move global lookup to SD

marcodermatt · Sep 12, 2024 · d8504b7 · d8504b7
1 parent 95ffaac
commit d8504b7
Show file tree

Hide file tree

Showing 7 changed files with 441 additions and 422 deletions.
diff --git a/daemon/internal/servers/grpc.go b/daemon/internal/servers/grpc.go
@@ -16,8 +16,11 @@ package servers
 
 import (
  "context"
+ "encoding/json"
  "fmt"
+ "io"
  "net"
+ "net/http"
  "time"
 
  durationpb "github.com/golang/protobuf/ptypes/duration"
@@ -661,20 +664,78 @@ func requestToHostHostMeta(req *sdpb.DRKeyHostHostRequest) (drkey.HostHostMeta,
 func (s *DaemonServer) PolicyDescription(ctx context.Context,
  request *sdpb.PolicyDescriptionRequest) (
  *sdpb.PolicyDescriptionResponse, error) {
- conn, err := s.Dialer.Dial(ctx, &snet.SVCAddr{SVC: addr.SvcCS})
+
+ var description string
+ if request.IsLocal {
+ conn, err := s.Dialer.Dial(ctx, &snet.SVCAddr{SVC: addr.SvcCS})
+ if err != nil {
+ log.FromCtx(ctx).Debug("Dialing CS failed", "err", err)
+ }
+ defer conn.Close()
+ client := experimental.NewFABRIDIntraServiceClient(conn)
+ response, err := client.RemotePolicyDescription(ctx,
+ &experimental.RemotePolicyDescriptionRequest{
+ PolicyIdentifier: request.PolicyIdentifier,
+ IsdAs: request.IsdAs,
+ })
+ if err != nil {
+ return &sdpb.PolicyDescriptionResponse{}, err
+ }
+ description = response.Description
+ } else {
+ globalPolicyURL := "https://raw.githubusercontent.com/marcodermatt/fabrid-global-policies/main/policy-descriptions.json"
+
+ // Fetch the global policy from the URL
+ policy, err := FetchGlobalPolicy(globalPolicyURL)
+ if err != nil {
+ return nil, serrors.WrapStr("fetching global policy", err)
+ }
+
+ // Retrieve the description for the given identifier
+ description, err = GetPolicyDescription(policy, request.PolicyIdentifier)
+ if err != nil {
+ return nil, serrors.WrapStr("getting global policy description", err)
+ }
+
+ }
+ return &sdpb.PolicyDescriptionResponse{Description: description}, nil
+}
+
+// GlobalPolicy holds the mapping of uint32 identifiers to their string descriptions
+type GlobalPolicy map[uint32]string
+
+// FetchGlobalPolicy fetches and parses the global policy from the given URL
+func FetchGlobalPolicy(url string) (GlobalPolicy, error) {
+ resp, err := http.Get(url)
  if err != nil {
- log.FromCtx(ctx).Debug("Dialing CS failed", "err", err)
+ return nil, serrors.WrapStr("failed to fetch global policy", err)
  }
- defer conn.Close()
- client := experimental.NewFABRIDIntraServiceClient(conn)
- response, err := client.RemotePolicyDescription(ctx,
- &experimental.RemotePolicyDescriptionRequest{
- PolicyIdentifier: request.PolicyIdentifier,
- IsdAs: request.IsdAs,
- })
+ defer resp.Body.Close()
+
+ if resp.StatusCode != http.StatusOK {
+ return nil, serrors.New("failed to fetch global policy", "StatusCode", resp.StatusCode)
+ }
+
+ // Read the response body
+ body, err := io.ReadAll(resp.Body)
  if err != nil {
- return &sdpb.PolicyDescriptionResponse{}, err
+ return nil, serrors.WrapStr("failed to read response body", err)
+ }
+
+ // Unmarshal the JSON data into a map
+ var policy GlobalPolicy
+ if err = json.Unmarshal(body, &policy); err != nil {
+ return nil, serrors.WrapStr("failed to unmarshal policy JSON", err)
  }
 
- return &sdpb.PolicyDescriptionResponse{Description: response.Description}, nil
+ return policy, nil
+}
+
+// GetPolicyDescription retrieves the description for the given identifier
+func GetPolicyDescription(policy GlobalPolicy, identifier uint32) (string, error) {
+ description, exists := policy[identifier]
+ if !exists {
+ return "", serrors.New("no policy found", "identifier", identifier)
+ }
+ return description, nil
 }
diff --git a/pkg/daemon/daemon.go b/pkg/daemon/daemon.go
@@ -90,7 +90,9 @@ type Connector interface {
  DRKeyGetHostHostKey(ctx context.Context, meta drkey.HostHostMeta) (drkey.HostHostKey, error)
  // FabridKeys requests FABRID DRKeys for all provided ASes and the path validation key
  FabridKeys(ctx context.Context, meta drkey.FabridKeysMeta) (drkey.FabridKeysResponse, error)
- RemotePolicyDescription(ctx context.Context, identifier uint32, ia addr.IA) (string, error)
+ // PolicyDescription reqests the string description for a FABRID policy
+ PolicyDescription(ctx context.Context, isLocal bool, identifier uint32,
+ ia *addr.IA) (string, error)
  // Close shuts down the connection to the daemon.
  Close() error
 }
diff --git a/pkg/daemon/grpc.go b/pkg/daemon/grpc.go
@@ -277,18 +277,22 @@ func (c grpcConn) FabridKeys(ctx context.Context, meta drkey.FabridKeysMeta,
  }, nil
 }
 
-func (c grpcConn) RemotePolicyDescription(ctx context.Context,
- identifier uint32, ia addr.IA) (string, error) {
+func (c grpcConn) PolicyDescription(ctx context.Context,
+ isLocal bool, identifier uint32, ia *addr.IA) (string, error) {
 
  client := sdpb.NewDaemonServiceClient(c.conn)
- response, err := client.PolicyDescription(ctx, &sdpb.PolicyDescriptionRequest{
+ request := &sdpb.PolicyDescriptionRequest{
+ IsLocal: isLocal,
  PolicyIdentifier: identifier,
- IsdAs: uint64(ia),
- })
+ }
+ if isLocal {
+ request.IsdAs = uint64(*ia)
+ }
+ response, err := client.PolicyDescription(ctx, request)
  if err != nil {
- return "", nil
+ return "", err
  }
- return response.Description, err
+ return response.Description, nil
 }
 
 func (c grpcConn) Close() error {