From 75f7bda0a497c65d2d9138d608aad5932cab201b Mon Sep 17 00:00:00 2001 From: Nathan Brown Date: Wed, 31 Mar 2021 17:32:02 -0500 Subject: [PATCH] Lighthouse performance pass (#418) --- Makefile | 6 +- e2e/handshakes_test.go | 8 +- go.mod | 1 + go.sum | 21 +- handshake_manager_test.go | 7 +- inside.go | 2 +- lighthouse.go | 697 ++++++----- lighthouse_test.go | 287 +++-- nebula.pb.go | 2300 +++++++++++++++++++++++++++---------- nebula.proto | 6 +- outside.go | 2 +- ssh.go | 13 +- 12 files changed, 2378 insertions(+), 972 deletions(-) diff --git a/Makefile b/Makefile index fcef8e5..2f2ba02 100644 --- a/Makefile +++ b/Makefile @@ -126,9 +126,9 @@ bench-cpu-long: proto: nebula.pb.go cert/cert.pb.go nebula.pb.go: nebula.proto .FORCE - go build google.golang.org/protobuf/cmd/protoc-gen-go - PATH="$(CURDIR):$(PATH)" protoc --go_out=. --go_opt=paths=source_relative $< - rm protoc-gen-go + go build github.com/gogo/protobuf/protoc-gen-gogofaster + PATH="$(CURDIR):$(PATH)" protoc --gogofaster_out=. $< + rm protoc-gen-gogofaster cert/cert.pb.go: cert/cert.proto .FORCE $(MAKE) -C cert cert.pb.go diff --git a/e2e/handshakes_test.go b/e2e/handshakes_test.go index 08df2d9..75ea2de 100644 --- a/e2e/handshakes_test.go +++ b/e2e/handshakes_test.go @@ -66,12 +66,12 @@ func TestWrongResponderHandshake(t *testing.T) { theirControl, theirVpnIp, theirUdpAddr := newSimpleServer(ca, caKey, "them", net.IP{10, 0, 0, 2}) evilControl, evilVpnIp, evilUdpAddr := newSimpleServer(ca, caKey, "evil", net.IP{10, 0, 0, 99}) - // Put the evil udp addr in for their vpn Ip, this is a case of being lied to by the lighthouse - myControl.InjectLightHouseAddr(theirVpnIp, evilUdpAddr) - - // But also add their real udp addr, which should be tried after evil + // Add their real udp addr, which should be tried after evil. Doing this first because learned addresses are prepended myControl.InjectLightHouseAddr(theirVpnIp, theirUdpAddr) + // Put the evil udp addr in for their vpn Ip, this is a case of being lied to by the lighthouse. This will now be the first attempted ip + myControl.InjectLightHouseAddr(theirVpnIp, evilUdpAddr) + // Build a router so we don't have to reason who gets which packet r := router.NewR(myControl, theirControl, evilControl) diff --git a/go.mod b/go.mod index df5c181..fd281c1 100644 --- a/go.mod +++ b/go.mod @@ -9,6 +9,7 @@ require ( github.com/cyberdelia/go-metrics-graphite v0.0.0-20161219230853-39f87cc3b432 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 // indirect github.com/flynn/noise v0.0.0-20210331153838-4bdb43be3117 + github.com/gogo/protobuf v1.3.2 github.com/golang/protobuf v1.5.0 github.com/google/gopacket v1.1.19 github.com/imdario/mergo v0.3.8 diff --git a/go.sum b/go.sum index 3e4e866..bdfe2bc 100644 --- a/go.sum +++ b/go.sum @@ -28,6 +28,8 @@ github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -47,6 +49,8 @@ github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/u github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/kardianos/service v1.1.0 h1:QV2SiEeWK42P0aEmGcsAgjApw/lRxkwopvT+Gu6t1/0= github.com/kardianos/service v1.1.0/go.mod h1:RrJI2xn5vve/r32U5suTbeaSGoMU6GbNPoj36CVYcHc= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -107,26 +111,34 @@ github.com/vishvananda/netlink v1.0.1-0.20190522153524-00009fb8606a h1:Bt1IVPhiC github.com/vishvananda/netlink v1.0.1-0.20190522153524-00009fb8606a/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df h1:OviZH7qLw/7ZovXvuNyL3XQl8UFofeikI1NW1Gypu7k= github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 h1:qWPm9rbaAMKs8Bq/9LRpbMqxWRVUAQwMI9fVrssnTfw= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -136,6 +148,7 @@ golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= @@ -145,11 +158,15 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= diff --git a/handshake_manager_test.go b/handshake_manager_test.go index ee1c640..b97da5c 100644 --- a/handshake_manager_test.go +++ b/handshake_manager_test.go @@ -142,8 +142,11 @@ func Test_NewHandshakeManagerTrigger(t *testing.T) { hi := blah.pendingHostMap.Hosts[ip] assert.Nil(t, hi.remote) - lh.addrMap = map[uint32][]*udpAddr{ - ip: {NewUDPAddrFromString("10.1.1.1:4242")}, + uaddr := NewUDPAddrFromString("10.1.1.1:4242") + lh.addrMap = map[uint32]*ip4And6{} + lh.addrMap[ip] = &ip4And6{ + v4: []*Ip4AndPort{NewIp4AndPort(uaddr.IP, uint32(uaddr.Port))}, + v6: []*Ip6AndPort{}, } // This should trigger the hostmap to populate the hostinfo diff --git a/inside.go b/inside.go index 239b3c3..3e9b7c9 100644 --- a/inside.go +++ b/inside.go @@ -247,7 +247,7 @@ func (f *Interface) sendNoMetrics(t NebulaMessageType, st NebulaMessageSubType, if hostinfo.lastRebindCount != f.rebindCount { //NOTE: there is an update hole if a tunnel isn't used and exactly 256 rebinds occur before the tunnel is // finally used again. This tunnel would eventually be torn down and recreated if this action didn't help. - f.lightHouse.Query(hostinfo.hostId, f) + f.lightHouse.QueryServer(hostinfo.hostId, f) hostinfo.lastRebindCount = f.rebindCount if f.l.Level >= logrus.DebugLevel { f.l.WithField("vpnIp", hostinfo.hostId).Debug("Lighthouse update triggered for punch due to rebind counter") diff --git a/lighthouse.go b/lighthouse.go index 84f1dd2..f97fb25 100644 --- a/lighthouse.go +++ b/lighthouse.go @@ -1,6 +1,7 @@ package nebula import ( + "bytes" "errors" "fmt" "net" @@ -10,19 +11,38 @@ import ( "github.com/golang/protobuf/proto" "github.com/rcrowley/go-metrics" "github.com/sirupsen/logrus" - "github.com/slackhq/nebula/cert" ) +//TODO: if the pb code for ipv6 used a fixed data type we could save more work +//TODO: nodes are roaming lighthouses, this is bad. How are they learning? +//TODO: as a lh client, ignore any address within my nebula network????? + var ErrHostNotKnown = errors.New("host not known") +// The maximum number of ip addresses to store for a given vpnIp per address family +const maxAddrs = 10 + +type ip4And6 struct { + //TODO: adding a lock here could allow us to release the lock on lh.addrMap quicker + + // v4 and v6 store addresses that have been self reported by the client + v4 []*Ip4AndPort + v6 []*Ip6AndPort + + // Learned addresses are ones that a client does not know about but a lighthouse learned from as a result of the received packet + learnedV4 []*Ip4AndPort + learnedV6 []*Ip6AndPort +} + type LightHouse struct { + //TODO: We need a timer wheel to kick out vpnIps that haven't reported in a long time sync.RWMutex //Because we concurrently read and write to our maps amLighthouse bool myIp uint32 punchConn *udpConn // Local cache of answers from light houses - addrMap map[uint32][]*udpAddr + addrMap map[uint32]*ip4And6 // filters remote addresses allowed for each host // - When we are a lighthouse, this filters what addresses we store and @@ -53,14 +73,13 @@ type LightHouse struct { type EncWriter interface { SendMessageToVpnIp(t NebulaMessageType, st NebulaMessageSubType, vpnIp uint32, p, nb, out []byte) - SendMessageToAll(t NebulaMessageType, st NebulaMessageSubType, vpnIp uint32, p, nb, out []byte) } func NewLightHouse(l *logrus.Logger, amLighthouse bool, myIp uint32, ips []uint32, interval int, nebulaPort uint32, pc *udpConn, punchBack bool, punchDelay time.Duration, metricsEnabled bool) *LightHouse { h := LightHouse{ amLighthouse: amLighthouse, myIp: myIp, - addrMap: make(map[uint32][]*udpAddr), + addrMap: make(map[uint32]*ip4And6), nebulaPort: nebulaPort, lighthouses: make(map[uint32]struct{}), staticList: make(map[uint32]struct{}), @@ -110,13 +129,14 @@ func (lh *LightHouse) ValidateLHStaticEntries() error { } func (lh *LightHouse) Query(ip uint32, f EncWriter) ([]*udpAddr, error) { + //TODO: we need to hold the lock through the next func if !lh.IsLighthouseIP(ip) { lh.QueryServer(ip, f) } lh.RLock() if v, ok := lh.addrMap[ip]; ok { lh.RUnlock() - return v, nil + return TransformLHReplyToUdpAddrs(v), nil } lh.RUnlock() return nil, ErrHostNotKnown @@ -141,17 +161,29 @@ func (lh *LightHouse) QueryServer(ip uint32, f EncWriter) { } } -// Query our local lighthouse cached results func (lh *LightHouse) QueryCache(ip uint32) []*udpAddr { + //TODO: we need to hold the lock through the next func lh.RLock() if v, ok := lh.addrMap[ip]; ok { lh.RUnlock() - return v + return TransformLHReplyToUdpAddrs(v) } lh.RUnlock() return nil } +// +func (lh *LightHouse) queryAndPrepMessage(ip uint32, f func(*ip4And6) (int, error)) (bool, int, error) { + lh.RLock() + if v, ok := lh.addrMap[ip]; ok { + n, err := f(v) + lh.RUnlock() + return true, n, err + } + lh.RUnlock() + return false, 0, nil +} + func (lh *LightHouse) DeleteVpnIP(vpnIP uint32) { // First we check the static mapping // and do nothing if it is there @@ -161,11 +193,46 @@ func (lh *LightHouse) DeleteVpnIP(vpnIP uint32) { lh.Lock() //l.Debugln(lh.addrMap) delete(lh.addrMap, vpnIP) - lh.l.Debugf("deleting %s from lighthouse.", IntIp(vpnIP)) + + if lh.l.Level >= logrus.DebugLevel { + lh.l.Debugf("deleting %s from lighthouse.", IntIp(vpnIP)) + } + lh.Unlock() } -func (lh *LightHouse) AddRemote(vpnIP uint32, toIp *udpAddr, static bool) { +// AddRemote is correct way for non LightHouse members to add an address. toAddr will be placed in the learned map +// static means this is a static host entry from the config file, it should only be used on start up +func (lh *LightHouse) AddRemote(vpnIP uint32, toAddr *udpAddr, static bool) { + if ipv4 := toAddr.IP.To4(); ipv4 != nil { + lh.addRemoteV4(vpnIP, NewIp4AndPort(ipv4, uint32(toAddr.Port)), static, true) + } else { + lh.addRemoteV6(vpnIP, NewIp6AndPort(toAddr.IP, uint32(toAddr.Port)), static, true) + } + + //TODO: if we do not add due to a config filter we may end up not having any addresses here + if static { + lh.staticList[vpnIP] = struct{}{} + } +} + +// unsafeGetAddrs assumes you have the lh lock +func (lh *LightHouse) unsafeGetAddrs(vpnIP uint32) *ip4And6 { + am, ok := lh.addrMap[vpnIP] + if !ok { + am = &ip4And6{ + v4: make([]*Ip4AndPort, 0), + v6: make([]*Ip6AndPort, 0), + learnedV4: make([]*Ip4AndPort, 0), + learnedV6: make([]*Ip6AndPort, 0), + } + lh.addrMap[vpnIP] = am + } + return am +} + +// addRemoteV4 is a lighthouse internal method that prepends a remote if it is allowed by the allow list and not duplicated +func (lh *LightHouse) addRemoteV4(vpnIP uint32, to *Ip4AndPort, static bool, learned bool) { // First we check if the sender thinks this is a static entry // and do nothing if it is not, but should be considered static if static == false { @@ -176,24 +243,108 @@ func (lh *LightHouse) AddRemote(vpnIP uint32, toIp *udpAddr, static bool) { lh.Lock() defer lh.Unlock() - for _, v := range lh.addrMap[vpnIP] { - if v.Equals(toIp) { + am := lh.unsafeGetAddrs(vpnIP) + + if learned { + if !lh.unlockedShouldAddV4(am.learnedV4, to) { + return + } + am.learnedV4 = prependAndLimitV4(am.learnedV4, to) + } else { + if !lh.unlockedShouldAddV4(am.v4, to) { + return + } + am.v4 = prependAndLimitV4(am.v4, to) + } +} + +func prependAndLimitV4(cache []*Ip4AndPort, to *Ip4AndPort) []*Ip4AndPort { + cache = append(cache, nil) + copy(cache[1:], cache) + cache[0] = to + if len(cache) > MaxRemotes { + cache = cache[:maxAddrs] + } + return cache +} + +// unlockedShouldAddV4 checks if to is allowed by our allow list and is not already present in the cache +func (lh *LightHouse) unlockedShouldAddV4(am []*Ip4AndPort, to *Ip4AndPort) bool { + ip := int2ip(to.Ip) + allow := lh.remoteAllowList.Allow(ip) + if lh.l.Level >= logrus.DebugLevel { + lh.l.WithField("remoteIp", ip).WithField("allow", allow).Debug("remoteAllowList.Allow") + } + + if !allow { + return false + } + + for _, v := range am { + if v.Ip == to.Ip && v.Port == to.Port { + return false + } + } + + return true +} + +// addRemoteV6 is a lighthouse internal method that prepends a remote if it is allowed by the allow list and not duplicated +func (lh *LightHouse) addRemoteV6(vpnIP uint32, to *Ip6AndPort, static bool, learned bool) { + // First we check if the sender thinks this is a static entry + // and do nothing if it is not, but should be considered static + if static == false { + if _, ok := lh.staticList[vpnIP]; ok { return } } - allow := lh.remoteAllowList.Allow(toIp.IP) - lh.l.WithField("remoteIp", toIp).WithField("allow", allow).Debug("remoteAllowList.Allow") + lh.Lock() + defer lh.Unlock() + am := lh.unsafeGetAddrs(vpnIP) + + if learned { + if !lh.unlockedShouldAddV6(am.learnedV6, to) { + return + } + am.learnedV6 = prependAndLimitV6(am.learnedV6, to) + } else { + if !lh.unlockedShouldAddV6(am.v6, to) { + return + } + am.v6 = prependAndLimitV6(am.v6, to) + } +} + +func prependAndLimitV6(cache []*Ip6AndPort, to *Ip6AndPort) []*Ip6AndPort { + cache = append(cache, nil) + copy(cache[1:], cache) + cache[0] = to + if len(cache) > MaxRemotes { + cache = cache[:maxAddrs] + } + return cache +} + +// unlockedShouldAddV6 checks if to is allowed by our allow list and is not already present in the cache +func (lh *LightHouse) unlockedShouldAddV6(am []*Ip6AndPort, to *Ip6AndPort) bool { + ip := net.IP(to.Ip) + allow := lh.remoteAllowList.Allow(ip) + if lh.l.Level >= logrus.DebugLevel { + lh.l.WithField("remoteIp", ip).WithField("allow", allow).Debug("remoteAllowList.Allow") + } + if !allow { - return + return false } - //l.Debugf("Adding reply of %s as %s\n", IntIp(vpnIP), toIp) - if static { - lh.staticList[vpnIP] = struct{}{} + for _, v := range am { + if bytes.Equal(v.Ip, to.Ip) && v.Port == to.Port { + return false + } } - lh.addrMap[vpnIP] = append(lh.addrMap[vpnIP], toIp.Copy()) + return true } func (lh *LightHouse) AddRemoteAndReset(vpnIP uint32, toIp *udpAddr) { @@ -201,7 +352,6 @@ func (lh *LightHouse) AddRemoteAndReset(vpnIP uint32, toIp *udpAddr) { lh.DeleteVpnIP(vpnIP) lh.AddRemote(vpnIP, toIp, false) } - } func (lh *LightHouse) IsLighthouseIP(vpnIP uint32) bool { @@ -220,32 +370,20 @@ func NewLhQueryByInt(VpnIp uint32) *NebulaMeta { } } -type ip4Or6 struct { - v4 IpAndPort - v6 Ip6AndPort +func NewIp4AndPort(ip net.IP, port uint32) *Ip4AndPort { + ipp := Ip4AndPort{Port: port} + ipp.Ip = ip2int(ip) + return &ipp } -func NewIpAndPort(ip net.IP, port uint32) ip4Or6 { - ipp := ip4Or6{} - - if ipv4 := ip.To4(); ipv4 != nil { - ipp.v4 = IpAndPort{Port: port} - ipp.v4.Ip = ip2int(ip) - - } else { - ipp.v6 = Ip6AndPort{Port: port} - ipp.v6.Ip = make([]byte, len(ip)) - copy(ipp.v6.Ip, ip) - } - - return ipp +func NewIp6AndPort(ip net.IP, port uint32) *Ip6AndPort { + ipp := Ip6AndPort{Port: port} + ipp.Ip = make([]byte, len(ip)) + copy(ipp.Ip, ip) + return &ipp } -func NewIpAndPortFromUDPAddr(addr *udpAddr) ip4Or6 { - return NewIpAndPort(addr.IP, uint32(addr.Port)) -} - -func NewUDPAddrFromLH4(ipp *IpAndPort) *udpAddr { +func NewUDPAddrFromLH4(ipp *Ip4AndPort) *udpAddr { ip := ipp.Ip return NewUDPAddr( net.IPv4(byte(ip&0xff000000>>24), byte(ip&0x00ff0000>>16), byte(ip&0x0000ff00>>8), byte(ip&0x000000ff)), @@ -269,26 +407,26 @@ func (lh *LightHouse) LhUpdateWorker(f EncWriter) { } func (lh *LightHouse) SendUpdate(f EncWriter) { - var v4 []*IpAndPort + var v4 []*Ip4AndPort var v6 []*Ip6AndPort for _, e := range *localIps(lh.l, lh.localAllowList) { - // Only add IPs that aren't my VPN/tun IP - if ip2int(e) != lh.myIp { - ipp := NewIpAndPort(e, lh.nebulaPort) - if len(ipp.v6.Ip) > 0 { - v6 = append(v6, &ipp.v6) - } else { - v4 = append(v4, &ipp.v4) - } + if ip2int(e) == lh.myIp { + continue + } + // Only add IPs that aren't my VPN/tun IP + if ip := e.To4(); ip != nil { + v4 = append(v4, NewIp4AndPort(e, lh.nebulaPort)) + } else { + v6 = append(v6, NewIp6AndPort(e, lh.nebulaPort)) } } m := &NebulaMeta{ Type: NebulaMeta_HostUpdateNotification, Details: &NebulaMetaDetails{ VpnIp: lh.myIp, - IpAndPorts: v4, + Ip4AndPorts: v4, Ip6AndPorts: v6, }, } @@ -298,7 +436,7 @@ func (lh *LightHouse) SendUpdate(f EncWriter) { out := make([]byte, mtu) for vpnIp := range lh.lighthouses { mm, err := proto.Marshal(m) - if err != nil { + if err != nil && lh.l.Level >= logrus.DebugLevel { lh.l.Debugf("Invalid marshal to update") } //l.Error("LIGHTHOUSE PACKET SEND", mm) @@ -311,9 +449,9 @@ type LightHouseHandler struct { lh *LightHouse nb []byte out []byte + pb []byte meta *NebulaMeta - iap []ip4Or6 - iapp []*ip4Or6 + l *logrus.Logger } func (lh *LightHouse) NewRequestHandler() *LightHouseHandler { @@ -321,288 +459,283 @@ func (lh *LightHouse) NewRequestHandler() *LightHouseHandler { lh: lh, nb: make([]byte, 12, 12), out: make([]byte, mtu), + l: lh.l, + pb: make([]byte, mtu), meta: &NebulaMeta{ Details: &NebulaMetaDetails{}, }, } - lhh.resizeIpAndPorts(10) - return lhh } +func (lh *LightHouse) metricRx(t NebulaMeta_MessageType, i int64) { + lh.metrics.Rx(NebulaMessageType(t), 0, i) +} + +func (lh *LightHouse) metricTx(t NebulaMeta_MessageType, i int64) { + lh.metrics.Tx(NebulaMessageType(t), 0, i) +} + // This method is similar to Reset(), but it re-uses the pointer structs // so that we don't have to re-allocate them func (lhh *LightHouseHandler) resetMeta() *NebulaMeta { details := lhh.meta.Details - - details.Reset() lhh.meta.Reset() + + // Keep the array memory around + details.Ip4AndPorts = details.Ip4AndPorts[:0] + details.Ip6AndPorts = details.Ip6AndPorts[:0] lhh.meta.Details = details return lhh.meta } -func (lhh *LightHouseHandler) resizeIpAndPorts(n int) { - if cap(lhh.iap) < n { - lhh.iap = make([]ip4Or6, n) - lhh.iapp = make([]*ip4Or6, n) - - for i := range lhh.iap { - lhh.iapp[i] = &lhh.iap[i] - } - } - lhh.iap = lhh.iap[:n] - lhh.iapp = lhh.iapp[:n] -} - -func (lhh *LightHouseHandler) setIpAndPortsFromNetIps(ips []*udpAddr) []*ip4Or6 { - lhh.resizeIpAndPorts(len(ips)) - for i, e := range ips { - lhh.iap[i] = NewIpAndPortFromUDPAddr(e) - } - return lhh.iapp -} - -func (lhh *LightHouseHandler) HandleRequest(rAddr *udpAddr, vpnIp uint32, p []byte, c *cert.NebulaCertificate, f EncWriter) { - lh := lhh.lh +//TODO: do we need c here? +func (lhh *LightHouseHandler) HandleRequest(rAddr *udpAddr, vpnIp uint32, p []byte, w EncWriter) { n := lhh.resetMeta() - err := proto.UnmarshalMerge(p, n) + err := n.Unmarshal(p) if err != nil { - lh.l.WithError(err).WithField("vpnIp", IntIp(vpnIp)).WithField("udpAddr", rAddr). + lhh.l.WithError(err).WithField("vpnIp", IntIp(vpnIp)).WithField("udpAddr", rAddr). Error("Failed to unmarshal lighthouse packet") //TODO: send recv_error? return } if n.Details == nil { - lh.l.WithField("vpnIp", IntIp(vpnIp)).WithField("udpAddr", rAddr). + lhh.l.WithField("vpnIp", IntIp(vpnIp)).WithField("udpAddr", rAddr). Error("Invalid lighthouse update") //TODO: send recv_error? return } - lh.metricRx(n.Type, 1) + lhh.lh.metricRx(n.Type, 1) switch n.Type { case NebulaMeta_HostQuery: - // Exit if we don't answer queries - if !lh.amLighthouse { - lh.l.Debugln("I don't answer queries, but received from: ", rAddr) - return - } - - //l.Debugln("Got Query") - ips, err := lh.Query(n.Details.VpnIp, f) - if err != nil { - //l.Debugf("Can't answer query %s from %s because error: %s", IntIp(n.Details.VpnIp), rAddr, err) - return - } else { - reqVpnIP := n.Details.VpnIp - n = lhh.resetMeta() - n.Type = NebulaMeta_HostQueryReply - n.Details.VpnIp = reqVpnIP - - v4s := make([]*IpAndPort, 0) - v6s := make([]*Ip6AndPort, 0) - for _, v := range lhh.setIpAndPortsFromNetIps(ips) { - if len(v.v6.Ip) > 0 { - v6s = append(v6s, &v.v6) - } else { - v4s = append(v4s, &v.v4) - } - } - - if len(v4s) > 0 { - n.Details.IpAndPorts = v4s - } - - if len(v6s) > 0 { - n.Details.Ip6AndPorts = v6s - } - - reply, err := proto.Marshal(n) - if err != nil { - lh.l.WithError(err).WithField("vpnIp", IntIp(vpnIp)).Error("Failed to marshal lighthouse host query reply") - return - } - lh.metricTx(NebulaMeta_HostQueryReply, 1) - f.SendMessageToVpnIp(lightHouse, 0, vpnIp, reply, lhh.nb, lhh.out[:0]) - - // This signals the other side to punch some zero byte udp packets - ips, err = lh.Query(vpnIp, f) - if err != nil { - lh.l.WithField("vpnIp", IntIp(vpnIp)).Debugln("Can't notify host to punch") - return - } else { - //l.Debugln("Notify host to punch", iap) - n = lhh.resetMeta() - n.Type = NebulaMeta_HostPunchNotification - n.Details.VpnIp = vpnIp - - v4s := make([]*IpAndPort, 0) - v6s := make([]*Ip6AndPort, 0) - for _, v := range lhh.setIpAndPortsFromNetIps(ips) { - if len(v.v6.Ip) > 0 { - v6s = append(v6s, &v.v6) - } else { - v4s = append(v4s, &v.v4) - } - } - - if len(v4s) > 0 { - n.Details.IpAndPorts = v4s - } - - if len(v6s) > 0 { - n.Details.Ip6AndPorts = v6s - } - - reply, _ := proto.Marshal(n) - lh.metricTx(NebulaMeta_HostPunchNotification, 1) - f.SendMessageToVpnIp(lightHouse, 0, reqVpnIP, reply, lhh.nb, lhh.out[:0]) - } - //fmt.Println(reply, remoteaddr) - } + lhh.handleHostQuery(n, vpnIp, rAddr, w) case NebulaMeta_HostQueryReply: - if !lh.IsLighthouseIP(vpnIp) { - return - } - - for _, a := range n.Details.IpAndPorts { - ans := NewUDPAddrFromLH4(a) - if ans != nil { - lh.AddRemote(n.Details.VpnIp, ans, false) - } - } - - for _, a := range n.Details.Ip6AndPorts { - ans := NewUDPAddrFromLH6(a) - if ans != nil { - lh.AddRemote(n.Details.VpnIp, ans, false) - } - } - - // Non-blocking attempt to trigger, skip if it would block - select { - case lh.handshakeTrigger <- n.Details.VpnIp: - default: - } + lhh.handleHostQueryReply(n, vpnIp) case NebulaMeta_HostUpdateNotification: - //Simple check that the host sent this not someone else - if n.Details.VpnIp != vpnIp { - lh.l.WithField("vpnIp", IntIp(vpnIp)).WithField("answer", IntIp(n.Details.VpnIp)).Debugln("Host sent invalid update") - return - } - - for _, a := range n.Details.IpAndPorts { - ans := NewUDPAddrFromLH4(a) - if ans != nil { - lh.AddRemote(n.Details.VpnIp, ans, false) - } - } - - for _, a := range n.Details.Ip6AndPorts { - ans := NewUDPAddrFromLH6(a) - if ans != nil { - lh.AddRemote(n.Details.VpnIp, ans, false) - } - } + lhh.handleHostUpdateNotification(n, vpnIp) case NebulaMeta_HostMovedNotification: case NebulaMeta_HostPunchNotification: - if !lh.IsLighthouseIP(vpnIp) { + lhh.handleHostPunchNotification(n, vpnIp, w) + } +} + +func (lhh *LightHouseHandler) handleHostQuery(n *NebulaMeta, vpnIp uint32, addr *udpAddr, w EncWriter) { + // Exit if we don't answer queries + if !lhh.lh.amLighthouse { + if lhh.l.Level >= logrus.DebugLevel { + lhh.l.Debugln("I don't answer queries, but received from: ", addr) + } + return + } + + //TODO: we can DRY this further + reqVpnIP := n.Details.VpnIp + //TODO: Maybe instead of marshalling into n we marshal into a new `r` to not nuke our current request data + //TODO: If we use a lock on cache we can avoid holding it on lh.addrMap and keep things moving better + found, ln, err := lhh.lh.queryAndPrepMessage(n.Details.VpnIp, func(cache *ip4And6) (int, error) { + n = lhh.resetMeta() + n.Type = NebulaMeta_HostQueryReply + n.Details.VpnIp = reqVpnIP + + lhh.coalesceAnswers(cache, n) + + return n.MarshalTo(lhh.pb) + }) + + if !found { + return + } + + if err != nil { + lhh.l.WithError(err).WithField("vpnIp", IntIp(vpnIp)).Error("Failed to marshal lighthouse host query