net

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 7, 2018 License: AGPL-3.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// LocateNone is used when no part of the name should be searched.
	LocateNone = 0
	// LocateExact means that we should search for the name exactly.
	LocateExact = 1 << iota
	// LocateDomain means that we only search for the domain name only.
	LocateDomain
	// LocateUser means that we only search for the user name only.
	LocateUser
	// LocateEmail means that we only search for the user@domain part only.
	LocateEmail
	// LocateAll means that we search for everything.
	LocateAll = LocateExact | LocateDomain | LocateUser | LocateEmail
)
View Source
const (

	// MaxMessageSize is the max size of a messsage that can be send to us.
	// The limit is arbitrary and should avoid being spammed by huge messages.
	// (Later on we could also implement a proper streaming protocol)
	MaxMessageSize = 16 * 1024 * 1024
)

Variables

View Source
var (
	// ErrPingMapClosed is returned when an operation is performed on a closed
	// ping map.
	ErrPingMapClosed = errors.New("pinger Map was already closed")

	// ErrNoSuchAddr is returned when asking for a pinger that we don't know.
	ErrNoSuchAddr = errors.New("No such addr known to ping map")
)

Functions

func PeekRemotePubkey

func PeekRemotePubkey(
	ctx context.Context,
	addr string,
	rp *repo.Repository,
	bk netBackend.Backend,
) ([]byte, string, error)

PeekRemotePubkey connects to `addr` and tries to read the public key they claim.

Types

type AuthReadWriter

type AuthReadWriter struct {
	// contains filtered or unexported fields
}

AuthReadWriter acts as a layer on top of a normal io.ReadWriteCloser that adds authentication of the communication partners. It does this by employing the following protocol:

  1. Upon opening the connection, the public keys of both partners are exchanged. The received public key is hashed and checked to be the same as the fingerprint we're storing from this person. (This should suffice as authentication of the remote user)
  1. A random nonce of 62 bytes is generated and encrypted with the remote's public key. The resulting ciphertext is then send to the remote. On their side they decrypt the ciphertext (proving that they possess the respective private key).
  1. The resulting nonce from the remote is then hashed with sha3 and send back. Each sides check if the response matched the challenge. If so, the user is authenticated. The nonces are then used to generate a symmetric key (using scrypt) which is then used to encrypt further communication and to authenticate messages.
  1. Further communication writes messages with a hmac, a 4 byte size header and the actual payload.

func NewAuthReadWriter

func NewAuthReadWriter(
	rwc io.ReadWriteCloser,
	privKey PrivDecrypter,
	ownPubKey []byte,
	ownName string,
	remoteChecker RemoteChecker,
) *AuthReadWriter

NewAuthReadWriter returns a new AuthReadWriter, adding an auth layer on top of `rwc`. `privKey` is used to decrypt the remote's challenge, while `ownPubKey` is the pub key we send to them. `remoteChecker` is a callback that is being used by the user to verify if the remote's public key is the one we're expecting.

func (*AuthReadWriter) IsAuthorised

func (ath *AuthReadWriter) IsAuthorised() bool

IsAuthorised will return true if the partner was successfully authenticated. It will return false if no call to Read() or Write() was made.

func (*AuthReadWriter) Read

func (ath *AuthReadWriter) Read(buf []byte) (int, error)

Read will try to fill `buf` with as many bytes as available.

func (*AuthReadWriter) RemoteName

func (ath *AuthReadWriter) RemoteName() string

RemoteName returns the remote's screen name. Note that this name only serves as indication for display and should not be relied on since it can be easily faked.

func (*AuthReadWriter) RemotePubKey

func (ath *AuthReadWriter) RemotePubKey() []byte

RemotePubKey returns the partner's public key, if it was authorised already. Otherwise an error will be returned.

func (*AuthReadWriter) Trigger

func (ath *AuthReadWriter) Trigger() error

Trigger the authentication machinery manually.

func (*AuthReadWriter) Write

func (ath *AuthReadWriter) Write(buf []byte) (int, error)

Write conforming to the io.Writer interface

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client is a client for inter-remote communication. It implements convenient methods to talk to other brig instances.

func Dial

func Dial(ctx context.Context, name string, rp *repo.Repository, bk netBackend.Backend) (*Client, error)

Dial creates a new Client connected to `name`.

func DialByAddr

func DialByAddr(
	ctx context.Context,
	addr string,
	fingerprint peer.Fingerprint,
	rp *repo.Repository,
	bk netBackend.Backend,
) (*Client, error)

