Documentation ¶
Overview ¶
Package message defines the low level messages used to set up authenticated and encrypted network flows.
One complexity is the need to allow for unencrypted payloads, which are sent separately and immediately following the Message that contains them rather than as part of that message itself. Such Messages have the DisableEncryptionFlag set. The wire protocol for the encrypted payload case is (< and > indicate message start stop):
<OpenFlow(DisableEncryptionFlag==false,payload)><other Messages> <Data(DisableEncryptionFlag==false,payload)><other Messages>
And for the unencrypted payload case:
<OpenFlow(DisableEncryptionFlag==true)><payload)><other Messages> <Data(DisableEncryptionFlag==true)><payload)><other Messages>
Thus two network writes and reads are required for the DisableEncryptionFlag is set case. In both cases, the Messages themselves are encrypted. This facility is primarily used to support proxies. In the case where DisableEncryptionFlag is set, but the payload is empty, the flag should be cleared to avoid the receiver having to read a zero length frame.
Index ¶
- Constants
- Variables
- func FlowID(m interface{}) uint64
- func NewErrInvalidMsg(ctx *context.T, typ byte, size uint64, field uint64, err error) error
- func ParseErrInvalidMessage(err error) (typ byte, size uint64, field uint64, ok bool)
- type AckLameDuck
- type Auth
- type Counter
- type Data
- type EnterLameDuck
- type HealthCheckRequest
- type HealthCheckResponse
- type Message
- type MultiProxyRequest
- type OpenFlow
- func (m OpenFlow) Append(ctx *context.T, data []byte) ([]byte, error)
- func (m OpenFlow) Copy() Message
- func (m OpenFlow) CopyDirect() OpenFlow
- func (m OpenFlow) Read(ctx *context.T, orig []byte) (Message, error)
- func (m OpenFlow) ReadDirect(ctx *context.T, orig []byte) (OpenFlow, error)
- func (m OpenFlow) String() string
- type ProxyErrorResponse
- type ProxyResponse
- type ProxyServerRequest
- type Release
- type Setup
- type TearDown
Constants ¶
const ( InvalidType = 0x7f - iota SetupType TearDownType EnterLameDuckType AckLameDuckType AuthType OpenFlowType ReleaseType DataType MultiProxyType ProxyServerType ProxyResponseType HealthCheckRequestType HealthCheckResponseType ProxyErrorReponseType AuthED25519Type AuthRSAType )
message types. Note that our types start from 0x7f and work their way down. This is important for the RPC transition. The old system had messages that started from zero and worked their way up.
const ( // CloseFlag, when set on a Data message, indicates that the flow // should be closed after the payload for that message has been // processed. CloseFlag = 1 << iota // DisableEncryptionFlag, when set on a Data message, causes Append // and Read to behave specially. During Append everything but the // Payload is serialized normally, but the Payload is left for the // caller to deal with. Typically the caller will encrypt the // serialized result and send the unencrypted bytes as a raw follow // on message. Read will expect to not find a payload, and the // caller will typically attach it by examining the next message on // the Conn. DisableEncryptionFlag // SideChannelFlag, when set on a OpenFlow message, marks the Flow // as a side channel. This means that the flow will not be counted // towards the "idleness" of the underlying connection. SideChannelFlag )
data flags.
Variables ¶
Functions ¶
func FlowID ¶ added in v0.1.9
func FlowID(m interface{}) uint64
FlowID returns the id of the flow this message is associated with for message types that are bound to a flow, zero otherwise.
func NewErrInvalidMsg ¶
NewErrInvalidMsg creates an instance ErrInvalidMsg with the specified parameters which can be access by ParseErrInvalidMessage.
func ParseErrInvalidMessage ¶ added in v0.1.10
ParseErrInvalidMessage cracks open the parameter list created by NewErrInvalidMsg with appropriate checking. ok will be false if all of the error parameters are not located.
