From 836072098b04597b8ead0452bff4c83d666ae938 Mon Sep 17 00:00:00 2001 From: Zoltan Papp Date: Fri, 5 Jul 2024 16:12:30 +0200 Subject: [PATCH] Integrate the relay authentication --- client/cmd/testutil.go | 2 +- client/internal/connect.go | 30 +- client/internal/engine.go | 17 +- client/internal/engine_test.go | 2 +- client/server/server_test.go | 2 +- management/client/client_test.go | 2 +- management/cmd/management.go | 4 +- management/proto/management.pb.go | 3836 +++++++++++------ management/proto/management.proto | 9 +- management/server/dns_test.go | 16 +- management/server/grpcserver.go | 87 +- management/server/management_proto_test.go | 4 +- management/server/management_test.go | 2 +- management/server/peer.go | 2 +- management/server/token_mgr.go | 126 + ...ncredentials_test.go => token_mgr_test.go} | 14 +- management/server/turncredentials.go | 125 - relay/auth/allow_all.go | 9 + relay/auth/hmac/store.go | 24 + relay/auth/hmac/token.go | 104 + relay/auth/hmac/token_test.go | 103 + relay/auth/hmac/validator.go | 27 + relay/auth/validator.go | 5 + relay/client/client.go | 16 +- relay/client/manager.go | 18 +- relay/cmd/main.go | 10 +- relay/messages/message.go | 23 +- relay/messages/message_test.go | 4 +- relay/server/relay.go | 18 +- relay/server/server.go | 8 +- 30 files changed, 3055 insertions(+), 1594 deletions(-) create mode 100644 management/server/token_mgr.go rename management/server/{turncredentials_test.go => token_mgr_test.go} (94%) delete mode 100644 management/server/turncredentials.go create mode 100644 relay/auth/allow_all.go create mode 100644 relay/auth/hmac/store.go create mode 100644 relay/auth/hmac/token.go create mode 100644 relay/auth/hmac/token_test.go create mode 100644 relay/auth/hmac/validator.go create mode 100644 relay/auth/validator.go diff --git a/client/cmd/testutil.go b/client/cmd/testutil.go index 35fd7c537..f032884df 100644 --- a/client/cmd/testutil.go +++ b/client/cmd/testutil.go @@ -86,7 +86,7 @@ func startManagement(t *testing.T, config *mgmt.Config) (*grpc.Server, net.Liste if err != nil { t.Fatal(err) } - turnManager := mgmt.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig) + turnManager := mgmt.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig, "") mgmtServer, err := mgmt.NewServer(config, accountManager, peersUpdateManager, turnManager, nil, nil) if err != nil { t.Fatal(err) diff --git a/client/internal/connect.go b/client/internal/connect.go index 49544a921..4d79ba72b 100644 --- a/client/internal/connect.go +++ b/client/internal/connect.go @@ -26,6 +26,7 @@ import ( "github.com/netbirdio/netbird/iface" mgm "github.com/netbirdio/netbird/management/client" mgmProto "github.com/netbirdio/netbird/management/proto" + "github.com/netbirdio/netbird/relay/auth/hmac" relayClient "github.com/netbirdio/netbird/relay/client" signal "github.com/netbirdio/netbird/signal/client" "github.com/netbirdio/netbird/util" @@ -245,9 +246,10 @@ func (c *ConnectClient) run( c.statusRecorder.MarkSignalConnected() - relayAddress := relayAddress(loginResp) - relayManager := relayClient.NewManager(engineCtx, relayAddress, myPrivateKey.PublicKey().String()) - if relayAddress != "" { + relayURL, token := parseRelayInfo(loginResp) + relayManager := relayClient.NewManager(engineCtx, relayURL, myPrivateKey.PublicKey().String()) + if relayURL != "" { + relayManager.UpdateToken(token) if err = relayManager.Serve(); err != nil { log.Error(err) return wrapErr(err) @@ -307,15 +309,27 @@ func (c *ConnectClient) run( return nil } -func relayAddress(resp *mgmProto.LoginResponse) string { +func parseRelayInfo(resp *mgmProto.LoginResponse) (string, hmac.Token) { + // todo remove this if ra := peer.ForcedRelayAddress(); ra != "" { - return ra + return ra, hmac.Token{} } - if resp.GetWiretrusteeConfig().GetRelayAddress() != "" { - return resp.GetWiretrusteeConfig().GetRelayAddress() + msg := resp.GetWiretrusteeConfig().GetRelay() + if msg == nil { + return "", hmac.Token{} } - return "" + + var url string + if msg.GetUrls() != nil && len(msg.GetUrls()) > 0 { + url = msg.GetUrls()[0] + } + + token := hmac.Token{ + Payload: msg.GetTokenPayload(), + Signature: msg.GetTokenSignature(), + } + return url, token } func (c *ConnectClient) Engine() *Engine { diff --git a/client/internal/engine.go b/client/internal/engine.go index 2438533a1..cb624bf43 100644 --- a/client/internal/engine.go +++ b/client/internal/engine.go @@ -24,6 +24,7 @@ import ( "github.com/netbirdio/netbird/client/firewall/manager" "github.com/netbirdio/netbird/client/internal/acl" "github.com/netbirdio/netbird/client/internal/dns" + "github.com/netbirdio/netbird/client/internal/networkmonitor" "github.com/netbirdio/netbird/client/internal/peer" "github.com/netbirdio/netbird/client/internal/relay" @@ -36,6 +37,7 @@ import ( "github.com/netbirdio/netbird/iface/bind" mgm "github.com/netbirdio/netbird/management/client" mgmProto "github.com/netbirdio/netbird/management/proto" + auth "github.com/netbirdio/netbird/relay/auth/hmac" relayClient "github.com/netbirdio/netbird/relay/client" "github.com/netbirdio/netbird/route" signal "github.com/netbirdio/netbird/signal/client" @@ -467,12 +469,13 @@ func (e *Engine) handleSync(update *mgmProto.SyncResponse) error { defer e.syncMsgMux.Unlock() if update.GetWiretrusteeConfig() != nil { - err := e.updateTURNs(update.GetWiretrusteeConfig().GetTurns()) + wCfg := update.GetWiretrusteeConfig() + err := e.updateTURNs(wCfg.GetTurns()) if err != nil { return err } - err = e.updateSTUNs(update.GetWiretrusteeConfig().GetStuns()) + err = e.updateSTUNs(wCfg.GetStuns()) if err != nil { return err } @@ -482,8 +485,16 @@ func (e *Engine) handleSync(update *mgmProto.SyncResponse) error { stunTurn = append(stunTurn, e.TURNs...) e.StunTurn.Store(stunTurn) - // todo update relay address in the relay manager + relayMsg := wCfg.GetRelay() + if relayMsg != nil { + c := auth.Token{ + Payload: relayMsg.GetTokenPayload(), + Signature: relayMsg.GetTokenSignature(), + } + e.relayManager.UpdateToken(c) + } + // todo update relay address in the relay manager // todo update signal } diff --git a/client/internal/engine_test.go b/client/internal/engine_test.go index 172216e73..af0662541 100644 --- a/client/internal/engine_test.go +++ b/client/internal/engine_test.go @@ -1071,7 +1071,7 @@ func startManagement(dataDir string) (*grpc.Server, string, error) { if err != nil { return nil, "", err } - turnManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig) + turnManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig, "") mgmtServer, err := server.NewServer(config, accountManager, peersUpdateManager, turnManager, nil, nil) if err != nil { return nil, "", err diff --git a/client/server/server_test.go b/client/server/server_test.go index a9f23ce7c..2337e972d 100644 --- a/client/server/server_test.go +++ b/client/server/server_test.go @@ -122,7 +122,7 @@ func startManagement(t *testing.T, signalAddr string, counter *int) (*grpc.Serve if err != nil { return nil, "", err } - turnManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig) + turnManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig, "") mgmtServer, err := server.NewServer(config, accountManager, peersUpdateManager, turnManager, nil, nil) if err != nil { return nil, "", err diff --git a/management/client/client_test.go b/management/client/client_test.go index 32ad8fce4..050b90356 100644 --- a/management/client/client_test.go +++ b/management/client/client_test.go @@ -75,7 +75,7 @@ func startManagement(t *testing.T) (*grpc.Server, net.Listener) { if err != nil { t.Fatal(err) } - turnManager := mgmt.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig) + turnManager := mgmt.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig, "") mgmtServer, err := mgmt.NewServer(config, accountManager, peersUpdateManager, turnManager, nil, nil) if err != nil { t.Fatal(err) diff --git a/management/cmd/management.go b/management/cmd/management.go index 366935802..2c24fae18 100644 --- a/management/cmd/management.go +++ b/management/cmd/management.go @@ -183,7 +183,7 @@ var ( return fmt.Errorf("failed to build default manager: %v", err) } - turnManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig) + turnRelayTokenManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig, config.RelayAddress) trustedPeers := config.ReverseProxy.TrustedPeers defaultTrustedPeers := []netip.Prefix{netip.MustParsePrefix("0.0.0.0/0"), netip.MustParsePrefix("::/0")} @@ -260,7 +260,7 @@ var ( ephemeralManager.LoadInitialPeers() gRPCAPIHandler := grpc.NewServer(gRPCOpts...) - srv, err := server.NewServer(config, accountManager, peersUpdateManager, turnManager, appMetrics, ephemeralManager) + srv, err := server.NewServer(config, accountManager, peersUpdateManager, turnRelayTokenManager, appMetrics, ephemeralManager) if err != nil { return fmt.Errorf("failed creating gRPC API handler: %v", err) } diff --git a/management/proto/management.pb.go b/management/proto/management.pb.go index f5dab4d81..bd097f9b3 100644 --- a/management/proto/management.pb.go +++ b/management/proto/management.pb.go @@ -1,25 +1,25 @@ // Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.26.0 +// protoc v3.21.12 // source: management.proto package proto import ( - fmt "fmt" - proto "github.com/golang/protobuf/proto" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" timestamppb "google.golang.org/protobuf/types/known/timestamppb" - math "math" + reflect "reflect" + sync "sync" ) -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) type HostConfig_Protocol int32 @@ -31,28 +31,49 @@ const ( HostConfig_DTLS HostConfig_Protocol = 4 ) -var HostConfig_Protocol_name = map[int32]string{ - 0: "UDP", - 1: "TCP", - 2: "HTTP", - 3: "HTTPS", - 4: "DTLS", -} +// Enum value maps for HostConfig_Protocol. +var ( + HostConfig_Protocol_name = map[int32]string{ + 0: "UDP", + 1: "TCP", + 2: "HTTP", + 3: "HTTPS", + 4: "DTLS", + } + HostConfig_Protocol_value = map[string]int32{ + "UDP": 0, + "TCP": 1, + "HTTP": 2, + "HTTPS": 3, + "DTLS": 4, + } +) -var HostConfig_Protocol_value = map[string]int32{ - "UDP": 0, - "TCP": 1, - "HTTP": 2, - "HTTPS": 3, - "DTLS": 4, +func (x HostConfig_Protocol) Enum() *HostConfig_Protocol { + p := new(HostConfig_Protocol) + *p = x + return p } func (x HostConfig_Protocol) String() string { - return proto.EnumName(HostConfig_Protocol_name, int32(x)) + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) } +func (HostConfig_Protocol) Descriptor() protoreflect.EnumDescriptor { + return file_management_proto_enumTypes[0].Descriptor() +} + +func (HostConfig_Protocol) Type() protoreflect.EnumType { + return &file_management_proto_enumTypes[0] +} + +func (x HostConfig_Protocol) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use HostConfig_Protocol.Descriptor instead. func (HostConfig_Protocol) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{11, 0} + return file_management_proto_rawDescGZIP(), []int{11, 0} } type DeviceAuthorizationFlowProvider int32 @@ -61,20 +82,41 @@ const ( DeviceAuthorizationFlow_HOSTED DeviceAuthorizationFlowProvider = 0 ) -var DeviceAuthorizationFlowProvider_name = map[int32]string{ - 0: "HOSTED", -} +// Enum value maps for DeviceAuthorizationFlowProvider. +var ( + DeviceAuthorizationFlowProvider_name = map[int32]string{ + 0: "HOSTED", + } + DeviceAuthorizationFlowProvider_value = map[string]int32{ + "HOSTED": 0, + } +) -var DeviceAuthorizationFlowProvider_value = map[string]int32{ - "HOSTED": 0, +func (x DeviceAuthorizationFlowProvider) Enum() *DeviceAuthorizationFlowProvider { + p := new(DeviceAuthorizationFlowProvider) + *p = x + return p } func (x DeviceAuthorizationFlowProvider) String() string { - return proto.EnumName(DeviceAuthorizationFlowProvider_name, int32(x)) + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) } +func (DeviceAuthorizationFlowProvider) Descriptor() protoreflect.EnumDescriptor { + return file_management_proto_enumTypes[1].Descriptor() +} + +func (DeviceAuthorizationFlowProvider) Type() protoreflect.EnumType { + return &file_management_proto_enumTypes[1] +} + +func (x DeviceAuthorizationFlowProvider) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use DeviceAuthorizationFlowProvider.Descriptor instead. func (DeviceAuthorizationFlowProvider) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{18, 0} + return file_management_proto_rawDescGZIP(), []int{19, 0} } type FirewallRuleDirection int32 @@ -84,22 +126,43 @@ const ( FirewallRule_OUT FirewallRuleDirection = 1 ) -var FirewallRuleDirection_name = map[int32]string{ - 0: "IN", - 1: "OUT", -} +// Enum value maps for FirewallRuleDirection. +var ( + FirewallRuleDirection_name = map[int32]string{ + 0: "IN", + 1: "OUT", + } + FirewallRuleDirection_value = map[string]int32{ + "IN": 0, + "OUT": 1, + } +) -var FirewallRuleDirection_value = map[string]int32{ - "IN": 0, - "OUT": 1, +func (x FirewallRuleDirection) Enum() *FirewallRuleDirection { + p := new(FirewallRuleDirection) + *p = x + return p } func (x FirewallRuleDirection) String() string { - return proto.EnumName(FirewallRuleDirection_name, int32(x)) + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) } +func (FirewallRuleDirection) Descriptor() protoreflect.EnumDescriptor { + return file_management_proto_enumTypes[2].Descriptor() +} + +func (FirewallRuleDirection) Type() protoreflect.EnumType { + return &file_management_proto_enumTypes[2] +} + +func (x FirewallRuleDirection) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use FirewallRuleDirection.Descriptor instead. func (FirewallRuleDirection) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{28, 0} + return file_management_proto_rawDescGZIP(), []int{29, 0} } type FirewallRuleAction int32 @@ -109,22 +172,43 @@ const ( FirewallRule_DROP FirewallRuleAction = 1 ) -var FirewallRuleAction_name = map[int32]string{ - 0: "ACCEPT", - 1: "DROP", -} +// Enum value maps for FirewallRuleAction. +var ( + FirewallRuleAction_name = map[int32]string{ + 0: "ACCEPT", + 1: "DROP", + } + FirewallRuleAction_value = map[string]int32{ + "ACCEPT": 0, + "DROP": 1, + } +) -var FirewallRuleAction_value = map[string]int32{ - "ACCEPT": 0, - "DROP": 1, +func (x FirewallRuleAction) Enum() *FirewallRuleAction { + p := new(FirewallRuleAction) + *p = x + return p } func (x FirewallRuleAction) String() string { - return proto.EnumName(FirewallRuleAction_name, int32(x)) + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) } +func (FirewallRuleAction) Descriptor() protoreflect.EnumDescriptor { + return file_management_proto_enumTypes[3].Descriptor() +} + +func (FirewallRuleAction) Type() protoreflect.EnumType { + return &file_management_proto_enumTypes[3] +} + +func (x FirewallRuleAction) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use FirewallRuleAction.Descriptor instead. func (FirewallRuleAction) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{28, 1} + return file_management_proto_rawDescGZIP(), []int{29, 1} } type FirewallRuleProtocol int32 @@ -137,121 +221,161 @@ const ( FirewallRule_ICMP FirewallRuleProtocol = 4 ) -var FirewallRuleProtocol_name = map[int32]string{ - 0: "UNKNOWN", - 1: "ALL", - 2: "TCP", - 3: "UDP", - 4: "ICMP", -} +// Enum value maps for FirewallRuleProtocol. +var ( + FirewallRuleProtocol_name = map[int32]string{ + 0: "UNKNOWN", + 1: "ALL", + 2: "TCP", + 3: "UDP", + 4: "ICMP", + } + FirewallRuleProtocol_value = map[string]int32{ + "UNKNOWN": 0, + "ALL": 1, + "TCP": 2, + "UDP": 3, + "ICMP": 4, + } +) -var FirewallRuleProtocol_value = map[string]int32{ - "UNKNOWN": 0, - "ALL": 1, - "TCP": 2, - "UDP": 3, - "ICMP": 4, +func (x FirewallRuleProtocol) Enum() *FirewallRuleProtocol { + p := new(FirewallRuleProtocol) + *p = x + return p } func (x FirewallRuleProtocol) String() string { - return proto.EnumName(FirewallRuleProtocol_name, int32(x)) + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) } +func (FirewallRuleProtocol) Descriptor() protoreflect.EnumDescriptor { + return file_management_proto_enumTypes[4].Descriptor() +} + +func (FirewallRuleProtocol) Type() protoreflect.EnumType { + return &file_management_proto_enumTypes[4] +} + +func (x FirewallRuleProtocol) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use FirewallRuleProtocol.Descriptor instead. func (FirewallRuleProtocol) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{28, 2} + return file_management_proto_rawDescGZIP(), []int{29, 2} } type EncryptedMessage struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // Wireguard public key WgPubKey string `protobuf:"bytes,1,opt,name=wgPubKey,proto3" json:"wgPubKey,omitempty"` // encrypted message Body Body []byte `protobuf:"bytes,2,opt,name=body,proto3" json:"body,omitempty"` // Version of the Wiretrustee Management Service protocol - Version int32 `protobuf:"varint,3,opt,name=version,proto3" json:"version,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Version int32 `protobuf:"varint,3,opt,name=version,proto3" json:"version,omitempty"` } -func (m *EncryptedMessage) Reset() { *m = EncryptedMessage{} } -func (m *EncryptedMessage) String() string { return proto.CompactTextString(m) } -func (*EncryptedMessage) ProtoMessage() {} +func (x *EncryptedMessage) Reset() { + *x = EncryptedMessage{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *EncryptedMessage) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EncryptedMessage) ProtoMessage() {} + +func (x *EncryptedMessage) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EncryptedMessage.ProtoReflect.Descriptor instead. func (*EncryptedMessage) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{0} + return file_management_proto_rawDescGZIP(), []int{0} } -func (m *EncryptedMessage) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_EncryptedMessage.Unmarshal(m, b) -} -func (m *EncryptedMessage) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_EncryptedMessage.Marshal(b, m, deterministic) -} -func (m *EncryptedMessage) XXX_Merge(src proto.Message) { - xxx_messageInfo_EncryptedMessage.Merge(m, src) -} -func (m *EncryptedMessage) XXX_Size() int { - return xxx_messageInfo_EncryptedMessage.Size(m) -} -func (m *EncryptedMessage) XXX_DiscardUnknown() { - xxx_messageInfo_EncryptedMessage.DiscardUnknown(m) -} - -var xxx_messageInfo_EncryptedMessage proto.InternalMessageInfo - -func (m *EncryptedMessage) GetWgPubKey() string { - if m != nil { - return m.WgPubKey +func (x *EncryptedMessage) GetWgPubKey() string { + if x != nil { + return x.WgPubKey } return "" } -func (m *EncryptedMessage) GetBody() []byte { - if m != nil { - return m.Body +func (x *EncryptedMessage) GetBody() []byte { + if x != nil { + return x.Body } return nil } -func (m *EncryptedMessage) GetVersion() int32 { - if m != nil { - return m.Version +func (x *EncryptedMessage) GetVersion() int32 { + if x != nil { + return x.Version } return 0 } type SyncRequest struct { - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields } -func (m *SyncRequest) Reset() { *m = SyncRequest{} } -func (m *SyncRequest) String() string { return proto.CompactTextString(m) } -func (*SyncRequest) ProtoMessage() {} +func (x *SyncRequest) Reset() { + *x = SyncRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SyncRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SyncRequest) ProtoMessage() {} + +func (x *SyncRequest) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SyncRequest.ProtoReflect.Descriptor instead. func (*SyncRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{1} + return file_management_proto_rawDescGZIP(), []int{1} } -func (m *SyncRequest) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_SyncRequest.Unmarshal(m, b) -} -func (m *SyncRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_SyncRequest.Marshal(b, m, deterministic) -} -func (m *SyncRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_SyncRequest.Merge(m, src) -} -func (m *SyncRequest) XXX_Size() int { - return xxx_messageInfo_SyncRequest.Size(m) -} -func (m *SyncRequest) XXX_DiscardUnknown() { - xxx_messageInfo_SyncRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_SyncRequest proto.InternalMessageInfo - // SyncResponse represents a state that should be applied to the local peer (e.g. Wiretrustee servers config as well as local peer and remote peers configs) type SyncResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // Global config WiretrusteeConfig *WiretrusteeConfig `protobuf:"bytes,1,opt,name=wiretrusteeConfig,proto3" json:"wiretrusteeConfig,omitempty"` // Deprecated. Use NetworkMap.PeerConfig @@ -260,74 +384,82 @@ type SyncResponse struct { RemotePeers []*RemotePeerConfig `protobuf:"bytes,3,rep,name=remotePeers,proto3" json:"remotePeers,omitempty"` // Indicates whether remotePeers array is empty or not to bypass protobuf null and empty array equality. // Deprecated. Use NetworkMap.remotePeersIsEmpty - RemotePeersIsEmpty bool `protobuf:"varint,4,opt,name=remotePeersIsEmpty,proto3" json:"remotePeersIsEmpty,omitempty"` - NetworkMap *NetworkMap `protobuf:"bytes,5,opt,name=NetworkMap,proto3" json:"NetworkMap,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + RemotePeersIsEmpty bool `protobuf:"varint,4,opt,name=remotePeersIsEmpty,proto3" json:"remotePeersIsEmpty,omitempty"` + NetworkMap *NetworkMap `protobuf:"bytes,5,opt,name=NetworkMap,proto3" json:"NetworkMap,omitempty"` } -func (m *SyncResponse) Reset() { *m = SyncResponse{} } -func (m *SyncResponse) String() string { return proto.CompactTextString(m) } -func (*SyncResponse) ProtoMessage() {} +func (x *SyncResponse) Reset() { + *x = SyncResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SyncResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SyncResponse) ProtoMessage() {} + +func (x *SyncResponse) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SyncResponse.ProtoReflect.Descriptor instead. func (*SyncResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{2} + return file_management_proto_rawDescGZIP(), []int{2} } -func (m *SyncResponse) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_SyncResponse.Unmarshal(m, b) -} -func (m *SyncResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_SyncResponse.Marshal(b, m, deterministic) -} -func (m *SyncResponse) XXX_Merge(src proto.Message) { - xxx_messageInfo_SyncResponse.Merge(m, src) -} -func (m *SyncResponse) XXX_Size() int { - return xxx_messageInfo_SyncResponse.Size(m) -} -func (m *SyncResponse) XXX_DiscardUnknown() { - xxx_messageInfo_SyncResponse.DiscardUnknown(m) -} - -var xxx_messageInfo_SyncResponse proto.InternalMessageInfo - -func (m *SyncResponse) GetWiretrusteeConfig() *WiretrusteeConfig { - if m != nil { - return m.WiretrusteeConfig +func (x *SyncResponse) GetWiretrusteeConfig() *WiretrusteeConfig { + if x != nil { + return x.WiretrusteeConfig } return nil } -func (m *SyncResponse) GetPeerConfig() *PeerConfig { - if m != nil { - return m.PeerConfig +func (x *SyncResponse) GetPeerConfig() *PeerConfig { + if x != nil { + return x.PeerConfig } return nil } -func (m *SyncResponse) GetRemotePeers() []*RemotePeerConfig { - if m != nil { - return m.RemotePeers +func (x *SyncResponse) GetRemotePeers() []*RemotePeerConfig { + if x != nil { + return x.RemotePeers } return nil } -func (m *SyncResponse) GetRemotePeersIsEmpty() bool { - if m != nil { - return m.RemotePeersIsEmpty +func (x *SyncResponse) GetRemotePeersIsEmpty() bool { + if x != nil { + return x.RemotePeersIsEmpty } return false } -func (m *SyncResponse) GetNetworkMap() *NetworkMap { - if m != nil { - return m.NetworkMap +func (x *SyncResponse) GetNetworkMap() *NetworkMap { + if x != nil { + return x.NetworkMap } return nil } type LoginRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // Pre-authorized setup key (can be empty) SetupKey string `protobuf:"bytes,1,opt,name=setupKey,proto3" json:"setupKey,omitempty"` // Meta data of the peer (e.g. name, os_name, os_version, @@ -335,61 +467,65 @@ type LoginRequest struct { // SSO token (can be empty) JwtToken string `protobuf:"bytes,3,opt,name=jwtToken,proto3" json:"jwtToken,omitempty"` // Can be absent for now. - PeerKeys *PeerKeys `protobuf:"bytes,4,opt,name=peerKeys,proto3" json:"peerKeys,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + PeerKeys *PeerKeys `protobuf:"bytes,4,opt,name=peerKeys,proto3" json:"peerKeys,omitempty"` } -func (m *LoginRequest) Reset() { *m = LoginRequest{} } -func (m *LoginRequest) String() string { return proto.CompactTextString(m) } -func (*LoginRequest) ProtoMessage() {} +func (x *LoginRequest) Reset() { + *x = LoginRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *LoginRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LoginRequest) ProtoMessage() {} + +func (x *LoginRequest) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LoginRequest.ProtoReflect.Descriptor instead. func (*LoginRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{3} + return file_management_proto_rawDescGZIP(), []int{3} } -func (m *LoginRequest) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_LoginRequest.Unmarshal(m, b) -} -func (m *LoginRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_LoginRequest.Marshal(b, m, deterministic) -} -func (m *LoginRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_LoginRequest.Merge(m, src) -} -func (m *LoginRequest) XXX_Size() int { - return xxx_messageInfo_LoginRequest.Size(m) -} -func (m *LoginRequest) XXX_DiscardUnknown() { - xxx_messageInfo_LoginRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_LoginRequest proto.InternalMessageInfo - -func (m *LoginRequest) GetSetupKey() string { - if m != nil { - return m.SetupKey +func (x *LoginRequest) GetSetupKey() string { + if x != nil { + return x.SetupKey } return "" } -func (m *LoginRequest) GetMeta() *PeerSystemMeta { - if m != nil { - return m.Meta +func (x *LoginRequest) GetMeta() *PeerSystemMeta { + if x != nil { + return x.Meta } return nil } -func (m *LoginRequest) GetJwtToken() string { - if m != nil { - return m.JwtToken +func (x *LoginRequest) GetJwtToken() string { + if x != nil { + return x.JwtToken } return "" } -func (m *LoginRequest) GetPeerKeys() *PeerKeys { - if m != nil { - return m.PeerKeys +func (x *LoginRequest) GetPeerKeys() *PeerKeys { + if x != nil { + return x.PeerKeys } return nil } @@ -397,563 +533,697 @@ func (m *LoginRequest) GetPeerKeys() *PeerKeys { // PeerKeys is additional peer info like SSH pub key and WireGuard public key. // This message is sent on Login or register requests, or when a key rotation has to happen. type PeerKeys struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // sshPubKey represents a public SSH key of the peer. Can be absent. SshPubKey []byte `protobuf:"bytes,1,opt,name=sshPubKey,proto3" json:"sshPubKey,omitempty"` // wgPubKey represents a public WireGuard key of the peer. Can be absent. - WgPubKey []byte `protobuf:"bytes,2,opt,name=wgPubKey,proto3" json:"wgPubKey,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + WgPubKey []byte `protobuf:"bytes,2,opt,name=wgPubKey,proto3" json:"wgPubKey,omitempty"` } -func (m *PeerKeys) Reset() { *m = PeerKeys{} } -func (m *PeerKeys) String() string { return proto.CompactTextString(m) } -func (*PeerKeys) ProtoMessage() {} +func (x *PeerKeys) Reset() { + *x = PeerKeys{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PeerKeys) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PeerKeys) ProtoMessage() {} + +func (x *PeerKeys) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PeerKeys.ProtoReflect.Descriptor instead. func (*PeerKeys) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{4} + return file_management_proto_rawDescGZIP(), []int{4} } -func (m *PeerKeys) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_PeerKeys.Unmarshal(m, b) -} -func (m *PeerKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_PeerKeys.Marshal(b, m, deterministic) -} -func (m *PeerKeys) XXX_Merge(src proto.Message) { - xxx_messageInfo_PeerKeys.Merge(m, src) -} -func (m *PeerKeys) XXX_Size() int { - return xxx_messageInfo_PeerKeys.Size(m) -} -func (m *PeerKeys) XXX_DiscardUnknown() { - xxx_messageInfo_PeerKeys.DiscardUnknown(m) -} - -var xxx_messageInfo_PeerKeys proto.InternalMessageInfo - -func (m *PeerKeys) GetSshPubKey() []byte { - if m != nil { - return m.SshPubKey +func (x *PeerKeys) GetSshPubKey() []byte { + if x != nil { + return x.SshPubKey } return nil } -func (m *PeerKeys) GetWgPubKey() []byte { - if m != nil { - return m.WgPubKey +func (x *PeerKeys) GetWgPubKey() []byte { + if x != nil { + return x.WgPubKey } return nil } // Environment is part of the PeerSystemMeta and describes the environment the agent is running in. type Environment struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // cloud is the cloud provider the agent is running in if applicable. Cloud string `protobuf:"bytes,1,opt,name=cloud,proto3" json:"cloud,omitempty"` // platform is the platform the agent is running on if applicable. - Platform string `protobuf:"bytes,2,opt,name=platform,proto3" json:"platform,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Platform string `protobuf:"bytes,2,opt,name=platform,proto3" json:"platform,omitempty"` } -func (m *Environment) Reset() { *m = Environment{} } -func (m *Environment) String() string { return proto.CompactTextString(m) } -func (*Environment) ProtoMessage() {} +func (x *Environment) Reset() { + *x = Environment{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Environment) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Environment) ProtoMessage() {} + +func (x *Environment) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Environment.ProtoReflect.Descriptor instead. func (*Environment) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{5} + return file_management_proto_rawDescGZIP(), []int{5} } -func (m *Environment) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Environment.Unmarshal(m, b) -} -func (m *Environment) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Environment.Marshal(b, m, deterministic) -} -func (m *Environment) XXX_Merge(src proto.Message) { - xxx_messageInfo_Environment.Merge(m, src) -} -func (m *Environment) XXX_Size() int { - return xxx_messageInfo_Environment.Size(m) -} -func (m *Environment) XXX_DiscardUnknown() { - xxx_messageInfo_Environment.DiscardUnknown(m) -} - -var xxx_messageInfo_Environment proto.InternalMessageInfo - -func (m *Environment) GetCloud() string { - if m != nil { - return m.Cloud +func (x *Environment) GetCloud() string { + if x != nil { + return x.Cloud } return "" } -func (m *Environment) GetPlatform() string { - if m != nil { - return m.Platform +func (x *Environment) GetPlatform() string { + if x != nil { + return x.Platform } return "" } // PeerSystemMeta is machine meta data like OS and version. type PeerSystemMeta struct { - Hostname string `protobuf:"bytes,1,opt,name=hostname,proto3" json:"hostname,omitempty"` - GoOS string `protobuf:"bytes,2,opt,name=goOS,proto3" json:"goOS,omitempty"` - Kernel string `protobuf:"bytes,3,opt,name=kernel,proto3" json:"kernel,omitempty"` - Core string `protobuf:"bytes,4,opt,name=core,proto3" json:"core,omitempty"` - Platform string `protobuf:"bytes,5,opt,name=platform,proto3" json:"platform,omitempty"` - OS string `protobuf:"bytes,6,opt,name=OS,proto3" json:"OS,omitempty"` - WiretrusteeVersion string `protobuf:"bytes,7,opt,name=wiretrusteeVersion,proto3" json:"wiretrusteeVersion,omitempty"` - UiVersion string `protobuf:"bytes,8,opt,name=uiVersion,proto3" json:"uiVersion,omitempty"` - KernelVersion string `protobuf:"bytes,9,opt,name=kernelVersion,proto3" json:"kernelVersion,omitempty"` - OSVersion string `protobuf:"bytes,10,opt,name=OSVersion,proto3" json:"OSVersion,omitempty"` - NetworkAddresses []*NetworkAddress `protobuf:"bytes,11,rep,name=networkAddresses,proto3" json:"networkAddresses,omitempty"` - SysSerialNumber string `protobuf:"bytes,12,opt,name=sysSerialNumber,proto3" json:"sysSerialNumber,omitempty"` - SysProductName string `protobuf:"bytes,13,opt,name=sysProductName,proto3" json:"sysProductName,omitempty"` - SysManufacturer string `protobuf:"bytes,14,opt,name=sysManufacturer,proto3" json:"sysManufacturer,omitempty"` - Environment *Environment `protobuf:"bytes,15,opt,name=environment,proto3" json:"environment,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Hostname string `protobuf:"bytes,1,opt,name=hostname,proto3" json:"hostname,omitempty"` + GoOS string `protobuf:"bytes,2,opt,name=goOS,proto3" json:"goOS,omitempty"` + Kernel string `protobuf:"bytes,3,opt,name=kernel,proto3" json:"kernel,omitempty"` + Core string `protobuf:"bytes,4,opt,name=core,proto3" json:"core,omitempty"` + Platform string `protobuf:"bytes,5,opt,name=platform,proto3" json:"platform,omitempty"` + OS string `protobuf:"bytes,6,opt,name=OS,proto3" json:"OS,omitempty"` + WiretrusteeVersion string `protobuf:"bytes,7,opt,name=wiretrusteeVersion,proto3" json:"wiretrusteeVersion,omitempty"` + UiVersion string `protobuf:"bytes,8,opt,name=uiVersion,proto3" json:"uiVersion,omitempty"` + KernelVersion string `protobuf:"bytes,9,opt,name=kernelVersion,proto3" json:"kernelVersion,omitempty"` + OSVersion string `protobuf:"bytes,10,opt,name=OSVersion,proto3" json:"OSVersion,omitempty"` + NetworkAddresses []*NetworkAddress `protobuf:"bytes,11,rep,name=networkAddresses,proto3" json:"networkAddresses,omitempty"` + SysSerialNumber string `protobuf:"bytes,12,opt,name=sysSerialNumber,proto3" json:"sysSerialNumber,omitempty"` + SysProductName string `protobuf:"bytes,13,opt,name=sysProductName,proto3" json:"sysProductName,omitempty"` + SysManufacturer string `protobuf:"bytes,14,opt,name=sysManufacturer,proto3" json:"sysManufacturer,omitempty"` + Environment *Environment `protobuf:"bytes,15,opt,name=environment,proto3" json:"environment,omitempty"` } -func (m *PeerSystemMeta) Reset() { *m = PeerSystemMeta{} } -func (m *PeerSystemMeta) String() string { return proto.CompactTextString(m) } -func (*PeerSystemMeta) ProtoMessage() {} +func (x *PeerSystemMeta) Reset() { + *x = PeerSystemMeta{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PeerSystemMeta) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PeerSystemMeta) ProtoMessage() {} + +func (x *PeerSystemMeta) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PeerSystemMeta.ProtoReflect.Descriptor instead. func (*PeerSystemMeta) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{6} + return file_management_proto_rawDescGZIP(), []int{6} } -func (m *PeerSystemMeta) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_PeerSystemMeta.Unmarshal(m, b) -} -func (m *PeerSystemMeta) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_PeerSystemMeta.Marshal(b, m, deterministic) -} -func (m *PeerSystemMeta) XXX_Merge(src proto.Message) { - xxx_messageInfo_PeerSystemMeta.Merge(m, src) -} -func (m *PeerSystemMeta) XXX_Size() int { - return xxx_messageInfo_PeerSystemMeta.Size(m) -} -func (m *PeerSystemMeta) XXX_DiscardUnknown() { - xxx_messageInfo_PeerSystemMeta.DiscardUnknown(m) -} - -var xxx_messageInfo_PeerSystemMeta proto.InternalMessageInfo - -func (m *PeerSystemMeta) GetHostname() string { - if m != nil { - return m.Hostname +func (x *PeerSystemMeta) GetHostname() string { + if x != nil { + return x.Hostname } return "" } -func (m *PeerSystemMeta) GetGoOS() string { - if m != nil { - return m.GoOS +func (x *PeerSystemMeta) GetGoOS() string { + if x != nil { + return x.GoOS } return "" } -func (m *PeerSystemMeta) GetKernel() string { - if m != nil { - return m.Kernel +func (x *PeerSystemMeta) GetKernel() string { + if x != nil { + return x.Kernel } return "" } -func (m *PeerSystemMeta) GetCore() string { - if m != nil { - return m.Core +func (x *PeerSystemMeta) GetCore() string { + if x != nil { + return x.Core } return "" } -func (m *PeerSystemMeta) GetPlatform() string { - if m != nil { - return m.Platform +func (x *PeerSystemMeta) GetPlatform() string { + if x != nil { + return x.Platform } return "" } -func (m *PeerSystemMeta) GetOS() string { - if m != nil { - return m.OS +func (x *PeerSystemMeta) GetOS() string { + if x != nil { + return x.OS } return "" } -func (m *PeerSystemMeta) GetWiretrusteeVersion() string { - if m != nil { - return m.WiretrusteeVersion +func (x *PeerSystemMeta) GetWiretrusteeVersion() string { + if x != nil { + return x.WiretrusteeVersion } return "" } -func (m *PeerSystemMeta) GetUiVersion() string { - if m != nil { - return m.UiVersion +func (x *PeerSystemMeta) GetUiVersion() string { + if x != nil { + return x.UiVersion } return "" } -func (m *PeerSystemMeta) GetKernelVersion() string { - if m != nil { - return m.KernelVersion +func (x *PeerSystemMeta) GetKernelVersion() string { + if x != nil { + return x.KernelVersion } return "" } -func (m *PeerSystemMeta) GetOSVersion() string { - if m != nil { - return m.OSVersion +func (x *PeerSystemMeta) GetOSVersion() string { + if x != nil { + return x.OSVersion } return "" } -func (m *PeerSystemMeta) GetNetworkAddresses() []*NetworkAddress { - if m != nil { - return m.NetworkAddresses +func (x *PeerSystemMeta) GetNetworkAddresses() []*NetworkAddress { + if x != nil { + return x.NetworkAddresses } return nil } -func (m *PeerSystemMeta) GetSysSerialNumber() string { - if m != nil { - return m.SysSerialNumber +func (x *PeerSystemMeta) GetSysSerialNumber() string { + if x != nil { + return x.SysSerialNumber } return "" } -func (m *PeerSystemMeta) GetSysProductName() string { - if m != nil { - return m.SysProductName +func (x *PeerSystemMeta) GetSysProductName() string { + if x != nil { + return x.SysProductName } return "" } -func (m *PeerSystemMeta) GetSysManufacturer() string { - if m != nil { - return m.SysManufacturer +func (x *PeerSystemMeta) GetSysManufacturer() string { + if x != nil { + return x.SysManufacturer } return "" } -func (m *PeerSystemMeta) GetEnvironment() *Environment { - if m != nil { - return m.Environment +func (x *PeerSystemMeta) GetEnvironment() *Environment { + if x != nil { + return x.Environment } return nil } type LoginResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // Global config WiretrusteeConfig *WiretrusteeConfig `protobuf:"bytes,1,opt,name=wiretrusteeConfig,proto3" json:"wiretrusteeConfig,omitempty"` // Peer local config - PeerConfig *PeerConfig `protobuf:"bytes,2,opt,name=peerConfig,proto3" json:"peerConfig,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + PeerConfig *PeerConfig `protobuf:"bytes,2,opt,name=peerConfig,proto3" json:"peerConfig,omitempty"` } -func (m *LoginResponse) Reset() { *m = LoginResponse{} } -func (m *LoginResponse) String() string { return proto.CompactTextString(m) } -func (*LoginResponse) ProtoMessage() {} +func (x *LoginResponse) Reset() { + *x = LoginResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *LoginResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LoginResponse) ProtoMessage() {} + +func (x *LoginResponse) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LoginResponse.ProtoReflect.Descriptor instead. func (*LoginResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{7} + return file_management_proto_rawDescGZIP(), []int{7} } -func (m *LoginResponse) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_LoginResponse.Unmarshal(m, b) -} -func (m *LoginResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_LoginResponse.Marshal(b, m, deterministic) -} -func (m *LoginResponse) XXX_Merge(src proto.Message) { - xxx_messageInfo_LoginResponse.Merge(m, src) -} -func (m *LoginResponse) XXX_Size() int { - return xxx_messageInfo_LoginResponse.Size(m) -} -func (m *LoginResponse) XXX_DiscardUnknown() { - xxx_messageInfo_LoginResponse.DiscardUnknown(m) -} - -var xxx_messageInfo_LoginResponse proto.InternalMessageInfo - -func (m *LoginResponse) GetWiretrusteeConfig() *WiretrusteeConfig { - if m != nil { - return m.WiretrusteeConfig +func (x *LoginResponse) GetWiretrusteeConfig() *WiretrusteeConfig { + if x != nil { + return x.WiretrusteeConfig } return nil } -func (m *LoginResponse) GetPeerConfig() *PeerConfig { - if m != nil { - return m.PeerConfig +func (x *LoginResponse) GetPeerConfig() *PeerConfig { + if x != nil { + return x.PeerConfig } return nil } type ServerKeyResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // Server's Wireguard public key Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` // Key expiration timestamp after which the key should be fetched again by the client ExpiresAt *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=expiresAt,proto3" json:"expiresAt,omitempty"` // Version of the Wiretrustee Management Service protocol - Version int32 `protobuf:"varint,3,opt,name=version,proto3" json:"version,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Version int32 `protobuf:"varint,3,opt,name=version,proto3" json:"version,omitempty"` } -func (m *ServerKeyResponse) Reset() { *m = ServerKeyResponse{} } -func (m *ServerKeyResponse) String() string { return proto.CompactTextString(m) } -func (*ServerKeyResponse) ProtoMessage() {} +func (x *ServerKeyResponse) Reset() { + *x = ServerKeyResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ServerKeyResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ServerKeyResponse) ProtoMessage() {} + +func (x *ServerKeyResponse) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[8] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ServerKeyResponse.ProtoReflect.Descriptor instead. func (*ServerKeyResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{8} + return file_management_proto_rawDescGZIP(), []int{8} } -func (m *ServerKeyResponse) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_ServerKeyResponse.Unmarshal(m, b) -} -func (m *ServerKeyResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_ServerKeyResponse.Marshal(b, m, deterministic) -} -func (m *ServerKeyResponse) XXX_Merge(src proto.Message) { - xxx_messageInfo_ServerKeyResponse.Merge(m, src) -} -func (m *ServerKeyResponse) XXX_Size() int { - return xxx_messageInfo_ServerKeyResponse.Size(m) -} -func (m *ServerKeyResponse) XXX_DiscardUnknown() { - xxx_messageInfo_ServerKeyResponse.DiscardUnknown(m) -} - -var xxx_messageInfo_ServerKeyResponse proto.InternalMessageInfo - -func (m *ServerKeyResponse) GetKey() string { - if m != nil { - return m.Key +func (x *ServerKeyResponse) GetKey() string { + if x != nil { + return x.Key } return "" } -func (m *ServerKeyResponse) GetExpiresAt() *timestamppb.Timestamp { - if m != nil { - return m.ExpiresAt +func (x *ServerKeyResponse) GetExpiresAt() *timestamppb.Timestamp { + if x != nil { + return x.ExpiresAt } return nil } -func (m *ServerKeyResponse) GetVersion() int32 { - if m != nil { - return m.Version +func (x *ServerKeyResponse) GetVersion() int32 { + if x != nil { + return x.Version } return 0 } type Empty struct { - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields } -func (m *Empty) Reset() { *m = Empty{} } -func (m *Empty) String() string { return proto.CompactTextString(m) } -func (*Empty) ProtoMessage() {} +func (x *Empty) Reset() { + *x = Empty{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Empty) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Empty) ProtoMessage() {} + +func (x *Empty) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[9] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Empty.ProtoReflect.Descriptor instead. func (*Empty) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{9} + return file_management_proto_rawDescGZIP(), []int{9} } -func (m *Empty) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Empty.Unmarshal(m, b) -} -func (m *Empty) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Empty.Marshal(b, m, deterministic) -} -func (m *Empty) XXX_Merge(src proto.Message) { - xxx_messageInfo_Empty.Merge(m, src) -} -func (m *Empty) XXX_Size() int { - return xxx_messageInfo_Empty.Size(m) -} -func (m *Empty) XXX_DiscardUnknown() { - xxx_messageInfo_Empty.DiscardUnknown(m) -} - -var xxx_messageInfo_Empty proto.InternalMessageInfo - // WiretrusteeConfig is a common configuration of any Wiretrustee peer. It contains STUN, TURN, Signal and Management servers configurations type WiretrusteeConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // a list of STUN servers Stuns []*HostConfig `protobuf:"bytes,1,rep,name=stuns,proto3" json:"stuns,omitempty"` // a list of TURN servers Turns []*ProtectedHostConfig `protobuf:"bytes,2,rep,name=turns,proto3" json:"turns,omitempty"` // a Signal server config - Signal *HostConfig `protobuf:"bytes,3,opt,name=signal,proto3" json:"signal,omitempty"` - RelayAddress string `protobuf:"bytes,4,opt,name=RelayAddress,proto3" json:"RelayAddress,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Signal *HostConfig `protobuf:"bytes,3,opt,name=signal,proto3" json:"signal,omitempty"` + Relay *RelayConfig `protobuf:"bytes,4,opt,name=relay,proto3" json:"relay,omitempty"` } -func (m *WiretrusteeConfig) Reset() { *m = WiretrusteeConfig{} } -func (m *WiretrusteeConfig) String() string { return proto.CompactTextString(m) } -func (*WiretrusteeConfig) ProtoMessage() {} +func (x *WiretrusteeConfig) Reset() { + *x = WiretrusteeConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *WiretrusteeConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*WiretrusteeConfig) ProtoMessage() {} + +func (x *WiretrusteeConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[10] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use WiretrusteeConfig.ProtoReflect.Descriptor instead. func (*WiretrusteeConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{10} + return file_management_proto_rawDescGZIP(), []int{10} } -func (m *WiretrusteeConfig) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_WiretrusteeConfig.Unmarshal(m, b) -} -func (m *WiretrusteeConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_WiretrusteeConfig.Marshal(b, m, deterministic) -} -func (m *WiretrusteeConfig) XXX_Merge(src proto.Message) { - xxx_messageInfo_WiretrusteeConfig.Merge(m, src) -} -func (m *WiretrusteeConfig) XXX_Size() int { - return xxx_messageInfo_WiretrusteeConfig.Size(m) -} -func (m *WiretrusteeConfig) XXX_DiscardUnknown() { - xxx_messageInfo_WiretrusteeConfig.DiscardUnknown(m) -} - -var xxx_messageInfo_WiretrusteeConfig proto.InternalMessageInfo - -func (m *WiretrusteeConfig) GetStuns() []*HostConfig { - if m != nil { - return m.Stuns +func (x *WiretrusteeConfig) GetStuns() []*HostConfig { + if x != nil { + return x.Stuns } return nil } -func (m *WiretrusteeConfig) GetTurns() []*ProtectedHostConfig { - if m != nil { - return m.Turns +func (x *WiretrusteeConfig) GetTurns() []*ProtectedHostConfig { + if x != nil { + return x.Turns } return nil } -func (m *WiretrusteeConfig) GetSignal() *HostConfig { - if m != nil { - return m.Signal +func (x *WiretrusteeConfig) GetSignal() *HostConfig { + if x != nil { + return x.Signal } return nil } -func (m *WiretrusteeConfig) GetRelayAddress() string { - if m != nil { - return m.RelayAddress +func (x *WiretrusteeConfig) GetRelay() *RelayConfig { + if x != nil { + return x.Relay } - return "" + return nil } // HostConfig describes connection properties of some server (e.g. STUN, Signal, Management) type HostConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // URI of the resource e.g. turns://stun.wiretrustee.com:4430 or signal.wiretrustee.com:10000 - Uri string `protobuf:"bytes,1,opt,name=uri,proto3" json:"uri,omitempty"` - Protocol HostConfig_Protocol `protobuf:"varint,2,opt,name=protocol,proto3,enum=management.HostConfig_Protocol" json:"protocol,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Uri string `protobuf:"bytes,1,opt,name=uri,proto3" json:"uri,omitempty"` + Protocol HostConfig_Protocol `protobuf:"varint,2,opt,name=protocol,proto3,enum=management.HostConfig_Protocol" json:"protocol,omitempty"` } -func (m *HostConfig) Reset() { *m = HostConfig{} } -func (m *HostConfig) String() string { return proto.CompactTextString(m) } -func (*HostConfig) ProtoMessage() {} +func (x *HostConfig) Reset() { + *x = HostConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *HostConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*HostConfig) ProtoMessage() {} + +func (x *HostConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[11] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use HostConfig.ProtoReflect.Descriptor instead. func (*HostConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{11} + return file_management_proto_rawDescGZIP(), []int{11} } -func (m *HostConfig) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_HostConfig.Unmarshal(m, b) -} -func (m *HostConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_HostConfig.Marshal(b, m, deterministic) -} -func (m *HostConfig) XXX_Merge(src proto.Message) { - xxx_messageInfo_HostConfig.Merge(m, src) -} -func (m *HostConfig) XXX_Size() int { - return xxx_messageInfo_HostConfig.Size(m) -} -func (m *HostConfig) XXX_DiscardUnknown() { - xxx_messageInfo_HostConfig.DiscardUnknown(m) -} - -var xxx_messageInfo_HostConfig proto.InternalMessageInfo - -func (m *HostConfig) GetUri() string { - if m != nil { - return m.Uri +func (x *HostConfig) GetUri() string { + if x != nil { + return x.Uri } return "" } -func (m *HostConfig) GetProtocol() HostConfig_Protocol { - if m != nil { - return m.Protocol +func (x *HostConfig) GetProtocol() HostConfig_Protocol { + if x != nil { + return x.Protocol } return HostConfig_UDP } +type RelayConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Urls []string `protobuf:"bytes,1,rep,name=urls,proto3" json:"urls,omitempty"` + TokenPayload string `protobuf:"bytes,2,opt,name=tokenPayload,proto3" json:"tokenPayload,omitempty"` + TokenSignature string `protobuf:"bytes,3,opt,name=tokenSignature,proto3" json:"tokenSignature,omitempty"` +} + +func (x *RelayConfig) Reset() { + *x = RelayConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RelayConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RelayConfig) ProtoMessage() {} + +func (x *RelayConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[12] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RelayConfig.ProtoReflect.Descriptor instead. +func (*RelayConfig) Descriptor() ([]byte, []int) { + return file_management_proto_rawDescGZIP(), []int{12} +} + +func (x *RelayConfig) GetUrls() []string { + if x != nil { + return x.Urls + } + return nil +} + +func (x *RelayConfig) GetTokenPayload() string { + if x != nil { + return x.TokenPayload + } + return "" +} + +func (x *RelayConfig) GetTokenSignature() string { + if x != nil { + return x.TokenSignature + } + return "" +} + // ProtectedHostConfig is similar to HostConfig but has additional user and password // Mostly used for TURN servers type ProtectedHostConfig struct { - HostConfig *HostConfig `protobuf:"bytes,1,opt,name=hostConfig,proto3" json:"hostConfig,omitempty"` - User string `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty"` - Password string `protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + HostConfig *HostConfig `protobuf:"bytes,1,opt,name=hostConfig,proto3" json:"hostConfig,omitempty"` + User string `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty"` + Password string `protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"` } -func (m *ProtectedHostConfig) Reset() { *m = ProtectedHostConfig{} } -func (m *ProtectedHostConfig) String() string { return proto.CompactTextString(m) } -func (*ProtectedHostConfig) ProtoMessage() {} +func (x *ProtectedHostConfig) Reset() { + *x = ProtectedHostConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ProtectedHostConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ProtectedHostConfig) ProtoMessage() {} + +func (x *ProtectedHostConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[13] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ProtectedHostConfig.ProtoReflect.Descriptor instead. func (*ProtectedHostConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{12} + return file_management_proto_rawDescGZIP(), []int{13} } -func (m *ProtectedHostConfig) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_ProtectedHostConfig.Unmarshal(m, b) -} -func (m *ProtectedHostConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_ProtectedHostConfig.Marshal(b, m, deterministic) -} -func (m *ProtectedHostConfig) XXX_Merge(src proto.Message) { - xxx_messageInfo_ProtectedHostConfig.Merge(m, src) -} -func (m *ProtectedHostConfig) XXX_Size() int { - return xxx_messageInfo_ProtectedHostConfig.Size(m) -} -func (m *ProtectedHostConfig) XXX_DiscardUnknown() { - xxx_messageInfo_ProtectedHostConfig.DiscardUnknown(m) -} - -var xxx_messageInfo_ProtectedHostConfig proto.InternalMessageInfo - -func (m *ProtectedHostConfig) GetHostConfig() *HostConfig { - if m != nil { - return m.HostConfig +func (x *ProtectedHostConfig) GetHostConfig() *HostConfig { + if x != nil { + return x.HostConfig } return nil } -func (m *ProtectedHostConfig) GetUser() string { - if m != nil { - return m.User +func (x *ProtectedHostConfig) GetUser() string { + if x != nil { + return x.User } return "" } -func (m *ProtectedHostConfig) GetPassword() string { - if m != nil { - return m.Password +func (x *ProtectedHostConfig) GetPassword() string { + if x != nil { + return x.Password } return "" } @@ -961,6 +1231,10 @@ func (m *ProtectedHostConfig) GetPassword() string { // PeerConfig represents a configuration of a "our" peer. // The properties are used to configure local Wireguard type PeerConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // Peer's virtual IP address within the Wiretrustee VPN (a Wireguard address config) Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` // Wiretrustee DNS server (a Wireguard DNS config) @@ -968,67 +1242,75 @@ type PeerConfig struct { // SSHConfig of the peer. SshConfig *SSHConfig `protobuf:"bytes,3,opt,name=sshConfig,proto3" json:"sshConfig,omitempty"` // Peer fully qualified domain name - Fqdn string `protobuf:"bytes,4,opt,name=fqdn,proto3" json:"fqdn,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Fqdn string `protobuf:"bytes,4,opt,name=fqdn,proto3" json:"fqdn,omitempty"` } -func (m *PeerConfig) Reset() { *m = PeerConfig{} } -func (m *PeerConfig) String() string { return proto.CompactTextString(m) } -func (*PeerConfig) ProtoMessage() {} +func (x *PeerConfig) Reset() { + *x = PeerConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PeerConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PeerConfig) ProtoMessage() {} + +func (x *PeerConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[14] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PeerConfig.ProtoReflect.Descriptor instead. func (*PeerConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{13} + return file_management_proto_rawDescGZIP(), []int{14} } -func (m *PeerConfig) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_PeerConfig.Unmarshal(m, b) -} -func (m *PeerConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_PeerConfig.Marshal(b, m, deterministic) -} -func (m *PeerConfig) XXX_Merge(src proto.Message) { - xxx_messageInfo_PeerConfig.Merge(m, src) -} -func (m *PeerConfig) XXX_Size() int { - return xxx_messageInfo_PeerConfig.Size(m) -} -func (m *PeerConfig) XXX_DiscardUnknown() { - xxx_messageInfo_PeerConfig.DiscardUnknown(m) -} - -var xxx_messageInfo_PeerConfig proto.InternalMessageInfo - -func (m *PeerConfig) GetAddress() string { - if m != nil { - return m.Address +func (x *PeerConfig) GetAddress() string { + if x != nil { + return x.Address } return "" } -func (m *PeerConfig) GetDns() string { - if m != nil { - return m.Dns +func (x *PeerConfig) GetDns() string { + if x != nil { + return x.Dns } return "" } -func (m *PeerConfig) GetSshConfig() *SSHConfig { - if m != nil { - return m.SshConfig +func (x *PeerConfig) GetSshConfig() *SSHConfig { + if x != nil { + return x.SshConfig } return nil } -func (m *PeerConfig) GetFqdn() string { - if m != nil { - return m.Fqdn +func (x *PeerConfig) GetFqdn() string { + if x != nil { + return x.Fqdn } return "" } // NetworkMap represents a network state of the peer with the corresponding configuration parameters to establish peer-to-peer connections type NetworkMap struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // Serial is an ID of the network state to be used by clients to order updates. // The larger the Serial the newer the configuration. // E.g. the client app should keep track of this id locally and discard all the configurations with a lower value @@ -1048,96 +1330,100 @@ type NetworkMap struct { // FirewallRule represents a list of firewall rules to be applied to peer FirewallRules []*FirewallRule `protobuf:"bytes,8,rep,name=FirewallRules,proto3" json:"FirewallRules,omitempty"` // firewallRulesIsEmpty indicates whether FirewallRule array is empty or not to bypass protobuf null and empty array equality. - FirewallRulesIsEmpty bool `protobuf:"varint,9,opt,name=firewallRulesIsEmpty,proto3" json:"firewallRulesIsEmpty,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + FirewallRulesIsEmpty bool `protobuf:"varint,9,opt,name=firewallRulesIsEmpty,proto3" json:"firewallRulesIsEmpty,omitempty"` } -func (m *NetworkMap) Reset() { *m = NetworkMap{} } -func (m *NetworkMap) String() string { return proto.CompactTextString(m) } -func (*NetworkMap) ProtoMessage() {} +func (x *NetworkMap) Reset() { + *x = NetworkMap{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NetworkMap) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NetworkMap) ProtoMessage() {} + +func (x *NetworkMap) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[15] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NetworkMap.ProtoReflect.Descriptor instead. func (*NetworkMap) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{14} + return file_management_proto_rawDescGZIP(), []int{15} } -func (m *NetworkMap) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_NetworkMap.Unmarshal(m, b) -} -func (m *NetworkMap) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_NetworkMap.Marshal(b, m, deterministic) -} -func (m *NetworkMap) XXX_Merge(src proto.Message) { - xxx_messageInfo_NetworkMap.Merge(m, src) -} -func (m *NetworkMap) XXX_Size() int { - return xxx_messageInfo_NetworkMap.Size(m) -} -func (m *NetworkMap) XXX_DiscardUnknown() { - xxx_messageInfo_NetworkMap.DiscardUnknown(m) -} - -var xxx_messageInfo_NetworkMap proto.InternalMessageInfo - -func (m *NetworkMap) GetSerial() uint64 { - if m != nil { - return m.Serial +func (x *NetworkMap) GetSerial() uint64 { + if x != nil { + return x.Serial } return 0 } -func (m *NetworkMap) GetPeerConfig() *PeerConfig { - if m != nil { - return m.PeerConfig +func (x *NetworkMap) GetPeerConfig() *PeerConfig { + if x != nil { + return x.PeerConfig } return nil } -func (m *NetworkMap) GetRemotePeers() []*RemotePeerConfig { - if m != nil { - return m.RemotePeers +func (x *NetworkMap) GetRemotePeers() []*RemotePeerConfig { + if x != nil { + return x.RemotePeers } return nil } -func (m *NetworkMap) GetRemotePeersIsEmpty() bool { - if m != nil { - return m.RemotePeersIsEmpty +func (x *NetworkMap) GetRemotePeersIsEmpty() bool { + if x != nil { + return x.RemotePeersIsEmpty } return false } -func (m *NetworkMap) GetRoutes() []*Route { - if m != nil { - return m.Routes +func (x *NetworkMap) GetRoutes() []*Route { + if x != nil { + return x.Routes } return nil } -func (m *NetworkMap) GetDNSConfig() *DNSConfig { - if m != nil { - return m.DNSConfig +func (x *NetworkMap) GetDNSConfig() *DNSConfig { + if x != nil { + return x.DNSConfig } return nil } -func (m *NetworkMap) GetOfflinePeers() []*RemotePeerConfig { - if m != nil { - return m.OfflinePeers +func (x *NetworkMap) GetOfflinePeers() []*RemotePeerConfig { + if x != nil { + return x.OfflinePeers } return nil } -func (m *NetworkMap) GetFirewallRules() []*FirewallRule { - if m != nil { - return m.FirewallRules +func (x *NetworkMap) GetFirewallRules() []*FirewallRule { + if x != nil { + return x.FirewallRules } return nil } -func (m *NetworkMap) GetFirewallRulesIsEmpty() bool { - if m != nil { - return m.FirewallRulesIsEmpty +func (x *NetworkMap) GetFirewallRulesIsEmpty() bool { + if x != nil { + return x.FirewallRulesIsEmpty } return false } @@ -1145,6 +1431,10 @@ func (m *NetworkMap) GetFirewallRulesIsEmpty() bool { // RemotePeerConfig represents a configuration of a remote peer. // The properties are used to configure WireGuard Peers sections type RemotePeerConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // A WireGuard public key of a remote peer WgPubKey string `protobuf:"bytes,1,opt,name=wgPubKey,proto3" json:"wgPubKey,omitempty"` // WireGuard allowed IPs of a remote peer e.g. [10.30.30.1/32] @@ -1152,275 +1442,321 @@ type RemotePeerConfig struct { // SSHConfig is a SSH config of the remote peer. SSHConfig.sshPubKey should be ignored because peer knows it's SSH key. SshConfig *SSHConfig `protobuf:"bytes,3,opt,name=sshConfig,proto3" json:"sshConfig,omitempty"` // Peer fully qualified domain name - Fqdn string `protobuf:"bytes,4,opt,name=fqdn,proto3" json:"fqdn,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Fqdn string `protobuf:"bytes,4,opt,name=fqdn,proto3" json:"fqdn,omitempty"` } -func (m *RemotePeerConfig) Reset() { *m = RemotePeerConfig{} } -func (m *RemotePeerConfig) String() string { return proto.CompactTextString(m) } -func (*RemotePeerConfig) ProtoMessage() {} +func (x *RemotePeerConfig) Reset() { + *x = RemotePeerConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[16] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RemotePeerConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RemotePeerConfig) ProtoMessage() {} + +func (x *RemotePeerConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[16] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RemotePeerConfig.ProtoReflect.Descriptor instead. func (*RemotePeerConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{15} + return file_management_proto_rawDescGZIP(), []int{16} } -func (m *RemotePeerConfig) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_RemotePeerConfig.Unmarshal(m, b) -} -func (m *RemotePeerConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_RemotePeerConfig.Marshal(b, m, deterministic) -} -func (m *RemotePeerConfig) XXX_Merge(src proto.Message) { - xxx_messageInfo_RemotePeerConfig.Merge(m, src) -} -func (m *RemotePeerConfig) XXX_Size() int { - return xxx_messageInfo_RemotePeerConfig.Size(m) -} -func (m *RemotePeerConfig) XXX_DiscardUnknown() { - xxx_messageInfo_RemotePeerConfig.DiscardUnknown(m) -} - -var xxx_messageInfo_RemotePeerConfig proto.InternalMessageInfo - -func (m *RemotePeerConfig) GetWgPubKey() string { - if m != nil { - return m.WgPubKey +func (x *RemotePeerConfig) GetWgPubKey() string { + if x != nil { + return x.WgPubKey } return "" } -func (m *RemotePeerConfig) GetAllowedIps() []string { - if m != nil { - return m.AllowedIps +func (x *RemotePeerConfig) GetAllowedIps() []string { + if x != nil { + return x.AllowedIps } return nil } -func (m *RemotePeerConfig) GetSshConfig() *SSHConfig { - if m != nil { - return m.SshConfig +func (x *RemotePeerConfig) GetSshConfig() *SSHConfig { + if x != nil { + return x.SshConfig } return nil } -func (m *RemotePeerConfig) GetFqdn() string { - if m != nil { - return m.Fqdn +func (x *RemotePeerConfig) GetFqdn() string { + if x != nil { + return x.Fqdn } return "" } // SSHConfig represents SSH configurations of a peer. type SSHConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // sshEnabled indicates whether a SSH server is enabled on this peer SshEnabled bool `protobuf:"varint,1,opt,name=sshEnabled,proto3" json:"sshEnabled,omitempty"` // sshPubKey is a SSH public key of a peer to be added to authorized_hosts. // This property should be ignore if SSHConfig comes from PeerConfig. - SshPubKey []byte `protobuf:"bytes,2,opt,name=sshPubKey,proto3" json:"sshPubKey,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + SshPubKey []byte `protobuf:"bytes,2,opt,name=sshPubKey,proto3" json:"sshPubKey,omitempty"` } -func (m *SSHConfig) Reset() { *m = SSHConfig{} } -func (m *SSHConfig) String() string { return proto.CompactTextString(m) } -func (*SSHConfig) ProtoMessage() {} +func (x *SSHConfig) Reset() { + *x = SSHConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[17] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SSHConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SSHConfig) ProtoMessage() {} + +func (x *SSHConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[17] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SSHConfig.ProtoReflect.Descriptor instead. func (*SSHConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{16} + return file_management_proto_rawDescGZIP(), []int{17} } -func (m *SSHConfig) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_SSHConfig.Unmarshal(m, b) -} -func (m *SSHConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_SSHConfig.Marshal(b, m, deterministic) -} -func (m *SSHConfig) XXX_Merge(src proto.Message) { - xxx_messageInfo_SSHConfig.Merge(m, src) -} -func (m *SSHConfig) XXX_Size() int { - return xxx_messageInfo_SSHConfig.Size(m) -} -func (m *SSHConfig) XXX_DiscardUnknown() { - xxx_messageInfo_SSHConfig.DiscardUnknown(m) -} - -var xxx_messageInfo_SSHConfig proto.InternalMessageInfo - -func (m *SSHConfig) GetSshEnabled() bool { - if m != nil { - return m.SshEnabled +func (x *SSHConfig) GetSshEnabled() bool { + if x != nil { + return x.SshEnabled } return false } -func (m *SSHConfig) GetSshPubKey() []byte { - if m != nil { - return m.SshPubKey +func (x *SSHConfig) GetSshPubKey() []byte { + if x != nil { + return x.SshPubKey } return nil } // DeviceAuthorizationFlowRequest empty struct for future expansion type DeviceAuthorizationFlowRequest struct { - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields } -func (m *DeviceAuthorizationFlowRequest) Reset() { *m = DeviceAuthorizationFlowRequest{} } -func (m *DeviceAuthorizationFlowRequest) String() string { return proto.CompactTextString(m) } -func (*DeviceAuthorizationFlowRequest) ProtoMessage() {} +func (x *DeviceAuthorizationFlowRequest) Reset() { + *x = DeviceAuthorizationFlowRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[18] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *DeviceAuthorizationFlowRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeviceAuthorizationFlowRequest) ProtoMessage() {} + +func (x *DeviceAuthorizationFlowRequest) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[18] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeviceAuthorizationFlowRequest.ProtoReflect.Descriptor instead. func (*DeviceAuthorizationFlowRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{17} + return file_management_proto_rawDescGZIP(), []int{18} } -func (m *DeviceAuthorizationFlowRequest) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_DeviceAuthorizationFlowRequest.Unmarshal(m, b) -} -func (m *DeviceAuthorizationFlowRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_DeviceAuthorizationFlowRequest.Marshal(b, m, deterministic) -} -func (m *DeviceAuthorizationFlowRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_DeviceAuthorizationFlowRequest.Merge(m, src) -} -func (m *DeviceAuthorizationFlowRequest) XXX_Size() int { - return xxx_messageInfo_DeviceAuthorizationFlowRequest.Size(m) -} -func (m *DeviceAuthorizationFlowRequest) XXX_DiscardUnknown() { - xxx_messageInfo_DeviceAuthorizationFlowRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_DeviceAuthorizationFlowRequest proto.InternalMessageInfo - // DeviceAuthorizationFlow represents Device Authorization Flow information // that can be used by the client to login initiate a Oauth 2.0 device authorization grant flow // see https://datatracker.ietf.org/doc/html/rfc8628 type DeviceAuthorizationFlow struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // An IDP provider , (eg. Auth0) - Provider DeviceAuthorizationFlowProvider `protobuf:"varint,1,opt,name=Provider,proto3,enum=management.DeviceAuthorizationFlowProvider" json:"Provider,omitempty"` - ProviderConfig *ProviderConfig `protobuf:"bytes,2,opt,name=ProviderConfig,proto3" json:"ProviderConfig,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Provider DeviceAuthorizationFlowProvider `protobuf:"varint,1,opt,name=Provider,proto3,enum=management.DeviceAuthorizationFlowProvider" json:"Provider,omitempty"` + ProviderConfig *ProviderConfig `protobuf:"bytes,2,opt,name=ProviderConfig,proto3" json:"ProviderConfig,omitempty"` } -func (m *DeviceAuthorizationFlow) Reset() { *m = DeviceAuthorizationFlow{} } -func (m *DeviceAuthorizationFlow) String() string { return proto.CompactTextString(m) } -func (*DeviceAuthorizationFlow) ProtoMessage() {} +func (x *DeviceAuthorizationFlow) Reset() { + *x = DeviceAuthorizationFlow{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[19] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *DeviceAuthorizationFlow) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeviceAuthorizationFlow) ProtoMessage() {} + +func (x *DeviceAuthorizationFlow) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[19] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeviceAuthorizationFlow.ProtoReflect.Descriptor instead. func (*DeviceAuthorizationFlow) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{18} + return file_management_proto_rawDescGZIP(), []int{19} } -func (m *DeviceAuthorizationFlow) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_DeviceAuthorizationFlow.Unmarshal(m, b) -} -func (m *DeviceAuthorizationFlow) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_DeviceAuthorizationFlow.Marshal(b, m, deterministic) -} -func (m *DeviceAuthorizationFlow) XXX_Merge(src proto.Message) { - xxx_messageInfo_DeviceAuthorizationFlow.Merge(m, src) -} -func (m *DeviceAuthorizationFlow) XXX_Size() int { - return xxx_messageInfo_DeviceAuthorizationFlow.Size(m) -} -func (m *DeviceAuthorizationFlow) XXX_DiscardUnknown() { - xxx_messageInfo_DeviceAuthorizationFlow.DiscardUnknown(m) -} - -var xxx_messageInfo_DeviceAuthorizationFlow proto.InternalMessageInfo - -func (m *DeviceAuthorizationFlow) GetProvider() DeviceAuthorizationFlowProvider { - if m != nil { - return m.Provider +func (x *DeviceAuthorizationFlow) GetProvider() DeviceAuthorizationFlowProvider { + if x != nil { + return x.Provider } return DeviceAuthorizationFlow_HOSTED } -func (m *DeviceAuthorizationFlow) GetProviderConfig() *ProviderConfig { - if m != nil { - return m.ProviderConfig +func (x *DeviceAuthorizationFlow) GetProviderConfig() *ProviderConfig { + if x != nil { + return x.ProviderConfig } return nil } // PKCEAuthorizationFlowRequest empty struct for future expansion type PKCEAuthorizationFlowRequest struct { - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields } -func (m *PKCEAuthorizationFlowRequest) Reset() { *m = PKCEAuthorizationFlowRequest{} } -func (m *PKCEAuthorizationFlowRequest) String() string { return proto.CompactTextString(m) } -func (*PKCEAuthorizationFlowRequest) ProtoMessage() {} +func (x *PKCEAuthorizationFlowRequest) Reset() { + *x = PKCEAuthorizationFlowRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[20] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PKCEAuthorizationFlowRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PKCEAuthorizationFlowRequest) ProtoMessage() {} + +func (x *PKCEAuthorizationFlowRequest) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[20] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PKCEAuthorizationFlowRequest.ProtoReflect.Descriptor instead. func (*PKCEAuthorizationFlowRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{19} + return file_management_proto_rawDescGZIP(), []int{20} } -func (m *PKCEAuthorizationFlowRequest) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_PKCEAuthorizationFlowRequest.Unmarshal(m, b) -} -func (m *PKCEAuthorizationFlowRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_PKCEAuthorizationFlowRequest.Marshal(b, m, deterministic) -} -func (m *PKCEAuthorizationFlowRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_PKCEAuthorizationFlowRequest.Merge(m, src) -} -func (m *PKCEAuthorizationFlowRequest) XXX_Size() int { - return xxx_messageInfo_PKCEAuthorizationFlowRequest.Size(m) -} -func (m *PKCEAuthorizationFlowRequest) XXX_DiscardUnknown() { - xxx_messageInfo_PKCEAuthorizationFlowRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_PKCEAuthorizationFlowRequest proto.InternalMessageInfo - // PKCEAuthorizationFlow represents Authorization Code Flow information // that can be used by the client to login initiate a Oauth 2.0 authorization code grant flow // with Proof Key for Code Exchange (PKCE). See https://datatracker.ietf.org/doc/html/rfc7636 type PKCEAuthorizationFlow struct { - ProviderConfig *ProviderConfig `protobuf:"bytes,1,opt,name=ProviderConfig,proto3" json:"ProviderConfig,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ProviderConfig *ProviderConfig `protobuf:"bytes,1,opt,name=ProviderConfig,proto3" json:"ProviderConfig,omitempty"` } -func (m *PKCEAuthorizationFlow) Reset() { *m = PKCEAuthorizationFlow{} } -func (m *PKCEAuthorizationFlow) String() string { return proto.CompactTextString(m) } -func (*PKCEAuthorizationFlow) ProtoMessage() {} +func (x *PKCEAuthorizationFlow) Reset() { + *x = PKCEAuthorizationFlow{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[21] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PKCEAuthorizationFlow) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PKCEAuthorizationFlow) ProtoMessage() {} + +func (x *PKCEAuthorizationFlow) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[21] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PKCEAuthorizationFlow.ProtoReflect.Descriptor instead. func (*PKCEAuthorizationFlow) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{20} + return file_management_proto_rawDescGZIP(), []int{21} } -func (m *PKCEAuthorizationFlow) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_PKCEAuthorizationFlow.Unmarshal(m, b) -} -func (m *PKCEAuthorizationFlow) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_PKCEAuthorizationFlow.Marshal(b, m, deterministic) -} -func (m *PKCEAuthorizationFlow) XXX_Merge(src proto.Message) { - xxx_messageInfo_PKCEAuthorizationFlow.Merge(m, src) -} -func (m *PKCEAuthorizationFlow) XXX_Size() int { - return xxx_messageInfo_PKCEAuthorizationFlow.Size(m) -} -func (m *PKCEAuthorizationFlow) XXX_DiscardUnknown() { - xxx_messageInfo_PKCEAuthorizationFlow.DiscardUnknown(m) -} - -var xxx_messageInfo_PKCEAuthorizationFlow proto.InternalMessageInfo - -func (m *PKCEAuthorizationFlow) GetProviderConfig() *ProviderConfig { - if m != nil { - return m.ProviderConfig +func (x *PKCEAuthorizationFlow) GetProviderConfig() *ProviderConfig { + if x != nil { + return x.ProviderConfig } return nil } // ProviderConfig has all attributes needed to initiate a device/pkce authorization flow type ProviderConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + // An IDP application client id ClientID string `protobuf:"bytes,1,opt,name=ClientID,proto3" json:"ClientID,omitempty"` // An IDP application client secret @@ -1441,773 +1777,1535 @@ type ProviderConfig struct { // AuthorizationEndpoint is the endpoint of an IDP manager where clients can obtain authorization code. AuthorizationEndpoint string `protobuf:"bytes,9,opt,name=AuthorizationEndpoint,proto3" json:"AuthorizationEndpoint,omitempty"` // RedirectURLs handles authorization code from IDP manager - RedirectURLs []string `protobuf:"bytes,10,rep,name=RedirectURLs,proto3" json:"RedirectURLs,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + RedirectURLs []string `protobuf:"bytes,10,rep,name=RedirectURLs,proto3" json:"RedirectURLs,omitempty"` } -func (m *ProviderConfig) Reset() { *m = ProviderConfig{} } -func (m *ProviderConfig) String() string { return proto.CompactTextString(m) } -func (*ProviderConfig) ProtoMessage() {} +func (x *ProviderConfig) Reset() { + *x = ProviderConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[22] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ProviderConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ProviderConfig) ProtoMessage() {} + +func (x *ProviderConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[22] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ProviderConfig.ProtoReflect.Descriptor instead. func (*ProviderConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{21} + return file_management_proto_rawDescGZIP(), []int{22} } -func (m *ProviderConfig) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_ProviderConfig.Unmarshal(m, b) -} -func (m *ProviderConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_ProviderConfig.Marshal(b, m, deterministic) -} -func (m *ProviderConfig) XXX_Merge(src proto.Message) { - xxx_messageInfo_ProviderConfig.Merge(m, src) -} -func (m *ProviderConfig) XXX_Size() int { - return xxx_messageInfo_ProviderConfig.Size(m) -} -func (m *ProviderConfig) XXX_DiscardUnknown() { - xxx_messageInfo_ProviderConfig.DiscardUnknown(m) -} - -var xxx_messageInfo_ProviderConfig proto.InternalMessageInfo - -func (m *ProviderConfig) GetClientID() string { - if m != nil { - return m.ClientID +func (x *ProviderConfig) GetClientID() string { + if x != nil { + return x.ClientID } return "" } -func (m *ProviderConfig) GetClientSecret() string { - if m != nil { - return m.ClientSecret +func (x *ProviderConfig) GetClientSecret() string { + if x != nil { + return x.ClientSecret } return "" } -func (m *ProviderConfig) GetDomain() string { - if m != nil { - return m.Domain +func (x *ProviderConfig) GetDomain() string { + if x != nil { + return x.Domain } return "" } -func (m *ProviderConfig) GetAudience() string { - if m != nil { - return m.Audience +func (x *ProviderConfig) GetAudience() string { + if x != nil { + return x.Audience } return "" } -func (m *ProviderConfig) GetDeviceAuthEndpoint() string { - if m != nil { - return m.DeviceAuthEndpoint +func (x *ProviderConfig) GetDeviceAuthEndpoint() string { + if x != nil { + return x.DeviceAuthEndpoint } return "" } -func (m *ProviderConfig) GetTokenEndpoint() string { - if m != nil { - return m.TokenEndpoint +func (x *ProviderConfig) GetTokenEndpoint() string { + if x != nil { + return x.TokenEndpoint } return "" } -func (m *ProviderConfig) GetScope() string { - if m != nil { - return m.Scope +func (x *ProviderConfig) GetScope() string { + if x != nil { + return x.Scope } return "" } -func (m *ProviderConfig) GetUseIDToken() bool { - if m != nil { - return m.UseIDToken +func (x *ProviderConfig) GetUseIDToken() bool { + if x != nil { + return x.UseIDToken } return false } -func (m *ProviderConfig) GetAuthorizationEndpoint() string { - if m != nil { - return m.AuthorizationEndpoint +func (x *ProviderConfig) GetAuthorizationEndpoint() string { + if x != nil { + return x.AuthorizationEndpoint } return "" } -func (m *ProviderConfig) GetRedirectURLs() []string { - if m != nil { - return m.RedirectURLs +func (x *ProviderConfig) GetRedirectURLs() []string { + if x != nil { + return x.RedirectURLs } return nil } // Route represents a route.Route object type Route struct { - ID string `protobuf:"bytes,1,opt,name=ID,proto3" json:"ID,omitempty"` - Network string `protobuf:"bytes,2,opt,name=Network,proto3" json:"Network,omitempty"` - NetworkType int64 `protobuf:"varint,3,opt,name=NetworkType,proto3" json:"NetworkType,omitempty"` - Peer string `protobuf:"bytes,4,opt,name=Peer,proto3" json:"Peer,omitempty"` - Metric int64 `protobuf:"varint,5,opt,name=Metric,proto3" json:"Metric,omitempty"` - Masquerade bool `protobuf:"varint,6,opt,name=Masquerade,proto3" json:"Masquerade,omitempty"` - NetID string `protobuf:"bytes,7,opt,name=NetID,proto3" json:"NetID,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ID string `protobuf:"bytes,1,opt,name=ID,proto3" json:"ID,omitempty"` + Network string `protobuf:"bytes,2,opt,name=Network,proto3" json:"Network,omitempty"` + NetworkType int64 `protobuf:"varint,3,opt,name=NetworkType,proto3" json:"NetworkType,omitempty"` + Peer string `protobuf:"bytes,4,opt,name=Peer,proto3" json:"Peer,omitempty"` + Metric int64 `protobuf:"varint,5,opt,name=Metric,proto3" json:"Metric,omitempty"` + Masquerade bool `protobuf:"varint,6,opt,name=Masquerade,proto3" json:"Masquerade,omitempty"` + NetID string `protobuf:"bytes,7,opt,name=NetID,proto3" json:"NetID,omitempty"` } -func (m *Route) Reset() { *m = Route{} } -func (m *Route) String() string { return proto.CompactTextString(m) } -func (*Route) ProtoMessage() {} +func (x *Route) Reset() { + *x = Route{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[23] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Route) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Route) ProtoMessage() {} + +func (x *Route) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[23] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Route.ProtoReflect.Descriptor instead. func (*Route) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{22} + return file_management_proto_rawDescGZIP(), []int{23} } -func (m *Route) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Route.Unmarshal(m, b) -} -func (m *Route) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Route.Marshal(b, m, deterministic) -} -func (m *Route) XXX_Merge(src proto.Message) { - xxx_messageInfo_Route.Merge(m, src) -} -func (m *Route) XXX_Size() int { - return xxx_messageInfo_Route.Size(m) -} -func (m *Route) XXX_DiscardUnknown() { - xxx_messageInfo_Route.DiscardUnknown(m) -} - -var xxx_messageInfo_Route proto.InternalMessageInfo - -func (m *Route) GetID() string { - if m != nil { - return m.ID +func (x *Route) GetID() string { + if x != nil { + return x.ID } return "" } -func (m *Route) GetNetwork() string { - if m != nil { - return m.Network +func (x *Route) GetNetwork() string { + if x != nil { + return x.Network } return "" } -func (m *Route) GetNetworkType() int64 { - if m != nil { - return m.NetworkType +func (x *Route) GetNetworkType() int64 { + if x != nil { + return x.NetworkType } return 0 } -func (m *Route) GetPeer() string { - if m != nil { - return m.Peer +func (x *Route) GetPeer() string { + if x != nil { + return x.Peer } return "" } -func (m *Route) GetMetric() int64 { - if m != nil { - return m.Metric +func (x *Route) GetMetric() int64 { + if x != nil { + return x.Metric } return 0 } -func (m *Route) GetMasquerade() bool { - if m != nil { - return m.Masquerade +func (x *Route) GetMasquerade() bool { + if x != nil { + return x.Masquerade } return false } -func (m *Route) GetNetID() string { - if m != nil { - return m.NetID +func (x *Route) GetNetID() string { + if x != nil { + return x.NetID } return "" } // DNSConfig represents a dns.Update type DNSConfig struct { - ServiceEnable bool `protobuf:"varint,1,opt,name=ServiceEnable,proto3" json:"ServiceEnable,omitempty"` - NameServerGroups []*NameServerGroup `protobuf:"bytes,2,rep,name=NameServerGroups,proto3" json:"NameServerGroups,omitempty"` - CustomZones []*CustomZone `protobuf:"bytes,3,rep,name=CustomZones,proto3" json:"CustomZones,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ServiceEnable bool `protobuf:"varint,1,opt,name=ServiceEnable,proto3" json:"ServiceEnable,omitempty"` + NameServerGroups []*NameServerGroup `protobuf:"bytes,2,rep,name=NameServerGroups,proto3" json:"NameServerGroups,omitempty"` + CustomZones []*CustomZone `protobuf:"bytes,3,rep,name=CustomZones,proto3" json:"CustomZones,omitempty"` } -func (m *DNSConfig) Reset() { *m = DNSConfig{} } -func (m *DNSConfig) String() string { return proto.CompactTextString(m) } -func (*DNSConfig) ProtoMessage() {} +func (x *DNSConfig) Reset() { + *x = DNSConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[24] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *DNSConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DNSConfig) ProtoMessage() {} + +func (x *DNSConfig) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[24] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DNSConfig.ProtoReflect.Descriptor instead. func (*DNSConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{23} + return file_management_proto_rawDescGZIP(), []int{24} } -func (m *DNSConfig) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_DNSConfig.Unmarshal(m, b) -} -func (m *DNSConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_DNSConfig.Marshal(b, m, deterministic) -} -func (m *DNSConfig) XXX_Merge(src proto.Message) { - xxx_messageInfo_DNSConfig.Merge(m, src) -} -func (m *DNSConfig) XXX_Size() int { - return xxx_messageInfo_DNSConfig.Size(m) -} -func (m *DNSConfig) XXX_DiscardUnknown() { - xxx_messageInfo_DNSConfig.DiscardUnknown(m) -} - -var xxx_messageInfo_DNSConfig proto.InternalMessageInfo - -func (m *DNSConfig) GetServiceEnable() bool { - if m != nil { - return m.ServiceEnable +func (x *DNSConfig) GetServiceEnable() bool { + if x != nil { + return x.ServiceEnable } return false } -func (m *DNSConfig) GetNameServerGroups() []*NameServerGroup { - if m != nil { - return m.NameServerGroups +func (x *DNSConfig) GetNameServerGroups() []*NameServerGroup { + if x != nil { + return x.NameServerGroups } return nil } -func (m *DNSConfig) GetCustomZones() []*CustomZone { - if m != nil { - return m.CustomZones +func (x *DNSConfig) GetCustomZones() []*CustomZone { + if x != nil { + return x.CustomZones } return nil } // CustomZone represents a dns.CustomZone type CustomZone struct { - Domain string `protobuf:"bytes,1,opt,name=Domain,proto3" json:"Domain,omitempty"` - Records []*SimpleRecord `protobuf:"bytes,2,rep,name=Records,proto3" json:"Records,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Domain string `protobuf:"bytes,1,opt,name=Domain,proto3" json:"Domain,omitempty"` + Records []*SimpleRecord `protobuf:"bytes,2,rep,name=Records,proto3" json:"Records,omitempty"` } -func (m *CustomZone) Reset() { *m = CustomZone{} } -func (m *CustomZone) String() string { return proto.CompactTextString(m) } -func (*CustomZone) ProtoMessage() {} +func (x *CustomZone) Reset() { + *x = CustomZone{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[25] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CustomZone) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CustomZone) ProtoMessage() {} + +func (x *CustomZone) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[25] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CustomZone.ProtoReflect.Descriptor instead. func (*CustomZone) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{24} + return file_management_proto_rawDescGZIP(), []int{25} } -func (m *CustomZone) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_CustomZone.Unmarshal(m, b) -} -func (m *CustomZone) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_CustomZone.Marshal(b, m, deterministic) -} -func (m *CustomZone) XXX_Merge(src proto.Message) { - xxx_messageInfo_CustomZone.Merge(m, src) -} -func (m *CustomZone) XXX_Size() int { - return xxx_messageInfo_CustomZone.Size(m) -} -func (m *CustomZone) XXX_DiscardUnknown() { - xxx_messageInfo_CustomZone.DiscardUnknown(m) -} - -var xxx_messageInfo_CustomZone proto.InternalMessageInfo - -func (m *CustomZone) GetDomain() string { - if m != nil { - return m.Domain +func (x *CustomZone) GetDomain() string { + if x != nil { + return x.Domain } return "" } -func (m *CustomZone) GetRecords() []*SimpleRecord { - if m != nil { - return m.Records +func (x *CustomZone) GetRecords() []*SimpleRecord { + if x != nil { + return x.Records } return nil } // SimpleRecord represents a dns.SimpleRecord type SimpleRecord struct { - Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"Name,omitempty"` - Type int64 `protobuf:"varint,2,opt,name=Type,proto3" json:"Type,omitempty"` - Class string `protobuf:"bytes,3,opt,name=Class,proto3" json:"Class,omitempty"` - TTL int64 `protobuf:"varint,4,opt,name=TTL,proto3" json:"TTL,omitempty"` - RData string `protobuf:"bytes,5,opt,name=RData,proto3" json:"RData,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"Name,omitempty"` + Type int64 `protobuf:"varint,2,opt,name=Type,proto3" json:"Type,omitempty"` + Class string `protobuf:"bytes,3,opt,name=Class,proto3" json:"Class,omitempty"` + TTL int64 `protobuf:"varint,4,opt,name=TTL,proto3" json:"TTL,omitempty"` + RData string `protobuf:"bytes,5,opt,name=RData,proto3" json:"RData,omitempty"` } -func (m *SimpleRecord) Reset() { *m = SimpleRecord{} } -func (m *SimpleRecord) String() string { return proto.CompactTextString(m) } -func (*SimpleRecord) ProtoMessage() {} +func (x *SimpleRecord) Reset() { + *x = SimpleRecord{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[26] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SimpleRecord) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SimpleRecord) ProtoMessage() {} + +func (x *SimpleRecord) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[26] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SimpleRecord.ProtoReflect.Descriptor instead. func (*SimpleRecord) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{25} + return file_management_proto_rawDescGZIP(), []int{26} } -func (m *SimpleRecord) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_SimpleRecord.Unmarshal(m, b) -} -func (m *SimpleRecord) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_SimpleRecord.Marshal(b, m, deterministic) -} -func (m *SimpleRecord) XXX_Merge(src proto.Message) { - xxx_messageInfo_SimpleRecord.Merge(m, src) -} -func (m *SimpleRecord) XXX_Size() int { - return xxx_messageInfo_SimpleRecord.Size(m) -} -func (m *SimpleRecord) XXX_DiscardUnknown() { - xxx_messageInfo_SimpleRecord.DiscardUnknown(m) -} - -var xxx_messageInfo_SimpleRecord proto.InternalMessageInfo - -func (m *SimpleRecord) GetName() string { - if m != nil { - return m.Name +func (x *SimpleRecord) GetName() string { + if x != nil { + return x.Name } return "" } -func (m *SimpleRecord) GetType() int64 { - if m != nil { - return m.Type +func (x *SimpleRecord) GetType() int64 { + if x != nil { + return x.Type } return 0 } -func (m *SimpleRecord) GetClass() string { - if m != nil { - return m.Class +func (x *SimpleRecord) GetClass() string { + if x != nil { + return x.Class } return "" } -func (m *SimpleRecord) GetTTL() int64 { - if m != nil { - return m.TTL +func (x *SimpleRecord) GetTTL() int64 { + if x != nil { + return x.TTL } return 0 } -func (m *SimpleRecord) GetRData() string { - if m != nil { - return m.RData +func (x *SimpleRecord) GetRData() string { + if x != nil { + return x.RData } return "" } // NameServerGroup represents a dns.NameServerGroup type NameServerGroup struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + NameServers []*NameServer `protobuf:"bytes,1,rep,name=NameServers,proto3" json:"NameServers,omitempty"` Primary bool `protobuf:"varint,2,opt,name=Primary,proto3" json:"Primary,omitempty"` Domains []string `protobuf:"bytes,3,rep,name=Domains,proto3" json:"Domains,omitempty"` SearchDomainsEnabled bool `protobuf:"varint,4,opt,name=SearchDomainsEnabled,proto3" json:"SearchDomainsEnabled,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` } -func (m *NameServerGroup) Reset() { *m = NameServerGroup{} } -func (m *NameServerGroup) String() string { return proto.CompactTextString(m) } -func (*NameServerGroup) ProtoMessage() {} +func (x *NameServerGroup) Reset() { + *x = NameServerGroup{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[27] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NameServerGroup) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NameServerGroup) ProtoMessage() {} + +func (x *NameServerGroup) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[27] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NameServerGroup.ProtoReflect.Descriptor instead. func (*NameServerGroup) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{26} + return file_management_proto_rawDescGZIP(), []int{27} } -func (m *NameServerGroup) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_NameServerGroup.Unmarshal(m, b) -} -func (m *NameServerGroup) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_NameServerGroup.Marshal(b, m, deterministic) -} -func (m *NameServerGroup) XXX_Merge(src proto.Message) { - xxx_messageInfo_NameServerGroup.Merge(m, src) -} -func (m *NameServerGroup) XXX_Size() int { - return xxx_messageInfo_NameServerGroup.Size(m) -} -func (m *NameServerGroup) XXX_DiscardUnknown() { - xxx_messageInfo_NameServerGroup.DiscardUnknown(m) -} - -var xxx_messageInfo_NameServerGroup proto.InternalMessageInfo - -func (m *NameServerGroup) GetNameServers() []*NameServer { - if m != nil { - return m.NameServers +func (x *NameServerGroup) GetNameServers() []*NameServer { + if x != nil { + return x.NameServers } return nil } -func (m *NameServerGroup) GetPrimary() bool { - if m != nil { - return m.Primary +func (x *NameServerGroup) GetPrimary() bool { + if x != nil { + return x.Primary } return false } -func (m *NameServerGroup) GetDomains() []string { - if m != nil { - return m.Domains +func (x *NameServerGroup) GetDomains() []string { + if x != nil { + return x.Domains } return nil } -func (m *NameServerGroup) GetSearchDomainsEnabled() bool { - if m != nil { - return m.SearchDomainsEnabled +func (x *NameServerGroup) GetSearchDomainsEnabled() bool { + if x != nil { + return x.SearchDomainsEnabled } return false } // NameServer represents a dns.NameServer type NameServer struct { - IP string `protobuf:"bytes,1,opt,name=IP,proto3" json:"IP,omitempty"` - NSType int64 `protobuf:"varint,2,opt,name=NSType,proto3" json:"NSType,omitempty"` - Port int64 `protobuf:"varint,3,opt,name=Port,proto3" json:"Port,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + IP string `protobuf:"bytes,1,opt,name=IP,proto3" json:"IP,omitempty"` + NSType int64 `protobuf:"varint,2,opt,name=NSType,proto3" json:"NSType,omitempty"` + Port int64 `protobuf:"varint,3,opt,name=Port,proto3" json:"Port,omitempty"` } -func (m *NameServer) Reset() { *m = NameServer{} } -func (m *NameServer) String() string { return proto.CompactTextString(m) } -func (*NameServer) ProtoMessage() {} +func (x *NameServer) Reset() { + *x = NameServer{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[28] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NameServer) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NameServer) ProtoMessage() {} + +func (x *NameServer) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[28] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NameServer.ProtoReflect.Descriptor instead. func (*NameServer) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{27} + return file_management_proto_rawDescGZIP(), []int{28} } -func (m *NameServer) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_NameServer.Unmarshal(m, b) -} -func (m *NameServer) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_NameServer.Marshal(b, m, deterministic) -} -func (m *NameServer) XXX_Merge(src proto.Message) { - xxx_messageInfo_NameServer.Merge(m, src) -} -func (m *NameServer) XXX_Size() int { - return xxx_messageInfo_NameServer.Size(m) -} -func (m *NameServer) XXX_DiscardUnknown() { - xxx_messageInfo_NameServer.DiscardUnknown(m) -} - -var xxx_messageInfo_NameServer proto.InternalMessageInfo - -func (m *NameServer) GetIP() string { - if m != nil { - return m.IP +func (x *NameServer) GetIP() string { + if x != nil { + return x.IP } return "" } -func (m *NameServer) GetNSType() int64 { - if m != nil { - return m.NSType +func (x *NameServer) GetNSType() int64 { + if x != nil { + return x.NSType } return 0 } -func (m *NameServer) GetPort() int64 { - if m != nil { - return m.Port +func (x *NameServer) GetPort() int64 { + if x != nil { + return x.Port } return 0 } // FirewallRule represents a firewall rule type FirewallRule struct { - PeerIP string `protobuf:"bytes,1,opt,name=PeerIP,proto3" json:"PeerIP,omitempty"` - Direction FirewallRuleDirection `protobuf:"varint,2,opt,name=Direction,proto3,enum=management.FirewallRuleDirection" json:"Direction,omitempty"` - Action FirewallRuleAction `protobuf:"varint,3,opt,name=Action,proto3,enum=management.FirewallRuleAction" json:"Action,omitempty"` - Protocol FirewallRuleProtocol `protobuf:"varint,4,opt,name=Protocol,proto3,enum=management.FirewallRuleProtocol" json:"Protocol,omitempty"` - Port string `protobuf:"bytes,5,opt,name=Port,proto3" json:"Port,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + PeerIP string `protobuf:"bytes,1,opt,name=PeerIP,proto3" json:"PeerIP,omitempty"` + Direction FirewallRuleDirection `protobuf:"varint,2,opt,name=Direction,proto3,enum=management.FirewallRuleDirection" json:"Direction,omitempty"` + Action FirewallRuleAction `protobuf:"varint,3,opt,name=Action,proto3,enum=management.FirewallRuleAction" json:"Action,omitempty"` + Protocol FirewallRuleProtocol `protobuf:"varint,4,opt,name=Protocol,proto3,enum=management.FirewallRuleProtocol" json:"Protocol,omitempty"` + Port string `protobuf:"bytes,5,opt,name=Port,proto3" json:"Port,omitempty"` } -func (m *FirewallRule) Reset() { *m = FirewallRule{} } -func (m *FirewallRule) String() string { return proto.CompactTextString(m) } -func (*FirewallRule) ProtoMessage() {} +func (x *FirewallRule) Reset() { + *x = FirewallRule{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[29] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FirewallRule) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FirewallRule) ProtoMessage() {} + +func (x *FirewallRule) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[29] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FirewallRule.ProtoReflect.Descriptor instead. func (*FirewallRule) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{28} + return