reply") + return + } + + lhh.lh.metricTx(NebulaMeta_HostQueryReply, 1) + w.SendMessageToVpnIp(lightHouse, 0, vpnIp, lhh.pb[:ln], lhh.nb, lhh.out[:0]) + + // This signals the other side to punch some zero byte udp packets + found, ln, err = lhh.lh.queryAndPrepMessage(vpnIp, func(cache *ip4And6) (int, error) { + n = lhh.resetMeta() + n.Type = NebulaMeta_HostPunchNotification + n.Details.VpnIp = vpnIp + + lhh.coalesceAnswers(cache, n) + + return n.MarshalTo(lhh.pb) + }) + + if !found { + return + } + + if err != nil { + lhh.l.WithError(err).WithField("vpnIp", IntIp(vpnIp)).Error("Failed to marshal lighthouse host was queried for") + return + } + + lhh.lh.metricTx(NebulaMeta_HostPunchNotification, 1) + w.SendMessageToVpnIp(lightHouse, 0, reqVpnIP, lhh.pb[:ln], lhh.nb, lhh.out[:0]) +} + +func (lhh *LightHouseHandler) coalesceAnswers(cache *ip4And6, n *NebulaMeta) { + n.Details.Ip4AndPorts = append(n.Details.Ip4AndPorts, cache.v4...) + n.Details.Ip4AndPorts = append(n.Details.Ip4AndPorts, cache.learnedV4...) + + n.Details.Ip6AndPorts = append(n.Details.Ip6AndPorts, cache.v6...) + n.Details.Ip6AndPorts = append(n.Details.Ip6AndPorts, cache.learnedV6...) +} + +func (lhh *LightHouseHandler) handleHostQueryReply(n *NebulaMeta, vpnIp uint32) { + if !lhh.lh.IsLighthouseIP(vpnIp) { + return + } + + // We can't just slam the responses in as they may come from multiple lighthouses and we should coalesce the answers + for _, to := range n.Details.Ip4AndPorts { + lhh.lh.addRemoteV4(n.Details.VpnIp, to, false, false) + } + + for _, to := range n.Details.Ip6AndPorts { + lhh.lh.addRemoteV6(n.Details.VpnIp, to, false, false) + } + + // Non-blocking attempt to trigger, skip if it would block + select { + case lhh.lh.handshakeTrigger <- n.Details.VpnIp: + default: + } +} + +func (lhh *LightHouseHandler) handleHostUpdateNotification(n *NebulaMeta, vpnIp uint32) { + if !lhh.lh.amLighthouse { + if lhh.l.Level >= logrus.DebugLevel { + lhh.l.Debugln("I am not a lighthouse, do not take host updates: ", vpnIp) + } + return + } + + //Simple check that the host sent this not someone else + if n.Details.VpnIp != vpnIp { + if lhh.l.Level >= logrus.DebugLevel { + lhh.l.WithField("vpnIp", IntIp(vpnIp)).WithField("answer", IntIp(n.Details.VpnIp)).Debugln("Host sent invalid update") + } + return + } + + lhh.lh.Lock() + defer lhh.lh.Unlock() + am := lhh.lh.unsafeGetAddrs(vpnIp) + + //TODO: other note on a lock for am so we can release more quickly and lock our real unit of change which is far less contended + //TODO: we are not filtering by local or remote allowed addrs here, is this an ok change to make? + + // We don't accumulate addresses being told to us + am.v4 = am.v4[:0] + am.v6 = am.v6[:0] + + for _, v := range n.Details.Ip4AndPorts { + if lhh.lh.unlockedShouldAddV4(am.v4, v) { + am.v4 = append(am.v4, v) + } + } + + for _, v := range n.Details.Ip6AndPorts { + if lhh.lh.unlockedShouldAddV6(am.v6, v) { + am.v6 = append(am.v6, v) + } + } + + // We prefer the first n addresses if we got too big + if len(am.v4) > MaxRemotes { + am.v4 = am.v4[:MaxRemotes] + } + + if len(am.v6) > MaxRemotes { + am.v6 = am.v6[:MaxRemotes] + } +} + +func (lhh *LightHouseHandler) handleHostPunchNotification(n *NebulaMeta, vpnIp uint32, w EncWriter) { + if !lhh.lh.IsLighthouseIP(vpnIp) { + return + } + + empty := []byte{0} + punch := func(vpnPeer *udpAddr) { + if vpnPeer == nil { return } - empty := []byte{0} - for _, a := range n.Details.IpAndPorts { - vpnPeer := NewUDPAddrFromLH4(a) - if vpnPeer == nil { - continue - } + go func() { + time.Sleep(lhh.lh.punchDelay) + lhh.lh.metricHolepunchTx.Inc(1) + lhh.lh.punchConn.WriteTo(empty, vpnPeer) + }() - go func() { - time.Sleep(lh.punchDelay) - lh.metricHolepunchTx.Inc(1) - lh.punchConn.WriteTo(empty, vpnPeer) - - }() - - if lh.l.Level >= logrus.DebugLevel { - //TODO: lacking the ip we are actually punching on, old: l.Debugf("Punching %s on %d for %s", IntIp(a.Ip), a.Port, IntIp(n.Details.VpnIp)) - lh.l.Debugf("Punching on %d for %s", a.Port, IntIp(n.Details.VpnIp)) - } + if lhh.l.Level >= logrus.DebugLevel { + //TODO: lacking the ip we are actually punching on, old: l.Debugf("Punching %s on %d for %s", IntIp(a.Ip), a.Port, IntIp(n.Details.VpnIp)) + lhh.l.Debugf("Punching on %d for %s", vpnPeer.Port, IntIp(n.Details.VpnIp)) } + } - for _, a := range n.Details.Ip6AndPorts { - vpnPeer := NewUDPAddrFromLH6(a) - if vpnPeer == nil { - continue + for _, a := range n.Details.Ip4AndPorts { + punch(NewUDPAddrFromLH4(a)) + } + + for _, a := range n.Details.Ip6AndPorts { + punch(NewUDPAddrFromLH6(a)) + } + + // This sends a nebula test packet to the host trying to contact us. In the case + // of a double nat or other difficult scenario, this may help establish + // a tunnel. + if lhh.lh.punchBack { + go func() { + time.Sleep(time.Second * 5) + if lhh.l.Level >= logrus.DebugLevel { + lhh.l.Debugf("Sending a nebula test packet to vpn ip %s", IntIp(n.Details.VpnIp)) } - - go func() { - time.Sleep(lh.punchDelay) - lh.metricHolepunchTx.Inc(1) - lh.punchConn.WriteTo(empty, vpnPeer) - - }() - - if lh.l.Level >= logrus.DebugLevel { - //TODO: lacking the ip we are actually punching on, old: l.Debugf("Punching %s on %d for %s", IntIp(a.Ip), a.Port, IntIp(n.Details.VpnIp)) - lh.l.Debugf("Punching on %d for %s", a.Port, IntIp(n.Details.VpnIp)) - } - } - - // This sends a nebula test packet to the host trying to contact us. In the case - // of a double nat or other difficult scenario, this may help establish - // a tunnel. - if lh.punchBack { - go func() { - time.Sleep(time.Second * 5) - lh.l.Debugf("Sending a nebula test packet to vpn ip %s", IntIp(n.Details.VpnIp)) - // TODO we have to allocate a new output buffer here since we are spawning a new goroutine - // for each punchBack packet. We should move this into a timerwheel or a single goroutine - // managed by a channel. - f.SendMessageToVpnIp(test, testRequest, n.Details.VpnIp, []byte(""), make([]byte, 12, 12), make([]byte, mtu)) - }() - } + //NOTE: we have to allocate a new output buffer here since we are spawning a new goroutine + // for each punchBack packet. We should move this into a timerwheel or a single goroutine + // managed by a channel. + w.SendMessageToVpnIp(test, testRequest, n.Details.VpnIp, []byte(""), make([]byte, 12, 12), make([]byte, mtu)) + }() } } -func (lh *LightHouse) metricRx(t NebulaMeta_MessageType, i int64) { - lh.metrics.Rx(NebulaMessageType(t), 0, i) -} -func (lh *LightHouse) metricTx(t NebulaMeta_MessageType, i int64) { - lh.metrics.Tx(NebulaMessageType(t), 0, i) -} +func TransformLHReplyToUdpAddrs(ips *ip4And6) []*udpAddr { + addrs := make([]*udpAddr, len(ips.v4)+len(ips.v6)+len(ips.learnedV4)+len(ips.learnedV6)) + i := 0 -/* -func (f *Interface) sendPathCheck(ci *ConnectionState, endpoint *net.UDPAddr, counter int) { - c := ci.messageCounter - b := HeaderEncode(nil, Version, uint8(path_check), 0, ci.remoteIndex, c) - ci.messageCounter++ - - if ci.eKey != nil { - msg := ci.eKey.EncryptDanger(b, nil, []byte(strconv.Itoa(counter)), c) - //msg := ci.eKey.EncryptDanger(b, nil, []byte(fmt.Sprintf("%d", counter)), c) - f.outside.WriteTo(msg, endpoint) - l.Debugf("path_check sent, remote index: %d, pathCounter %d", ci.remoteIndex, counter) + for _, v := range ips.learnedV4 { + addrs[i] = NewUDPAddrFromLH4(v) + i++ } -} -func (f *Interface) sendPathCheckReply(ci *ConnectionState, endpoint *net.UDPAddr, counter []byte) { - c := ci.messageCounter - b := HeaderEncode(nil, Version, uint8(path_check_reply), 0, ci.remoteIndex, c) - ci.messageCounter++ - - if ci.eKey != nil { - msg := ci.eKey.EncryptDanger(b, nil, counter, c) - f.outside.WriteTo(msg, endpoint) - l.Debugln("path_check sent, remote index: ", ci.remoteIndex) + for _, v := range ips.v4 { + addrs[i] = NewUDPAddrFromLH4(v) + i++ } + + for _, v := range ips.learnedV6 { + addrs[i] = NewUDPAddrFromLH6(v) + i++ + } + + for _, v := range ips.v6 { + addrs[i] = NewUDPAddrFromLH6(v) + i++ + } + + return addrs } -*/ diff --git a/lighthouse_test.go b/lighthouse_test.go index 0e96c2a..94d3b39 100644 --- a/lighthouse_test.go +++ b/lighthouse_test.go @@ -1,6 +1,7 @@ package nebula import ( + "fmt" "net" "testing" @@ -13,7 +14,7 @@ import ( func TestOldIPv4Only(t *testing.T) { // This test ensures our new ipv6 enabled LH protobuf IpAndPorts works with the old style to enable backwards compatibility b := []byte{8, 129, 130, 132, 80, 16, 10} - var m IpAndPort + var m Ip4AndPort err := proto.Unmarshal(b, &m) assert.NoError(t, err) assert.Equal(t, "10.1.1.1", int2ip(m.GetIp()).String()) @@ -40,30 +41,6 @@ func TestNewLhQuery(t *testing.T) { } -func TestNewipandportfromudpaddr(t *testing.T) { - blah := NewUDPAddrFromString("1.2.2.3:12345") - meh := NewIpAndPortFromUDPAddr(blah) - assert.Equal(t, uint32(16908803), meh.v4.Ip) - assert.Equal(t, uint32(12345), meh.v4.Port) -} - -func TestSetipandportsfromudpaddrs(t *testing.T) { - blah := NewUDPAddrFromString("1.2.2.3:12345") - blah2 := NewUDPAddrFromString("9.9.9.9:47828") - group := []*udpAddr{blah, blah2} - var lh *LightHouse - lhh := lh.NewRequestHandler() - result := lhh.setIpAndPortsFromNetIps(group) - assert.IsType(t, []*ip4Or6{}, result) - assert.Len(t, result, 2) - assert.Equal(t, uint32(0x01020203), result[0].v4.Ip) - assert.Equal(t, uint32(12345), result[0].v4.Port) - assert.Equal(t, uint32(0x09090909), result[1].v4.Ip) - assert.Equal(t, uint32(47828), result[1].v4.Port) - //t.Error(reflect.TypeOf(hah)) - -} - func Test_lhStaticMapping(t *testing.T) { l := NewTestLogger() lh1 := "10.128.0.2" @@ -96,11 +73,17 @@ func BenchmarkLighthouseHandleRequest(b *testing.B) { hAddr := NewUDPAddrFromString("4.5.6.7:12345") hAddr2 := NewUDPAddrFromString("4.5.6.7:12346") - lh.addrMap[3] = []*udpAddr{hAddr, hAddr2} + lh.addrMap[3] = &ip4And6{v4: []*Ip4AndPort{ + NewIp4AndPort(hAddr.IP, uint32(hAddr.Port)), + NewIp4AndPort(hAddr2.IP, uint32(hAddr2.Port))}, + } rAddr := NewUDPAddrFromString("1.2.2.3:12345") rAddr2 := NewUDPAddrFromString("1.2.2.3:12346") - lh.addrMap[2] = []*udpAddr{rAddr, rAddr2} + lh.addrMap[2] = &ip4And6{v4: []*Ip4AndPort{ + NewIp4AndPort(rAddr.IP, uint32(rAddr.Port)), + NewIp4AndPort(rAddr2.IP, uint32(rAddr2.Port))}, + } mw := &mockEncWriter{} @@ -109,14 +92,14 @@ func BenchmarkLighthouseHandleRequest(b *testing.B) { req := &NebulaMeta{ Type: NebulaMeta_HostQuery, Details: &NebulaMetaDetails{ - VpnIp: 4, - IpAndPorts: nil, + VpnIp: 4, + Ip4AndPorts: nil, }, } p, err := proto.Marshal(req) assert.NoError(b, err) for n := 0; n < b.N; n++ { - lhh.HandleRequest(rAddr, 2, p, nil, mw) + lhh.HandleRequest(rAddr, 2, p, mw) } }) b.Run("found", func(b *testing.B) { @@ -124,19 +107,139 @@ func BenchmarkLighthouseHandleRequest(b *testing.B) { req := &NebulaMeta{ Type: NebulaMeta_HostQuery, Details: &NebulaMetaDetails{ - VpnIp: 3, - IpAndPorts: nil, + VpnIp: 3, + Ip4AndPorts: nil, }, } p, err := proto.Marshal(req) assert.NoError(b, err) for n := 0; n < b.N; n++ { - lhh.HandleRequest(rAddr, 2, p, nil, mw) + lhh.HandleRequest(rAddr, 2, p, mw) } }) } +func TestLighthouse_Memory(t *testing.T) { + l := NewTestLogger() + + myUdpAddr0 := &udpAddr{IP: net.ParseIP("10.0.0.2"), Port: 4242} + myUdpAddr1 := &udpAddr{IP: net.ParseIP("192.168.0.2"), Port: 4242} + myUdpAddr2 := &udpAddr{IP: net.ParseIP("172.16.0.2"), Port: 4242} + myUdpAddr3 := &udpAddr{IP: net.ParseIP("100.152.0.2"), Port: 4242} + myUdpAddr4 := &udpAddr{IP: net.ParseIP("24.15.0.2"), Port: 4242} + myUdpAddr5 := &udpAddr{IP: net.ParseIP("192.168.0.2"), Port: 