Types ¶
type AckLameDuck ¶
type AckLameDuck struct{}
AckLameDuck is sent in response to an EnterLameDuck message. After this message is received no more OpenFlow messages should arrive.
func (AckLameDuck) Copy ¶ added in v0.2.0
func (m AckLameDuck) Copy() Message
type Auth ¶
type Auth struct {
BlessingsKey, DischargeKey uint64
ChannelBinding security.Signature
// contains filtered or unexported fields
}
Auth is used to complete the auth handshake.
func (Auth) CopyDirect ¶ added in v0.2.0
func (Auth) SetSignatureType ¶ added in v0.2.0
type Counter ¶ added in v0.2.0
Counter represents the flow control tokens to be assigned to a speficic flow.
type Data ¶
Data carries encrypted data for a specific flow.
func (Data) CopyDirect ¶ added in v0.2.0
func (Data) ReadDirect ¶ added in v0.2.0
type EnterLameDuck ¶
type EnterLameDuck struct{}
EnterLameDuck is sent as notification that the sender is entering lameduck mode. The receiver should stop opening new flows on this connection and respond with an AckLameDuck message.
func (EnterLameDuck) Copy ¶ added in v0.2.0
func (m EnterLameDuck) Copy() Message
type HealthCheckRequest ¶
type HealthCheckRequest struct{}
HealthCheckRequest is periodically sent to test the health of a channel.
func (HealthCheckRequest) Copy ¶ added in v0.2.0
func (m HealthCheckRequest) Copy() Message
type HealthCheckResponse ¶
type HealthCheckResponse struct{}
HealthCheckResponse messages are sent in response to HealthCheckRequest messages.
func (HealthCheckResponse) Copy ¶ added in v0.2.0
func (m HealthCheckResponse) Copy() Message
type Message ¶
type Message interface { // Append serializes the message m and appends it to the given byte slice. // The resulting slice is returned, as well as any error that occurs during // serialization. Append(ctx *context.T, data []byte) ([]byte, error) // Read reads a message contained in the byte slice 'from'. Read(ctx *context.T, data []byte) (Message, error) // Copy must be called to make internal copies of any byte slices that // may be in a shared underlying slice (eg. in a slice allocated for // decrypting a message). It should be called before passing a Message to // another goroutine for example. Copy() Message }
Message is implemented by all low-level messages defined by this package.
type MultiProxyRequest ¶
type MultiProxyRequest struct{}
MultiProxyRequest is sent when a proxy wants to accept connections from another proxy.
func (MultiProxyRequest) Copy ¶ added in v0.2.0
func (m MultiProxyRequest) Copy() Message
type OpenFlow ¶
type OpenFlow struct { ID uint64 InitialCounters uint64 BlessingsKey, DischargeKey uint64 Flags uint64 Payload []byte }
OpenFlow is sent at the beginning of every new flow, it optionally contains payload.
func (OpenFlow) CopyDirect ¶ added in v0.2.0
func (OpenFlow) ReadDirect ¶ added in v0.2.0
type ProxyErrorResponse ¶
type ProxyErrorResponse struct {
Error string
}
ProxyErrorResponse is send by a proxy in response to a ProxyServerRequest or MultiProxyRequest if the proxy encountered an error while responding to the request. It should be sent in lieu of a ProxyResponse.
func (ProxyErrorResponse) Copy ¶ added in v0.2.0
func (m ProxyErrorResponse) Copy() Message
func (ProxyErrorResponse) String ¶
func (m ProxyErrorResponse) String() string
type ProxyResponse ¶
ProxyResponse is sent by a proxy in response to a ProxyServerRequest or MultiProxyRequest. It notifies the server of the endpoints it should publish. Or, it notifies a requesting proxy of the endpoints it accepts connections from.
func (ProxyResponse) Copy ¶ added in v0.2.0
func (m ProxyResponse) Copy() Message
func (ProxyResponse) String ¶
func (m ProxyResponse) String() string
type ProxyServerRequest ¶
type ProxyServerRequest struct{}
ProxyServerRequest is sent when a server wants to listen through a proxy.
func (ProxyServerRequest) Copy ¶ added in v0.2.0
func (m ProxyServerRequest) Copy() Message
type Release ¶
type Release struct {
Counters []Counter
}
Release is sent as flows are read from locally. The counters inform remote writers that there is local buffer space available.
type Setup ¶
type Setup struct { Versions version.RPCVersionRange PeerNaClPublicKey [32]byte PeerRemoteEndpoint naming.Endpoint PeerLocalEndpoint naming.Endpoint Mtu uint64 // contains filtered or unexported fields }
Setup is the first message over the wire. It negotiates protocol version and encryption options for connection. New fields to Setup must be added in order of creation. i.e. the order of the fields should not be changed.