file_management_proto_rawDescGZIP(), []int{29} } -func (m *FirewallRule) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_FirewallRule.Unmarshal(m, b) -} -func (m *FirewallRule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_FirewallRule.Marshal(b, m, deterministic) -} -func (m *FirewallRule) XXX_Merge(src proto.Message) { - xxx_messageInfo_FirewallRule.Merge(m, src) -} -func (m *FirewallRule) XXX_Size() int { - return xxx_messageInfo_FirewallRule.Size(m) -} -func (m *FirewallRule) XXX_DiscardUnknown() { - xxx_messageInfo_FirewallRule.DiscardUnknown(m) -} - -var xxx_messageInfo_FirewallRule proto.InternalMessageInfo - -func (m *FirewallRule) GetPeerIP() string { - if m != nil { - return m.PeerIP +func (x *FirewallRule) GetPeerIP() string { + if x != nil { + return x.PeerIP } return "" } -func (m *FirewallRule) GetDirection() FirewallRuleDirection { - if m != nil { - return m.Direction +func (x *FirewallRule) GetDirection() FirewallRuleDirection { + if x != nil { + return x.Direction } return FirewallRule_IN } -func (m *FirewallRule) GetAction() FirewallRuleAction { - if m != nil { - return m.Action +func (x *FirewallRule) GetAction() FirewallRuleAction { + if x != nil { + return x.Action } return FirewallRule_ACCEPT } -func (m *FirewallRule) GetProtocol() FirewallRuleProtocol { - if m != nil { - return m.Protocol +func (x *FirewallRule) GetProtocol() FirewallRuleProtocol { + if x != nil { + return x.Protocol } return FirewallRule_UNKNOWN } -func (m *FirewallRule) GetPort() string { - if m != nil { - return m.Port +func (x *FirewallRule) GetPort() string { + if x != nil { + return x.Port } return "" } type NetworkAddress struct { - NetIP string `protobuf:"bytes,1,opt,name=netIP,proto3" json:"netIP,omitempty"` - Mac string `protobuf:"bytes,2,opt,name=mac,proto3" json:"mac,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + NetIP string `protobuf:"bytes,1,opt,name=netIP,proto3" json:"netIP,omitempty"` + Mac string `protobuf:"bytes,2,opt,name=mac,proto3" json:"mac,omitempty"` } -func (m *NetworkAddress) Reset() { *m = NetworkAddress{} } -func (m *NetworkAddress) String() string { return proto.CompactTextString(m) } -func (*NetworkAddress) ProtoMessage() {} +func (x *NetworkAddress) Reset() { + *x = NetworkAddress{} + if protoimpl.UnsafeEnabled { + mi := &file_management_proto_msgTypes[30] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NetworkAddress) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NetworkAddress) ProtoMessage() {} + +func (x *NetworkAddress) ProtoReflect() protoreflect.Message { + mi := &file_management_proto_msgTypes[30] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NetworkAddress.ProtoReflect.Descriptor instead. func (*NetworkAddress) Descriptor() ([]byte, []int) { - return fileDescriptor_edc174f991dc0a25, []int{29} + return file_management_proto_rawDescGZIP(), []int{30} } -func (m *NetworkAddress) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_NetworkAddress.Unmarshal(m, b) -} -func (m *NetworkAddress) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_NetworkAddress.Marshal(b, m, deterministic) -} -func (m *NetworkAddress) XXX_Merge(src proto.Message) { - xxx_messageInfo_NetworkAddress.Merge(m, src) -} -func (m *NetworkAddress) XXX_Size() int { - return xxx_messageInfo_NetworkAddress.Size(m) -} -func (m *NetworkAddress) XXX_DiscardUnknown() { - xxx_messageInfo_NetworkAddress.DiscardUnknown(m) -} - -var xxx_messageInfo_NetworkAddress proto.InternalMessageInfo - -func (m *NetworkAddress) GetNetIP() string { - if m != nil { - return m.NetIP +func (x *NetworkAddress) GetNetIP() string { + if x != nil { + return x.NetIP } return "" } -func (m *NetworkAddress) GetMac() string { - if m != nil { - return m.Mac +func (x *NetworkAddress) GetMac() string { + if x != nil { + return x.Mac } return "" } -func init() { - proto.RegisterEnum("management.HostConfig_Protocol", HostConfig_Protocol_name, HostConfig_Protocol_value) - proto.RegisterEnum("management.DeviceAuthorizationFlowProvider", DeviceAuthorizationFlowProvider_name, DeviceAuthorizationFlowProvider_value) - proto.RegisterEnum("management.FirewallRuleDirection", FirewallRuleDirection_name, FirewallRuleDirection_value) - proto.RegisterEnum("management.FirewallRuleAction", FirewallRuleAction_name, FirewallRuleAction_value) - proto.RegisterEnum("management.FirewallRuleProtocol", FirewallRuleProtocol_name, FirewallRuleProtocol_value) - proto.RegisterType((*EncryptedMessage)(nil), "management.EncryptedMessage") - proto.RegisterType((*SyncRequest)(nil), "management.SyncRequest") - proto.RegisterType((*SyncResponse)(nil), "management.SyncResponse") - proto.RegisterType((*LoginRequest)(nil), "management.LoginRequest") - proto.RegisterType((*PeerKeys)(nil), "management.PeerKeys") - proto.RegisterType((*Environment)(nil), "management.Environment") - proto.RegisterType((*PeerSystemMeta)(nil), "management.PeerSystemMeta") - proto.RegisterType((*LoginResponse)(nil), "management.LoginResponse") - proto.RegisterType((*ServerKeyResponse)(nil), "management.ServerKeyResponse") - proto.RegisterType((*Empty)(nil), "management.Empty") - proto.RegisterType((*WiretrusteeConfig)(nil), "management.WiretrusteeConfig") - proto.RegisterType((*HostConfig)(nil), "management.HostConfig") - proto.RegisterType((*ProtectedHostConfig)(nil), "management.ProtectedHostConfig") - proto.RegisterType((*PeerConfig)(nil), "management.PeerConfig") - proto.RegisterType((*NetworkMap)(nil), "management.NetworkMap") - proto.RegisterType((*RemotePeerConfig)(nil), "management.RemotePeerConfig") - proto.RegisterType((*SSHConfig)(nil), "management.SSHConfig") - proto.RegisterType((*DeviceAuthorizationFlowRequest)(nil), "management.DeviceAuthorizationFlowRequest") - proto.RegisterType((*DeviceAuthorizationFlow)(nil), "management.DeviceAuthorizationFlow") - proto.RegisterType((*PKCEAuthorizationFlowRequest)(nil), "management.PKCEAuthorizationFlowRequest") - proto.RegisterType((*PKCEAuthorizationFlow)(nil), "management.PKCEAuthorizationFlow") - proto.RegisterType((*ProviderConfig)(nil), "management.ProviderConfig") - proto.RegisterType((*Route)(nil), "management.Route") - proto.RegisterType((*DNSConfig)(nil), "management.DNSConfig") - proto.RegisterType((*CustomZone)(nil), "management.CustomZone") - proto.RegisterType((*SimpleRecord)(nil), "management.SimpleRecord") - proto.RegisterType((*NameServerGroup)(nil), "management.NameServerGroup") - proto.RegisterType((*NameServer)(nil), "management.NameServer") - proto.RegisterType((*FirewallRule)(nil), "management.FirewallRule") - proto.RegisterType((*NetworkAddress)(nil), "management.NetworkAddress") +var File_management_proto protoreflect.FileDescriptor + +var file_management_proto_rawDesc = []byte{ + 0x0a, 0x10, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x12, 0x0a, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x1a, 0x1f, + 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, + 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, + 0x5c, 0x0a, 0x10, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, + 0x61, 0x67, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x77, 0x67, 0x50, 0x75, 0x62, 0x4b, 0x65, 0x79, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x77, 0x67, 0x50, 0x75, 0x62, 0x4b, 0x65, 0x79, 0x12, + 0x12, 0x0a, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x62, + 0x6f, 0x64, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x05, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x0d, 0x0a, + 0x0b, 0x53, 0x79, 0x6e, 0x63, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xbb, 0x02, 0x0a, + 0x0c, 0x53, 0x79, 0x6e, 0x63, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4b, 0x0a, + 0x11, 0x77, 0x69, 0x72, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x65, 0x43, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, + 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x57, 0x69, 0x72, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, + 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x77, 0x69, 0x72, 0x65, 0x74, 0x72, 0x75, + 0x73, 0x74, 0x65, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x36, 0x0a, 0x0a, 0x70, 0x65, + 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, + 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x65, 0x65, 0x72, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0a, 0x70, 0x65, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x12, 0x3e, 0x0a, 0x0b, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, + 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, + 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0b, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, + 0x72, 0x73, 0x12, 0x2e, 0x0a, 0x12, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, + 0x73, 0x49, 0x73, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, + 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, 0x73, 0x49, 0x73, 0x45, 0x6d, 0x70, + 0x74, 0x79, 0x12, 0x36, 0x0a, 0x0a, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x4d, 0x61, 0x70, + 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, + 0x65, 0x6e, 0x74, 0x2e, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x4d, 0x61, 0x70, 0x52, 0x0a, + 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x4d, 0x61, 0x70, 0x22, 0xa8, 0x01, 0x0a, 0x0c, 0x4c, + 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x73, + 0x65, 0x74, 0x75, 0x70, 0x4b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x73, + 0x65, 0x74, 0x75, 0x70, 0x4b, 0x65, 0x79, 0x12, 0x2e, 0x0a, 0x04, 0x6d, 0x65, 0x74, 0x61, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, + 0x6e, 0x74, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x4d, 0x65, 0x74, + 0x61, 0x52, 0x04, 0x6d, 0x65, 0x74, 0x61, 0x12, 0x1a, 0x0a, 0x08, 0x6a, 0x77, 0x74, 0x54, 0x6f, + 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6a, 0x77, 0x74, 0x54, 0x6f, + 0x6b, 0x65, 0x6e, 0x12, 0x30, 0x0a, 0x08, 0x70, 0x65, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x73, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, + 0x6e, 0x74, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x08, 0x70, 0x65, 0x65, + 0x72, 0x4b, 0x65, 0x79, 0x73, 0x22, 0x44, 0x0a, 0x08, 0x50, 0x65, 0x65, 0x72, 0x4b, 0x65, 0x79, + 0x73, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x73, 0x68, 0x50, 0x75, 0x62, 0x4b, 0x65, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x73, 0x73, 0x68, 0x50, 0x75, 0x62, 0x4b, 0x65, 0x79, 0x12, + 0x1a, 0x0a, 0x08, 0x77, 0x67, 0x50, 0x75, 0x62, 0x4b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x0c, 0x52, 0x08, 0x77, 0x67, 0x50, 0x75, 0x62, 0x4b, 0x65, 0x79, 0x22, 0x3f, 0x0a, 0x0b, 0x45, + 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6c, + 0x6f, 0x75, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x63, 0x6c, 0x6f, 0x75, 0x64, + 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x08, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x22, 0xa9, 0x04, 0x0a, + 0x0e, 0x50, 0x65, 0x65, 0x72, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x4d, 0x65, 0x74, 0x61, 0x12, + 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x67, + 0x6f, 0x4f, 0x53, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x67, 0x6f, 0x4f, 0x53, 0x12, + 0x16, 0x0a, 0x06, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x06, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x12, 0x12, 0x0a, 0x04, 0x63, 0x6f, 0x72, 0x65, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x63, 0x6f, 0x72, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x70, + 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, + 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x12, 0x0e, 0x0a, 0x02, 0x4f, 0x53, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x02, 0x4f, 0x53, 0x12, 0x2e, 0x0a, 0x12, 0x77, 0x69, 0x72, 0x65, 0x74, + 0x72, 0x75, 0x73, 0x74, 0x65, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x12, 0x77, 0x69, 0x72, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x65, + 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1c, 0x0a, 0x09, 0x75, 0x69, 0x56, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x75, 0x69, 0x56, 0x65, + 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x24, 0x0a, 0x0d, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x56, + 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6b, 0x65, + 0x72, 0x6e, 0x65, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1c, 0x0a, 0x09, 0x4f, + 0x53, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, + 0x4f, 0x53, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x46, 0x0a, 0x10, 0x6e, 0x65, 0x74, + 0x77, 0x6f, 0x72, 0x6b, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x18, 0x0b, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, + 0x2e, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x52, + 0x10, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, + 0x73, 0x12, 0x28, 0x0a, 0x0f, 0x73, 0x79, 0x73, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, + 0x6d, 0x62, 0x65, 0x72, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x73, 0x79, 0x73, 0x53, + 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x26, 0x0a, 0x0e, 0x73, + 0x79, 0x73, 0x50, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x0d, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0e, 0x73, 0x79, 0x73, 0x50, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x4e, + 0x61, 0x6d, 0x65, 0x12, 0x28, 0x0a, 0x0f, 0x73, 0x79, 0x73, 0x4d, 0x61, 0x6e, 0x75, 0x66, 0x61, + 0x63, 0x74, 0x75, 0x72, 0x65, 0x72, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x73, 0x79, + 0x73, 0x4d, 0x61, 0x6e, 0x75, 0x66, 0x61, 0x63, 0x74, 0x75, 0x72, 0x65, 0x72, 0x12, 0x39, 0x0a, + 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x0f, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, + 0x45, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x0b, 0x65, 0x6e, 0x76, + 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x22, 0x94, 0x01, 0x0a, 0x0d, 0x4c, 0x6f, 0x67, + 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4b, 0x0a, 0x11, 0x77, 0x69, + 0x72, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, + 0x6e, 0x74, 0x2e, 0x57, 0x69, 0x72, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x65, 0x43, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x77, 0x69, 0x72, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, + 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x36, 0x0a, 0x0a, 0x70, 0x65, 0x65, 0x72, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6d, 0x61, + 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x43, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x52, 0x0a, 0x70, 0x65, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, + 0x79, 0x0a, 0x11, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x38, 0x0a, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, + 0x73, 0x41, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, + 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, + 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x05, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x07, 0x0a, 0x05, 0x45, 0x6d, + 0x70, 0x74, 0x79, 0x22, 0xd7, 0x01, 0x0a, 0x11, 0x57, 0x69, 0x72, 0x65, 0x74, 0x72, 0x75, 0x73, + 0x74, 0x65, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c, 0x0a, 0x05, 0x73, 0x74, 0x75, + 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, + 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x52, 0x05, 0x73, 0x74, 0x75, 0x6e, 0x73, 0x12, 0x35, 0x0a, 0x05, 0x74, 0x75, 0x72, 0x6e, 0x73, + 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, + 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x65, 0x64, 0x48, 0x6f, 0x73, + 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x05, 0x74, 0x75, 0x72, 0x6e, 0x73, 0x12, 0x2e, + 0x0a, 0x06, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, + 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x48, 0x6f, 0x73, 0x74, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x06, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x6c, 0x12, 0x2d, + 0x0a, 0x05, 0x72, 0x65, 0x6c, 0x61, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, + 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x52, 0x65, 0x6c, 0x61, 0x79, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x05, 0x72, 0x65, 0x6c, 0x61, 0x79, 0x22, 0x98, 0x01, + 0x0a, 0x0a, 0x48, 0x6f, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x10, 0x0a, 0x03, + 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x69, 0x12, 0x3b, + 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, + 0x32, 0x1f, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x48, 0x6f, + 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, + 0x6c, 0x52, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x22, 0x3b, 0x0a, 0x08, 0x50, + 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x44, 0x50, 0x10, 0x00, + 0x12, 0x07, 0x0a, 0x03, 0x54, 0x43, 0x50, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x54, 0x54, + 0x50, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x48, 0x54, 0x54, 0x50, 0x53, 0x10, 0x03, 0x12, 0x08, + 0x0a, 0x04, 0x44, 0x54, 0x4c, 0x53, 0x10, 0x04, 0x22, 0x6d, 0x0a, 0x0b, 0x52, 0x65, 0x6c, 0x61, + 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x72, 0x6c, 0x73, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x75, 0x72, 0x6c, 0x73, 0x12, 0x22, 0x0a, 0x0c, 0x74, + 0x6f, 0x6b, 0x65, 0x6e, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0c, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, + 0x26, 0x0a, 0x0e, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, + 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x53, 0x69, + 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x22, 0x7d, 0x0a, 0x13, 0x50, 0x72, 0x6f, 0x74, 0x65, + 0x63, 0x74, 0x65, 0x64, 0x48, 0x6f, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x36, + 0x0a, 0x0a, 0x68, 0x6f, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, + 0x48, 0x6f, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0a, 0x68, 0x6f, 0x73, 0x74, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, + 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, + 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x22, 0x81, 0x01, 0x0a, 0x0a, 0x50, 0x65, 0x65, 0x72, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, + 0x10, 0x0a, 0x03, 0x64, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x64, 0x6e, + 0x73, 0x12, 0x33, 0x0a, 0x09, 0x73, 0x73, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, + 0x74, 0x2e, 0x53, 0x53, 0x48, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x09, 0x73, 0x73, 0x68, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x66, 0x71, 0x64, 0x6e, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x66, 0x71, 0x64, 0x6e, 0x22, 0xe2, 0x03, 0x0a, 0x0a, 0x4e, + 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x4d, 0x61, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x53, 0x65, 0x72, + 0x69, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x53, 0x65, 0x72, 0x69, 0x61, + 0x6c, 0x12, 0x36, 0x0a, 0x0a, 0x70, 0x65, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, + 0x6e, 0x74, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0a, 0x70, + 0x65, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3e, 0x0a, 0x0b, 0x72, 0x65, 0x6d, + 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, + 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x52, 0x65, 0x6d, 0x6f, + 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0b, 0x72, 0x65, + 0x6d, 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, 0x73, 0x12, 0x2e, 0x0a, 0x12, 0x72, 0x65, 0x6d, + 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, 0x73, 0x49, 0x73, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, + 0x72, 0x73, 0x49, 0x73, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x29, 0x0a, 0x06, 0x52, 0x6f, 0x75, + 0x74, 0x65, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x06, 0x52, 0x6f, + 0x75, 0x74, 0x65, 0x73, 0x12, 0x33, 0x0a, 0x09, 0x44, 0x4e, 0x53, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, + 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x44, 0x4e, 0x53, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x09, + 0x44, 0x4e, 0x53, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x40, 0x0a, 0x0c, 0x6f, 0x66, 0x66, + 0x6c, 0x69, 0x6e, 0x65, 0x50, 0x65, 0x65, 0x72, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x1c, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x52, 0x65, 0x6d, + 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0c, 0x6f, + 0x66, 0x66, 0x6c, 0x69, 0x6e, 0x65, 0x50, 0x65, 0x65, 0x72, 0x73, 0x12, 0x3e, 0x0a, 0x0d, 0x46, + 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x08, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, + 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x52, 0x0d, 0x46, 0x69, + 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x32, 0x0a, 0x14, 0x66, + 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x49, 0x73, 0x45, 0x6d, + 0x70, 0x74, 0x79, 0x18, 0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x66, 0x69, 0x72, 0x65, 0x77, + 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x49, 0x73, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, + 0x97, 0x01, 0x0a, 0x10, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x50, 0x65, 0x65, 0x72, 0x43, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1a, 0x0a, 0x08, 0x77, 0x67, 0x50, 0x75, 0x62, 0x4b, 0x65, 0x79, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x77, 0x67, 0x50, 0x75, 0x62, 0x4b, 0x65, 0x79, + 0x12, 0x1e, 0x0a, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x49, 0x70, 0x73, 0x18, 0x02, + 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x49, 0x70, 0x73, + 0x12, 0x33, 0x0a, 0x09, 0x73, 0x73, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, + 0x2e, 0x53, 0x53, 0x48, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x09, 0x73, 0x73, 0x68, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x66, 0x71, 0x64, 0x6e, 0x18, 0x04, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x04, 0x66, 0x71, 0x64, 0x6e, 0x22, 0x49, 0x0a, 0x09, 0x53, 0x53, 0x48, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1e, 0x0a, 0x0a, 0x73, 0x73, 0x68, 0x45, 0x6e, 0x61, + 0x62, 0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x73, 0x73, 0x68, 0x45, + 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x73, 0x68, 0x50, 0x75, 0x62, + 0x4b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x73, 0x73, 0x68, 0x50, 0x75, + 0x62, 0x4b, 0x65, 0x79, 0x22, 0x20, 0x0a, 0x1e, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x6c, 0x6f, 0x77, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xbf, 0x01, 0x0a, 0x17, 0x44, 0x65, 0x76, 0x69, 0x63, + 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x6c, + 0x6f, 0x77, 0x12, 0x48, 0x0a, 0x08, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2c, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, + 0x74, 0x2e, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x6c, 0x6f, 0x77, 0x2e, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, + 0x65, 0x72, 0x52, 0x08, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0x42, 0x0a, 0x0e, + 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, + 0x74, 0x2e, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x52, 0x0e, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x22, 0x16, 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0x0a, 0x0a, 0x06, + 0x48, 0x4f, 0x53, 0x54, 0x45, 0x44, 0x10, 0x00, 0x22, 0x1e, 0x0a, 0x1c, 0x50, 0x4b, 0x43, 0x45, + 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x6c, 0x6f, + 0x77, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x5b, 0x0a, 0x15, 0x50, 0x4b, 0x43, 0x45, + 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x6c, 0x6f, + 0x77, 0x12, 0x42, 0x0a, 0x0e, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0xea, 0x02, 0x0a, 0x0e, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, + 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1a, 0x0a, 0x08, 0x43, 0x6c, 0x69, 0x65, + 0x6e, 0x74, 0x49, 0x44, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x43, 0x6c, 0x69, 0x65, + 0x6e, 0x74, 0x49, 0x44, 0x12, 0x22, 0x0a, 0x0c, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x65, + 0x63, 0x72, 0x65, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x43, 0x6c, 0x69, 0x65, + 0x6e, 0x74, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x44, 0x6f, 0x6d, 0x61, + 0x69, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, + 0x12, 0x1a, 0x0a, 0x08, 