monorepo

Co-authored-by: Malte Poll <mp@edgeless.systems> Co-authored-by: katexochen <katexochen@users.noreply.github.com> Co-authored-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Thomas Tendyck <tt@edgeless.systems> Co-authored-by: Benedict Schlueter <bs@edgeless.systems> Co-authored-by: leongross <leon.gross@rub.de> Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2025-07-27 09:15:22 -04:00 · 2022-03-22 16:03:15 +01:00 · 2022-03-22 16:03:15 +01:00 · 2d8fcd9bf4
commit 2d8fcd9bf4
362 changed files with 50980 additions and 0 deletions
--- a/coordinator/pubapi/pubapi.go
+++ b/coordinator/pubapi/pubapi.go
@ -0,0 +1,114 @@
+// Package pubapi implements the API that a peer exposes publicly.
+package pubapi
+
+import (
+	"context"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/edgelesssys/constellation/coordinator/atls"
+	"github.com/edgelesssys/constellation/coordinator/pubapi/pubproto"
+	"go.uber.org/zap"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/credentials/insecure"
+)
+
+const (
+	deadlineDuration = time.Minute
+	endpointAVPNPort = "9000"
+	vpnAPIPort       = "9027"
+	updateInterval   = 10 * time.Second
+)
+
+// API is the API.
+type API struct {
+	mut             sync.Mutex
+	logger          *zap.Logger
+	core            Core
+	dialer          Dialer
+	vpnAPIServer    VPNAPIServer
+	validator       atls.Validator
+	getPublicIPAddr GetIPAddrFunc
+	stopUpdate      chan struct{}
+	wgClose         sync.WaitGroup
+	resourceVersion int
+	pubproto.UnimplementedAPIServer
+}
+
+// New creates a new API.
+func New(logger *zap.Logger, core Core, dialer Dialer, vpnAPIServer VPNAPIServer, validator atls.Validator, getPublicIPAddr GetIPAddrFunc) *API {
+	return &API{
+		logger:          logger,
+		core:            core,
+		dialer:          dialer,
+		vpnAPIServer:    vpnAPIServer,
+		validator:       validator,
+		getPublicIPAddr: getPublicIPAddr,
+		stopUpdate:      make(chan struct{}, 1),
+	}
+}
+
+// GetState is the RPC call to get the peer's state.
+func (a *API) GetState(ctx context.Context, in *pubproto.GetStateRequest) (*pubproto.GetStateResponse, error) {
+	return &pubproto.GetStateResponse{State: uint32(a.core.GetState())}, nil
+}
+
+// Close closes the API.
+func (a *API) Close() {
+	a.stopUpdate <- struct{}{}
+	if a.vpnAPIServer != nil {
+		a.vpnAPIServer.Close()
+	}
+	a.wgClose.Wait()
+}
+
+func (a *API) dial(ctx context.Context, target string) (*grpc.ClientConn, error) {
+	tlsConfig, err := atls.CreateAttestationClientTLSConfig([]atls.Validator{a.validator})
+	if err != nil {
+		return nil, err
+	}
+
+	return grpc.DialContext(ctx, target,
+		a.grpcWithDialer(),
+		grpc.WithTransportCredentials(credentials.NewTLS(tlsConfig)),
+	)
+}
+
+func (a *API) dialInsecure(ctx context.Context, target string) (*grpc.ClientConn, error) {
+	return grpc.DialContext(ctx, target,
+		a.grpcWithDialer(),
+		grpc.WithTransportCredentials(insecure.NewCredentials()),
+	)
+}
+
+func (a *API) dialNoVerify(ctx context.Context, target string) (*grpc.ClientConn, error) {
+	tlsConfig, err := atls.CreateUnverifiedClientTLSConfig()
+	if err != nil {
+		return nil, err
+	}
+
+	return grpc.DialContext(ctx, target,
+		a.grpcWithDialer(),
+		grpc.WithTransportCredentials(credentials.NewTLS(tlsConfig)),
+	)
+}
+
+func (a *API) grpcWithDialer() grpc.DialOption {
+	return grpc.WithContextDialer(func(ctx context.Context, addr string) (net.Conn, error) {
+		return a.dialer.DialContext(ctx, "tcp", addr)
+	})
+}
+
+type Dialer interface {
+	DialContext(ctx context.Context, network, address string) (net.Conn, error)
+}
+
+type VPNAPIServer interface {
+	Listen(endpoint string) error
+	Serve() error
+	Close()
+}
+
+type GetIPAddrFunc func() (string, error)