4243} + myUdpAddr6 := &udpAddr{IP: net.ParseIP("192.168.0.2"), Port: 4244} + myUdpAddr7 := &udpAddr{IP: net.ParseIP("192.168.0.2"), Port: 4245} + myUdpAddr8 := &udpAddr{IP: net.ParseIP("192.168.0.2"), Port: 4246} + myUdpAddr9 := &udpAddr{IP: net.ParseIP("192.168.0.2"), Port: 4247} + myUdpAddr10 := &udpAddr{IP: net.ParseIP("192.168.0.2"), Port: 4248} + myUdpAddr11 := &udpAddr{IP: net.ParseIP("192.168.0.2"), Port: 4249} + myVpnIp := ip2int(net.ParseIP("10.128.0.2")) + + theirUdpAddr0 := &udpAddr{IP: net.ParseIP("10.0.0.3"), Port: 4242} + theirUdpAddr1 := &udpAddr{IP: net.ParseIP("192.168.0.3"), Port: 4242} + theirUdpAddr2 := &udpAddr{IP: net.ParseIP("172.16.0.3"), Port: 4242} + theirUdpAddr3 := &udpAddr{IP: net.ParseIP("100.152.0.3"), Port: 4242} + theirUdpAddr4 := &udpAddr{IP: net.ParseIP("24.15.0.3"), Port: 4242} + theirVpnIp := ip2int(net.ParseIP("10.128.0.3")) + + lhIP := net.ParseIP("10.128.0.1") + udpServer, _ := NewListener(l, "0.0.0.0", 0, true) + lh := NewLightHouse(l, true, 1, []uint32{ip2int(lhIP)}, 10, 10003, udpServer, false, 1, false) + lhh := lh.NewRequestHandler() + + // Test that my first update responds with just that + newLHHostUpdate(myUdpAddr0, myVpnIp, []*udpAddr{myUdpAddr1, myUdpAddr2}, lhh) + r := newLHHostRequest(myUdpAddr0, myVpnIp, myVpnIp, lhh) + assertIp4InArray(t, r.msg.Details.Ip4AndPorts, myUdpAddr1, myUdpAddr2) + + // Ensure we don't accumulate addresses + newLHHostUpdate(myUdpAddr0, myVpnIp, []*udpAddr{myUdpAddr3}, lhh) + r = newLHHostRequest(myUdpAddr0, myVpnIp, myVpnIp, lhh) + assertIp4InArray(t, r.msg.Details.Ip4AndPorts, myUdpAddr3) + + // Grow it back to 2 + newLHHostUpdate(myUdpAddr0, myVpnIp, []*udpAddr{myUdpAddr1, myUdpAddr4}, lhh) + r = newLHHostRequest(myUdpAddr0, myVpnIp, myVpnIp, lhh) + assertIp4InArray(t, r.msg.Details.Ip4AndPorts, myUdpAddr1, myUdpAddr4) + + // Update a different host + newLHHostUpdate(theirUdpAddr0, theirVpnIp, []*udpAddr{theirUdpAddr1, theirUdpAddr2, theirUdpAddr3, theirUdpAddr4}, lhh) + r = newLHHostRequest(theirUdpAddr0, theirVpnIp, myVpnIp, lhh) + assertIp4InArray(t, r.msg.Details.Ip4AndPorts, theirUdpAddr1, theirUdpAddr2, theirUdpAddr3, theirUdpAddr4) + + // Make sure we didn't get changed + r = newLHHostRequest(myUdpAddr0, myVpnIp, myVpnIp, lhh) + assertIp4InArray(t, r.msg.Details.Ip4AndPorts, myUdpAddr1, myUdpAddr4) + + // Finally ensure proper ordering and limiting + // Send 12 addrs, get 10 back, one removed on a dupe check the other by limiting + newLHHostUpdate( + myUdpAddr0, + myVpnIp, + []*udpAddr{ + myUdpAddr1, + myUdpAddr2, + myUdpAddr3, + myUdpAddr4, + myUdpAddr5, + myUdpAddr5, //Duplicated on purpose + myUdpAddr6, + myUdpAddr7, + myUdpAddr8, + myUdpAddr9, + myUdpAddr10, + myUdpAddr11, // This should get cut + }, lhh) + r = newLHHostRequest(myUdpAddr0, myVpnIp, myVpnIp, lhh) + assertIp4InArray( + t, + r.msg.Details.Ip4AndPorts, + myUdpAddr1, myUdpAddr2, myUdpAddr3, myUdpAddr4, myUdpAddr5, myUdpAddr6, myUdpAddr7, myUdpAddr8, myUdpAddr9, myUdpAddr10, + ) +} + +func newLHHostRequest(fromAddr *udpAddr, myVpnIp, queryVpnIp uint32, lhh *LightHouseHandler) testLhReply { + req := &NebulaMeta{ + Type: NebulaMeta_HostQuery, + Details: &NebulaMetaDetails{ + VpnIp: queryVpnIp, + }, + } + + b, err := req.Marshal() + if err != nil { + panic(err) + } + + w := &testEncWriter{} + lhh.HandleRequest(fromAddr, myVpnIp, b, w) + return w.lastReply +} + +func newLHHostUpdate(fromAddr *udpAddr, vpnIp uint32, addrs []*udpAddr, lhh *LightHouseHandler) { + req := &NebulaMeta{ + Type: NebulaMeta_HostUpdateNotification, + Details: &NebulaMetaDetails{ + VpnIp: vpnIp, + Ip4AndPorts: make([]*Ip4AndPort, len(addrs)), + }, + } + + for k, v := range addrs { + req.Details.Ip4AndPorts[k] = &Ip4AndPort{Ip: ip2int(v.IP), Port: uint32(v.Port)} + } + + b, err := req.Marshal() + if err != nil { + panic(err) + } + + w := &testEncWriter{} + lhh.HandleRequest(fromAddr, vpnIp, b, w) +} + func Test_lhRemoteAllowList(t *testing.T) { l := NewTestLogger() c := NewConfig(l) @@ -154,48 +257,94 @@ func Test_lhRemoteAllowList(t *testing.T) { lh := NewLightHouse(l, true, 1, []uint32{ip2int(lh1IP)}, 10, 10003, udpServer, false, 1, false) lh.SetRemoteAllowList(allowList) - remote1 := "10.20.0.3" - remote1IP := net.ParseIP(remote1) + // A disallowed ip should not enter the cache but we should end up with an empty entry in the addrMap + remote1IP := net.ParseIP("10.20.0.3") lh.AddRemote(ip2int(remote1IP), NewUDPAddr(remote1IP, uint16(4242)), true) - assert.Nil(t, lh.addrMap[ip2int(remote1IP)]) + assert.NotNil(t, lh.addrMap[ip2int(remote1IP)]) + assert.Empty(t, lh.addrMap[ip2int(remote1IP)].v4) + assert.Empty(t, lh.addrMap[ip2int(remote1IP)].v6) - remote2 := "10.128.0.3" - remote2IP := net.ParseIP(remote2) + // Make sure a good ip enters the cache and addrMap + remote2IP := net.ParseIP("10.128.0.3") remote2UDPAddr := NewUDPAddr(remote2IP, uint16(4242)) - lh.AddRemote(ip2int(remote2IP), remote2UDPAddr, true) - // Make sure the pointers are different but the contents are equal since we are using slices - assert.False(t, remote2UDPAddr == lh.addrMap[ip2int(remote2IP)][0]) - assert.Equal(t, remote2UDPAddr, lh.addrMap[ip2int(remote2IP)][0]) -} + assertIp4InArray(t, lh.addrMap[ip2int(remote2IP)].learnedV4, remote2UDPAddr) -//func NewLightHouse(amLighthouse bool, myIp uint32, ips []string, interval int, nebulaPort int, pc *udpConn, punchBack bool) *LightHouse { + // Another good ip gets into the cache, ordering is inverted + remote3IP := net.ParseIP("10.128.0.4") + remote3UDPAddr := NewUDPAddr(remote3IP, uint16(4243)) + lh.AddRemote(ip2int(remote2IP), remote3UDPAddr, true) + assertIp4InArray(t, lh.addrMap[ip2int(remote2IP)].learnedV4, remote3UDPAddr, remote2UDPAddr) -/* -func TestLHQuery(t *testing.T) { - //n := NewLhQueryByIpString("10.128.0.3") - _, myNet, _ := net.ParseCIDR("10.128.0.0/16") - m := NewHostMap(myNet) - y, _ := net.ResolveUDPAddr("udp", "10.128.0.3:11111") - m.Add(ip2int(net.ParseIP("127.0.0.1")), y) - //t.Errorf("%s", m) - _ = m - - _, n, _ := net.ParseCIDR("127.0.0.1/8") - - /*udpServer, err := net.ListenUDP("udp", &net.UDPAddr{Port: 10009}) - if err != nil { - t.Errorf("%s", err) + // If we exceed the length limit we should only have the most recent addresses + addedAddrs := []*udpAddr{} + for i := 0; i < 11; i++ { + remoteUDPAddr := NewUDPAddr(net.IP{10, 128, 0, 4}, uint16(4243+i)) + lh.AddRemote(ip2int(remote2IP), remoteUDPAddr, true) + // The first entry here is a duplicate, don't add it to the assert list + if i != 0 { + addedAddrs = append(addedAddrs, remoteUDPAddr) + } } - meh := NewLightHouse(n, m, []string{"10.128.0.2"}, false, 10, 10003, 10004) - //t.Error(m.Hosts) - meh2, err := meh.Query(ip2int(net.ParseIP("10.128.0.3"))) - t.Error(err) - if err != nil { - return - } - t.Errorf("%s", meh2) - t.Errorf("%s", n) + // We should only have the last 10 of what we tried to add + assert.True(t, len(addedAddrs) >= 10, "We should have tried to add at least 10 addresses") + ln := len(addedAddrs) + assertIp4InArray( + t, + lh.addrMap[ip2int(remote2IP)].learnedV4, + addedAddrs[ln-1], + addedAddrs[ln-2], + addedAddrs[ln-3], + addedAddrs[ln-4], + addedAddrs[ln-5], + addedAddrs[ln-6], + addedAddrs[ln-7], + addedAddrs[ln-8], + addedAddrs[ln-9], + addedAddrs[ln-10], + ) +} + +type testLhReply struct { + nebType NebulaMessageType + nebSubType NebulaMessageSubType + vpnIp uint32 + msg *NebulaMeta +} + +type testEncWriter struct { + lastReply testLhReply +} + +func (tw *testEncWriter) SendMessageToVpnIp(t NebulaMessageType, st NebulaMessageSubType, vpnIp uint32, p, _, _ []byte) { + tw.lastReply = testLhReply{ + nebType: t, + nebSubType: st, + vpnIp: vpnIp, + msg: &NebulaMeta{}, + } + + err := proto.Unmarshal(p, tw.lastReply.msg) + if err != nil { + panic(err) + } +} + +// assertIp4InArray asserts every address in want is at the same position in have and that the lengths match +func assertIp4InArray(t *testing.T, have []*Ip4AndPort, want ...*udpAddr) { + assert.Len(t, have, len(want)) + for k, w := range want { + if !(have[k].Ip == ip2int(w.IP) && have[k].Port == uint32(w.Port)) { + assert.Fail(t, fmt.Sprintf("Response did not contain: %v:%v at %v; %v", w.IP, w.Port, k, translateV4toUdpAddr(have))) + } + } +} + +func translateV4toUdpAddr(ips []*Ip4AndPort) []*udpAddr { + addrs := make([]*udpAddr, len(ips)) + for k, v := range ips { + addrs[k] = NewUDPAddrFromLH4(v) + } + return addrs } -*/ diff --git a/nebula.pb.go b/nebula.pb.go index 9ca3b1a..c8e67ba 100644 --- a/nebula.pb.go +++ b/nebula.pb.go @@ -1,24 +1,26 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.26.0 -// protoc v3.14.0 +// Code generated by protoc-gen-gogo. DO NOT EDIT. // source: nebula.proto package nebula import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" ) -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package type NebulaMeta_MessageType int32 @@ -35,59 +37,38 @@ const ( NebulaMeta_PathCheckReply NebulaMeta_MessageType = 9 ) -// Enum value maps for NebulaMeta_MessageType. -var ( - NebulaMeta_MessageType_name = map[int32]string{ - 0: "None", - 1: "HostQuery", - 2: "HostQueryReply", - 3: "HostUpdateNotification", - 4: "HostMovedNotification", - 5: "HostPunchNotification", - 6: "HostWhoami", - 7: "HostWhoamiReply", - 8: "PathCheck", - 9: "PathCheckReply", - } - NebulaMeta_MessageType_value = map[string]int32{ - "None": 0, - "HostQuery": 1, - "HostQueryReply": 2, - "HostUpdateNotification": 3, - "HostMovedNotification": 4, - "HostPunchNotification": 5, - "HostWhoami": 6, - "HostWhoamiReply": 7, - "PathCheck": 8, - "PathCheckReply": 9, - } -) +var NebulaMeta_MessageType_name = map[int32]string{ + 0: "None", + 1: "HostQuery", + 2: "HostQueryReply", + 3: "HostUpdateNotification", + 4: "HostMovedNotification", + 5: "HostPunchNotification", + 6: "HostWhoami", + 7: "HostWhoamiReply", + 8: "PathCheck", + 9: "PathCheckReply", +} -func (x NebulaMeta_MessageType) Enum() *NebulaMeta_MessageType { - p := new(NebulaMeta_MessageType) - *p = x - return p +var NebulaMeta_MessageType_value = map[string]int32{ + "None": 0, + "HostQuery": 1, + "HostQueryReply": 2, + "HostUpdateNotification": 3, + "HostMovedNotification": 4, + "HostPunchNotification": 5, + "HostWhoami": 6, + "HostWhoamiReply": 7, + "PathCheck": 8, + "PathCheckReply": 9, } func (x NebulaMeta_MessageType) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) + return proto.EnumName(NebulaMeta_MessageType_name, int32(x)) } -func (NebulaMeta_MessageType) Descriptor() protoreflect.EnumDescriptor { - return file_nebula_proto_enumTypes[0].Descriptor() -} - -func (NebulaMeta_MessageType) Type() protoreflect.EnumType { - return &file_nebula_proto_enumTypes[0] -} - -func (x NebulaMeta_MessageType) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use NebulaMeta_MessageType.Descriptor instead. func (NebulaMeta_MessageType) EnumDescriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{0, 0} + return fileDescriptor_2d65afa7693df5ef, []int{0, 0} } type NebulaPing_MessageType int32 @@ -97,396 +78,353 @@ const ( NebulaPing_Reply NebulaPing_MessageType = 1 ) -// Enum value maps for NebulaPing_MessageType. -var ( - NebulaPing_MessageType_name = map[int32]string{ - 0: "Ping", - 1: "Reply", - } - NebulaPing_MessageType_value = map[string]int32{ - "Ping": 0, - "Reply": 1, - } -) +var NebulaPing_MessageType_name = map[int32]string{ + 0: "Ping", + 1: "Reply", +} -func (x NebulaPing_MessageType) Enum() *NebulaPing_MessageType { - p := new(NebulaPing_MessageType) - *p = x - return p +var