Documentation ¶
Index ¶
- Variables
- func SaveCacheData(path string, data *CacheData) error
- func URLMatchesHTTPSourceHost(urlHost, sourceHost string) bool
- type Cache
- type CacheData
- type Config
- type Entry
- type Exclusions
- type FileSource
- type HTTPSource
- type HostExcluder
- type IDExcluder
- type IdentityResolver
- type IdentityResolverFunc
- type List
- type Pool
- func (pool *Pool) GetNodeURL(ctx context.Context, id storj.NodeID) (_ storj.NodeURL, err error)
- func (pool *Pool) GetSatellites(ctx context.Context) (satellites []storj.NodeID)
- func (pool *Pool) GetSignee(ctx context.Context, id storj.NodeID) (_ signing.Signee, err error)
- func (pool *Pool) Refresh(ctx context.Context) error
- func (pool *Pool) Run(ctx context.Context) error
- func (pool *Pool) VerifySatelliteID(ctx context.Context, id storj.NodeID) (err error)
- type Rule
- type Rules
- type SatelliteURL
- type Source
- type Sources
- type StaticURLSource
- type URLExcluder
Constants ¶
This section is empty.
Variables ¶
var ( // ErrExclusion is an error class for exclusion related errors ErrExclusion = errs.Class("exclusion") )
var ( // ErrFileSource is an error class for file source errors ErrFileSource = errs.Class("file source") )
var ( // ErrHTTPSource is an error class for HTTP source errors ErrHTTPSource = errs.Class("HTTP source") )
var ( // ErrSatelliteURL is an error class for satellite URL related errors ErrSatelliteURL = errs.Class("invalid satellite URL") )
var ( // ErrStaticSource is an error class for static source errors ErrStaticSource = errs.Class("static source") )
var (
Error = errs.Class("trust")
)
Error is the default error class
Functions ¶
func SaveCacheData ¶ added in v0.28.0
SaveCacheData persists the cache data to the given path
func URLMatchesHTTPSourceHost ¶ added in v0.27.0
URLMatchesHTTPSourceHost takes the Satellite URL host and the host of the HTTPSource URL and determines if the SatelliteURL matches or is in the same domain as the HTTPSource URL.
Types ¶
type Cache ¶ added in v0.28.0
type Cache struct {
// contains filtered or unexported fields
}
Cache caches source information about trusted satellites
func LoadCache ¶ added in v0.28.0
LoadCache loads a cache from a file on disk. If the file is not present, the cache is still loaded. If the file cannot be read for any other reason, the function will return an error. LoadCache ensures the containing directory exists.
func (*Cache) Lookup ¶ added in v0.28.0
Lookup takes a cache key and returns entries associated with that key. If the key is unset in the cache, false is returned for ok. Otherwise the entries are returned with ok returned as true.
func (*Cache) Path ¶ added in v0.28.0
Path returns the path on disk to the file containing the cache
type CacheData ¶ added in v0.28.0
CacheData represents the data stored in the cache
func LoadCacheData ¶ added in v0.28.0
LoadCacheData loads the cache data from the given path
func NewCacheData ¶ added in v0.28.0
func NewCacheData() *CacheData
NewCacheData returns an new CacheData
type Config ¶ added in v0.28.0
type Config struct { Sources Sources `help:"list of trust sources" devDefault:"" releaseDefault:"https://tardigrade.io/trusted-satellites"` Exclusions Exclusions `help:"list of trust exclusions" devDefault:"" releaseDefault:""` RefreshInterval time.Duration `help:"how often the trust pool should be refreshed" default:"6h"` CachePath string `help:"file path where trust lists should be cached" default:"${CONFDIR}/trust-cache.json"` }
Config is the trust configuration
type Entry ¶ added in v0.27.0
type Entry struct { // SatelliteURL is the URL of the satellite SatelliteURL SatelliteURL // Authoritative indicates whether this entry came from an authoritative // source. This impacts how URLS are aggregated. Authoritative bool `json:"authoritative"` }
Entry represents a trust entry
type Exclusions ¶ added in v0.28.0
type Exclusions struct {
Rules Rules
}
Exclusions is a list of excluding rules that implements pflag.Value
func (*Exclusions) Set ¶ added in v0.28.0
func (exclusions *Exclusions) Set(value string) error
Set implements pflag.Value by parsing a comma separated list of exclusions
func (*Exclusions) String ¶ added in v0.28.0
func (exclusions *Exclusions) String() string
String returns the string representation of the config
func (Exclusions) Type ¶ added in v0.28.0
func (exclusions Exclusions) Type() string
Type returns the type of the pflag.Value
type FileSource ¶ added in v0.27.0
type FileSource struct {
// contains filtered or unexported fields
}
FileSource represents a trust source contained in a file on disk
func NewFileSource ¶ added in v0.27.0
func NewFileSource(path string) *FileSource
NewFileSource creates a new FileSource that loads a trust list from the given path.
