NodeID) (_ string, err error)

GetAddress returns the address of a satellite in the trusted list

func (*Pool) GetSatellites added in v0.14.0 

func (pool *Pool) GetSatellites(ctx context.Context) (satellites []storj.NodeID)

GetSatellites returns a slice containing all trusted satellites

func (*Pool) GetSignee 

func (pool *Pool) GetSignee(ctx context.Context, id storj.NodeID) (_ signing.Signee, err error)

GetSignee gets the corresponding signee for verifying signatures. It ignores passed in ctx cancellation to avoid miscaching between concurrent requests.

func (*Pool) Refresh added in v0.28.0 

func (pool *Pool) Refresh(ctx context.Context) error

Refresh refreshes the set of trusted satellites in the pool. Concurrent callers will be synchronized so only one proceeds at a time.

func (*Pool) Run added in v0.28.0 

func (pool *Pool) Run(ctx context.Context) error

Run periodically refreshes the pool. The initial refresh is intended to happen before run is call. Therefore Run does not refresh right away.

func (*Pool) VerifySatelliteID 

func (pool *Pool) VerifySatelliteID(ctx context.Context, id storj.NodeID) (err error)

VerifySatelliteID checks whether id corresponds to a trusted satellite.

type Rule added in v0.28.0 

type Rule interface {
	// IsTrusted returns true if the given Satellite is trusted and false otherwise
	IsTrusted(url SatelliteURL) bool

	// String returns a string representation of the rule
	String() string
}

Rule indicates whether or not a Satellite URL is trusted

func NewExcluder added in v0.28.0 

func NewExcluder(config string) (Rule, error)

NewExcluder takes a configuration string and returns an excluding Rule. Accepted forms are 1) a Satellite ID followed by '@', 2) a hostname or IP address, 3) a full Satellite URL.

type Rules added in v0.28.0 

type Rules []Rule

Rules is a collection of rules

func (Rules) IsTrusted added in v0.28.0 

func (rules Rules) IsTrusted(url SatelliteURL) bool

IsTrusted returns true if the given Satellite is trusted and false otherwise

type SatelliteURL added in v0.27.0 

type SatelliteURL struct {
	ID   storj.NodeID `json:"id"`
	Host string       `json:"host"`
	Port int          `json:"port"`
}

SatelliteURL represents a Satellite URL

func LoadSatelliteURLList added in v0.27.0 

func LoadSatelliteURLList(ctx context.Context, path string) (_ []SatelliteURL, err error)

LoadSatelliteURLList loads a list of Satellite URLs from a path on disk

func ParseSatelliteURL added in v0.27.0 

func ParseSatelliteURL(s string) (SatelliteURL, error)

ParseSatelliteURL parses a Satellite URL. For the purposes of the trust list, the Satellite URL MUST contain both an ID and port designation.

func ParseSatelliteURLList added in v0.27.0 

func ParseSatelliteURLList(ctx context.Context, r io.Reader) (urls []SatelliteURL, err error)

ParseSatelliteURLList parses a newline separated list of Satellite URLs. Empty lines or lines starting with '#' (comments) are ignored.

func (*SatelliteURL) Address added in v0.27.0 

func (u *SatelliteURL) Address() string

Address returns the address (i.e. host:port) of the Satellite

func (*SatelliteURL) NodeURL added in v0.27.0 

func (u *SatelliteURL) NodeURL() storj.NodeURL

NodeURL returns a full Node URL to the Satellite

func (*SatelliteURL) String added in v0.27.0 

func (u *SatelliteURL) String() string

String returns a string representation of the Satellite URL

type Source added in v0.27.0 

type Source interface {
	// String is the string representation of the source. It is used as a key
	// into the cache.
	String() string

	// Static returns true if the source is static. Static sources are not cached.
	Static() bool

	// FetchEntries returns the list of trust entries from the source.
	FetchEntries(context.Context) ([]Entry, error)
}

Source is a trust source for trusted Satellites

func NewSource added in v0.27.0 

func NewSource(config string) (Source, error)

NewSource takes a configuration string returns a Source for that string.

type Sources added in v0.28.0 

type Sources []Source

Sources is a list of sources that implements pflag.Value

func (*Sources) Set added in v0.28.0 

func (sources *Sources) Set(value string) error

Set implements pflag.Value by parsing a comma separated list of sources

func (Sources) String added in v0.28.0 

func (sources Sources) String() string

String returns the string representation of the config

func (Sources) Type added in v0.28.0 

func (sources Sources) Type() string

Type returns the type of the pflag.Value

type StaticURLSource added in v0.28.0 

type StaticURLSource struct {
	URL SatelliteURL
}

StaticURLSource is a trust source that returns an explicitly trusted URL

func NewStaticURLSource added in v0.28.0 

func NewStaticURLSource(satelliteURL string) (*StaticURLSource, error)

NewStaticURLSource takes an explicitly trusted URL and returns a new StaticURLSource.

func (*StaticURLSource) FetchEntries added in v0.28.0 

func (source *StaticURLSource) FetchEntries(ctx context.Context) ([]Entry, error)

FetchEntries returns a trust entry for the explicitly trusted Satellite URL. The entry is authoritative.

func (*StaticURLSource) Static added in v0.28.0 

func (source *StaticURLSource) Static() bool

Static implements the Source interface. It returns true.

func (*StaticURLSource) String added in v0.28.0 

func (source *StaticURLSource) String() string

String implements the Source interface and returns the static trusted URL

type URLExcluder added in v0.28.0 

type URLExcluder struct {
	// contains filtered or unexported fields
}

URLExcluder excludes matching URLs

func NewURLExcluder added in v0.28.0 

func NewURLExcluder(url SatelliteURL) *URLExcluder

NewURLExcluder returns a new URLExcluder

func (*URLExcluder) IsTrusted added in v0.28.0 

func (excluder *URLExcluder) IsTrusted(url SatelliteURL) bool

IsTrusted returns true if the given Satellite is trusted and false otherwise

func (*URLExcluder) String added in v0.28.0 

func (excluder *URLExcluder) String() string

String returns a string representation of the excluder

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.