NebulaPing_MessageType_value = map[string]int32{ + "Ping": 0, + "Reply": 1, } func (x NebulaPing_MessageType) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) + return proto.EnumName(NebulaPing_MessageType_name, int32(x)) } -func (NebulaPing_MessageType) Descriptor() protoreflect.EnumDescriptor { - return file_nebula_proto_enumTypes[1].Descriptor() -} - -func (NebulaPing_MessageType) Type() protoreflect.EnumType { - return &file_nebula_proto_enumTypes[1] -} - -func (x NebulaPing_MessageType) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use NebulaPing_MessageType.Descriptor instead. func (NebulaPing_MessageType) EnumDescriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{4, 0} + return fileDescriptor_2d65afa7693df5ef, []int{4, 0} } type NebulaMeta struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - Type NebulaMeta_MessageType `protobuf:"varint,1,opt,name=Type,proto3,enum=nebula.NebulaMeta_MessageType" json:"Type,omitempty"` Details *NebulaMetaDetails `protobuf:"bytes,2,opt,name=Details,proto3" json:"Details,omitempty"` } -func (x *NebulaMeta) Reset() { - *x = NebulaMeta{} - if protoimpl.UnsafeEnabled { - mi := &file_nebula_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *NebulaMeta) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*NebulaMeta) ProtoMessage() {} - -func (x *NebulaMeta) ProtoReflect() protoreflect.Message { - mi := &file_nebula_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use NebulaMeta.ProtoReflect.Descriptor instead. +func (m *NebulaMeta) Reset() { *m = NebulaMeta{} } +func (m *NebulaMeta) String() string { return proto.CompactTextString(m) } +func (*NebulaMeta) ProtoMessage() {} func (*NebulaMeta) Descriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{0} + return fileDescriptor_2d65afa7693df5ef, []int{0} +} +func (m *NebulaMeta) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *NebulaMeta) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_NebulaMeta.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *NebulaMeta) XXX_Merge(src proto.Message) { + xxx_messageInfo_NebulaMeta.Merge(m, src) +} +func (m *NebulaMeta) XXX_Size() int { + return m.Size() +} +func (m *NebulaMeta) XXX_DiscardUnknown() { + xxx_messageInfo_NebulaMeta.DiscardUnknown(m) } -func (x *NebulaMeta) GetType() NebulaMeta_MessageType { - if x != nil { - return x.Type +var xxx_messageInfo_NebulaMeta proto.InternalMessageInfo + +func (m *NebulaMeta) GetType() NebulaMeta_MessageType { + if m != nil { + return m.Type } return NebulaMeta_None } -func (x *NebulaMeta) GetDetails() *NebulaMetaDetails { - if x != nil { - return x.Details +func (m *NebulaMeta) GetDetails() *NebulaMetaDetails { + if m != nil { + return m.Details } return nil } type NebulaMetaDetails struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - VpnIp uint32 `protobuf:"varint,1,opt,name=VpnIp,proto3" json:"VpnIp,omitempty"` - IpAndPorts []*IpAndPort `protobuf:"bytes,2,rep,name=IpAndPorts,proto3" json:"IpAndPorts,omitempty"` + Ip4AndPorts []*Ip4AndPort `protobuf:"bytes,2,rep,name=Ip4AndPorts,proto3" json:"Ip4AndPorts,omitempty"` Ip6AndPorts []*Ip6AndPort `protobuf:"bytes,4,rep,name=Ip6AndPorts,proto3" json:"Ip6AndPorts,omitempty"` Counter uint32 `protobuf:"varint,3,opt,name=counter,proto3" json:"counter,omitempty"` } -func (x *NebulaMetaDetails) Reset() { - *x = NebulaMetaDetails{} - if protoimpl.UnsafeEnabled { - mi := &file_nebula_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *NebulaMetaDetails) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*NebulaMetaDetails) ProtoMessage() {} - -func (x *NebulaMetaDetails) ProtoReflect() protoreflect.Message { - mi := &file_nebula_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use NebulaMetaDetails.ProtoReflect.Descriptor instead. +func (m *NebulaMetaDetails) Reset() { *m = NebulaMetaDetails{} } +func (m *NebulaMetaDetails) String() string { return proto.CompactTextString(m) } +func (*NebulaMetaDetails) ProtoMessage() {} func (*NebulaMetaDetails) Descriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{1} + return fileDescriptor_2d65afa7693df5ef, []int{1} +} +func (m *NebulaMetaDetails) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *NebulaMetaDetails) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_NebulaMetaDetails.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *NebulaMetaDetails) XXX_Merge(src proto.Message) { + xxx_messageInfo_NebulaMetaDetails.Merge(m, src) +} +func (m *NebulaMetaDetails) XXX_Size() int { + return m.Size() +} +func (m *NebulaMetaDetails) XXX_DiscardUnknown() { + xxx_messageInfo_NebulaMetaDetails.DiscardUnknown(m) } -func (x *NebulaMetaDetails) GetVpnIp() uint32 { - if x != nil { - return x.VpnIp +var xxx_messageInfo_NebulaMetaDetails proto.InternalMessageInfo + +func (m *NebulaMetaDetails) GetVpnIp() uint32 { + if m != nil { + return m.VpnIp } return 0 } -func (x *NebulaMetaDetails) GetIpAndPorts() []*IpAndPort { - if x != nil { - return x.IpAndPorts +func (m *NebulaMetaDetails) GetIp4AndPorts() []*Ip4AndPort { + if m != nil { + return m.Ip4AndPorts } return nil } -func (x *NebulaMetaDetails) GetIp6AndPorts() []*Ip6AndPort { - if x != nil { - return x.Ip6AndPorts +func (m *NebulaMetaDetails) GetIp6AndPorts() []*Ip6AndPort { + if m != nil { + return m.Ip6AndPorts } return nil } -func (x *NebulaMetaDetails) GetCounter() uint32 { - if x != nil { - return x.Counter +func (m *NebulaMetaDetails) GetCounter() uint32 { + if m != nil { + return m.Counter } return 0 } -type IpAndPort struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - +type Ip4AndPort struct { Ip uint32 `protobuf:"varint,1,opt,name=Ip,proto3" json:"Ip,omitempty"` Port uint32 `protobuf:"varint,2,opt,name=Port,proto3" json:"Port,omitempty"` } -func (x *IpAndPort) Reset() { - *x = IpAndPort{} - if protoimpl.UnsafeEnabled { - mi := &file_nebula_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } +func (m *Ip4AndPort) Reset() { *m = Ip4AndPort{} } +func (m *Ip4AndPort) String() string { return proto.CompactTextString(m) } +func (*Ip4AndPort) ProtoMessage() {} +func (*Ip4AndPort) Descriptor() ([]byte, []int) { + return fileDescriptor_2d65afa7693df5ef, []int{2} } - -func (x *IpAndPort) String() string { - return protoimpl.X.MessageStringOf(x) +func (m *Ip4AndPort) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) } - -func (*IpAndPort) ProtoMessage() {} - -func (x *IpAndPort) ProtoReflect() protoreflect.Message { - mi := &file_nebula_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) +func (m *Ip4AndPort) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Ip4AndPort.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err } - return ms + return b[:n], nil } - return mi.MessageOf(x) +} +func (m *Ip4AndPort) XXX_Merge(src proto.Message) { + xxx_messageInfo_Ip4AndPort.Merge(m, src) +} +func (m *Ip4AndPort) XXX_Size() int { + return m.Size() +} +func (m *Ip4AndPort) XXX_DiscardUnknown() { + xxx_messageInfo_Ip4AndPort.DiscardUnknown(m) } -// Deprecated: Use IpAndPort.ProtoReflect.Descriptor instead. -func (*IpAndPort) Descriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{2} -} +var xxx_messageInfo_Ip4AndPort proto.InternalMessageInfo -func (x *IpAndPort) GetIp() uint32 { - if x != nil { - return x.Ip +func (m *Ip4AndPort) GetIp() uint32 { + if m != nil { + return m.Ip } return 0 } -func (x *IpAndPort) GetPort() uint32 { - if x != nil { - return x.Port +func (m *Ip4AndPort) GetPort() uint32 { + if m != nil { + return m.Port } return 0 } type Ip6AndPort struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - Ip []byte `protobuf:"bytes,1,opt,name=Ip,proto3" json:"Ip,omitempty"` Port uint32 `protobuf:"varint,2,opt,name=Port,proto3" json:"Port,omitempty"` } -func (x *Ip6AndPort) Reset() { - *x = Ip6AndPort{} - if protoimpl.UnsafeEnabled { - mi := &file_nebula_proto_msgTypes[3] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Ip6AndPort) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Ip6AndPort) ProtoMessage() {} - -func (x *Ip6AndPort) ProtoReflect() protoreflect.Message { - mi := &file_nebula_proto_msgTypes[3] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Ip6AndPort.ProtoReflect.Descriptor instead. +func (m *Ip6AndPort) Reset() { *m = Ip6AndPort{} } +func (m *Ip6AndPort) String() string { return proto.CompactTextString(m) } +func (*Ip6AndPort) ProtoMessage() {} func (*Ip6AndPort) Descriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{3} + return fileDescriptor_2d65afa7693df5ef, []int{3} +} +func (m *Ip6AndPort) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Ip6AndPort) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Ip6AndPort.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Ip6AndPort) XXX_Merge(src proto.Message) { + xxx_messageInfo_Ip6AndPort.Merge(m, src) +} +func (m *Ip6AndPort) XXX_Size() int { + return m.Size() +} +func (m *Ip6AndPort) XXX_DiscardUnknown() { + xxx_messageInfo_Ip6AndPort.DiscardUnknown(m) } -func (x *Ip6AndPort) GetIp() []byte { - if x != nil { - return x.Ip +var xxx_messageInfo_Ip6AndPort proto.InternalMessageInfo + +func (m *Ip6AndPort) GetIp() []byte { + if m != nil { + return m.Ip } return nil } -func (x *Ip6AndPort) GetPort() uint32 { - if x != nil { - return x.Port +func (m *Ip6AndPort) GetPort() uint32 { + if m != nil { + return m.Port } return 0 } type NebulaPing struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - Type NebulaPing_MessageType `protobuf:"varint,1,opt,name=Type,proto3,enum=nebula.NebulaPing_MessageType" json:"Type,omitempty"` Time uint64 `protobuf:"varint,2,opt,name=Time,proto3" json:"Time,omitempty"` } -func (x *NebulaPing) Reset() { - *x = NebulaPing{} - if protoimpl.UnsafeEnabled { - mi := &file_nebula_proto_msgTypes[4] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *NebulaPing) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*NebulaPing) ProtoMessage() {} - -func (x *NebulaPing) ProtoReflect() protoreflect.Message { - mi := &file_nebula_proto_msgTypes[4] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use NebulaPing.ProtoReflect.Descriptor instead. +func (m *NebulaPing) Reset() { *m = NebulaPing{} } +func (m *NebulaPing) String() string { return proto.CompactTextString(m) } +func (*NebulaPing) ProtoMessage() {} func (*NebulaPing) Descriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{4} + return fileDescriptor_2d65afa7693df5ef, []int{4} +} +func (m *NebulaPing) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *NebulaPing) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_NebulaPing.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *NebulaPing) XXX_Merge(src proto.Message) { + xxx_messageInfo_NebulaPing.Merge(m, src) +} +func (m *NebulaPing) XXX_Size() int { + return m.Size() +} +func (m *NebulaPing) XXX_DiscardUnknown() { + xxx_messageInfo_NebulaPing.DiscardUnknown(m) } -func (x *NebulaPing) GetType() NebulaPing_MessageType { - if x != nil { - return x.Type +var xxx_messageInfo_NebulaPing proto.InternalMessageInfo + +func (m *NebulaPing) GetType() NebulaPing_MessageType { + if m != nil { + return m.Type } return NebulaPing_Ping } -func (x *NebulaPing) GetTime() uint64 { - if x != nil { - return x.Time +func (m *NebulaPing) GetTime() uint64 { + if m != nil { + return m.Time } return 0 } type NebulaHandshake struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - Details *NebulaHandshakeDetails `protobuf:"bytes,1,opt,name=Details,proto3" json:"Details,omitempty"` Hmac []byte `protobuf:"bytes,2,opt,name=Hmac,proto3" json:"Hmac,omitempty"` } -func (x *NebulaHandshake) Reset() { - *x = NebulaHandshake{} - if protoimpl.UnsafeEnabled { - mi := &file_nebula_proto_msgTypes[5] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *NebulaHandshake) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*NebulaHandshake) ProtoMessage() {} - -func (x *NebulaHandshake) ProtoReflect() protoreflect.Message { - mi := &file_nebula_proto_msgTypes[5] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use NebulaHandshake.ProtoReflect.Descriptor instead. +func (m *NebulaHandshake) Reset() { *m = NebulaHandshake{} } +func (m *NebulaHandshake) String() string { return proto.CompactTextString(m) } +func (*NebulaHandshake) ProtoMessage() {} func (*NebulaHandshake) Descriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{5} + return fileDescriptor_2d65afa7693df5ef, []int{5} +} +func (m *NebulaHandshake) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *NebulaHandshake) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_NebulaHandshake.