net

package
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2019 License: AGPL-3.0 Imports: 29 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// LocateNone is used when no part of the name should be searched.
	LocateNone = 0
	// LocateExact means that we should search for the name exactly.
	LocateExact = 1 << iota
	// LocateDomain means that we only search for the domain name only.
	LocateDomain
	// LocateUser means that we only search for the user name only.
	LocateUser
	// LocateEmail means that we only search for the user@domain part only.
	LocateEmail
	// LocateAll means that we search for everything.
	LocateAll = LocateExact | LocateDomain | LocateUser | LocateEmail
)
View Source 
const (

	// MaxMessageSize is the max size of a messsage that can be send to us.
	// The limit is arbitrary and should avoid being spammed by huge messages.
	// (Later on we could also implement a proper streaming protocol)
	MaxMessageSize = 16 * 1024 * 1024
)

Variables

View Source 
var (
	// ErrPingMapClosed is returned when an operation is performed on a closed
	// ping map.
	ErrPingMapClosed = errors.New("pinger Map was already closed")

	// ErrNoSuchAddr is returned when asking for a pinger that we don't know.
	ErrNoSuchAddr = errors.New("No such addr known to ping map")
)

Functions

func PeekRemotePubkey 

func PeekRemotePubkey(
	ctx context.Context,
	addr string,
	rp *repo.Repository,
	bk netBackend.Backend,
) ([]byte, string, error)

PeekRemotePubkey connects to `addr` and tries to read the public key they claim.

Types

type AuthReadWriter 

type AuthReadWriter struct {
	// contains filtered or unexported fields
}

AuthReadWriter acts as a layer on top of a normal io.ReadWriteCloser that adds authentication of the communication partners. It does this by employing the following protocol:

  1. Upon opening the connection, the public keys of both partners are exchanged. The received public key is hashed and checked to be the same as the fingerprint we're storing from this person. (This should suffice as authentication of the remote user)
  1. A random nonce of 62 bytes is generated and encrypted with the remote's public key. The resulting ciphertext is then send to the remote. On their side they decrypt the ciphertext (proving that they possess the respective private key).
  1. The resulting nonce from the remote is then hashed with sha3 and send back. Each sides check if the response matched the challenge. If so, the user is authenticated. The nonces are then used to generate a symmetric key (using scrypt) which is then used to encrypt further communication and to authenticate messages.
  1. Further communication writes messages with a hmac, a 4 byte size header and the actual payload.

func NewAuthReadWriter 

func NewAuthReadWriter(
	rwc io.ReadWriteCloser,
	privKey PrivDecrypter,
	ownPubKey []byte,
	ownName string,
	remoteChecker RemoteChecker,
) *AuthReadWriter

NewAuthReadWriter returns a new AuthReadWriter, adding an auth layer on top of `rwc`. `privKey` is used to decrypt the remote's challenge, while `ownPubKey` is the pub key we send to them. `remoteChecker` is a callback that is being used by the user to verify if the remote's public key is the one we're expecting.

func (*AuthReadWriter) IsAuthorised 

func (ath *AuthReadWriter) IsAuthorised() bool

IsAuthorised will return true if the partner was successfully authenticated. It will return false if no call to Read() or Write() was made.

func (*AuthReadWriter) Read 

func (ath *AuthReadWriter) Read(buf []byte) (int, error)

Read will try to fill `buf` with as many bytes as available.

func (*AuthReadWriter) RemoteName 

func (ath *AuthReadWriter) RemoteName() string

RemoteName returns the remote's screen name. Note that this name only serves as indication for display and should not be relied on since it can be easily faked.

func (*AuthReadWriter) RemotePubKey 

func (ath *AuthReadWriter) RemotePubKey() []byte

RemotePubKey returns the partner's public key, if it was authorised already. Otherwise an error will be returned.

func (*AuthReadWriter) Trigger 

func (ath *AuthReadWriter) Trigger() error

Trigger the authentication machinery manually.

func (*AuthReadWriter) Write 

func (ath *AuthReadWriter) Write(buf []byte) (int, error)

Write conforming to the io.Writer interface

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is a client for inter-remote communication. It implements convenient methods to talk to other brig instances.

func Dial 

func Dial(ctx context.Context, name string, rp *repo.Repository, bk netBackend.Backend, pingMap *PingMap) (*Client, error)

Dial creates a new Client connected to `name`.

func DialByAddr 

func DialByAddr(
	ctx context.Context,
	addr string,
	fingerprint peer.Fingerprint,
	rp *repo.Repository,
	bk netBackend.Backend,
	pingMap *PingMap,
) (*Client, error)

DialByAddr is like Dial but does not get its info from the remote list.

func (*Client) Close 

func (cl *Client) Close() error

Close will close the connection from the client side

func (*Client) FetchPatch 

func (cl *Client) FetchPatch(fromIndex int64) ([]byte, error)