func (*FileSource) FetchEntries ¶ added in v0.27.0
func (source *FileSource) FetchEntries(ctx context.Context) (_ []Entry, err error)
FetchEntries implements the Source interface and returns entries from a the file source on disk. The entries returned are authoritative.
func (*FileSource) Static ¶ added in v0.27.0
func (source *FileSource) Static() bool
Static implements the Source interface. It returns true.
func (*FileSource) String ¶ added in v0.27.0
func (source *FileSource) String() string
String implements the Source interface and returns the FileSource URL
type HTTPSource ¶ added in v0.27.0
type HTTPSource struct {
// contains filtered or unexported fields
}
HTTPSource represents a trust source at a http:// or https:// URL
func NewHTTPSource ¶ added in v0.27.0
func NewHTTPSource(httpURL string) (*HTTPSource, error)
NewHTTPSource constructs a new HTTPSource from a URL. The URL must be an http:// or https:// URL. The fragment cannot be set.
func (*HTTPSource) FetchEntries ¶ added in v0.27.0
func (source *HTTPSource) FetchEntries(ctx context.Context) (_ []Entry, err error)
FetchEntries implements the Source interface and returns entries parsed from the list retrieved over HTTP(S). The entries returned are only authoritative if the entry URL has a host that matches or is a subdomain of the source URL.
func (*HTTPSource) Static ¶ added in v0.27.0
func (source *HTTPSource) Static() bool
Static implements the Source interface. It returns false for this source.
func (*HTTPSource) String ¶ added in v0.27.0
func (source *HTTPSource) String() string
String implements the Source interface and returns the URL
type HostExcluder ¶ added in v0.28.0
type HostExcluder struct {
// contains filtered or unexported fields
}
HostExcluder excludes URLs that match a given host. If the host is a domain name then URLs in a subdomain of that domain are excluded as well.
func NewHostExcluder ¶ added in v0.28.0
func NewHostExcluder(host string) *HostExcluder
NewHostExcluder returns a new HostExcluder
func (*HostExcluder) IsTrusted ¶ added in v0.28.0
func (excluder *HostExcluder) IsTrusted(url SatelliteURL) bool
IsTrusted returns true if the given Satellite is trusted and false otherwise
func (*HostExcluder) String ¶ added in v0.28.0
func (excluder *HostExcluder) String() string
String returns a string representation of the excluder
type IDExcluder ¶ added in v0.28.0
type IDExcluder struct {
// contains filtered or unexported fields
}
IDExcluder excludes URLs matching a given URL
func NewIDExcluder ¶ added in v0.28.0
func NewIDExcluder(id storj.NodeID) *IDExcluder
NewIDExcluder returns a new IDExcluder
func (*IDExcluder) IsTrusted ¶ added in v0.28.0
func (excluder *IDExcluder) IsTrusted(url SatelliteURL) bool
IsTrusted returns true if the given Satellite is trusted and false otherwise
func (*IDExcluder) String ¶ added in v0.28.0
func (excluder *IDExcluder) String() string
String returns a string representation of the excluder
type IdentityResolver ¶ added in v0.28.0
type IdentityResolver interface { // ResolveIdentity returns the peer identity of the peer located at the Node URL ResolveIdentity(ctx context.Context, url storj.NodeURL) (*identity.PeerIdentity, error) }
IdentityResolver resolves peer identities from a node URL
func Dialer ¶ added in v0.28.0
func Dialer(dialer rpc.Dialer) IdentityResolver
Dialer implements an IdentityResolver using an RPC dialer
type IdentityResolverFunc ¶ added in v0.28.0
type IdentityResolverFunc func(ctx context.Context, url storj.NodeURL) (*identity.PeerIdentity, error)
IdentityResolverFunc is a convenience type for implementing IdentityResolver using a function literal.
func (IdentityResolverFunc) ResolveIdentity ¶ added in v0.28.0
func (fn IdentityResolverFunc) ResolveIdentity(ctx context.Context, url storj.NodeURL) (*identity.PeerIdentity, error)
ResolveIdentity returns the peer identity of the peer located at the Node URL
type List ¶ added in v0.28.0
type List struct {
// contains filtered or unexported fields
}
List represents a dynamic trust list
func NewList ¶ added in v0.28.0
NewList takes one or more sources, optional rules, and a cache and returns a new List.
func (*List) FetchURLs ¶ added in v0.28.0
FetchURLs returns a list of Node URLS for trusted Satellites. It queries all of the configured sources for trust entries. Entries from non-fixed sources are cached. If entries cannot be retrieved from a source, a cached copy is used, if available. Otherwise, if there are no cached entries available, the call will fail. The URLS are filtered before being returned.
type Pool ¶
type Pool struct {
// contains filtered or unexported fields
}
Pool implements different peer verifications.
architecture: Service
func (*Pool) GetNodeURL ¶ added in v1.6.1
GetNodeURL returns the node url of a satellite in the trusted list.