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *NebulaHandshake) XXX_Merge(src proto.Message) { + xxx_messageInfo_NebulaHandshake.Merge(m, src) +} +func (m *NebulaHandshake) XXX_Size() int { + return m.Size() +} +func (m *NebulaHandshake) XXX_DiscardUnknown() { + xxx_messageInfo_NebulaHandshake.DiscardUnknown(m) } -func (x *NebulaHandshake) GetDetails() *NebulaHandshakeDetails { - if x != nil { - return x.Details +var xxx_messageInfo_NebulaHandshake proto.InternalMessageInfo + +func (m *NebulaHandshake) GetDetails() *NebulaHandshakeDetails { + if m != nil { + return m.Details } return nil } -func (x *NebulaHandshake) GetHmac() []byte { - if x != nil { - return x.Hmac +func (m *NebulaHandshake) GetHmac() []byte { + if m != nil { + return m.Hmac } return nil } type NebulaHandshakeDetails struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - Cert []byte `protobuf:"bytes,1,opt,name=Cert,proto3" json:"Cert,omitempty"` InitiatorIndex uint32 `protobuf:"varint,2,opt,name=InitiatorIndex,proto3" json:"InitiatorIndex,omitempty"` ResponderIndex uint32 `protobuf:"varint,3,opt,name=ResponderIndex,proto3" json:"ResponderIndex,omitempty"` @@ -494,292 +432,1468 @@ type NebulaHandshakeDetails struct { Time uint64 `protobuf:"varint,5,opt,name=Time,proto3" json:"Time,omitempty"` } -func (x *NebulaHandshakeDetails) Reset() { - *x = NebulaHandshakeDetails{} - if protoimpl.UnsafeEnabled { - mi := &file_nebula_proto_msgTypes[6] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *NebulaHandshakeDetails) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*NebulaHandshakeDetails) ProtoMessage() {} - -func (x *NebulaHandshakeDetails) ProtoReflect() protoreflect.Message { - mi := &file_nebula_proto_msgTypes[6] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use NebulaHandshakeDetails.ProtoReflect.Descriptor instead. +func (m *NebulaHandshakeDetails) Reset() { *m = NebulaHandshakeDetails{} } +func (m *NebulaHandshakeDetails) String() string { return proto.CompactTextString(m) } +func (*NebulaHandshakeDetails) ProtoMessage() {} func (*NebulaHandshakeDetails) Descriptor() ([]byte, []int) { - return file_nebula_proto_rawDescGZIP(), []int{6} + return fileDescriptor_2d65afa7693df5ef, []int{6} +} +func (m *NebulaHandshakeDetails) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *NebulaHandshakeDetails) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_NebulaHandshakeDetails.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *NebulaHandshakeDetails) XXX_Merge(src proto.Message) { + xxx_messageInfo_NebulaHandshakeDetails.Merge(m, src) +} +func (m *NebulaHandshakeDetails) XXX_Size() int { + return m.Size() +} +func (m *NebulaHandshakeDetails) XXX_DiscardUnknown() { + xxx_messageInfo_NebulaHandshakeDetails.DiscardUnknown(m) } -func (x *NebulaHandshakeDetails) GetCert() []byte { - if x != nil { - return x.Cert +var xxx_messageInfo_NebulaHandshakeDetails proto.InternalMessageInfo + +func (m *NebulaHandshakeDetails) GetCert() []byte { + if m != nil { + return m.Cert } return nil } -func (x *NebulaHandshakeDetails) GetInitiatorIndex() uint32 { - if x != nil { - return x.InitiatorIndex +func (m *NebulaHandshakeDetails) GetInitiatorIndex() uint32 { + if m != nil { + return m.InitiatorIndex } return 0 } -func (x *NebulaHandshakeDetails) GetResponderIndex() uint32 { - if x != nil { - return x.ResponderIndex +func (m *NebulaHandshakeDetails) GetResponderIndex() uint32 { + if m != nil { + return m.ResponderIndex } return 0 } -func (x *NebulaHandshakeDetails) GetCookie() uint64 { - if x != nil { - return x.Cookie +func (m *NebulaHandshakeDetails) GetCookie() uint64 { + if m != nil { + return m.Cookie } return 0 } -func (x *NebulaHandshakeDetails) GetTime() uint64 { - if x != nil { - return x.Time +func (m *NebulaHandshakeDetails) GetTime() uint64 { + if m != nil { + return m.Time } return 0 } -var File_nebula_proto protoreflect.FileDescriptor +func init() { + proto.RegisterEnum("nebula.NebulaMeta_MessageType", NebulaMeta_MessageType_name, NebulaMeta_MessageType_value) + proto.RegisterEnum("nebula.NebulaPing_MessageType", NebulaPing_MessageType_name, NebulaPing_MessageType_value) + proto.RegisterType((*NebulaMeta)(nil), "nebula.NebulaMeta") + proto.RegisterType((*NebulaMetaDetails)(nil), "nebula.NebulaMetaDetails") + proto.RegisterType((*Ip4AndPort)(nil), "nebula.Ip4AndPort") + proto.RegisterType((*Ip6AndPort)(nil), "nebula.Ip6AndPort") + proto.RegisterType((*NebulaPing)(nil), "nebula.NebulaPing") + proto.RegisterType((*NebulaHandshake)(nil), "nebula.NebulaHandshake") + proto.RegisterType((*NebulaHandshakeDetails)(nil), "nebula.NebulaHandshakeDetails") +} -var file_nebula_proto_rawDesc = []byte{ - 0x0a, 0x0c, 0x6e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x06, - 0x6e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x22, 0xcc, 0x02, 0x0a, 0x0a, 0x4e, 0x65, 0x62, 0x75, 0x6c, - 0x61, 0x4d, 0x65, 0x74, 0x61, 0x12, 0x32, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x0e, 0x32, 0x1e, 0x2e, 0x6e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x2e, 0x4e, 0x65, 0x62, - 0x75, 0x6c, 0x61, 0x4d, 0x65, 0x74, 0x61, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x54, - 0x79, 0x70, 0x65, 0x52, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x33, 0x0a, 0x07, 0x44, 0x65, 0x74, - 0x61, 0x69, 0x6c, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x6e, 0x65, 0x62, - 0x75, 0x6c, 0x61, 0x2e, 0x4e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x4d, 0x65, 0x74, 0x61, 0x44, 0x65, - 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x07, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0xd4, - 0x01, 0x0a, 0x0b, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x08, - 0x0a, 0x04, 0x4e, 0x6f, 0x6e, 0x65, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x48, 0x6f, 0x73, 0x74, - 0x51, 0x75, 0x65, 0x72, 0x79, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x48, 0x6f, 0x73, 0x74, 0x51, - 0x75, 0x65, 0x72, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x10, 0x02, 0x12, 0x1a, 0x0a, 0x16, 0x48, - 0x6f, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x10, 0x03, 0x12, 0x19, 0x0a, 0x15, 0x48, 0x6f, 0x73, 0x74, 0x4d, - 0x6f, 0x76, 0x65, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x10, 0x04, 0x12, 0x19, 0x0a, 0x15, 0x48, 0x6f, 0x73, 0x74, 0x50, 0x75, 0x6e, 0x63, 0x68, 0x4e, - 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x10, 0x05, 0x12, 0x0e, 0x0a, - 0x0a, 0x48, 0x6f, 0x73, 0x74, 0x57, 0x68, 0x6f, 0x61, 0x6d, 0x69, 0x10, 0x06, 0x12, 0x13, 0x0a, - 0x0f, 0x48, 0x6f, 0x73, 0x74, 0x57, 0x68, 0x6f, 0x61, 0x6d, 0x69, 0x52, 0x65, 0x70, 0x6c, 0x79, - 0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x50, 0x61, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x10, - 0x08, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x61, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, - 0x70, 0x6c, 0x79, 0x10, 0x09, 0x22, 0xac, 0x01, 0x0a, 0x11, 0x4e, 0x65, 0x62, 0x75, 0x6c, 0x61, - 0x4d, 0x65, 0x74, 0x61, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x56, - 0x70, 0x6e, 0x49, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x56, 0x70, 0x6e, 0x49, - 0x70, 0x12, 0x31, 0x0a, 0x0a, 0x49, 0x70, 0x41, 0x6e, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x73, 0x18, - 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x6e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x2e, 0x49, - 0x70, 0x41, 0x6e, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x0a, 0x49, 0x70, 0x41, 0x6e, 0x64, 0x50, - 0x6f, 0x72, 0x74, 0x73, 0x12, 0x34, 0x0a, 0x0b, 0x49, 0x70, 0x36, 0x41, 0x6e, 0x64, 0x50, 0x6f, - 0x72, 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x6e, 0x65, 0x62, 0x75, - 0x6c, 0x61, 0x2e, 0x49, 0x70, 0x36, 0x41, 0x6e, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x0b, 0x49, - 0x70, 0x36, 0x41, 0x6e, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x63, 0x6f, - 0x75, 0x6e, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x07, 0x63, 0x6f, 0x75, - 0x6e, 0x74, 0x65, 0x72, 0x22, 0x2f, 0x0a, 0x09, 0x49, 0x70, 0x41, 0x6e, 0x64, 0x50, 0x6f, 0x72, - 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x49, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x02, 0x49, - 0x70, 0x12, 0x12, 0x0a, 0x04, 0x50, 0x6f, 0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, - 0x04, 0x50, 0x6f, 0x72, 0x74, 0x22, 0x30, 0x0a, 0x0a, 0x49, 0x70, 0x36, 0x41, 0x6e, 0x64, 0x50, - 0x6f, 0x72, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x49, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, - 0x02, 0x49, 0x70, 0x12, 0x12, 0x0a, 0x04, 0x50, 0x6f, 0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x0d, 0x52, 0x04, 0x50, 0x6f, 0x72, 0x74, 0x22, 0x78, 0x0a, 0x0a, 0x4e, 0x65, 0x62, 0x75, 0x6c, - 0x61, 0x50, 0x69, 0x6e, 0x67, 0x12, 0x32, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x0e, 0x32, 0x1e, 0x2e, 0x6e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x2e, 0x4e, 0x65, 0x62, - 0x75, 0x6c, 0x61, 0x50, 0x69, 0x6e, 0x67, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x54, - 0x79, 0x70, 0x65, 0x52, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x54, 0x69, 0x6d, - 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x54, 0x69, 0x6d, 0x65, 0x22, 0x22, 0x0a, - 0x0b, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x08, 0x0a, 0x04, - 0x50, 0x69, 0x6e, 0x67, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x10, - 0x01, 0x22, 0x5f, 0x0a, 0x0f, 0x4e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x48, 0x61, 0x6e, 0x64, 0x73, - 0x68, 0x61, 0x6b, 0x65, 0x12, 0x38, 0x0a, 0x07, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x6e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x2e, 0x4e, - 0x65, 0x62, 0x75, 0x6c, 0x61, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x44, 0x65, - 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x07, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x12, - 0x0a, 0x04, 0x48, 0x6d, 0x61, 0x63, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x48, 0x6d, - 0x61, 0x63, 0x22, 0xa8, 0x01, 0x0a, 0x16, 0x4e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x48, 0x61, 0x6e, - 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x12, 0x0a, - 0x04, 0x43, 0x65, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x43, 0x65, 0x72, - 0x74, 0x12, 0x26, 0x0a, 0x0e, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x74, 0x6f, 0x72, 0x49, 0x6e, - 0x64, 0x65, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0e, 0x49, 0x6e, 0x69, 0x74, 0x69, - 0x61, 0x74, 0x6f, 0x72, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x26, 