FetchPatch tries to get a set of changes since `fromIndex`. The serialized patch is returned as byte slice.

func (*Client) FetchStore 

func (cl *Client) FetchStore() (*bytes.Buffer, error)

FetchStore tries to fetch all store data from the remote. This will only work when the other store allowed us to access all folders. (See IsCompleteFetchAllowed)

func (*Client) IsCompleteFetchAllowed 

func (cl *Client) IsCompleteFetchAllowed() (bool, error)

IsCompleteFetchAllowed asks the remote if we can use FetchStore.

func (*Client) IsPushAllowed added in v0.4.0 

func (cl *Client) IsPushAllowed() (bool, error)

IsPushAllowed asks the remote if we may push to them.

func (*Client) Ping 

func (cl *Client) Ping() error

Ping will contact the remote. This will only work if both remotes are authenticated. This in contrast to the backend ping, which will work when there is a network connection.

func (*Client) Push added in v0.4.0 

func (cl *Client) Push() error

Push asks the remote to do a "brig sync" with us.

type LocateMask 

type LocateMask int

LocateMask is a combination of the individual LocateXXX settings and tells Locate() what parts of the name to search for.

func LocateMaskFromString 

func LocateMaskFromString(s string) (LocateMask, error)

LocateMaskFromString builds a LocateMask from a comma separated string. This is the inverse of mask.String().

func (LocateMask) String 

func (lm LocateMask) String() string

type LocateResult 

type LocateResult struct {
	Peers []peer.Info
	Mask  LocateMask
	Name  string
	Err   error
}

LocateResult is one result returned by Locate's result channel.

type PingMap 

type PingMap struct {
	// contains filtered or unexported fields
}

PingMap remembers the times we last accessed a remote.

func NewPingMap 

func NewPingMap(rp *repo.Repository, netBk backend.Backend) *PingMap

NewPingMap returns a new PingMap.

func (*PingMap) Close 

func (pm *PingMap) Close() error

Close shuts down the ping map. Do not use afterwards.

func (*PingMap) For 

func (pm *PingMap) For(addr string) (backend.Pinger, error)

For returns a new pinger for a certain `addr`.

func (*PingMap) IsAuthenticated added in v0.4.1 

func (pm *PingMap) IsAuthenticated(addr string) bool

func (*PingMap) Sync 

func (pm *PingMap) Sync(addrs []string) error

Sync makes sure all addresses in `addrs` are being watched. All currently watched addrs that are not in `addrs` are removed. This method does not block until all pingers have been updated.

type PrivDecrypter 

type PrivDecrypter interface {
	Decrypt(data []byte) ([]byte, error)
}

PrivDecrypter is anything that can decrypt a message that was previously encrypted with a public key.

type RemoteChecker 

type RemoteChecker func(remotePubKey []byte) error

RemoteChecker is a function that is called once the public key of the remote has been received. If an error is returned, the authentication will fail. Use this to check the remote's public key against the fingerprint we store of it.

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server implements the server for inter-remote communication.

func NewServer 

func NewServer(rp *repo.Repository, bk backend.Backend, rapi remotesapi.RemotesAPI) (*Server, error)

NewServer returns a new inter-remote server.

func (*Server) Close 

func (sv *Server) Close() error

Close will clean up resources.

func (*Server) Connect 

func (sv *Server) Connect() error

Connect will connect to the network (this is the default already)

func (*Server) Disconnect 

func (sv *Server) Disconnect() error

Disconnect will stop network operations immediately.

func (*Server) Identity 

func (sv *Server) Identity() (peer.Info, error)

Identity returns the backend's Identity (i.e. addr)

func (*Server) IsOnline 

func (sv *Server) IsOnline() bool

IsOnline returns true if we are online.

func (*Server) Locate 

func (sv *Server) Locate(ctx context.Context, who peer.Name, mask LocateMask) chan LocateResult

Locate tries to find other remotes named `who`. It also tries to find different variations/parts of `who`, defined by `mask`. It does not block, but returns a channel where the results are being pushed to. This is a very slow operation.

func (*Server) PeekFingerprint 

func (sv *Server) PeekFingerprint(ctx context.Context, addr string) (peer.Fingerprint, string, error)

PeekFingerprint fetches the fingerprint of a peer without authenticating ourselves or them.

func (*Server) PingMap 

func (sv *Server) PingMap() *PingMap

PingMap returns the ping map associated with this server.

func (*Server) Quit 

func (sv *Server) Quit()

Quit will shut down the server and unblock Serve()

func (*Server) Serve 

func (sv *Server) Serve() error

Serve blocks and serves request until quit was called.

Source Files

View all Source files

Directories

Path Synopsis
Package peer implements the basic data types needed to communicate with other brig instances.
 Package peer implements the basic data types needed to communicate with other brig instances.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.