Documentation
¶
Index ¶
Constants ¶
const SignedGroupMaxSafeInnerLength = UDPMaxSafePayload - sgvFactOverhead - sgvOverhead
SignedGroupMaxSafeInnerLength is the maximum safe length for `InnerBytes` above which fragmentation or packet drops may happen. This is computed based on the max safe UDP payload for IPv6, minus the fact & crypto overheads.
const UDPMaxSafePayload = 1212
UDPMaxSafePayload is the maximum payload size of a UDP packet we can safely send. we only need to worry about IPv6 for this
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Attribute ¶
type Attribute byte
Attribute is a byte identifying what aspect of a Subject a Fact describes
const ( AttributeUnknown Attribute = 0 AttributeEndpointV4 Attribute = 'e' AttributeEndpointV6 Attribute = 'E' AttributeAllowedCidrV4 Attribute = 'a' AttributeAllowedCidrV6 Attribute = 'A' // A signed group is a bit different from other facts // in this case, the subject is actually the source, // and the value is a signed aggregate of other facts. AttributeSignedGroup Attribute = 'S' )
fact types, denoted as attributes of a subject
type EmptyValue ¶
type EmptyValue struct{}
EmptyValue is used to represent facts of AttributeUnknown with a zero length value, which indicate just that a remote peer is alive and talking to us
func (EmptyValue) Bytes ¶
func (v EmptyValue) Bytes() []byte
Bytes always returns an empty slice for EmptyValue
func (EmptyValue) String ¶
func (v EmptyValue) String() string
type Fact ¶
Fact represents a single piece of information about a subject, with an associated expiration time
func SortedCopy ¶
SortedCopy makes a copy of the list and then sorts it "naturally"
type GroupAccumulator ¶ added in v0.2.0
type GroupAccumulator struct {
// contains filtered or unexported fields
}
GroupAccumulator is a helper to aggregate individual facts into (signed) groups of a max size
func NewAccumulator ¶ added in v0.2.0
func NewAccumulator(maxGroupLen int) *GroupAccumulator
NewAccumulator initializes a new GroupAccumulator with a given max inner size per group.
func (*GroupAccumulator) AddFact ¶ added in v0.2.0
func (ga *GroupAccumulator) AddFact(f *Fact) error
AddFact appends the given fact into the accumulator
func (*GroupAccumulator) AddFactIfRoom ¶ added in v0.2.1
func (ga *GroupAccumulator) AddFactIfRoom(f *Fact) (added bool, err error)
AddFactIfRoom conditionally adds the fact if and only if it won't result in creating a new group
func (*GroupAccumulator) MakeSignedGroups ¶ added in v0.2.0
func (ga *GroupAccumulator) MakeSignedGroups( s *signing.Signer, recipient *wgtypes.Key, ) ([]Fact, error)
MakeSignedGroups converts all the accumulated facts into SignedGroups of no more than the specified max inner size.
type IPNetValue ¶
IPNetValue represents some IP+Mask as an Attribute of a Subject
func ParseCidrV4 ¶
func ParseCidrV4(data []byte) (*IPNetValue, error)
ParseCidrV4 parses a bytes value as an IPv4 address and CIDR prefix
func ParseCidrV6 ¶
func ParseCidrV6(data []byte) (*IPNetValue, error)
ParseCidrV6 parses a bytes value as an IPv6 address and CIDR prefix
func (IPNetValue) Bytes ¶
func (ipn IPNetValue) Bytes() []byte
Bytes gives the binary representation of the ip and cidr prefix
func (IPNetValue) String ¶
func (ipn IPNetValue) String() string
type IPPortValue ¶
IPPortValue represents an IP:port pair as an Attribute of a Subject
func ParseEndpointV4 ¶
func ParseEndpointV4(data []byte) (*IPPortValue, error)
ParseEndpointV4 parses a bytes value as an IPv4 address and port pair
func ParseEndpointV6 ¶
func ParseEndpointV6(data []byte) (*IPPortValue, error)
ParseEndpointV6 parses a bytes value as an IPv6 address and port pair
func (*IPPortValue) Bytes ¶
func (ipp *IPPortValue) Bytes() []byte
Bytes returns the normalized binary representation
func (*IPPortValue) String ¶
func (ipp *IPPortValue) String() string
type Key ¶
type Key struct {
// contains filtered or unexported fields
}
Key is a comparable version of the subject, attribute, and value of a Fact
type OnWire ¶
type OnWire struct {
// contains filtered or unexported fields
}
OnWire is the intermediate representation of fact packet on the wire
func Deserialize ¶
Deserialize tries to turn a packet from the wire into the intermediate structure
type PeerSubject ¶
PeerSubject is a subject that is a peer identified via its public key
func ParsePeerSubject ¶
func ParsePeerSubject(data []byte) (*PeerSubject, error)
ParsePeerSubject parses bytes from the wire into a peer subject object
func (*PeerSubject) Bytes ¶
func (s *PeerSubject) Bytes() []byte
Bytes gives the binary representation of a peer's public key
type SignedGroupValue ¶ added in v0.2.0
type SignedGroupValue struct {
Nonce [chacha20poly1305.NonceSizeX]byte
Tag [poly1305.TagSize]byte
InnerBytes []byte
}
SignedGroupValue represents a signed chunk of other fact data. Note that this structure does _not_ include parsing those inner bytes!
func ParseSignedGroupValue ¶ added in v0.2.0
func ParseSignedGroupValue(data []byte) (*SignedGroupValue, error)
ParseSignedGroupValue parses a bytes value as a Nonce, Tag, and inner data array
func (*SignedGroupValue) Bytes ¶ added in v0.2.0
func (sgv *SignedGroupValue) Bytes() []byte
Bytes gives the on-wire form of the value
func (*SignedGroupValue) ParseInner ¶ added in v0.2.0
func (sgv *SignedGroupValue) ParseInner() (ret []*Fact, err error)
ParseInner parses the inner bytes of a SignedGroupValue into facts. Validating the signature must be done separately, and should be done before calling this method.
func (*SignedGroupValue) String ¶ added in v0.2.0
func (sgv *SignedGroupValue) String() string
Source Files