0x0a, 0x0e, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x18, 0x03, 0x20, 0x01, 0x28, - 0x0d, 0x52, 0x0e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x49, 0x6e, 0x64, 0x65, - 0x78, 0x12, 0x16, 0x0a, 0x06, 0x43, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, - 0x04, 0x52, 0x06, 0x43, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x54, 0x69, 0x6d, - 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x54, 0x69, 0x6d, 0x65, 0x42, 0x1b, 0x5a, - 0x19, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x6c, 0x61, 0x63, - 0x6b, 0x68, 0x71, 0x2f, 0x6e, 0x65, 0x62, 0x75, 0x6c, 0x61, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x33, +func init() { proto.RegisterFile("nebula.proto", fileDescriptor_2d65afa7693df5ef) } + +var fileDescriptor_2d65afa7693df5ef = []byte{ + // 527 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x7c, 0x54, 0xbb, 0x8e, 0xda, 0x40, + 0x14, 0x65, 0xc0, 0xc0, 0x72, 0x79, 0xac, 0x73, 0x93, 0x20, 0x6f, 0x0a, 0x6b, 0xe5, 0x22, 0xa2, + 0x42, 0x11, 0xbb, 0x42, 0x69, 0x13, 0x52, 0x40, 0x01, 0x22, 0xd6, 0x26, 0x29, 0xa3, 0x59, 0x3c, + 0x59, 0x2c, 0x60, 0xc6, 0xb2, 0x87, 0x68, 0xf9, 0x8b, 0x7c, 0x46, 0xba, 0xfc, 0x46, 0x8a, 0x14, + 0x5b, 0xa4, 0x48, 0x19, 0xc1, 0x8f, 0x44, 0x33, 0x36, 0x36, 0x6b, 0x36, 0xdb, 0xdd, 0xc7, 0x39, + 0x97, 0xc3, 0x99, 0x23, 0x43, 0x83, 0xb3, 0xeb, 0xf5, 0x92, 0x76, 0x83, 0x50, 0x48, 0x81, 0x95, + 0xb8, 0x73, 0x7e, 0x15, 0x01, 0x26, 0xba, 0x1c, 0x33, 0x49, 0xb1, 0x07, 0xc6, 0xd5, 0x26, 0x60, + 0x16, 0x39, 0x27, 0x9d, 0x56, 0xcf, 0xee, 0x26, 0x9c, 0x0c, 0xd1, 0x1d, 0xb3, 0x28, 0xa2, 0x37, + 0x4c, 0xa1, 0x5c, 0x8d, 0xc5, 0x0b, 0xa8, 0xbe, 0x63, 0x92, 0xfa, 0xcb, 0xc8, 0x2a, 0x9e, 0x93, + 0x4e, 0xbd, 0x77, 0x76, 0x4c, 0x4b, 0x00, 0xee, 0x1e, 0xe9, 0xfc, 0x26, 0x50, 0x3f, 0x38, 0x85, + 0x27, 0x60, 0x4c, 0x04, 0x67, 0x66, 0x01, 0x9b, 0x50, 0x1b, 0x8a, 0x48, 0xbe, 0x5f, 0xb3, 0x70, + 0x63, 0x12, 0x44, 0x68, 0xa5, 0xad, 0xcb, 0x82, 0xe5, 0xc6, 0x2c, 0xe2, 0x0b, 0x68, 0xab, 0xd9, + 0x87, 0xc0, 0xa3, 0x92, 0x4d, 0x84, 0xf4, 0xbf, 0xf8, 0x33, 0x2a, 0x7d, 0xc1, 0xcd, 0x12, 0x9e, + 0xc1, 0x73, 0xb5, 0x1b, 0x8b, 0xaf, 0xcc, 0xbb, 0xb7, 0x32, 0xf6, 0xab, 0xe9, 0x9a, 0xcf, 0xe6, + 0xf7, 0x56, 0x65, 0x6c, 0x01, 0xa8, 0xd5, 0xa7, 0xb9, 0xa0, 0x2b, 0xdf, 0xac, 0xe0, 0x53, 0x38, + 0xcd, 0xfa, 0xf8, 0x67, 0xab, 0x4a, 0xd9, 0x94, 0xca, 0xf9, 0x60, 0xce, 0x66, 0x0b, 0xf3, 0x44, + 0x29, 0x4b, 0xdb, 0x18, 0x52, 0x73, 0x7e, 0x10, 0x78, 0x72, 0xf4, 0xaf, 0xf1, 0x19, 0x94, 0x3f, + 0x06, 0x7c, 0x14, 0x68, 0x5b, 0x9b, 0x6e, 0xdc, 0xe0, 0x25, 0xd4, 0x47, 0xc1, 0xe5, 0x1b, 0xee, + 0x4d, 0x45, 0x28, 0x95, 0x77, 0xa5, 0x4e, 0xbd, 0x87, 0x7b, 0xef, 0xb2, 0x95, 0x7b, 0x08, 0x8b, + 0x59, 0xfd, 0x94, 0x65, 0xe4, 0x59, 0xfd, 0x03, 0x56, 0x0a, 0x43, 0x0b, 0xaa, 0x33, 0xb1, 0xe6, + 0x92, 0x85, 0x56, 0x49, 0x6b, 0xd8, 0xb7, 0xce, 0x2b, 0x80, 0xec, 0x3c, 0xb6, 0xa0, 0x98, 0xca, + 0x2c, 0x8e, 0x02, 0x44, 0x30, 0xd4, 0x5c, 0x3f, 0x6c, 0xd3, 0xd5, 0x75, 0xcc, 0xe8, 0x1f, 0x33, + 0x1a, 0xff, 0x65, 0xdc, 0xee, 0x33, 0x36, 0xf5, 0xf9, 0xcd, 0xe3, 0x19, 0x53, 0x88, 0x07, 0x32, + 0x86, 0x60, 0x5c, 0xf9, 0x2b, 0xa6, 0xaf, 0x1a, 0xae, 0xae, 0x1d, 0xe7, 0x28, 0x41, 0x8a, 0x6c, + 0x16, 0xb0, 0x06, 0xe5, 0xf8, 0x3d, 0x88, 0xf3, 0x19, 0x4e, 0xe3, 0xbb, 0x43, 0xca, 0xbd, 0x68, + 0x4e, 0x17, 0x0c, 0x5f, 0x67, 0x71, 0x25, 0x3a, 0xae, 0x39, 0x05, 0x29, 0x32, 0x9f, 0x59, 0x25, + 0x62, 0xb8, 0xa2, 0x33, 0x2d, 0xa2, 0xe1, 0xea, 0xda, 0xf9, 0x4e, 0xa0, 0xfd, 0x30, 0x4f, 0xc1, + 0x07, 0x2c, 0x94, 0x89, 0x37, 0xba, 0xc6, 0x97, 0xd0, 0x1a, 0x71, 0x5f, 0xfa, 0x54, 0x8a, 0x70, + 0xc4, 0x3d, 0x76, 0x9b, 0xf8, 0x94, 0x9b, 0x2a, 0x9c, 0xcb, 0xa2, 0x40, 0x70, 0x8f, 0x25, 0xb8, + 0xf8, 0xd9, 0x72, 0x53, 0x6c, 0x43, 0x65, 0x20, 0xc4, 0xc2, 0x67, 0x96, 0xa1, 0x9d, 0x49, 0xba, + 0xd4, 0xaf, 0x72, 0xe6, 0xd7, 0x5b, 0xeb, 0xe7, 0xd6, 0x26, 0x77, 0x5b, 0x9b, 0xfc, 0xdd, 0xda, + 0xe4, 0xdb, 0xce, 0x2e, 0xdc, 0xed, 0xec, 0xc2, 0x9f, 0x9d, 0x5d, 0xb8, 0xae, 0xe8, 0x6f, 0xc2, + 0xc5, 0xbf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x36, 0xec, 0xba, 0x62, 0x23, 0x04, 0x00, 0x00, +} + +func (m *NebulaMeta) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *NebulaMeta) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *NebulaMeta) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.Details != nil { + { + size, err := m.Details.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintNebula(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + if m.Type != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Type)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *NebulaMetaDetails) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *NebulaMetaDetails) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *NebulaMetaDetails) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.Ip6AndPorts) > 0 { + for iNdEx := len(m.Ip6AndPorts) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Ip6AndPorts[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintNebula(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x22 + } + } + if m.Counter != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Counter)) + i-- + dAtA[i] = 0x18 + } + if len(m.Ip4AndPorts) > 0 { + for iNdEx := len(m.Ip4AndPorts) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Ip4AndPorts[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintNebula(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + } + if m.VpnIp != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.VpnIp)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *Ip4AndPort) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Ip4AndPort) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Ip4AndPort) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.Port != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Port)) + i-- + dAtA[i] = 0x10 + } + if m.Ip != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Ip)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *Ip6AndPort) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Ip6AndPort) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Ip6AndPort) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.Port != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Port)) + i-- + dAtA[i] = 0x10 + } + if len(m.Ip) > 0 { + i -= len(m.Ip) + copy(dAtA[i:], m.Ip) + i = encodeVarintNebula(dAtA, i, uint64(len(m.Ip))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *NebulaPing) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *NebulaPing) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *NebulaPing) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.Time != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Time)) + i-- + dAtA[i] = 0x10 + } + if m.Type != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Type)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *NebulaHandshake) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *NebulaHandshake) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *NebulaHandshake) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.Hmac) > 0 { + i -= len(m.Hmac) + copy(dAtA[i:], m.Hmac) + i = encodeVarintNebula(dAtA, i, uint64(len(m.Hmac))) + i-- + dAtA[i] = 0x12 + } + if m.Details != nil { + { + size, err := m.Details.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintNebula(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *NebulaHandshakeDetails) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *NebulaHandshakeDetails) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *NebulaHandshakeDetails) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.Time != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Time)) + i-- + dAtA[i] = 0x28 + } + if m.Cookie != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.Cookie)) + i-- + dAtA[i] = 0x20 + } + if m.ResponderIndex != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.ResponderIndex)) + i-- + dAtA[i] = 0x18 + } + if m.InitiatorIndex != 0 { + i = encodeVarintNebula(dAtA, i, uint64(m.InitiatorIndex)) + i-- + dAtA[i] = 0x10 + } + if len(m.Cert) > 0 { + i -= len(m.Cert) + copy(dAtA[i:], m.Cert) + i = encodeVarintNebula(dAtA, i, uint64(len(m.Cert))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func encodeVarintNebula(dAtA []byte, offset int, v uint64) int { + offset -= sovNebula(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func (m *NebulaMeta) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Type != 0 { + n += 1 + sovNebula(uint64(m.Type)) + } + if m.Details != nil { + l = m.Details.Size() + n += 1 + l + sovNebula(uint64(l)) + } + return n +} + +func (m *NebulaMetaDetails) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.VpnIp != 0 { + n += 1 + sovNebula(uint64(m.VpnIp)) + } + if len(m.Ip4AndPorts) > 0 { + for _, e := range m.Ip4AndPorts { + l = e.Size() + n += 1 + l + sovNebula(uint64(l)) + } + } + if m.Counter != 0 { + n += 1 + sovNebula(uint64(m.Counter)) + } + if len(m.Ip6AndPorts) > 0 { + for _, e := range m.Ip6AndPorts { + l = e.Size() + n += 1 + l + sovNebula(uint64(l)) + } + } + return n +} + +func (m *Ip4AndPort) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Ip != 0 { + n += 1 + sovNebula(uint64(m.Ip)) + } + if m.Port != 0 { + n += 1 + sovNebula(uint64(m.Port)) + } + return n +} + +func (m *Ip6AndPort) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Ip) + if l > 0 { + n += 1 + l + sovNebula(uint64(l)) + } + if m.Port != 0 { + n += 1 + sovNebula(uint64(m.Port)) + } + return n +} + +func (m *NebulaPing) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Type != 0 { + n += 1 + sovNebula(uint64(m.Type)) + } + if m.Time != 0 { + n += 1 + sovNebula(uint64(m.Time)) + } + return n +} + +func (m *NebulaHandshake) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Details != nil { + l = m.Details.Size() + n += 1 + l + sovNebula(uint64(l)) + } + l = len(m.Hmac) + if l > 0 { + n += 1 + l + sovNebula(uint64(l)) + } + return n +} + +func (m *NebulaHandshakeDetails) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Cert) + if l > 0 { + n += 1 + l + sovNebula(uint64(l)) + } + if m.InitiatorIndex != 0 { + n += 1 + sovNebula(uint64(m.InitiatorIndex)) + } + if m.ResponderIndex != 0 { + n += 1 + sovNebula(uint64(m.ResponderIndex)) + } + if m.Cookie != 0 { + n += 1 + sovNebula(uint64(m.Cookie)) + } + if m.Time != 0 { + n += 1 + sovNebula(uint64(m.Time)) + } + return n +} + +func sovNebula(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozNebula(x uint64) (n int) { + return sovNebula(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (m *NebulaMeta) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: NebulaMeta: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: NebulaMeta: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType) + } + m.Type = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Type |= NebulaMeta_MessageType(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Details", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthNebula + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthNebula + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Details == nil { + m.Details = &NebulaMetaDetails{} + } + if err := m.Details.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipNebula(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthNebula + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *NebulaMetaDetails) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: NebulaMetaDetails: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: NebulaMetaDetails: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field VpnIp", wireType) + } + m.VpnIp = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.VpnIp |= uint32(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Ip4AndPorts", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthNebula + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthNebula + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Ip4AndPorts = append(m.Ip4AndPorts, &Ip4AndPort{}) + if err := m.Ip4AndPorts[len(m.Ip4AndPorts)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Counter", wireType) + } + m.Counter = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Counter |= uint32(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Ip6AndPorts", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthNebula + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthNebula + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Ip6AndPorts = append(m.Ip6AndPorts, &Ip6AndPort{}) + if err := m.Ip6AndPorts[len(m.Ip6AndPorts)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipNebula(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthNebula + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Ip4AndPort) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Ip4AndPort: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Ip4AndPort: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Ip", wireType) + } + m.Ip = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Ip |= uint32(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType) + } + m.Port = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Port |= uint32(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipNebula(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthNebula + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Ip6AndPort) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Ip6AndPort: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Ip6AndPort: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Ip", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthNebula + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthNebula + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Ip = append(m.Ip[:0], dAtA[iNdEx:postIndex]...) + if m.Ip == nil { + m.Ip = []byte{} + } + iNdEx = postIndex + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType) + } + m.Port = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Port |= uint32(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipNebula(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthNebula + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *NebulaPing) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: NebulaPing: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: NebulaPing: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType) + } + m.Type = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Type |= NebulaPing_MessageType(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Time", wireType) + } + m.Time = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Time |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipNebula(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthNebula + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *NebulaHandshake) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: NebulaHandshake: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: NebulaHandshake: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Details", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthNebula + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthNebula + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Details == nil { + m.Details = &NebulaHandshakeDetails{} + } + if err := m.Details.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Hmac", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthNebula + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthNebula + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Hmac = append(m.Hmac[:0], dAtA[iNdEx:postIndex]...) + if m.Hmac == nil { + m.Hmac = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipNebula(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthNebula + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *NebulaHandshakeDetails) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: NebulaHandshakeDetails: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: NebulaHandshakeDetails: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Cert", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthNebula + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthNebula + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Cert = append(m.Cert[:0], dAtA[iNdEx:postIndex]...) + if m.Cert == nil { + m.Cert = []byte{} + } + iNdEx = postIndex + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field InitiatorIndex", wireType) + } + m.InitiatorIndex = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.InitiatorIndex |= uint32(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field ResponderIndex", wireType) + } + m.ResponderIndex = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.ResponderIndex |= uint32(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 4: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Cookie", wireType) + } + m.Cookie = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Cookie |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 5: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Time", wireType) + } + m.Time = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowNebula + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Time |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipNebula(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthNebula + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipNebula(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowNebula + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowNebula + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowNebula + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthNebula + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupNebula + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthNebula + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF } var ( - file_nebula_proto_rawDescOnce sync.Once - file_nebula_proto_rawDescData = file_nebula_proto_rawDesc + ErrInvalidLengthNebula = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowNebula = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupNebula = fmt.Errorf("proto: unexpected end of group") ) - -func file_nebula_proto_rawDescGZIP() []byte { - file_nebula_proto_rawDescOnce.Do(func() { - file_nebula_proto_rawDescData = protoimpl.X.CompressGZIP(file_nebula_proto_rawDescData) - }) - return file_nebula_proto_rawDescData -} - -var file_nebula_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_nebula_proto_msgTypes = make([]protoimpl.MessageInfo, 7) -var file_nebula_proto_goTypes = []interface{}{ - (NebulaMeta_MessageType)(0), // 0: nebula.NebulaMeta.MessageType - (NebulaPing_MessageType)(0), // 1: nebula.NebulaPing.MessageType - (*NebulaMeta)(nil), // 2: nebula.NebulaMeta - (*NebulaMetaDetails)(nil), // 3: nebula.NebulaMetaDetails - (*IpAndPort)(nil), // 4: nebula.IpAndPort - (*Ip6AndPort)(nil), // 5: nebula.Ip6AndPort - (*NebulaPing)(nil), // 6: nebula.NebulaPing - (*NebulaHandshake)(nil), // 7: nebula.NebulaHandshake - (*NebulaHandshakeDetails)(nil), // 8: nebula.NebulaHandshakeDetails -} -var file_nebula_proto_depIdxs = []int32{ - 0, // 0: nebula.NebulaMeta.Type:type_name -> nebula.NebulaMeta.MessageType - 3, // 1: nebula.NebulaMeta.Details:type_name -> nebula.NebulaMetaDetails - 4, // 2: nebula.NebulaMetaDetails.IpAndPorts:type_name -> nebula.IpAndPort - 5, // 3: nebula.NebulaMetaDetails.Ip6AndPorts:type_name -> nebula.Ip6AndPort - 1, // 4: nebula.NebulaPing.Type:type_name -> nebula.NebulaPing.MessageType - 8, // 5: nebula.NebulaHandshake.Details:type_name -> nebula.NebulaHandshakeDetails - 6, // [6:6] is the sub-list for method output_type - 6, // [6:6] is the sub-list for method input_type - 6, // [6:6] is the sub-list for extension type_name - 6, // [6:6] is the sub-list for extension extendee - 0, // [0:6] is the sub-list for field type_name -} - -func init() { file_nebula_proto_init() } -func file_nebula_proto_init() { - if File_nebula_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_nebula_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*NebulaMeta); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_nebula_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*NebulaMetaDetails); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_nebula_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*IpAndPort); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_nebula_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Ip6AndPort); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_nebula_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*NebulaPing); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_nebula_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*NebulaHandshake); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_nebula_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*NebulaHandshakeDetails); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_nebula_proto_rawDesc, - NumEnums: 2, - NumMessages: 7, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_nebula_proto_goTypes, - DependencyIndexes: file_nebula_proto_depIdxs, - EnumInfos: file_nebula_proto_enumTypes, - MessageInfos: file_nebula_proto_msgTypes, - }.Build() - File_nebula_proto = out.File - file_nebula_proto_rawDesc = nil - file_nebula_proto_goTypes = nil - file_nebula_proto_depIdxs = nil -} diff --git a/nebula.proto b/nebula.proto index 181d7f5..daacd60 100644 --- a/nebula.proto +++ b/nebula.proto @@ -1,8 +1,6 @@ syntax = "proto3"; package nebula; -option go_package = "github.com/slackhq/nebula"; - message NebulaMeta { enum MessageType { None = 0; @@ -24,12 +22,12 @@ message NebulaMeta { message NebulaMetaDetails { uint32 VpnIp = 1; - repeated IpAndPort IpAndPorts = 2; + repeated Ip4AndPort Ip4AndPorts = 2; repeated Ip6AndPort Ip6AndPorts = 4; uint32 counter = 3; } -message IpAndPort { +message Ip4AndPort { uint32 Ip = 1; uint32 Port = 2; } diff --git a/outside.go b/outside.go index 1832dbc..f8148a5 100644 --- a/outside.go +++ b/outside.go @@ -66,7 +66,7 @@ func (f *Interface) readOutsidePackets(addr *udpAddr, out []byte, packet []byte, return } - lhh.HandleRequest(addr, hostinfo.hostId, d, hostinfo.GetCert(), f) + lhh.HandleRequest(addr, hostinfo.hostId, d, f) // Fallthrough to the bottom to record incoming traffic diff --git a/ssh.go b/ssh.go index 57c74d8..bd49c3d 100644 --- a/ssh.go +++ b/ssh.go @@ -402,14 +402,9 @@ func sshListLighthouseMap(lightHouse *LightHouse, a interface{}, w sshd.StringWr x := 0 var h m for vpnIp, v := range lightHouse.addrMap { - ips := make([]string, len(v)) - for i, ip := range v { - ips[i] = ip.String() - } - h = m{ "vpnIp": int2ip(vpnIp), - "addrs": ips, + "addrs": TransformLHReplyToUdpAddrs(v), } d[x] = h @@ -423,11 +418,7 @@ func sshListLighthouseMap(lightHouse *LightHouse, a interface{}, w sshd.StringWr } } else { for vpnIp, v := range lightHouse.addrMap { - ips := make([]string, len(v)) - for i, ip := range v { - ips[i] = ip.String() - } - err := w.WriteLine(fmt.Sprintf("%s: %s", int2ip(vpnIp), ips)) + err := w.WriteLine(fmt.Sprintf("%s: %s", int2ip(vpnIp), TransformLHReplyToUdpAddrs(v))) if err != nil { return err }