DialByAddr is like Dial but does not get its info from the remote list.

func (*Client) Close

func (cl *Client) Close() error

Close will close the connection from the client side

func (*Client) FetchPatch

func (cl *Client) FetchPatch(fromIndex int64) ([]byte, error)

FetchPatch tries to get a set of changes since `fromIndex`. The serialized patch is returned as byte slice.

func (*Client) FetchStore

func (cl *Client) FetchStore() (*bytes.Buffer, error)

FetchStore tries to fetch all store data from the remote. This will only work when the other store allowed us to access all folders. (See IsCompleteFetchAllowed)

func (*Client) IsCompleteFetchAllowed

func (cl *Client) IsCompleteFetchAllowed() (bool, error)

IsCompleteFetchAllowed asks the remote if we can use FetchStore.

func (*Client) Ping

func (cl *Client) Ping() error

Ping will contact the remote. This will only work if both remotes are authenticated. This in contrast to the backend ping, which will work when there is a network connection.

type LocateMask

type LocateMask int

LocateMask is a combination of the individual LocateXXX settings and tells Locate() what parts of the name to search for.

func LocateMaskFromString

func LocateMaskFromString(s string) (LocateMask, error)

LocateMaskFromString builds a LocateMask from a comma separated string. This is the inverse of mask.String().

func (LocateMask) String

func (lm LocateMask) String() string

type LocateResult

type LocateResult struct {
	Peers []peer.Info
	Mask  LocateMask
	Name  string
	Err   error
}

LocateResult is one result returned by Locate's result channel.

type PingMap

type PingMap struct {
	// contains filtered or unexported fields
}

PingMap remembers the times we last accessed a remote.

func NewPingMap

func NewPingMap(netBk backend.Backend) *PingMap

NewPingMap returns a new PingMap.

func (*PingMap) Close

func (pm *PingMap) Close() error

Close shuts down the ping map. Do not use afterwards.

func (*PingMap) For

func (pm *PingMap) For(addr string) (backend.Pinger, error)

For returns a new pinger for a certain `addr`.

func (*PingMap) Sync

func (pm *PingMap) Sync(addrs []string) error

Sync makes sure all addresses in `addrs` are being watched. All currently watched addrs that are not in `addrs` are removed. This method does not block until all pingers have been updated.

type PrivDecrypter

type PrivDecrypter interface {
	Decrypt(data []byte) ([]byte, error)
}

PrivDecrypter is anything that can decrypt a message that was previously encrypted with a public key.

type RemoteChecker

type RemoteChecker func(remotePubKey []byte) error

RemoteChecker is a function that is called once the public key of the remote has been received. If an error is returned, the authentication will fail. Use this to check the remote's public key against the fingerprint we store of it.

type Server

type Server struct {
	// contains filtered or unexported fields
}

Server implements the server for inter-remote communication.

func NewServer

func NewServer(rp *repo.Repository, bk backend.Backend) (*Server, error)

NewServer returns a new inter-remote server.

func (*Server) Close

func (sv *Server) Close() error

Close will clean up resources.

func (*Server) Connect

func (sv *Server) Connect() error

Connect will connect to the network (this is the default already)

func (*Server) Disconnect

func (sv *Server) Disconnect() error

Disconnect will stop network operations immediately.

func (*Server) Identity

func (sv *Server) Identity() (peer.Info, error)

Identity returns the backend's Identity (i.e. addr)

func (*Server) IsOnline

func (sv *Server) IsOnline() bool

IsOnline returns true if we are online.

func (*Server) Locate

func (sv *Server) Locate(ctx context.Context, who peer.Name, mask LocateMask) chan LocateResult

Locate tries to find other remotes named `who`. It also tries to find different variations/parts of `who`, defined by `mask`. It does not block, but returns a channel where the results are being pushed to. This is a very slow operation.

func (*Server) PeekFingerprint

func (sv *Server) PeekFingerprint(ctx context.Context, addr string) (peer.Fingerprint, string, error)

PeekFingerprint fetches the fingerprint of a peer without authenticating ourselves or them.

func (*Server) PingMap

func (sv *Server) PingMap() *PingMap

PingMap returns the ping map associated with this server.

func (*Server) Quit

func (sv *Server) Quit()

Quit will shut down the server and unblock Serve()

func (*Server) Serve

func (sv *Server) Serve() error

Serve blocks and serves request until quit was called.

Directories

Path Synopsis
Package peer implements the basic data types needed to communicate with other brig instances.
Package peer implements the basic data types needed to communicate with other brig instances.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL