rpcwrapper

package

v7.4.0+incompatible Latest Latest Go to latest Published: Feb 3, 2018 License: GPL-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aporeto-inc/trireme-lib

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func RegisterTypes()
func TestNewRPCClient(t *testing.T)
type CaptureType
type EnforcePayload
type EnforceResponsePayload
type ExcludeIPRequestPayload
type InitRequestPayload
type InitResponsePayload
type InitSupervisorPayload
type MockRPCHdl
type RPCClient
type RPCHdl
type RPCServer
- func NewRPCServer() RPCServer
type RPCWrapper
- func NewRPCWrapper() *RPCWrapper
- func (r *RPCWrapper) CheckValidity(req *Request, secret string) bool
- func (r *RPCWrapper) ContextList() []string
- func (r *RPCWrapper) DestroyRPCClient(contextID string)
- func (r *RPCWrapper) GetRPCClient(contextID string) (*RPCHdl, error)
- func (r *RPCWrapper) NewRPCClient(contextID string, channel string, sharedsecret string) error
- func (r *RPCWrapper) ProcessMessage(req *Request, secret string) bool
- func (r *RPCWrapper) RemoteCall(contextID string, methodName string, req *Request, resp *Response) error
- func (r *RPCWrapper) StartServer(protocol string, path string, handler interface{}) error
type Request
type Response
type StatsPayload
type SuperviseRequestPayload
type SuperviseResponsePayload
type TestRPCClient
- func NewTestRPCClient() TestRPCClient
type TestRPCServer
- func NewTestRPCServer() TestRPCServer
type UnEnforcePayload
type UnEnforceResponsePayload
type UnSupervisePayload
type UpdateSecretsPayload

Constants ¶

View Source

const (
	SUCCESS      = 0
	StatsChannel = "/var/run/statschannel.sock"
)

exported consts from the package

Variables ¶

This section is empty.

Functions ¶

func RegisterTypes ¶

func RegisterTypes()

RegisterTypes registers types that are exchanged between the controller and remoteenforcer

func TestNewRPCClient ¶

func TestNewRPCClient(t *testing.T)

TestNewRPCClient mocks an RPC client test

Types ¶

type CaptureType ¶

type CaptureType int

CaptureType identifies the type of iptables implementation that should be used

const (
	// IPTables forces an IPTables implementation
	IPTables CaptureType = iota
	// IPSets forces an IPSet implementation
	IPSets
)

type EnforcePayload ¶

type EnforcePayload struct {
	ContextID        string                      `json:",omitempty"`
	ManagementID     string                      `json:",omitempty"`
	TriremeAction    policy.PUAction             `json:",omitempty"`
	ApplicationACLs  policy.IPRuleList           `json:",omitempty"`
	NetworkACLs      policy.IPRuleList           `json:",omitempty"`
	Identity         *policy.TagStore            `json:",omitempty"`
	Annotations      *policy.TagStore            `json:",omitempty"`
	PolicyIPs        policy.ExtendedMap          `json:",omitempty"`
	ReceiverRules    policy.TagSelectorList      `json:",omitempty"`
	TransmitterRules policy.TagSelectorList      `json:",omitempty"`
	TriremeNetworks  []string                    `json:",omitempty"`
	ExcludedNetworks []string                    `json:",omitempty"`
	ProxiedServices  *policy.ProxiedServicesInfo `json:",omitempty"`
	SecretType       secrets.PrivateSecretsType  `json:",omitempty"`
	CAPEM            []byte                      `json:",omitempty"`
	TokenKeyPEMs     [][]byte                    `json:",omitempty"`
	PublicPEM        []byte                      `json:",omitempty"`
	PrivatePEM       []byte                      `json:",omitempty"`
	Token            []byte                      `json:",omitempty"`
}