0x41, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x08, 0x41, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x12, 0x2e, 0x0a, 0x12, + 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x41, 0x75, 0x74, 0x68, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, + 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, + 0x41, 0x75, 0x74, 0x68, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x24, 0x0a, 0x0d, + 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0d, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, + 0x6e, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x05, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x55, 0x73, 0x65, 0x49, + 0x44, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x55, 0x73, + 0x65, 0x49, 0x44, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34, 0x0a, 0x15, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, + 0x74, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x15, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x22, + 0x0a, 0x0c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x55, 0x52, 0x4c, 0x73, 0x18, 0x0a, + 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x55, 0x52, + 0x4c, 0x73, 0x22, 0xb5, 0x01, 0x0a, 0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, + 0x49, 0x44, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x49, 0x44, 0x12, 0x18, 0x0a, 0x07, + 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x4e, + 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x12, 0x20, 0x0a, 0x0b, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, + 0x6b, 0x54, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x4e, 0x65, 0x74, + 0x77, 0x6f, 0x72, 0x6b, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x50, 0x65, 0x65, 0x72, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x50, 0x65, 0x65, 0x72, 0x12, 0x16, 0x0a, 0x06, + 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x18, 0x05, 0x20, 0x01, 0x28, 0x03, 0x52, 0x06, 0x4d, 0x65, + 0x74, 0x72, 0x69, 0x63, 0x12, 0x1e, 0x0a, 0x0a, 0x4d, 0x61, 0x73, 0x71, 0x75, 0x65, 0x72, 0x61, + 0x64, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x4d, 0x61, 0x73, 0x71, 0x75, 0x65, + 0x72, 0x61, 0x64, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x4e, 0x65, 0x74, 0x49, 0x44, 0x18, 0x07, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x05, 0x4e, 0x65, 0x74, 0x49, 0x44, 0x22, 0xb4, 0x01, 0x0a, 0x09, 0x44, + 0x4e, 0x53, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x24, 0x0a, 0x0d, 0x53, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, + 0x0d, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x47, + 0x0a, 0x10, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, + 0x70, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, + 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x10, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x38, 0x0a, 0x0b, 0x43, 0x75, 0x73, 0x74, 0x6f, + 0x6d, 0x5a, 0x6f, 0x6e, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6d, + 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, + 0x5a, 0x6f, 0x6e, 0x65, 0x52, 0x0b, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5a, 0x6f, 0x6e, 0x65, + 0x73, 0x22, 0x58, 0x0a, 0x0a, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5a, 0x6f, 0x6e, 0x65, 0x12, + 0x16, 0x0a, 0x06, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x06, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x32, 0x0a, 0x07, 0x52, 0x65, 0x63, 0x6f, 0x72, + 0x64, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, + 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x65, 0x63, 0x6f, + 0x72, 0x64, 0x52, 0x07, 0x52, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x73, 0x22, 0x74, 0x0a, 0x0c, 0x53, + 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x4e, + 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x4e, 0x61, 0x6d, 0x65, 0x12, + 0x12, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x04, 0x54, + 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x05, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x54, 0x54, 0x4c, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x52, 0x03, 0x54, 0x54, 0x4c, 0x12, 0x14, 0x0a, 0x05, 0x52, + 0x44, 0x61, 0x74, 0x61, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x52, 0x44, 0x61, 0x74, + 0x61, 0x22, 0xb3, 0x01, 0x0a, 0x0f, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x38, 0x0a, 0x0b, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6d, 0x61, 0x6e, + 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x52, 0x0b, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x12, + 0x18, 0x0a, 0x07, 0x50, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x07, 0x50, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x44, 0x6f, 0x6d, + 0x61, 0x69, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x44, 0x6f, 0x6d, 0x61, + 0x69, 0x6e, 0x73, 0x12, 0x32, 0x0a, 0x14, 0x53, 0x65, 0x61, 0x72, 0x63, 0x68, 0x44, 0x6f, 0x6d, + 0x61, 0x69, 0x6e, 0x73, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, + 0x08, 0x52, 0x14, 0x53, 0x65, 0x61, 0x72, 0x63, 0x68, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, + 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, 0x48, 0x0a, 0x0a, 0x4e, 0x61, 0x6d, 0x65, 0x53, + 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x0e, 0x0a, 0x02, 0x49, 0x50, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x02, 0x49, 0x50, 0x12, 0x16, 0x0a, 0x06, 0x4e, 0x53, 0x54, 0x79, 0x70, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x06, 0x4e, 0x53, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, + 0x04, 0x50, 0x6f, 0x72, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x04, 0x50, 0x6f, 0x72, + 0x74, 0x22, 0xf0, 0x02, 0x0a, 0x0c, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, + 0x6c, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x50, 0x65, 0x65, 0x72, 0x49, 0x50, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x06, 0x50, 0x65, 0x65, 0x72, 0x49, 0x50, 0x12, 0x40, 0x0a, 0x09, 0x44, 0x69, + 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x22, 0x2e, + 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x46, 0x69, 0x72, 0x65, 0x77, + 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x2e, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, + 0x6e, 0x52, 0x09, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x37, 0x0a, 0x06, + 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1f, 0x2e, 0x6d, + 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, + 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x2e, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x06, 0x41, + 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x3d, 0x0a, 0x08, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, + 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x21, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, + 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x52, 0x08, 0x50, 0x72, 0x6f, 0x74, + 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x12, 0x0a, 0x04, 0x50, 0x6f, 0x72, 0x74, 0x18, 0x05, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x50, 0x6f, 0x72, 0x74, 0x22, 0x1c, 0x0a, 0x09, 0x64, 0x69, 0x72, 0x65, + 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x06, 0x0a, 0x02, 0x49, 0x4e, 0x10, 0x00, 0x12, 0x07, 0x0a, + 0x03, 0x4f, 0x55, 0x54, 0x10, 0x01, 0x22, 0x1e, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, + 0x12, 0x0a, 0x0a, 0x06, 0x41, 0x43, 0x43, 0x45, 0x50, 0x54, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, + 0x44, 0x52, 0x4f, 0x50, 0x10, 0x01, 0x22, 0x3c, 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, + 0x6f, 0x6c, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, + 0x07, 0x0a, 0x03, 0x41, 0x4c, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x54, 0x43, 0x50, 0x10, + 0x02, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x44, 0x50, 0x10, 0x03, 0x12, 0x08, 0x0a, 0x04, 0x49, 0x43, + 0x4d, 0x50, 0x10, 0x04, 0x22, 0x38, 0x0a, 0x0e, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x41, + 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x6e, 0x65, 0x74, 0x49, 0x50, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x65, 0x74, 0x49, 0x50, 0x12, 0x10, 0x0a, 0x03, + 0x6d, 0x61, 0x63, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6d, 0x61, 0x63, 0x32, 0xd1, + 0x03, 0x0a, 0x11, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x12, 0x45, 0x0a, 0x05, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x1c, 0x2e, + 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, + 0x70, 0x74, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x1a, 0x1c, 0x2e, 0x6d, 0x61, + 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, + 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x00, 0x12, 0x46, 0x0a, 0x04, 0x53, + 0x79, 0x6e, 0x63, 0x12, 0x1c, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, + 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, + 0x65, 0x1a, 0x1c, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x45, + 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, + 0x00, 0x30, 0x01, 0x12, 0x42, 0x0a, 0x0c, 0x47, 0x65, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x4b, 0x65, 0x79, 0x12, 0x11, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, + 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x1d, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, + 0x65, 0x6e, 0x74, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x33, 0x0a, 0x09, 0x69, 0x73, 0x48, 0x65, 0x61, + 0x6c, 0x74, 0x68, 0x79, 0x12, 0x11, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, + 0x74, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x11, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, + 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x5a, 0x0a, 0x1a, + 0x47, 0x65, 0x74, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x6c, 0x6f, 0x77, 0x12, 0x1c, 0x2e, 0x6d, 0x61, 0x6e, + 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, + 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x1a, 0x1c, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, + 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x4d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x00, 0x12, 0x58, 0x0a, 0x18, 0x47, 0x65, 0x74, 0x50, + 0x4b, 0x43, 0x45, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x46, 0x6c, 0x6f, 0x77, 0x12, 0x1c, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, + 0x74, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, + 0x67, 0x65, 0x1a, 0x1c, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x2e, + 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, + 0x22, 0x00, 0x42, 0x08, 0x5a, 0x06, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, } -func init() { - proto.RegisterFile("management.proto", fileDescriptor_edc174f991dc0a25) +var ( + file_management_proto_rawDescOnce sync.Once + file_management_proto_rawDescData = file_management_proto_rawDesc +) + +func file_management_proto_rawDescGZIP() []byte { + file_management_proto_rawDescOnce.Do(func() { + file_management_proto_rawDescData = protoimpl.X.CompressGZIP(file_management_proto_rawDescData) + }) + return file_management_proto_rawDescData } -var fileDescriptor_edc174f991dc0a25 = []byte{ - // 1923 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x58, 0x4d, 0x6f, 0x23, 0x49, - 0x19, 0x4e, 0xdb, 0xb1, 0x63, 0xbf, 0x76, 0x32, 0x4e, 0x31, 0x33, 0xdb, 0x0a, 0x61, 0x36, 0xb4, - 0x10, 0x0a, 0xd2, 0x2a, 0xbb, 0xca, 0xf2, 0x31, 0x68, 0x61, 0xd9, 0x4c, 0x9c, 0x49, 0xa2, 0x24, - 0x8e, 0x55, 0xed, 0xb0, 0xa3, 0x81, 0x4b, 0xa7, 0xbb, 0xe2, 0x34, 0xd3, 0xee, 0xf2, 0x54, 0x55, - 0x27, 0x18, 0x89, 0x03, 0xff, 0x01, 0x09, 0x7e, 0x02, 0x9c, 0x81, 0x13, 0x07, 0xfe, 0x00, 0x17, - 0xfe, 0x02, 0x47, 0x4e, 0xfc, 0x04, 0x54, 0x5f, 0xfd, 0x61, 0x3b, 0x23, 0xd0, 0x70, 0x80, 0x53, - 0xea, 0xfd, 0xec, 0xb7, 0x9e, 0x7a, 0xeb, 0xad, 0xc7, 0x81, 0xde, 0x24, 0x48, 0x83, 0x31, 0x99, - 0x90, 0x54, 0xec, 0x4d, 0x19, 0x15, 0x14, 0x41, 0xa1, 0xd9, 0xfa, 0x70, 0x4c, 0xe9, 0x38, 0x21, - 0x1f, 0x2b, 0xcb, 0x75, 0x76, 0xf3, 0xb1, 0x88, 0x27, 0x84, 0x8b, 0x60, 0x32, 0xd5, 0xce, 0xde, - 0x4f, 0xa1, 0x77, 0x94, 0x86, 0x6c, 0x36, 0x15, 0x24, 0xba, 0x20, 0x9c, 0x07, 0x63, 0x82, 0xb6, - 0xa0, 0x75, 0x3f, 0x1e, 0x66, 0xd7, 0x67, 0x64, 0xe6, 0x3a, 0x3b, 0xce, 0x6e, 0x1b, 0xe7, 0x32, - 0x42, 0xb0, 0x7a, 0x4d, 0xa3, 0x99, 0x5b, 0xdb, 0x71, 0x76, 0xbb, 0x58, 0xad, 0x91, 0x0b, 0x6b, - 0x77, 0x84, 0xf1, 0x98, 0xa6, 0x6e, 0x7d, 0xc7, 0xd9, 0x6d, 0x60, 0x2b, 0x7a, 0xeb, 0xd0, 0xf1, - 0x67, 0x69, 0x88, 0xc9, 0xdb, 0x8c, 0x70, 0xe1, 0xfd, 0xb9, 0x06, 0x5d, 0x2d, 0xf3, 0x29, 0x4d, - 0x39, 0x41, 0x67, 0xb0, 0x79, 0x1f, 0x33, 0x22, 0x58, 0xc6, 0x05, 0x21, 0x87, 0x34, 0xbd, 0x89, - 0xc7, 0xea, 0x93, 0x9d, 0xfd, 0xaf, 0xed, 0x95, 0x36, 0xf6, 0xe5, 0xbc, 0x13, 0x5e, 0x8c, 0x43, - 0xdf, 0x05, 0x98, 0x12, 0xc2, 0x4c, 0x96, 0x9a, 0xca, 0xf2, 0xb4, 0x9c, 0x65, 0x98, 0x5b, 0x71, - 0xc9, 0x13, 0x7d, 0x0e, 0x1d, 0x46, 0x26, 0x54, 0x10, 0x69, 0xe7, 0x6e, 0x7d, 0xa7, 0xbe, 0xdb, - 0xd9, 0xdf, 0x2e, 0x07, 0xe2, 0xdc, 0x6c, 0xc2, 0xcb, 0x01, 0x68, 0x0f, 0x50, 0x49, 0x3c, 0xe5, - 0x47, 0x93, 0xa9, 0x98, 0xb9, 0xab, 0x3b, 0xce, 0x6e, 0x0b, 0x2f, 0xb1, 0xc8, 0x3a, 0x07, 0x44, - 0xdc, 0x53, 0xf6, 0xe6, 0x22, 0x98, 0xba, 0x8d, 0xc5, 0x3a, 0x0b, 0x2b, 0x2e, 0x79, 0x7a, 0xbf, - 0x73, 0xa0, 0x7b, 0x4e, 0xc7, 0x71, 0x6a, 0xe0, 0x94, 0xe7, 0xc4, 0x89, 0xc8, 0xa6, 0xa5, 0x73, - 0xb2, 0x32, 0xda, 0x83, 0xd5, 0x09, 0x11, 0x81, 0x81, 0x61, 0x6b, 0x1e, 0x06, 0x7f, 0xc6, 0x05, - 0x99, 0x5c, 0x10, 0x11, 0x60, 0xe5, 0x27, 0x73, 0xfd, 0xec, 0x5e, 0x8c, 0xe8, 0x1b, 0xa2, 0x0f, - 0xb1, 0x8d, 0x73, 0x19, 0x7d, 0x02, 0x2d, 0x09, 0xd7, 0x19, 0x99, 0x71, 0xb5, 0xad, 0xce, 0xfe, - 0xe3, 0xf9, 0x7c, 0xd2, 0x86, 0x73, 0x2f, 0xaf, 0x0f, 0x2d, 0xab, 0x45, 0xdb, 0xd0, 0xe6, 0xfc, - 0xb6, 0xd4, 0x4e, 0x5d, 0x5c, 0x28, 0x2a, 0xbd, 0xa6, 0x7b, 0x2a, 0x97, 0xbd, 0x1f, 0x41, 0xe7, - 0x28, 0xbd, 0x8b, 0x19, 0x4d, 0xe5, 0x77, 0xd0, 0x63, 0x68, 0x84, 0x09, 0xcd, 0x22, 0xb3, 0x57, - 0x2d, 0xc8, 0x04, 0xd3, 0x24, 0x10, 0x37, 0x94, 0x4d, 0x54, 0x82, 0x36, 0xce, 0x65, 0xef, 0xf7, - 0xab, 0xb0, 0x51, 0xdd, 0xad, 0x74, 0xbf, 0xa5, 0x5c, 0xa4, 0xc1, 0x84, 0x58, 0xcc, 0xac, 0x2c, - 0x7b, 0x7b, 0x4c, 0x2f, 0x7d, 0x93, 0x46, 0xad, 0xd1, 0x53, 0x68, 0xbe, 0x21, 0x2c, 0x25, 0x89, - 0x41, 0xc5, 0x48, 0xd2, 0x37, 0xa4, 0x8c, 0x28, 0x3c, 0xda, 0x58, 0xad, 0x2b, 0xa5, 0x34, 0xaa, - 0xa5, 0xa0, 0x0d, 0xa8, 0x5d, 0xfa, 0x6e, 0x53, 0x69, 0x6b, 0x97, 0xbe, 0x6c, 0x9a, 0x52, 0x07, - 0xff, 0xd8, 0x5c, 0x9f, 0x35, 0x65, 0x5f, 0x62, 0x91, 0x28, 0x66, 0xb1, 0x75, 0x6b, 0x29, 0xb7, - 0x42, 0x81, 0xbe, 0x01, 0xeb, 0xba, 0x2e, 0xeb, 0xd1, 0x56, 0x1e, 0x55, 0xa5, 0xcc, 0x71, 0xe9, - 0x5b, 0x0f, 0xd0, 0x39, 0x72, 0x05, 0x7a, 0x09, 0xbd, 0x54, 0x37, 0xdb, 0x41, 0x14, 0x31, 0xc2, - 0x39, 0xe1, 0x6e, 0x47, 0xdd, 0x85, 0xad, 0x25, 0xcd, 0x69, 0x7c, 0xf0, 0x42, 0x0c, 0xda, 0x85, - 0x47, 0x7c, 0xc6, 0x7d, 0xc2, 0xe2, 0x20, 0x19, 0x64, 0x93, 0x6b, 0xc2, 0xdc, 0xae, 0xfa, 0xd6, - 0xbc, 0x1a, 0x7d, 0x13, 0x36, 0xf8, 0x8c, 0x0f, 0x19, 0x8d, 0xb2, 0x50, 0x0c, 0xe4, 0x89, 0xac, - 0x2b, 0xc7, 0x39, 0xad, 0xc9, 0x78, 0x11, 0xa4, 0xd9, 0x4d, 0x10, 0x8a, 0x8c, 0x11, 0xe6, 0x6e, - 0xe4, 0x19, 0xcb, 0x6a, 0xf4, 0x7d, 0xe8, 0x90, 0xa2, 0x63, 0xdc, 0x47, 0xaa, 0x59, 0x3f, 0x28, - 0x97, 0x5f, 0x6a, 0x28, 0x5c, 0xf6, 0xf5, 0x7e, 0xed, 0xc0, 0xba, 0xb9, 0x5d, 0xff, 0x43, 0xc3, - 0xc9, 0x9b, 0xc1, 0xa6, 0x4f, 0xd8, 0x9d, 0xba, 0x4b, 0x79, 0x65, 0x3d, 0xa8, 0xbf, 0xc9, 0xef, - 0xbc, 0x5c, 0xa2, 0xe7, 0xd0, 0x26, 0x3f, 0x9f, 0xc6, 0x8c, 0xf0, 0x03, 0x91, 0xdf, 0x79, 0x3d, - 0xfb, 0xf7, 0xec, 0xec, 0xdf, 0x1b, 0xd9, 0xd9, 0x8f, 0x0b, 0xe7, 0x77, 0x0c, 0xef, 0x35, 0x68, - 0xa8, 0x81, 0xe5, 0xfd, 0xd5, 0x81, 0xcd, 0x85, 0x4d, 0xa2, 0x8f, 0xa0, 0xc1, 0x45, 0x96, 0x72, - 0xd7, 0x51, 0x4d, 0x52, 0xd9, 0xcc, 0x09, 0xe5, 0xc2, 0x6c, 0x46, 0x3b, 0xa1, 0xef, 0x40, 0x43, - 0x64, 0x2c, 0xe5, 0x6e, 0x4d, 0x79, 0x7f, 0x58, 0xd9, 0x3a, 0xa3, 0x82, 0x84, 0x82, 0x44, 0xe5, - 0x30, 0xe5, 0x8d, 0xf6, 0xa0, 0xc9, 0xe3, 0x71, 0x1a, 0xe8, 0xeb, 0xf7, 0xf0, 0x57, 0x8c, 0x17, - 0xf2, 0xa0, 0x8b, 0x49, 0x12, 0xcc, 0x4c, 0x3b, 0x9a, 0xeb, 0x59, 0xd1, 0x79, 0xbf, 0x75, 0x00, - 0x8a, 0x50, 0x09, 0x66, 0xc6, 0x62, 0x0b, 0x66, 0xc6, 0x62, 0xf4, 0x19, 0xb4, 0x14, 0x66, 0x21, - 0x4d, 0x14, 0x96, 0x1b, 0xd5, 0x72, 0x8b, 0x58, 0x55, 0xb9, 0x74, 0xc3, 0x79, 0x80, 0xf7, 0x19, - 0xb4, 0xac, 0x16, 0xad, 0x41, 0xfd, 0xaa, 0x3f, 0xec, 0xad, 0xc8, 0xc5, 0xe8, 0x70, 0xd8, 0x73, - 0x50, 0x0b, 0x56, 0x4f, 0x46, 0xa3, 0x61, 0xaf, 0x86, 0xda, 0xd0, 0x90, 0x2b, 0xbf, 0x57, 0x97, - 0xca, 0xfe, 0xe8, 0xdc, 0xef, 0xad, 0x7a, 0xbf, 0x84, 0xaf, 0x2c, 0x01, 0x43, 0x36, 0xcf, 0x6d, - 0x2e, 0x99, 0x16, 0x7c, 0x08, 0x89, 0x92, 0xa7, 0x1c, 0x52, 0x19, 0x27, 0xcc, 0x0e, 0x34, 0xb9, - 0x56, 0x43, 0x2a, 0xe0, 0xfc, 0x9e, 0xb2, 0xc8, 0x0e, 0x7a, 0x2b, 0x7b, 0xbf, 0x72, 0x00, 0x8a, - 0x3e, 0x94, 0xad, 0x11, 0x18, 0x1c, 0x35, 0x3a, 0x56, 0x94, 0x98, 0x45, 0xea, 0x2c, 0x15, 0x66, - 0x51, 0xca, 0xd1, 0xa7, 0x6a, 0xca, 0x9b, 0x0a, 0xf5, 0x59, 0x3d, 0x29, 0x57, 0xe8, 0xfb, 0x27, - 0xa6, 0xc0, 0xc2, 0x4f, 0xd6, 0x77, 0xf3, 0x36, 0x4a, 0xed, 0x10, 0x95, 0x6b, 0xef, 0xef, 0xf5, - 0xf2, 0xf3, 0x28, 0xe7, 0xaf, 0x9e, 0x19, 0xaa, 0x84, 0x55, 0x6c, 0xa4, 0xff, 0x9b, 0xc7, 0xfe, - 0x5b, 0xd0, 0xc4, 0x34, 0x13, 0x84, 0xbb, 0x0d, 0xf5, 0xa9, 0xcd, 0xca, 0xa7, 0xa4, 0x05, 0x1b, - 0x07, 0x09, 0x61, 0x7f, 0xe0, 0x9b, 0x1d, 0x35, 0x17, 0x21, 0xcc, 0x8d, 0xb8, 0xf0, 0x43, 0x5f, - 0x40, 0x97, 0xde, 0xdc, 0x24, 0x71, 0x6a, 0x36, 0xb4, 0xf6, 0x6f, 0x6c, 0xa8, 0x12, 0x81, 0x3e, - 0x87, 0xf5, 0x97, 0x31, 0x23, 0xf7, 0x41, 0x92, 0xe0, 0x2c, 0x21, 0xdc, 0x6d, 0xa9, 0x14, 0x6e, - 0x39, 0x45, 0xd9, 0x01, 0x57, 0xdd, 0xd1, 0x3e, 0x3c, 0xbe, 0x29, 0x2b, 0x2c, 0x26, 0x6d, 0x85, - 0xc9, 0x52, 0x9b, 0xf7, 0x1b, 0x07, 0x7a, 0xf3, 0x65, 0xbd, 0x93, 0x76, 0x3e, 0x03, 0x08, 0x92, - 0x84, 0xde, 0x93, 0xe8, 0x74, 0xaa, 0x67, 0x48, 0x1b, 0x97, 0x34, 0xff, 0xbd, 0xf6, 0x3b, 0x85, - 0x76, 0xee, 0x2b, 0xbf, 0xca, 0xf9, 0xed, 0x51, 0x1a, 0x5c, 0x27, 0x44, 0xd3, 0x8e, 0x16, 0x2e, - 0x69, 0xaa, 0xd4, 0xa6, 0x36, 0x47, 0x6d, 0xbc, 0x1d, 0x78, 0xd6, 0x27, 0x77, 0x71, 0x48, 0x0e, - 0x32, 0x71, 0x4b, 0x59, 0xfc, 0x8b, 0x40, 0xc4, 0x34, 0x7d, 0x99, 0xd0, 0x7b, 0xcb, 0x87, 0xff, - 0xe2, 0xc0, 0x07, 0x0f, 0xb8, 0xa0, 0x13, 0x35, 0x47, 0xee, 0xe2, 0x88, 0x30, 0xf5, 0xe5, 0x8d, - 0xfd, 0x8f, 0x2a, 0xcd, 0xb0, 0x3c, 0x4c, 0x0e, 0x7b, 0x15, 0x83, 0xf3, 0x68, 0xf4, 0x02, 0x36, - 0xec, 0xba, 0x72, 0x5d, 0xb6, 0xe6, 0x66, 0x70, 0xc9, 0x03, 0xcf, 0x45, 0x78, 0x4f, 0xd5, 0x48, - 0xd4, 0xf9, 0x00, 0x9a, 0x27, 0x97, 0xfe, 0xe8, 0xa8, 0xdf, 0x5b, 0xf1, 0x9e, 0xc1, 0xf6, 0xf0, - 0xec, 0xf0, 0xe8, 0xc1, 0x1d, 0xfe, 0x04, 0x9e, 0x2c, 0xb5, 0x2f, 0x29, 0xca, 0xf9, 0x8f, 0x8b, - 0xfa, 0x47, 0x6d, 0x3e, 0x89, 0xec, 0xa1, 0xc3, 0x24, 0x26, 0xa9, 0x38, 0xed, 0xdb, 0x1e, 0xb2, - 0xb2, 0x7c, 0x1b, 0xf4, 0xda, 0x27, 0x21, 0x23, 0xc2, 0x4c, 0xaf, 0x8a, 0x4e, 0x8e, 0x9b, 0x3e, - 0x9d, 0x04, 0xb1, 0x25, 0xc1, 0x46, 0x92, 0x79, 0x0f, 0xb2, 0x28, 0x26, 0x69, 0x68, 0x29, 0x5f, - 0x2e, 0xcb, 0x91, 0x50, 0x9c, 0xc6, 0x51, 0x1a, 0x4d, 0x69, 0x9c, 0x0a, 0x43, 0x00, 0x97, 0x58, - 0x24, 0x59, 0x53, 0xbc, 0x3a, 0x77, 0xd5, 0xac, 0xb0, 0xaa, 0x94, 0x6c, 0xd7, 0x0f, 0xe9, 0x94, - 0x18, 0x4e, 0xa8, 0x05, 0xd9, 0x91, 0x57, 0x9c, 0x9c, 0xf6, 0x35, 0x51, 0x6f, 0xe9, 0x8e, 0x2c, - 0x34, 0xe8, 0xdb, 0xf0, 0xa4, 0x82, 0x75, 0xfe, 0x0d, 0x4d, 0x08, 0x97, 0x1b, 0xf5, 0xab, 0x19, - 0xc5, 0x8c, 0x84, 0xe2, 0x0a, 0x9f, 0x73, 0x17, 0xd4, 0xfd, 0xaa, 0xe8, 0xbc, 0x3f, 0x39, 0xd0, - 0x50, 0x83, 0x4a, 0x52, 0xd9, 0x1c, 0xdd, 0xda, 0x69, 0x5f, 0x3e, 0x13, 0x66, 0x60, 0x1b, 0x48, - 0xad, 0x88, 0x76, 0xa0, 0x63, 0x96, 0xa3, 0xd9, 0x94, 0x28, 0x48, 0xeb, 0xb8, 0xac, 0x92, 0x57, - 0x50, 0x4e, 0x00, 0x7b, 0x05, 0xe5, 0x5a, 0x9e, 0xc1, 0x05, 0x11, 0x2c, 0x0e, 0x15, 0x86, 0x75, - 0x6c, 0x24, 0xb9, 0xf7, 0x8b, 0x80, 0xbf, 0xcd, 0x08, 0x0b, 0x22, 0xa2, 0x40, 0x6b, 0xe1, 0x92, - 0x46, 0x22, 0x36, 0x20, 0xf2, 0xe0, 0x0d, 0x62, 0x4a, 0xf0, 0xfe, 0xe8, 0x94, 0xc6, 0xaa, 0xc4, - 0x5e, 0xd2, 0xa9, 0x38, 0x24, 0xfa, 0x0e, 0x9b, 0x4b, 0x5d, 0x55, 0xa2, 0x63, 0xe8, 0x49, 0xe2, - 0xa9, 0x89, 0xd7, 0x31, 0xa3, 0xd9, 0xd4, 0xf2, 0x96, 0xaf, 0x56, 0xa8, 0x70, 0xd5, 0x07, 0x2f, - 0x04, 0xa1, 0xe7, 0xd0, 0x39, 0xcc, 0xb8, 0xa0, 0x93, 0xd7, 0x34, 0x25, 0xf6, 0xb5, 0xa9, 0x3c, - 0x53, 0x85, 0x19, 0x97, 0x5d, 0xbd, 0x57, 0x00, 0x85, 0x58, 0x6a, 0x4b, 0xa7, 0xd2, 0x96, 0xfb, - 0xb0, 0x86, 0x49, 0x48, 0x59, 0x64, 0xeb, 0xab, 0x4c, 0x6d, 0x3f, 0x9e, 0x4c, 0x13, 0xa2, 0x1d, - 0xb0, 0x75, 0xf4, 0x04, 0x74, 0xcb, 0x06, 0x79, 0x04, 0x83, 0xe2, 0xd7, 0x90, 0x5a, 0x4b, 0x9d, - 0x3a, 0xb1, 0x9a, 0x3a, 0x00, 0xb5, 0x96, 0xf0, 0x1e, 0x26, 0x01, 0xe7, 0xe6, 0x66, 0x68, 0x41, - 0x32, 0x81, 0xd1, 0xe8, 0x5c, 0x9d, 0x5f, 0x1d, 0xcb, 0xa5, 0xf4, 0xc3, 0xfd, 0x40, 0x04, 0xe6, - 0x06, 0x68, 0xc1, 0xfb, 0x83, 0x03, 0x8f, 0xe6, 0xe0, 0x91, 0xe8, 0x14, 0xaa, 0xa5, 0x3c, 0xb2, - 0x30, 0xe3, 0xb2, 0xab, 0x6c, 0xb9, 0x21, 0x8b, 0x27, 0x01, 0xd3, 0x63, 0xb7, 0x85, 0xad, 0x28, - 0x2d, 0x1a, 0x1b, 0x8d, 0x76, 0x1b, 0x5b, 0x51, 0xbe, 0x53, 0x3e, 0x09, 0x58, 0x78, 0x6b, 0x14, - 0x76, 0xac, 0xeb, 0xb7, 0x7b, 0xa9, 0xcd, 0x3b, 0x01, 0x28, 0x3e, 0xab, 0x1a, 0x7f, 0x98, 0x37, - 0xfe, 0x50, 0x9e, 0xca, 0xc0, 0x2f, 0xe1, 0x64, 0x24, 0xd5, 0xd4, 0x94, 0x09, 0xd3, 0xef, 0x6a, - 0xed, 0xfd, 0xb3, 0x06, 0xdd, 0xf2, 0xbb, 0x29, 0x83, 0x65, 0xb7, 0xe7, 0x09, 0x8d, 0x84, 0xbe, - 0x80, 0x76, 0x5f, 0xdd, 0x3a, 0xc9, 0xc8, 0x35, 0xfb, 0xf4, 0x1e, 0x7a, 0x8a, 0xf7, 0x22, 0xeb, - 0x89, 0x8b, 0x20, 0xf4, 0x3d, 0x68, 0x1e, 0xe8, 0xf0, 0xfa, 0x22, 0x79, 0xad, 0x84, 0x07, 0x3a, - 0xd6, 0xb8, 0xa3, 0x1f, 0x16, 0xd4, 0x55, 0xa1, 0xb2, 0xb1, 0xff, 0xf5, 0x07, 0x43, 0xa7, 0x39, - 0xf3, 0xcd, 0xd9, 0xae, 0xdd, 0x76, 0xc3, 0xdc, 0x65, 0xb9, 0xed, 0x6d, 0x68, 0xe7, 0x35, 0xa2, - 0x26, 0xd4, 0x4e, 0x07, 0x9a, 0x0d, 0x5f, 0x5e, 0x8d, 0x7a, 0x8e, 0xf7, 0x0c, 0x9a, 0xba, 0x04, - 0xf9, 0xa6, 0x1c, 0x1c, 0x1e, 0x1e, 0x0d, 0x47, 0xbd, 0x15, 0x45, 0x87, 0xf1, 0xe5, 0xb0, 0xe7, - 0x78, 0x3f, 0x28, 0x88, 0x38, 0xea, 0xc0, 0xda, 0xd5, 0xe0, 0x6c, 0x70, 0xf9, 0xa5, 0xc9, 0x70, - 0x70, 0x7e, 0xde, 0x73, 0x2c, 0xb1, 0xae, 0x59, 0xaa, 0xad, 0xc8, 0xf4, 0xe9, 0xe1, 0xc5, 0xb0, - 0xb7, 0xea, 0x3d, 0x87, 0x8d, 0xea, 0x8f, 0x55, 0xd9, 0x9a, 0x29, 0x11, 0x39, 0xe4, 0x5a, 0x90, - 0x2d, 0x3c, 0x09, 0x42, 0x4b, 0x66, 0x27, 0x41, 0xb8, 0xff, 0xb7, 0x3a, 0x6c, 0x5e, 0xe4, 0x1b, - 0x37, 0xb3, 0x01, 0x1d, 0x41, 0x43, 0xfd, 0x40, 0x44, 0xdb, 0xd5, 0x1f, 0x94, 0xd5, 0xff, 0x9e, - 0x6d, 0xbd, 0xd3, 0xea, 0xad, 0xa0, 0x97, 0xb0, 0xea, 0xcf, 0xd2, 0xf0, 0xfd, 0xb2, 0x7c, 0xe2, - 0xa0, 0x17, 0xd0, 0x3d, 0x26, 0x22, 0xff, 0x71, 0x88, 0x2a, 0xcc, 0x52, 0xd1, 0xac, 0xad, 0xca, - 0xcf, 0xd4, 0x85, 0x9f, 0x91, 0xde, 0x8a, 0xa4, 0x4d, 0x31, 0x3f, 0x21, 0x41, 0x22, 0x6e, 0x97, - 0x26, 0x58, 0x54, 0x79, 0x2b, 0xe8, 0x35, 0x6c, 0x1d, 0x13, 0xf1, 0x10, 0x6f, 0x79, 0x3f, 0x70, - 0x5e, 0x81, 0x7b, 0x4c, 0xc4, 0x72, 0xca, 0xf0, 0x5e, 0x99, 0x5f, 0xb4, 0x5e, 0x37, 0xcd, 0x7f, - 0x41, 0x9b, 0xea, 0xcf, 0xa7, 0xff, 0x0a, 0x00, 0x00, 0xff, 0xff, 0xcb, 0xde, 0x32, 0x7a, 0x3a, - 0x15, 0x00, 0x00, +var file_management_proto_enumTypes = make([]protoimpl.EnumInfo, 5) +var file_management_proto_msgTypes = make([]protoimpl.MessageInfo, 31) +var file_management_proto_goTypes = []interface{}{ + (HostConfig_Protocol)(0), // 0: management.HostConfig.Protocol + (DeviceAuthorizationFlowProvider)(0), // 1: management.DeviceAuthorizationFlow.provider + (FirewallRuleDirection)(0), // 2: management.FirewallRule.direction + (FirewallRuleAction)(0), // 3: management.FirewallRule.action + (FirewallRuleProtocol)(0), // 4: management.FirewallRule.protocol + (*EncryptedMessage)(nil), // 5: management.EncryptedMessage + (*SyncRequest)(nil), // 6: management.SyncRequest + (*SyncResponse)(nil), // 7: management.SyncResponse + (*LoginRequest)(nil), // 8: management.LoginRequest + (*PeerKeys)(nil), // 9: management.PeerKeys + (*Environment)(nil), // 10: management.Environment + (*PeerSystemMeta)(nil), // 11: management.PeerSystemMeta + (*LoginResponse)(nil), // 12: management.LoginResponse + (*ServerKeyResponse)(nil), // 13: management.ServerKeyResponse + (*Empty)(nil), // 14: management.Empty + (*WiretrusteeConfig)(nil), // 15: management.WiretrusteeConfig + (*HostConfig)(nil), // 16: management.HostConfig + (*RelayConfig)(nil), // 17: management.RelayConfig + (*ProtectedHostConfig)(nil), // 18: management.ProtectedHostConfig + (*PeerConfig)(nil), // 19: management.PeerConfig + (*NetworkMap)(nil), // 20: management.NetworkMap + (*RemotePeerConfig)(nil), // 21: management.RemotePeerConfig + (*SSHConfig)(nil), // 22: management.SSHConfig + (*DeviceAuthorizationFlowRequest)(nil), // 23: management.DeviceAuthorizationFlowRequest + (*DeviceAuthorizationFlow)(nil), // 24: management.DeviceAuthorizationFlow + (*PKCEAuthorizationFlowRequest)(nil), // 25: management.PKCEAuthorizationFlowRequest + (*PKCEAuthorizationFlow)(nil), // 26: management.PKCEAuthorizationFlow + (*ProviderConfig)(nil), // 27: management.ProviderConfig + (*Route)(nil), // 28: management.Route + (*DNSConfig)(nil), // 29: management.DNSConfig + (*CustomZone)(nil), // 30: management.CustomZone + (*SimpleRecord)(nil), // 31: management.SimpleRecord + (*NameServerGroup)(nil), // 32: management.NameServerGroup + (*NameServer)(nil), // 33: management.NameServer + (*FirewallRule)(nil), // 34: management.FirewallRule + (*NetworkAddress)(nil), // 35: management.NetworkAddress + (*timestamppb.Timestamp)(nil), // 36: google.protobuf.Timestamp +} +var file_management_proto_depIdxs = []int32{ + 15, // 0: management.SyncResponse.wiretrusteeConfig:type_name -> management.WiretrusteeConfig + 19, // 1: management.SyncResponse.peerConfig:type_name -> management.PeerConfig + 21, // 2: management.SyncResponse.remotePeers:type_name -> management.RemotePeerConfig + 20, // 3: management.SyncResponse.NetworkMap:type_name -> management.NetworkMap + 11, // 4: management.LoginRequest.meta:type_name -> management.PeerSystemMeta + 9, // 5: management.LoginRequest.peerKeys:type_name -> management.PeerKeys + 35, // 6: management.PeerSystemMeta.networkAddresses:type_name -> management.NetworkAddress + 10, // 7: management.PeerSystemMeta.environment:type_name -> management.Environment + 15, // 8: management.LoginResponse.wiretrusteeConfig:type_name -> management.WiretrusteeConfig + 19, // 9: management.LoginResponse.peerConfig:type_name -> management.PeerConfig + 36, // 10: management.ServerKeyResponse.expiresAt:type_name -> google.protobuf.Timestamp + 16, // 11: management.WiretrusteeConfig.stuns:type_name -> management.HostConfig + 18, // 12: management.WiretrusteeConfig.turns:type_name -> management.ProtectedHostConfig + 16, // 13: management.WiretrusteeConfig.signal:type_name -> management.HostConfig + 17, // 14: management.WiretrusteeConfig.relay:type_name -> management.RelayConfig + 0, // 15: management.HostConfig.protocol:type_name -> management.HostConfig.Protocol + 16, // 16: management.ProtectedHostConfig.hostConfig:type_name -> management.HostConfig + 22, // 17: management.PeerConfig.sshConfig:type_name -> management.SSHConfig + 19, // 18: management.NetworkMap.peerConfig:type_name -> management.PeerConfig + 21, // 19: management.NetworkMap.remotePeers:type_name -> management.RemotePeerConfig + 28, // 20: management.NetworkMap.Routes:type_name -> management.Route + 29, // 21: management.NetworkMap.DNSConfig:type_name -> management.DNSConfig + 21, // 22: management.NetworkMap.offlinePeers:type_name -> management.RemotePeerConfig + 34, // 23: management.NetworkMap.FirewallRules:type_name -> management.FirewallRule + 22, // 24: management.RemotePeerConfig.sshConfig:type_name -> management.SSHConfig + 1, // 25: management.DeviceAuthorizationFlow.Provider:type_name -> management.DeviceAuthorizationFlow.provider + 27, // 26: management.DeviceAuthorizationFlow.ProviderConfig:type_name -> management.ProviderConfig + 27, // 27: management.PKCEAuthorizationFlow.ProviderConfig:type_name -> management.ProviderConfig + 32, // 28: management.DNSConfig.NameServerGroups:type_name -> management.NameServerGroup + 30, // 29: management.DNSConfig.CustomZones:type_name -> management.CustomZone + 31, // 30: management.CustomZone.Records:type_name -> management.SimpleRecord + 33, // 31: management.NameServerGroup.NameServers:type_name -> management.NameServer + 2, // 32: management.FirewallRule.Direction:type_name -> management.FirewallRule.direction + 3, // 33: management.FirewallRule.Action:type_name -> management.FirewallRule.action + 4, // 34: management.FirewallRule.Protocol:type_name -> management.FirewallRule.protocol + 5, // 35: management.ManagementService.Login:input_type -> management.EncryptedMessage + 5, // 36: management.ManagementService.Sync:input_type -> management.EncryptedMessage + 14, // 37: management.ManagementService.GetServerKey:input_type -> management.Empty + 14, // 38: management.ManagementService.isHealthy:input_type -> management.Empty + 5, // 39: management.ManagementService.GetDeviceAuthorizationFlow:input_type -> management.EncryptedMessage + 5, // 40: management.ManagementService.GetPKCEAuthorizationFlow:input_type -> management.EncryptedMessage + 5, // 41: management.ManagementService.Login:output_type -> management.EncryptedMessage + 5, // 42: management.ManagementService.Sync:output_type -> management.EncryptedMessage + 13, // 43: management.ManagementService.GetServerKey:output_type -> management.ServerKeyResponse + 14, // 44: management.ManagementService.isHealthy:output_type -> management.Empty + 5, // 45: management.ManagementService.GetDeviceAuthorizationFlow:output_type -> management.EncryptedMessage + 5, // 46: management.ManagementService.GetPKCEAuthorizationFlow:output_type -> management.EncryptedMessage + 41, // [41:47] is the sub-list for method output_type + 35, // [35:41] is the sub-list for method input_type + 35, // [35:35] is the sub-list for extension type_name + 35, // [35:35] is the sub-list for extension extendee + 0, // [0:35] is the sub-list for field type_name +} + +func init() { file_management_proto_init() } +func file_management_proto_init() { + if File_management_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_management_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*EncryptedMessage); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SyncRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SyncResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*LoginRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PeerKeys); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Environment); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PeerSystemMeta); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*LoginResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ServerKeyResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Empty); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*WiretrusteeConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*HostConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RelayConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ProtectedHostConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PeerConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NetworkMap); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RemotePeerConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SSHConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*DeviceAuthorizationFlowRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*DeviceAuthorizationFlow); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PKCEAuthorizationFlowRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PKCEAuthorizationFlow); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ProviderConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[23].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Route); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*DNSConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[25].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CustomZone); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SimpleRecord); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NameServerGroup); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[28].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NameServer); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[29].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FirewallRule); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_management_proto_msgTypes[30].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NetworkAddress); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_management_proto_rawDesc, + NumEnums: 5, + NumMessages: 31, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_management_proto_goTypes, + DependencyIndexes: file_management_proto_depIdxs, + EnumInfos: file_management_proto_enumTypes, + MessageInfos: file_management_proto_msgTypes, + }.Build() + File_management_proto = out.File + file_management_proto_rawDesc = nil + file_management_proto_goTypes = nil + file_management_proto_depIdxs = nil } diff --git a/management/proto/management.proto b/management/proto/management.proto index 61304c8c4..c6695dd6a 100644 --- a/management/proto/management.proto +++ b/management/proto/management.proto @@ -147,7 +147,7 @@ message WiretrusteeConfig { // a Signal server config HostConfig signal = 3; - string RelayAddress = 4; + RelayConfig relay = 4; } // HostConfig describes connection properties of some server (e.g. STUN, Signal, Management) @@ -164,6 +164,13 @@ message HostConfig { DTLS = 4; } } + +message RelayConfig { + repeated string urls = 1; + string tokenPayload = 2; + string tokenSignature = 3; +} + // ProtectedHostConfig is similar to HostConfig but has additional user and password // Mostly used for TURN servers message ProtectedHostConfig { diff --git a/management/server/dns_test.go b/management/server/dns_test.go index b5074e50c..bfa50b1cf 100644 --- a/management/server/dns_test.go +++ b/management/server/dns_test.go @@ -166,9 +166,9 @@ func TestGetNetworkMap_DNSConfigSync(t *testing.T) { newAccountDNSConfig, err := am.GetNetworkMap(peer1.ID) require.NoError(t, err) - require.Len(t, newAccountDNSConfig.DNSConfig.CustomZones, 1, "default DNS config should have one custom zone for peers") - require.True(t, newAccountDNSConfig.DNSConfig.ServiceEnable, "default DNS config should have local DNS service enabled") - require.Len(t, newAccountDNSConfig.DNSConfig.NameServerGroups, 0, "updated DNS config should have no nameserver groups since peer 1 is NS for the only existing NS group") + require.Len(t, newAccountDNSConfig.DNSConfig.CustomZones, 1, "default DNS turnCfg should have one custom zone for peers") + require.True(t, newAccountDNSConfig.DNSConfig.ServiceEnable, "default DNS turnCfg should have local DNS service enabled") + require.Len(t, newAccountDNSConfig.DNSConfig.NameServerGroups, 0, "updated DNS turnCfg should have no nameserver groups since peer 1 is NS for the only existing NS group") dnsSettings := account.DNSSettings.Copy() dnsSettings.DisabledManagementGroups = append(dnsSettings.DisabledManagementGroups, dnsGroup1ID) @@ -178,13 +178,13 @@ func TestGetNetworkMap_DNSConfigSync(t *testing.T) { updatedAccountDNSConfig, err := am.GetNetworkMap(peer1.ID) require.NoError(t, err) - require.Len(t, updatedAccountDNSConfig.DNSConfig.CustomZones, 0, "updated DNS config should have no custom zone when peer belongs to a disabled group") - require.False(t, updatedAccountDNSConfig.DNSConfig.ServiceEnable, "updated DNS config should have local DNS service disabled when peer belongs to a disabled group") + require.Len(t, updatedAccountDNSConfig.DNSConfig.CustomZones, 0, "updated DNS turnCfg should have no custom zone when peer belongs to a disabled group") + require.False(t, updatedAccountDNSConfig.DNSConfig.ServiceEnable, "updated DNS turnCfg should have local DNS service disabled when peer belongs to a disabled group") peer2AccountDNSConfig, err := am.GetNetworkMap(peer2.ID) require.NoError(t, err) - require.Len(t, peer2AccountDNSConfig.DNSConfig.CustomZones, 1, "DNS config should have one custom zone for peers not in the disabled group") - require.True(t, peer2AccountDNSConfig.DNSConfig.ServiceEnable, "DNS config should have DNS service enabled for peers not in the disabled group") - require.Len(t, peer2AccountDNSConfig.DNSConfig.NameServerGroups, 1, "updated DNS config should have 1 nameserver groups since peer 2 is part of the group All") + require.Len(t, peer2AccountDNSConfig.DNSConfig.CustomZones, 1, "DNS turnCfg should have one custom zone for peers not in the disabled group") + require.True(t, peer2AccountDNSConfig.DNSConfig.ServiceEnable, "DNS turnCfg should have DNS service enabled for peers not in the disabled group") + require.Len(t, peer2AccountDNSConfig.DNSConfig.NameServerGroups, 1, "updated DNS turnCfg should have 1 nameserver groups since peer 2 is part of the group All") } func createDNSManager(t *testing.T) (*DefaultAccountManager, error) { diff --git a/management/server/grpcserver.go b/management/server/grpcserver.go index 8c8b8354f..a7d3b675d 100644 --- a/management/server/grpcserver.go +++ b/management/server/grpcserver.go @@ -29,17 +29,17 @@ type GRPCServer struct { accountManager AccountManager wgKey wgtypes.Key proto.UnimplementedManagementServiceServer - peersUpdateManager *PeersUpdateManager - config *Config - turnCredentialsManager TURNCredentialsManager - jwtValidator *jwtclaims.JWTValidator - jwtClaimsExtractor *jwtclaims.ClaimsExtractor - appMetrics telemetry.AppMetrics - ephemeralManager *EphemeralManager + peersUpdateManager *PeersUpdateManager + config *Config + turnRelayTokenManager TURNRelayTokenManager + jwtValidator *jwtclaims.JWTValidator + jwtClaimsExtractor *jwtclaims.ClaimsExtractor + appMetrics telemetry.AppMetrics + ephemeralManager *EphemeralManager } // NewServer creates a new Management server -func NewServer(config *Config, accountManager AccountManager, peersUpdateManager *PeersUpdateManager, turnCredentialsManager TURNCredentialsManager, appMetrics telemetry.AppMetrics, ephemeralManager *EphemeralManager) (*GRPCServer, error) { +func NewServer(config *Config, accountManager AccountManager, peersUpdateManager *PeersUpdateManager, turnRelayTokenManager TURNRelayTokenManager, appMetrics telemetry.AppMetrics, ephemeralManager *EphemeralManager) (*GRPCServer, error) { key, err := wgtypes.GeneratePrivateKey() if err != nil { return nil, err @@ -58,7 +58,7 @@ func NewServer(config *Config, accountManager AccountManager, peersUpdateManager return nil, status.Errorf(codes.Internal, "unable to create new jwt middleware, err: %v", err) } } else { - log.Debug("unable to use http config to create new jwt middleware") + log.Debug("unable to use http turnCfg to create new jwt middleware") } if appMetrics != nil { @@ -84,14 +84,14 @@ func NewServer(config *Config, accountManager AccountManager, peersUpdateManager return &GRPCServer{ wgKey: key, // peerKey -> event channel - peersUpdateManager: peersUpdateManager, - accountManager: accountManager, - config: config, - turnCredentialsManager: turnCredentialsManager, - jwtValidator: jwtValidator, - jwtClaimsExtractor: jwtClaimsExtractor, - appMetrics: appMetrics, - ephemeralManager: ephemeralManager, + peersUpdateManager: peersUpdateManager, + accountManager: accountManager, + config: config, + turnRelayTokenManager: turnRelayTokenManager, + jwtValidator: jwtValidator, + jwtClaimsExtractor: jwtClaimsExtractor, + appMetrics: appMetrics, + ephemeralManager: ephemeralManager, }, nil } @@ -150,7 +150,7 @@ func (s *GRPCServer) Sync(req *proto.EncryptedMessage, srv proto.ManagementServi s.ephemeralManager.OnPeerConnected(peer) if s.config.TURNConfig.TimeBasedCredentials { - s.turnCredentialsManager.SetupRefresh(peer.ID) + s.turnRelayTokenManager.SetupRefresh(peer.ID) } if s.appMetrics != nil { @@ -201,7 +201,7 @@ func (s *GRPCServer) Sync(req *proto.EncryptedMessage, srv proto.ManagementServi func (s *GRPCServer) cancelPeerRoutines(peer *nbpeer.Peer) { s.peersUpdateManager.CloseChannel(peer.ID) - s.turnCredentialsManager.CancelRefresh(peer.ID) + s.turnRelayTokenManager.CancelRefresh(peer.ID) _ = s.accountManager.CancelPeerRoutines(peer) s.ephemeralManager.OnPeerDisconnected(peer) } @@ -377,9 +377,14 @@ func (s *GRPCServer) Login(ctx context.Context, req *proto.EncryptedMessage) (*p s.ephemeralManager.OnPeerDisconnected(peer) } + trt, err := s.turnRelayTokenManager.Generate() + if err != nil { + log.Errorf("failed generating TURN and Relay token: %v", err) + } + // if peer has reached this point then it has logged in loginResp := &proto.LoginResponse{ - WiretrusteeConfig: toWiretrusteeConfig(s.config, nil), + WiretrusteeConfig: toWiretrusteeConfig(s.config, nil, trt), PeerConfig: toPeerConfig(peer, netMap.Network, s.accountManager.GetDNSDomain()), } encryptedResp, err := encryption.EncryptMessage(peerKey, s.wgKey, loginResp) @@ -407,11 +412,11 @@ func ToResponseProto(configProto Protocol) proto.HostConfig_Protocol { case TCP: return proto.HostConfig_TCP default: - panic(fmt.Errorf("unexpected config protocol type %v", configProto)) + panic(fmt.Errorf("unexpected turnCfg protocol type %v", configProto)) } } -func toWiretrusteeConfig(config *Config, turnCredentials *TURNCredentials) *proto.WiretrusteeConfig { +func toWiretrusteeConfig(config *Config, turnCredentials *TURNRelayToken, relayToken *TURNRelayToken) *proto.WiretrusteeConfig { if config == nil { return nil } @@ -427,8 +432,8 @@ func toWiretrusteeConfig(config *Config, turnCredentials *TURNCredentials) *prot var username string var password string if turnCredentials != nil { - username = turnCredentials.Username - password = turnCredentials.Password + username = turnCredentials.Payload + password = turnCredentials.Signature } else { username = turn.Username password = turn.Password @@ -443,6 +448,18 @@ func toWiretrusteeConfig(config *Config, turnCredentials *TURNCredentials) *prot }) } + var relayCfg *proto.RelayConfig + if config.RelayAddress != "" { + relayCfg = &proto.RelayConfig{ + Urls: []string{config.RelayAddress}, + } + + if relayToken != nil { + relayCfg.TokenPayload = relayToken.Payload + relayCfg.TokenSignature = relayToken.Signature + } + } + return &proto.WiretrusteeConfig{ Stuns: stuns, Turns: turns, @@ -450,7 +467,7 @@ func toWiretrusteeConfig(config *Config, turnCredentials *TURNCredentials) *prot Uri: config.Signal.URI, Protocol: ToResponseProto(config.Signal.Proto), }, - RelayAddress: config.RelayAddress, + Relay: relayCfg, } } @@ -478,8 +495,8 @@ func toRemotePeerConfig(peers []*nbpeer.Peer, dnsName string) []*proto.RemotePee return remotePeers } -func toSyncResponse(config *Config, peer *nbpeer.Peer, turnCredentials *TURNCredentials, networkMap *NetworkMap, dnsName string) *proto.SyncResponse { - wtConfig := toWiretrusteeConfig(config, turnCredentials) +func toSyncResponse(config *Config, peer *nbpeer.Peer, turnCredentials *TURNRelayToken, relayCredentials *TURNRelayToken, networkMap *NetworkMap, dnsName string) *proto.SyncResponse { + wtConfig := toWiretrusteeConfig(config, turnCredentials, relayCredentials) pConfig := toPeerConfig(peer, networkMap.Network, dnsName) @@ -520,14 +537,16 @@ func (s *GRPCServer) IsHealthy(ctx context.Context, req *proto.Empty) (*proto.Em // sendInitialSync sends initial proto.SyncResponse to the peer requesting synchronization func (s *GRPCServer) sendInitialSync(peerKey wgtypes.Key, peer *nbpeer.Peer, networkMap *NetworkMap, srv proto.ManagementService_SyncServer) error { // make secret time based TURN credentials optional - var turnCredentials *TURNCredentials - if s.config.TURNConfig.TimeBasedCredentials { - creds := s.turnCredentialsManager.GenerateCredentials() - turnCredentials = &creds - } else { - turnCredentials = nil + var turnCredentials *TURNRelayToken + trt, err := s.turnRelayTokenManager.Generate() + if err != nil { + log.Errorf("failed generating TURN and Relay token: %v", err) } - plainResp := toSyncResponse(s.config, peer, turnCredentials, networkMap, s.accountManager.GetDNSDomain()) + if s.config.TURNConfig.TimeBasedCredentials { + turnCredentials = trt + } + + plainResp := toSyncResponse(s.config, peer, turnCredentials, trt, networkMap, s.accountManager.GetDNSDomain()) encryptedResp, err := encryption.EncryptMessage(peerKey, s.wgKey, plainResp) if err != nil { diff --git a/management/server/management_proto_test.go b/management/server/management_proto_test.go index c2672b1e9..1b7bced3c 100644 --- a/management/server/management_proto_test.go +++ b/management/server/management_proto_test.go @@ -169,7 +169,7 @@ func Test_SyncProtocol(t *testing.T) { } if wiretrusteeConfig.GetSignal() == nil { - t.Fatal("expecting SyncResponse to have WiretrusteeConfig with non-nil Signal config") + t.Fatal("expecting SyncResponse to have WiretrusteeConfig with non-nil Signal turnCfg") } expectedSignalConfig := &mgmtProto.HostConfig{ @@ -418,7 +418,7 @@ func startManagement(t *testing.T, config *Config) (*grpc.Server, string, error) if err != nil { return nil, "", err } - turnManager := NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig) + turnManager := NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig, "") ephemeralMgr := NewEphemeralManager(store, accountManager) mgmtServer, err := NewServer(config, accountManager, peersUpdateManager, turnManager, nil, ephemeralMgr) diff --git a/management/server/management_test.go b/management/server/management_test.go index 564afaf55..0ad8426cf 100644 --- a/management/server/management_test.go +++ b/management/server/management_test.go @@ -544,7 +544,7 @@ func startServer(config *server.Config) (*grpc.Server, net.Listener) { if err != nil { log.Fatalf("failed creating a manager: %v", err) } - turnManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig) + turnManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig, "") mgmtServer, err := server.NewServer(config, accountManager, peersUpdateManager, turnManager, nil, nil) Expect(err).NotTo(HaveOccurred()) mgmtProto.RegisterManagementServiceServer(s, mgmtServer) diff --git a/management/server/peer.go b/management/server/peer.go index 13ac3801d..e6488aa3a 100644 --- a/management/server/peer.go +++ b/management/server/peer.go @@ -900,7 +900,7 @@ func (am *DefaultAccountManager) updateAccountPeers(account *Account) { continue } remotePeerNetworkMap := account.GetPeerNetworkMap(peer.ID, am.dnsDomain, approvedPeersMap) - update := toSyncResponse(nil, peer, nil, remotePeerNetworkMap, am.GetDNSDomain()) + update := toSyncResponse(nil, peer, nil, nil, remotePeerNetworkMap, am.GetDNSDomain()) am.peersUpdateManager.SendUpdate(peer.ID, &UpdateMessage{Update: update}) } } diff --git a/management/server/token_mgr.go b/management/server/token_mgr.go new file mode 100644 index 000000000..3f30d0494 --- /dev/null +++ b/management/server/token_mgr.go @@ -0,0 +1,126 @@ +package server + +import ( + "fmt" + "sync" + "time" + + log "github.com/sirupsen/logrus" + + "github.com/netbirdio/netbird/management/proto" + auth "github.com/netbirdio/netbird/relay/auth/hmac" +) + +// TURNRelayTokenManager used to manage TURN credentials +type TURNRelayTokenManager interface { + Generate() (*TURNRelayToken, error) + SetupRefresh(peerKey string) + CancelRefresh(peerKey string) +} + +// TimeBasedAuthSecretsManager generates credentials with TTL and using pre-shared secret known to TURN server +type TimeBasedAuthSecretsManager struct { + mux sync.Mutex + turnCfg *TURNConfig + relayAddr string + hmacToken *auth.TimedHMAC + updateManager *PeersUpdateManager + cancelMap map[string]chan struct{} +} + +type TURNRelayToken auth.Token + +func NewTimeBasedAuthSecretsManager(updateManager *PeersUpdateManager, turnCfg *TURNConfig, relayAddress string) *TimeBasedAuthSecretsManager { + return &TimeBasedAuthSecretsManager{ + mux: sync.Mutex{}, + updateManager: updateManager, + turnCfg: turnCfg, + relayAddr: relayAddress, + hmacToken: auth.NewTimedHMAC(turnCfg.Secret, turnCfg.CredentialsTTL.Duration), + cancelMap: make(map[string]chan struct{}), + } +} + +// Generate generates new time-based secret credentials - basically username is a unix timestamp and password is a HMAC hash of a timestamp with a preshared TURN secret +func (m *TimeBasedAuthSecretsManager) Generate() (*TURNRelayToken, error) { + token, err := m.hmacToken.GenerateToken() + if err != nil { + return nil, fmt.Errorf("failed to generate token: %s", err) + } + + return (*TURNRelayToken)(token), nil +} + +func (m *TimeBasedAuthSecretsManager) cancel(peerID string) { + if channel, ok := m.cancelMap[peerID]; ok { + close(channel) + delete(m.cancelMap, peerID) + } +} + +// CancelRefresh cancels scheduled peer credentials refresh +func (m *TimeBasedAuthSecretsManager) CancelRefresh(peerID string) { + m.mux.Lock() + defer m.mux.Unlock() + m.cancel(peerID) +} + +// SetupRefresh starts peer credentials refresh. Since credentials are expiring (TTL) it is necessary to always generate them and send to the peer. +// A goroutine is created and put into TimeBasedAuthSecretsManager.cancelMap. This routine should be cancelled if peer is gone. +func (m *TimeBasedAuthSecretsManager) SetupRefresh(peerID string) { + m.mux.Lock() + defer m.mux.Unlock() + m.cancel(peerID) + cancel := make(chan struct{}, 1) + m.cancelMap[peerID] = cancel + log.Debugf("starting turn refresh for %s", peerID) + + go func() { + // we don't want to regenerate credentials right on expiration, so we do it slightly before (at 3/4 of TTL) + ticker := time.NewTicker(m.turnCfg.CredentialsTTL.Duration / 4 * 3) + defer ticker.Stop() + + for { + select { + case <-cancel: + log.Debugf("stopping turn refresh for %s", peerID) + return + case <-ticker.C: + m.pushNewTokens(peerID) + } + } + }() +} + +func (m *TimeBasedAuthSecretsManager) pushNewTokens(peerID string) { + token, err := m.hmacToken.GenerateToken() + if err != nil { + log.Errorf("failed to generate token for peer '%s': %s", peerID, err) + return + } + + var turns []*proto.ProtectedHostConfig + for _, host := range m.turnCfg.Turns { + turns = append(turns, &proto.ProtectedHostConfig{ + HostConfig: &proto.HostConfig{ + Uri: host.URI, + Protocol: ToResponseProto(host.Proto), + }, + User: token.Payload, + Password: token.Signature, + }) + } + + update := &proto.SyncResponse{ + WiretrusteeConfig: &proto.WiretrusteeConfig{ + Turns: turns, + Relay: &proto.RelayConfig{ + Urls: []string{m.relayAddr}, + TokenPayload: token.Payload, + TokenSignature: token.Signature, + }, + }, + } + log.Debugf("sending new TURN credentials to peer %s", peerID) + m.updateManager.SendUpdate(peerID, &UpdateMessage{Update: update}) +} diff --git a/management/server/turncredentials_test.go b/management/server/token_mgr_test.go similarity index 94% rename from management/server/turncredentials_test.go rename to management/server/token_mgr_test.go index 5066fdbe9..70314f4fc 100644 --- a/management/server/turncredentials_test.go +++ b/management/server/token_mgr_test.go @@ -26,18 +26,18 @@ func TestTimeBasedAuthSecretsManager_GenerateCredentials(t *testing.T) { CredentialsTTL: ttl, Secret: secret, Turns: []*Host{TurnTestHost}, - }) + }, "") - credentials := tested.GenerateCredentials() + credentials, _ := tested.Generate() - if credentials.Username == "" { + if credentials.Payload == "" { t.Errorf("expected generated TURN username not to be empty, got empty") } - if credentials.Password == "" { + if credentials.Signature == "" { t.Errorf("expected generated TURN password not to be empty, got empty") } - validateMAC(t, credentials.Username, credentials.Password, []byte(secret)) + validateMAC(t, credentials.Payload, credentials.Signature, []byte(secret)) } @@ -52,7 +52,7 @@ func TestTimeBasedAuthSecretsManager_SetupRefresh(t *testing.T) { CredentialsTTL: ttl, Secret: secret, Turns: []*Host{TurnTestHost}, - }) + }, "") tested.SetupRefresh(peer) @@ -100,7 +100,7 @@ func TestTimeBasedAuthSecretsManager_CancelRefresh(t *testing.T) { CredentialsTTL: ttl, Secret: secret, Turns: []*Host{TurnTestHost}, - }) + }, "") tested.SetupRefresh(peer) if _, ok := tested.cancelMap[peer]; !ok { diff --git a/management/server/turncredentials.go b/management/server/turncredentials.go deleted file mode 100644 index aedcf2ee1..000000000 --- a/management/server/turncredentials.go +++ /dev/null @@ -1,125 +0,0 @@ -package server - -import ( - "crypto/hmac" - "crypto/sha1" - "encoding/base64" - "fmt" - "sync" - "time" - - log "github.com/sirupsen/logrus" - - "github.com/netbirdio/netbird/management/proto" -) - -// TURNCredentialsManager used to manage TURN credentials -type TURNCredentialsManager interface { - GenerateCredentials() TURNCredentials - SetupRefresh(peerKey string) - CancelRefresh(peerKey string) -} - -// TimeBasedAuthSecretsManager generates credentials with TTL and using pre-shared secret known to TURN server -type TimeBasedAuthSecretsManager struct { - mux sync.Mutex - config *TURNConfig - updateManager *PeersUpdateManager - cancelMap map[string]chan struct{} -} - -type TURNCredentials struct { - Username string - Password string -} - -func NewTimeBasedAuthSecretsManager(updateManager *PeersUpdateManager, config *TURNConfig) *TimeBasedAuthSecretsManager { - return &TimeBasedAuthSecretsManager{ - mux: sync.Mutex{}, - config: config, - updateManager: updateManager, - cancelMap: make(map[string]chan struct{}), - } -} - -// GenerateCredentials generates new time-based secret credentials - basically username is a unix timestamp and password is a HMAC hash of a timestamp with a preshared TURN secret -func (m *TimeBasedAuthSecretsManager) GenerateCredentials() TURNCredentials { - mac := hmac.New(sha1.New, []byte(m.config.Secret)) - - timeAuth := time.Now().Add(m.config.CredentialsTTL.Duration).Unix() - - username := fmt.Sprint(timeAuth) - - _, err := mac.Write([]byte(username)) - if err != nil { - log.Errorln("Generating turn password failed with error: ", err) - } - - bytePassword := mac.Sum(nil) - password := base64.StdEncoding.EncodeToString(bytePassword) - - return TURNCredentials{ - Username: username, - Password: password, - } - -} - -func (m *TimeBasedAuthSecretsManager) cancel(peerID string) { - if channel, ok := m.cancelMap[peerID]; ok { - close(channel) - delete(m.cancelMap, peerID) - } -} - -// CancelRefresh cancels scheduled peer credentials refresh -func (m *TimeBasedAuthSecretsManager) CancelRefresh(peerID string) { - m.mux.Lock() - defer m.mux.Unlock() - m.cancel(peerID) -} - -// SetupRefresh starts peer credentials refresh. Since credentials are expiring (TTL) it is necessary to always generate them and send to the peer. -// A goroutine is created and put into TimeBasedAuthSecretsManager.cancelMap. This routine should be cancelled if peer is gone. -func (m *TimeBasedAuthSecretsManager) SetupRefresh(peerID string) { - m.mux.Lock() - defer m.mux.Unlock() - m.cancel(peerID) - cancel := make(chan struct{}, 1) - m.cancelMap[peerID] = cancel - log.Debugf("starting turn refresh for %s", peerID) - - go func() { - // we don't want to regenerate credentials right on expiration, so we do it slightly before (at 3/4 of TTL) - ticker := time.NewTicker(m.config.CredentialsTTL.Duration / 4 * 3) - - for { - select { - case <-cancel: - log.Debugf("stopping turn refresh for %s", peerID) - return - case <-ticker.C: - c := m.GenerateCredentials() - var turns []*proto.ProtectedHostConfig - for _, host := range m.config.Turns { - turns = append(turns, &proto.ProtectedHostConfig{ - HostConfig: &proto.HostConfig{ - Uri: host.URI, - Protocol: ToResponseProto(host.Proto), - }, - User: c.Username, - Password: c.Password, - }) - } - - update := &proto.SyncResponse{ - WiretrusteeConfig: &proto.WiretrusteeConfig{ - Turns: turns, - }, - } - log.Debugf("sending new TURN credentials to peer %s", peerID) - m.updateManager.SendUpdate(peerID, &UpdateMessage{Update: update}) - } - } - }() -} diff --git a/relay/auth/allow_all.go b/relay/auth/allow_all.go new file mode 100644 index 000000000..653fd0801 --- /dev/null +++ b/relay/auth/allow_all.go @@ -0,0 +1,9 @@ +package auth + +// AllowAllAuth is a Validator that allows all connections. +type AllowAllAuth struct { +} + +func (a *AllowAllAuth) Validate(any) error { + return nil +} diff --git a/relay/auth/hmac/store.go b/relay/auth/hmac/store.go new file mode 100644 index 000000000..c9e8cc278 --- /dev/null +++ b/relay/auth/hmac/store.go @@ -0,0 +1,24 @@ +package hmac + +import ( + "sync" +) + +// Store is a simple in-memory store for token +// With this can update the token in thread safe way +type Store struct { + mu sync.Mutex + token Token +} + +func (a *Store) UpdateToken(token Token) { + a.mu.Lock() + defer a.mu.Unlock() + a.token = token +} + +func (a *Store) Token() ([]byte, error) { + a.mu.Lock() + defer a.mu.Unlock() + return marshalToken(a.token) +} diff --git a/relay/auth/hmac/token.go b/relay/auth/hmac/token.go new file mode 100644 index 000000000..e886bc7ae --- /dev/null +++ b/relay/auth/hmac/token.go @@ -0,0 +1,104 @@ +package hmac + +import ( + "bytes" + "crypto/hmac" + "crypto/sha1" + "encoding/base64" + "encoding/gob" + "fmt" + "strconv" + "sync" + "time" + + log "github.com/sirupsen/logrus" +) + +type Token struct { + Payload string + Signature string +} + +func marshalToken(token Token) ([]byte, error) { + buffer := bytes.NewBuffer([]byte{}) + encoder := gob.NewEncoder(buffer) + err := encoder.Encode(token) + if err != nil { + log.Errorf("failed to marshal token: %s", err) + return nil, err + } + return buffer.Bytes(), nil +} + +func unmarshalToken(payload []byte) (Token, error) { + var creds Token + buffer := bytes.NewBuffer(payload) + decoder := gob.NewDecoder(buffer) + err := decoder.Decode(&creds) + return creds, err +} + +// TimedHMAC generates token with TTL and using pre-shared secret known to TURN server +type TimedHMAC struct { + mux sync.Mutex + secret string + timeToLive time.Duration +} + +func NewTimedHMAC(secret string, timeToLive time.Duration) *TimedHMAC { + return &TimedHMAC{ + secret: secret, + timeToLive: timeToLive, + } +} + +// GenerateToken generates new time-based secret token - basically Payload is a unix timestamp and Signature is a HMAC hash of a timestamp with a preshared TURN secret +func (m *TimedHMAC) GenerateToken() (*Token, error) { + timeAuth := time.Now().Add(m.timeToLive).Unix() + timeStamp := fmt.Sprint(timeAuth) + + checksum, err := m.generate(timeStamp) + if err != nil { + return nil, err + } + + return &Token{ + Payload: timeStamp, + Signature: base64.StdEncoding.EncodeToString(checksum), + }, nil +} + +func (m *TimedHMAC) Validate(token Token) error { + expectedMAC, err := m.generate(token.Payload) + if err != nil { + return err + } + + expectedSignature := base64.StdEncoding.EncodeToString(expectedMAC) + + if !hmac.Equal([]byte(expectedSignature), []byte(token.Signature)) { + return fmt.Errorf("signature mismatch") + } + + timeAuthInt, err := strconv.ParseInt(token.Payload, 10, 64) + if err != nil { + return fmt.Errorf("invalid payload: %s", err) + } + + if time.Now().Unix() > timeAuthInt { + return fmt.Errorf("expired token") + } + + return nil +} + +func (m *TimedHMAC) generate(payload string) ([]byte, error) { + mac := hmac.New(sha1.New, []byte(m.secret)) + _, err := mac.Write([]byte(payload)) + if err != nil { + log.Errorf("failed to generate token: %s", err) + return nil, err + } + + return mac.Sum(nil), nil +} diff --git a/relay/auth/hmac/token_test.go b/relay/auth/hmac/token_test.go new file mode 100644 index 000000000..cbe36d5a7 --- /dev/null +++ b/relay/auth/hmac/token_test.go @@ -0,0 +1,103 @@ +package hmac + +import ( + "encoding/base64" + "strconv" + "testing" + "time" +) + +func TestGenerateCredentials(t *testing.T) { + secret := "secret" + timeToLive := 1 * time.Hour + v := NewTimedHMAC(secret, timeToLive) + + creds, err := v.GenerateToken() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + + if creds.Payload == "" { + t.Fatalf("expected non-empty payload") + } + + _, err = strconv.ParseInt(creds.Payload, 10, 64) + if err != nil { + t.Fatalf("expected payload to be a valid unix timestamp, got %v", err) + } + + _, err = base64.StdEncoding.DecodeString(creds.Signature) + if err != nil { + t.Fatalf("expected signature to be base64 encoded, got %v", err) + } +} + +func TestValidateCredentials(t *testing.T) { + secret := "supersecret" + timeToLive := 1 * time.Hour + manager := NewTimedHMAC(secret, timeToLive) + + // Test valid token + creds, err := manager.GenerateToken() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + + if err := manager.Validate(*creds); err != nil { + t.Fatalf("expected valid token: %s", err) + } +} + +func TestInvalidSignature(t *testing.T) { + secret := "supersecret" + timeToLive := 1 * time.Hour + manager := NewTimedHMAC(secret, timeToLive) + + creds, err := manager.GenerateToken() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + + invalidCreds := &Token{ + Payload: creds.Payload, + Signature: "invalidsignature", + } + + if err = manager.Validate(*invalidCreds); err == nil { + t.Fatalf("expected invalid token due to signature mismatch") + } +} + +func TestExpired(t *testing.T) { + secret := "supersecret" + v := NewTimedHMAC(secret, -1*time.Hour) + expiredCreds, err := v.GenerateToken() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + + if err = v.Validate(*expiredCreds); err == nil { + t.Fatalf("expected invalid token due to expiration") + } +} + +func TestInvalidPayload(t *testing.T) { + secret := "supersecret" + timeToLive := 1 * time.Hour + v := NewTimedHMAC(secret, timeToLive) + + creds, err := v.GenerateToken() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + + // Test invalid payload + invalidPayloadCreds := &Token{ + Payload: "invalidtimestamp", + Signature: creds.Signature, + } + + if err = v.Validate(*invalidPayloadCreds); err == nil { + t.Fatalf("expected invalid token due to invalid payload") + } +} diff --git a/relay/auth/hmac/validator.go b/relay/auth/hmac/validator.go new file mode 100644 index 000000000..92669cce6 --- /dev/null +++ b/relay/auth/hmac/validator.go @@ -0,0 +1,27 @@ +package hmac + +import ( + log "github.com/sirupsen/logrus" + "time" +) + +type TimedHMACValidator struct { + *TimedHMAC +} + +func NewTimedHMACValidator(secret string, duration time.Duration) *TimedHMACValidator { + ta := NewTimedHMAC(secret, duration) + return &TimedHMACValidator{ + ta, + } +} + +func (a *TimedHMACValidator) Validate(credentials any) error { + b := credentials.([]byte) + c, err := unmarshalToken(b) + if err != nil { + log.Errorf("failed to unmarshal token: %s", err) + return err + } + return a.TimedHMAC.Validate(c) +} diff --git a/relay/auth/validator.go b/relay/auth/validator.go new file mode 100644 index 000000000..d76a90c74 --- /dev/null +++ b/relay/auth/validator.go @@ -0,0 +1,5 @@ +package auth + +type Validator interface { + Validate(any) error +} diff --git a/relay/client/client.go b/relay/client/client.go index 9fc5b84b8..1b2bf27c7 100644 --- a/relay/client/client.go +++ b/relay/client/client.go @@ -10,6 +10,7 @@ import ( log "github.com/sirupsen/logrus" + auth "github.com/netbirdio/netbird/relay/auth/hmac" "github.com/netbirdio/netbird/relay/client/dialer/ws" "github.com/netbirdio/netbird/relay/healthcheck" "github.com/netbirdio/netbird/relay/messages" @@ -98,6 +99,7 @@ type Client struct { log *log.Entry parentCtx context.Context connectionURL string + authStore *auth.Store hashedID []byte bufPool *sync.Pool @@ -115,12 +117,13 @@ type Client struct { } // NewClient creates a new client for the relay server. The client is not connected to the server until the Connect -func NewClient(ctx context.Context, serverURL, peerID string) *Client { +func NewClient(ctx context.Context, serverURL string, authStore *auth.Store, peerID string) *Client { hashedID, hashedStringId := messages.HashID(peerID) return &Client{ log: log.WithField("client_id", hashedStringId), parentCtx: ctx, connectionURL: serverURL, + authStore: authStore, hashedID: hashedID, bufPool: &sync.Pool{ New: func() any { @@ -234,7 +237,12 @@ func (c *Client) connect() error { } func (c *Client) handShake() error { - msg, err := messages.MarshalHelloMsg(c.hashedID) + t, err := c.authStore.Token() + if err != nil { + return err + } + + msg, err := messages.MarshalHelloMsg(c.hashedID, t) if err != nil { log.Errorf("failed to marshal hello message: %s", err) return err @@ -262,11 +270,11 @@ func (c *Client) handShake() error { return fmt.Errorf("unexpected message type") } - domain, err := messages.UnmarshalHelloResponse(buf[:n]) + ia, err := messages.UnmarshalHelloResponse(buf[:n]) if err != nil { return err } - c.instanceURL = domain + c.instanceURL = ia return nil } diff --git a/relay/client/manager.go b/relay/client/manager.go index 109d3b139..0e552754e 100644 --- a/relay/client/manager.go +++ b/relay/client/manager.go @@ -8,6 +8,8 @@ import ( "time" log "github.com/sirupsen/logrus" + + relayAuth "github.com/netbirdio/netbird/relay/auth/hmac" ) var ( @@ -35,9 +37,10 @@ func NewRelayTrack() *RelayTrack { // relay servers will be closed if there is no active connection. Periodically the manager will check if there is any // unused relay connection and close it. type Manager struct { - ctx context.Context - serverURL string - peerID string + ctx context.Context + serverURL string + peerID string + tokenStore *relayAuth.Store relayClient *Client reconnectGuard *Guard @@ -54,6 +57,7 @@ func NewManager(ctx context.Context, serverURL string, peerID string) *Manager { ctx: ctx, serverURL: serverURL, peerID: peerID, + tokenStore: &relayAuth.Store{}, relayClients: make(map[string]*RelayTrack), onDisconnectedListeners: make(map[string]map[*func()]struct{}), } @@ -65,7 +69,7 @@ func (m *Manager) Serve() error { return fmt.Errorf("manager already serving") } - m.relayClient = NewClient(m.ctx, m.serverURL, m.peerID) + m.relayClient = NewClient(m.ctx, m.serverURL, m.tokenStore, m.peerID) err := m.relayClient.Connect() if err != nil { log.Errorf("failed to connect to relay server: %s", err) @@ -158,7 +162,7 @@ func (m *Manager) openConnVia(serverAddress, peerKey string) (net.Conn, error) { m.relayClients[serverAddress] = rt m.relayClientsMutex.Unlock() - relayClient := NewClient(m.ctx, serverAddress, m.peerID) + relayClient := NewClient(m.ctx, serverAddress, m.tokenStore, m.peerID) err := relayClient.Connect() if err != nil { rt.Unlock() @@ -260,3 +264,7 @@ func (m *Manager) notifyOnDisconnectListeners(serverAddress string) { m.listenerLock.Unlock() } + +func (m *Manager) UpdateToken(token relayAuth.Token) { + m.tokenStore.UpdateToken(token) +} diff --git a/relay/cmd/main.go b/relay/cmd/main.go index a7cd5efa8..7315bd005 100644 --- a/relay/cmd/main.go +++ b/relay/cmd/main.go @@ -24,6 +24,7 @@ var ( letsencryptDomains []string tlsCertFile string tlsKeyFile string + authSecret string rootCmd = &cobra.Command{ Use: "relay", @@ -41,7 +42,7 @@ func init() { rootCmd.PersistentFlags().StringArrayVarP(&letsencryptDomains, "letsencrypt-domains", "a", nil, "list of domains to issue Let's Encrypt certificate for. Enables TLS using Let's Encrypt. Will fetch and renew certificate, and run the server with TLS") rootCmd.PersistentFlags().StringVarP(&tlsCertFile, "tls-cert-file", "c", "", "") rootCmd.PersistentFlags().StringVarP(&tlsKeyFile, "tls-key-file", "k", "", "") - + rootCmd.PersistentFlags().StringVarP(&authSecret, "auth-secret", "s", "", "log level") } func waitForExitSignal() { @@ -56,6 +57,11 @@ func execute(cmd *cobra.Command, args []string) { os.Exit(1) } + if authSecret == "" { + log.Errorf("auth secret is required") + os.Exit(1) + } + srvListenerCfg := server.ListenerConfig{ Address: listenAddress, } @@ -76,7 +82,7 @@ func execute(cmd *cobra.Command, args []string) { } tlsSupport := srvListenerCfg.TLSConfig != nil - srv := server.NewServer(exposedAddress, tlsSupport) + srv := server.NewServer(exposedAddress, tlsSupport, authSecret) log.Infof("server will be available on: %s", srv.InstanceURL()) err := srv.Listen(srvListenerCfg) if err != nil { diff --git a/relay/messages/message.go b/relay/messages/message.go index 991bc36d0..dc2e9660c 100644 --- a/relay/messages/message.go +++ b/relay/messages/message.go @@ -15,8 +15,10 @@ const ( MsgTypeClose MsgType = 3 MsgTypeHealthCheck MsgType = 4 - headerSizeTransport = 1 + IDSize // 1 byte for msg type, IDSize for peerID - headerSizeHello = 1 + 4 + IDSize // 1 byte for msg type, 4 byte for magic header, IDSize for peerID + sizeOfMsgType = 1 + sizeOfMagicBye = 4 + headerSizeTransport = sizeOfMsgType + IDSize // 1 byte for msg type, IDSize for peerID + headerSizeHello = sizeOfMsgType + sizeOfMagicBye + IDSize // 1 byte for msg type, 4 byte for magic header, IDSize for peerID MaxHandshakeSize = 90 ) @@ -47,7 +49,7 @@ func (m MsgType) String() string { } type HelloResponse struct { - DomainAddress string + InstanceAddress string } func DetermineClientMsgType(msg []byte) (MsgType, error) { @@ -83,28 +85,29 @@ func DetermineServerMsgType(msg []byte) (MsgType, error) { } // MarshalHelloMsg initial hello message -func MarshalHelloMsg(peerID []byte) ([]byte, error) { +func MarshalHelloMsg(peerID []byte, additions []byte) ([]byte, error) { if len(peerID) != IDSize { return nil, fmt.Errorf("invalid peerID length: %d", len(peerID)) } - msg := make([]byte, 5, headerSizeHello) + msg := make([]byte, 5, headerSizeHello+len(additions)) msg[0] = byte(MsgTypeHello) copy(msg[1:5], magicHeader) msg = append(msg, peerID...) + msg = append(msg, additions...) return msg, nil } -func UnmarshalHelloMsg(msg []byte) ([]byte, error) { +func UnmarshalHelloMsg(msg []byte) ([]byte, []byte, error) { if len(msg) < headerSizeHello { - return nil, fmt.Errorf("invalid 'hello' messge") + return nil, nil, fmt.Errorf("invalid 'hello' messge") } bytes.Equal(msg[1:5], magicHeader) - return msg[5:], nil + return msg[5:], msg[headerSizeHello:], nil } func MarshalHelloResponse(DomainAddress string) ([]byte, error) { payload := HelloResponse{ - DomainAddress: DomainAddress, + InstanceAddress: DomainAddress, } buf := new(bytes.Buffer) @@ -135,7 +138,7 @@ func UnmarshalHelloResponse(msg []byte) (string, error) { log.Errorf("failed to gob decode hello response: %s", err) return "", err } - return payload.DomainAddress, nil + return payload.InstanceAddress, nil } // Close message diff --git a/relay/messages/message_test.go b/relay/messages/message_test.go index d40963d8b..b0546a77c 100644 --- a/relay/messages/message_test.go +++ b/relay/messages/message_test.go @@ -6,12 +6,12 @@ import ( func TestMarshalHelloMsg(t *testing.T) { peerID := []byte("abdFAaBcawquEiCMzAabYosuUaGLtSNhKxz+") - bHello, err := MarshalHelloMsg(peerID) + bHello, err := MarshalHelloMsg(peerID, nil) if err != nil { t.Fatalf("error: %v", err) } - receivedPeerID, err := UnmarshalHelloMsg(bHello) + receivedPeerID, _, err := UnmarshalHelloMsg(bHello) if err != nil { t.Fatalf("error: %v", err) } diff --git a/relay/server/relay.go b/relay/server/relay.go index aff15a5fb..928c52322 100644 --- a/relay/server/relay.go +++ b/relay/server/relay.go @@ -8,20 +8,24 @@ import ( log "github.com/sirupsen/logrus" + "github.com/netbirdio/netbird/relay/auth" "github.com/netbirdio/netbird/relay/messages" ) type Relay struct { + validator auth.Validator + store *Store - instaceURL string // domain:port + instaceURL string closed bool closeMu sync.RWMutex } -func NewRelay(exposedAddress string, tlsSupport bool) *Relay { +func NewRelay(exposedAddress string, tlsSupport bool, validator auth.Validator) *Relay { r := &Relay{ - store: NewStore(), + validator: validator, + store: NewStore(), } if tlsSupport { @@ -29,6 +33,7 @@ func NewRelay(exposedAddress string, tlsSupport bool) *Relay { } else { r.instaceURL = fmt.Sprintf("rel://%s", exposedAddress) } + return r } @@ -94,12 +99,17 @@ func (r *Relay) handShake(conn net.Conn) ([]byte, error) { return nil, tErr } - peerID, err := messages.UnmarshalHelloMsg(buf[:n]) + peerID, authPayload, err := messages.UnmarshalHelloMsg(buf[:n]) if err != nil { log.Errorf("failed to handshake: %s", err) return nil, err } + if err := r.validator.Validate(authPayload); err != nil { + log.Errorf("failed to authenticate peer with id: %s, %s", peerID, err) + return nil, fmt.Errorf("failed to authenticate peer") + } + msg, _ := messages.MarshalHelloResponse(r.instaceURL) _, err = conn.Write(msg) if err != nil { diff --git a/relay/server/server.go b/relay/server/server.go index 5341cad2e..6ab994a6a 100644 --- a/relay/server/server.go +++ b/relay/server/server.go @@ -9,6 +9,7 @@ import ( log "github.com/sirupsen/logrus" + auth "github.com/netbirdio/netbird/relay/auth/hmac" "github.com/netbirdio/netbird/relay/server/listener" "github.com/netbirdio/netbird/relay/server/listener/udp" "github.com/netbirdio/netbird/relay/server/listener/ws" @@ -25,9 +26,12 @@ type Server struct { wSListener listener.Listener } -func NewServer(exposedAddress string, tlsSupport bool) *Server { +func NewServer(exposedAddress string, tlsSupport bool, authSecret string) *Server { return &Server{ - relay: NewRelay(exposedAddress, tlsSupport), + relay: NewRelay( + exposedAddress, + tlsSupport, + auth.NewTimedHMACValidator(authSecret, 24*time.Hour)), } }