func (*Pool) GetSatellites ¶ added in v0.14.0
GetSatellites returns a slice containing all trusted satellites
func (*Pool) GetSignee ¶
GetSignee gets the corresponding signee for verifying signatures. It ignores passed in ctx cancellation to avoid miscaching between concurrent requests.
func (*Pool) Refresh ¶ added in v0.28.0
Refresh refreshes the set of trusted satellites in the pool. Concurrent callers will be synchronized so only one proceeds at a time.
type Rule ¶ added in v0.28.0
type Rule interface { // IsTrusted returns true if the given Satellite is trusted and false otherwise IsTrusted(url SatelliteURL) bool // String returns a string representation of the rule String() string }
Rule indicates whether or not a Satellite URL is trusted
func NewExcluder ¶ added in v0.28.0
NewExcluder takes a configuration string and returns an excluding Rule. Accepted forms are 1) a Satellite ID followed by '@', 2) a hostname or IP address, 3) a full Satellite URL.
type Rules ¶ added in v0.28.0
type Rules []Rule
Rules is a collection of rules
func (Rules) IsTrusted ¶ added in v0.28.0
func (rules Rules) IsTrusted(url SatelliteURL) bool
IsTrusted returns true if the given Satellite is trusted and false otherwise
type SatelliteURL ¶ added in v0.27.0
type SatelliteURL struct { ID storj.NodeID `json:"id"` Host string `json:"host"` Port int `json:"port"` }
SatelliteURL represents a Satellite URL
func LoadSatelliteURLList ¶ added in v0.27.0
func LoadSatelliteURLList(ctx context.Context, path string) (_ []SatelliteURL, err error)
LoadSatelliteURLList loads a list of Satellite URLs from a path on disk
func ParseSatelliteURL ¶ added in v0.27.0
func ParseSatelliteURL(s string) (SatelliteURL, error)
ParseSatelliteURL parses a Satellite URL. For the purposes of the trust list, the Satellite URL MUST contain both an ID and port designation.
func ParseSatelliteURLList ¶ added in v0.27.0
ParseSatelliteURLList parses a newline separated list of Satellite URLs. Empty lines or lines starting with '#' (comments) are ignored.
func (*SatelliteURL) Address ¶ added in v0.27.0
func (u *SatelliteURL) Address() string
Address returns the address (i.e. host:port) of the Satellite
func (*SatelliteURL) NodeURL ¶ added in v0.27.0
func (u *SatelliteURL) NodeURL() storj.NodeURL
NodeURL returns a full Node URL to the Satellite
func (*SatelliteURL) String ¶ added in v0.27.0
func (u *SatelliteURL) String() string
String returns a string representation of the Satellite URL
type Source ¶ added in v0.27.0
type Source interface { // String is the string representation of the source. It is used as a key // into the cache. String() string // Static returns true if the source is static. Static sources are not cached. Static() bool // FetchEntries returns the list of trust entries from the source. FetchEntries(context.Context) ([]Entry, error) }
Source is a trust source for trusted Satellites
type Sources ¶ added in v0.28.0
type Sources []Source
Sources is a list of sources that implements pflag.Value
func (*Sources) Set ¶ added in v0.28.0
Set implements pflag.Value by parsing a comma separated list of sources
type StaticURLSource ¶ added in v0.28.0
type StaticURLSource struct {
URL SatelliteURL
}
StaticURLSource is a trust source that returns an explicitly trusted URL
func NewStaticURLSource ¶ added in v0.28.0
func NewStaticURLSource(satelliteURL string) (*StaticURLSource, error)
NewStaticURLSource takes an explicitly trusted URL and returns a new StaticURLSource.
func (*StaticURLSource) FetchEntries ¶ added in v0.28.0
func (source *StaticURLSource) FetchEntries(ctx context.Context) ([]Entry, error)
FetchEntries returns a trust entry for the explicitly trusted Satellite URL. The entry is authoritative.
func (*StaticURLSource) Static ¶ added in v0.28.0
func (source *StaticURLSource) Static() bool
Static implements the Source interface. It returns true.
func (*StaticURLSource) String ¶ added in v0.28.0
func (source *StaticURLSource) String() string
String implements the Source interface and returns the static trusted URL
type URLExcluder ¶ added in v0.28.0
type URLExcluder struct {
// contains filtered or unexported fields
}
URLExcluder excludes matching URLs
func NewURLExcluder ¶ added in v0.28.0
func NewURLExcluder(url SatelliteURL) *URLExcluder
NewURLExcluder returns a new URLExcluder
func (*URLExcluder) IsTrusted ¶ added in v0.28.0
func (excluder *URLExcluder) IsTrusted(url SatelliteURL) bool
IsTrusted returns true if the given Satellite is trusted and false otherwise
func (*URLExcluder) String ¶ added in v0.28.0
func (excluder *URLExcluder) String() string
String returns a string representation of the excluder