EnforcePayload Payload for enforce request

type EnforceResponsePayload ¶

type EnforceResponsePayload struct {
	Status int `json:",omitempty"`
}

EnforceResponsePayload exported

type ExcludeIPRequestPayload ¶

type ExcludeIPRequestPayload struct {
	IPs []string `json:",omitempty"`
}

ExcludeIPRequestPayload carries the list of excluded ips

type InitRequestPayload ¶

type InitRequestPayload struct {
	FqConfig               *fqconfig.FilterQueue      `json:",omitempty"`
	MutualAuth             bool                       `json:",omitempty"`
	PacketLogs             bool                       `json:",omitempty"`
	Validity               time.Duration              `json:",omitempty"`
	SecretType             secrets.PrivateSecretsType `json:",omitempty"`
	ServerID               string                     `json:",omitempty"`
	CAPEM                  []byte                     `json:",omitempty"`
	TokenKeyPEMs           [][]byte                   `json:",omitempty"`
	PublicPEM              []byte                     `json:",omitempty"`
	PrivatePEM             []byte                     `json:",omitempty"`
	Token                  []byte                     `json:",omitempty"`
	ExternalIPCacheTimeout time.Duration              `json:",omitempty"`
}

InitRequestPayload Payload for enforcer init request

type InitResponsePayload ¶

type InitResponsePayload struct {
	Status int `json:",omitempty"`
}

InitResponsePayload Response payload

type InitSupervisorPayload ¶

type InitSupervisorPayload struct {
	TriremeNetworks []string    `json:",omitempty"`
	CaptureMethod   CaptureType `json:",omitempty"`
}

InitSupervisorPayload for supervisor init request

type MockRPCHdl ¶

type MockRPCHdl struct {
	Client  *rpc.Client
	Channel string
}

MockRPCHdl is mock of rpchdl

type RPCClient ¶

type RPCClient interface {
	NewRPCClient(contextID string, channel string, rpcSecret string) error
	GetRPCClient(contextID string) (*RPCHdl, error)
	RemoteCall(contextID string, methodName string, req *Request, resp *Response) error
	DestroyRPCClient(contextID string)
	ContextList() []string
	CheckValidity(req *Request, secret string) bool
}

RPCClient is the client interface

type RPCHdl ¶

type RPCHdl struct {
	Client  *rpc.Client
	Channel string
	Secret  string
}

RPCHdl is a per client handle

type RPCServer ¶

type RPCServer interface {
	StartServer(protocol string, path string, handler interface{}) error
	ProcessMessage(req *Request, secret string) bool
	CheckValidity(req *Request, secret string) bool
}

RPCServer is the server interface

func NewRPCServer ¶

func NewRPCServer() RPCServer

NewRPCServer returns an interface RPCServer

type RPCWrapper ¶

type RPCWrapper struct {
	sync.Mutex
	// contains filtered or unexported fields
}

RPCWrapper is a struct which holds stats for all rpc sesions

func NewRPCWrapper ¶

func NewRPCWrapper() *RPCWrapper

NewRPCWrapper creates a new rpcwrapper

func (*RPCWrapper) CheckValidity ¶

func (r *RPCWrapper) CheckValidity(req *Request, secret string) bool

CheckValidity checks if the received message is valid

func (*RPCWrapper) ContextList ¶

func (r *RPCWrapper) ContextList() []string

ContextList returns the list of active context managed by the rpcwrapper

func (*RPCWrapper) DestroyRPCClient ¶

func (r *RPCWrapper) DestroyRPCClient(contextID string)

DestroyRPCClient calls close on the rpc and cleans up the connection

func (*RPCWrapper) GetRPCClient ¶

func (r *RPCWrapper) GetRPCClient(contextID string) (*RPCHdl, error)

GetRPCClient gets a handle to the rpc client for the contextID( enforcer in the container)

func (*RPCWrapper) NewRPCClient ¶

func (r *RPCWrapper) NewRPCClient(contextID string, channel string, sharedsecret string) error

NewRPCClient exported

func (*RPCWrapper) ProcessMessage ¶

func (r *RPCWrapper) ProcessMessage(req *Request, secret string) bool

ProcessMessage checks if the given request is valid

func (*RPCWrapper) RemoteCall ¶

func (r *RPCWrapper) RemoteCall(contextID string, methodName string, req *Request, resp *Response) error

RemoteCall is a wrapper around rpc.Call and also ensure message integrity by adding a hmac

func (*RPCWrapper) StartServer ¶

func (r *RPCWrapper) StartServer(protocol string, path string, handler interface{}) error

StartServer Starts a server and waits for new connections this function never returns

type Request ¶

type Request struct {
	HashAuth []byte
	Payload  interface{}
}

Request exported

type Response ¶

type Response struct {
	Status string
}

Response is the response for every RPC call. This is used to carry the status of the actual function call made on the remote end

type StatsPayload ¶

type StatsPayload struct {
	Flows map[string]*collector.FlowRecord `json:",omitempty"`
}

StatsPayload is the payload carries by the stats reporting form the remote enforcer

type SuperviseRequestPayload ¶

type SuperviseRequestPayload struct {
	ContextID        string                      `json:",omitempty"`
	ManagementID     string                      `json:",omitempty"`
	TriremeAction    policy.PUAction             `json:",omitempty"`
	ApplicationACLs  policy.IPRuleList           `json:",omitempty"`
	NetworkACLs      policy.IPRuleList           `json:",omitempty"`
	PolicyIPs        policy.ExtendedMap          `json:",omitempty"`
	Identity         *policy.TagStore            `json:",omitempty"`
	Annotations      *policy.TagStore            `json:",omitempty"`
	ReceiverRules    policy.TagSelectorList      `json:",omitempty"`
	TransmitterRules policy.TagSelectorList      `json:",omitempty"`
	ExcludedNetworks []string                    `json:",omitempty"`
	TriremeNetworks  []string                    `json:",omitempty"`
	ProxiedServices  *policy.ProxiedServicesInfo `json:",omitempty"`
}

SuperviseRequestPayload for Supervise request

type SuperviseResponsePayload ¶

type SuperviseResponsePayload struct {
	Status int `json:",omitempty"`
}

SuperviseResponsePayload exported

type TestRPCClient ¶

type TestRPCClient interface {
	RPCClient
	MockNewRPCClient(t *testing.T, impl func(contextID string, channel string, secret string) error)
	MockGetRPCClient(t *testing.T, impl func(contextID string) (*RPCHdl, error))
	MockRemoteCall(t *testing.T, impl func(contextID string, methodName string, req *Request, resp *Response) error)
	MockDestroyRPCClient(t *testing.T, impl func(contextID string))
	MockContextList(t *testing.T, impl func() []string)
	MockCheckValidity(t *testing.T, impl func(req *Request, secret string) bool)
}

TestRPCClient is a RPC Client used for test

func NewTestRPCClient ¶

func NewTestRPCClient() TestRPCClient

NewTestRPCClient is a Test RPC Client

type TestRPCServer ¶

type TestRPCServer interface {
	RPCServer
	MockStartServer(t *testing.T, impl func(protocol string, path string, handler interface{}) error)
	MockProcessMessage(t *testing.T, impl func(req *Request, secret string) bool)
	MockCheckValidity(t *testing.T, impl func(req *Request, secret string) bool)
}

TestRPCServer is a RPC Server used for test

func NewTestRPCServer ¶

func NewTestRPCServer() TestRPCServer

NewTestRPCServer is a Test RPC Server

type UnEnforcePayload ¶

type UnEnforcePayload struct {
	ContextID string `json:",omitempty"`
}

UnEnforcePayload payload for unenforce request

type UnEnforceResponsePayload ¶

type UnEnforceResponsePayload struct {
	Status int `json:",omitempty"`
}

UnEnforceResponsePayload exported

type UnSupervisePayload ¶

type UnSupervisePayload struct {
	ContextID string `json:",omitempty"`
}

UnSupervisePayload payload for unsupervise request

type UpdateSecretsPayload ¶

type UpdateSecretsPayload struct {
	SecretType   secrets.PrivateSecretsType `json:",omitempty"`
	CAPEM        []byte                     `json:",omitempty"`
	TokenKeyPEMs [][]byte                   `json:",omitempty"`
	PublicPEM    []byte                     `json:",omitempty"`
	PrivatePEM   []byte                     `json:",omitempty"`
	Token        []byte                     `json:",omitempty"`
}

UpdateSecretsPayload payload for the update secrets to remote enforcers

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mock

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL