wip desc-lookup

Author: Marc Odermatt

daemon/internal/servers/grpc.go

@@ -657,3 +657,20 @@ func requestToHostHostMeta(req *sdpb.DRKeyHostHostRequest) (drkey.HostHostMeta,
 		DstHost:  req.DstHost,
 	}, nil
 }
+
+func (s *DaemonServer) RemotePolicyDescription(ctx context.Context,
+	request *experimental.RemotePolicyDescriptionRequest) (
+	*experimental.RemotePolicyDescriptionResponse, error) {
+	conn, err := s.Dialer.Dial(ctx, &snet.SVCAddr{SVC: addr.SvcCS})
+	if err != nil {
+		log.FromCtx(ctx).Debug("Dialing CS failed", "err", err)
+	}
+	defer conn.Close()
+	client := experimental.NewFABRIDIntraServiceClient(conn)
+	response, err := client.RemotePolicyDescription(ctx, request)
+	if err != nil {
+		return &experimental.RemotePolicyDescriptionResponse{}, err
+	}
+
+	return response, nil
+}

pkg/daemon/BUILD.bazel

@@ -21,6 +21,7 @@ go_library(
         "//pkg/private/ctrl/path_mgmt:go_default_library",
         "//pkg/private/prom:go_default_library",
         "//pkg/private/serrors:go_default_library",
+        "//pkg/proto/control_plane/experimental:go_default_library",
         "//pkg/proto/daemon:go_default_library",
         "//pkg/proto/drkey:go_default_library",
         "//pkg/scrypto/cppki:go_default_library",

pkg/daemon/daemon.go

@@ -18,6 +18,7 @@ package daemon
 
 import (
 	"context"
+	"github.com/scionproto/scion/pkg/proto/control_plane/experimental"
 	"net/netip"
 
 	"github.com/scionproto/scion/pkg/addr"
@@ -90,6 +91,7 @@ type Connector interface {
 	DRKeyGetHostHostKey(ctx context.Context, meta drkey.HostHostMeta) (drkey.HostHostKey, error)
 	// FabridKeys requests FABRID DRKeys for all provided ASes and the path validation key
 	FabridKeys(ctx context.Context, meta drkey.FabridKeysMeta) (drkey.FabridKeysResponse, error)
+	RemotePolicyDescription(context.Context, *experimental.RemotePolicyDescriptionRequest) (*experimental.RemotePolicyDescriptionResponse, error)
 	// Close shuts down the connection to the daemon.
 	Close() error
 }

pkg/daemon/grpc.go

@@ -24,13 +24,15 @@ import (
 	"google.golang.org/protobuf/types/known/emptypb"
 	"google.golang.org/protobuf/types/known/timestamppb"
 
+	fabrid_control "github.com/scionproto/scion/control/fabrid"
 	"github.com/scionproto/scion/pkg/addr"
 	"github.com/scionproto/scion/pkg/drkey"
 	"github.com/scionproto/scion/pkg/experimental/fabrid"
 	libgrpc "github.com/scionproto/scion/pkg/grpc"
 	"github.com/scionproto/scion/pkg/private/common"
 	"github.com/scionproto/scion/pkg/private/ctrl/path_mgmt"
 	"github.com/scionproto/scion/pkg/private/serrors"
+	cppb "github.com/scionproto/scion/pkg/proto/control_plane/experimental"
 	sdpb "github.com/scionproto/scion/pkg/proto/daemon"
 	dkpb "github.com/scionproto/scion/pkg/proto/drkey"
 	"github.com/scionproto/scion/pkg/scrypto/cppki"
@@ -277,6 +279,20 @@ func (c grpcConn) FabridKeys(ctx context.Context, meta drkey.FabridKeysMeta,
 	}, nil
 }
 
+func (c grpcConn) RemotePolicyDescription(ctx context.Context,
+	identifier fabrid_control.RemotePolicyIdentifier) (fabrid_control.RemotePolicyDescription, error) {
+
+	client := sdpb.NewDaemonServiceClient(c.conn)
+	response, err := client.RemotePolicyDescription(ctx, &cppb.RemotePolicyDescriptionRequest{
+		PolicyIdentifier: identifier.Identifier,
+		IsdAs:            identifier.ISDAS,
+	})
+	if err != nil {
+		return fabrid_control.RemotePolicyDescription{}, err
+	}
+	return fabrid_control.RemotePolicyDescription{Description: }, err
+}
+
 func (c grpcConn) Close() error {
 	return c.conn.Close()
 }

pkg/proto/daemon/daemon.pb.go

@@ -22,6 +22,7 @@ import "google/protobuf/timestamp.proto";
 import "google/protobuf/duration.proto";
 import "google/protobuf/empty.proto";
 import "proto/drkey/v1/drkey.proto";
+import "proto/control_plane/experimental/v1/fabrid.proto";
 import "proto/control_plane/experimental/v1/fabrid_extensions.proto";
 
 service DaemonService {
@@ -47,6 +48,11 @@ service DaemonService {
     rpc DRKeyHostHost (DRKeyHostHostRequest) returns (DRKeyHostHostResponse) {}
     // FabridKeys returns the DRKeys for FABRID
     rpc FabridKeys (FabridKeysRequest) returns (FabridKeysResponse) {}
+    // Used by a host inside the AS to request a policy description for another AS. The control
+    // service will request the policy description from the remote AS if it is unknown to the
+    // control service.
+    rpc RemotePolicyDescription(proto.control_plane.experimental.v1.RemotePolicyDescriptionRequest) returns
+        (proto.control_plane.experimental.v1.RemotePolicyDescriptionResponse) {}
 }
 
 message PathsRequest {

proto/daemon/v1/daemon.proto

@@ -0,0 +1,150 @@
+// Copyright 2020 Anapaya Systems
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"context"
+	"fmt"
+	"net"
+	"time"
+
+	"github.com/scionproto/scion/pkg/addr"
+	"github.com/scionproto/scion/pkg/log"
+	"github.com/scionproto/scion/pkg/private/serrors"
+	"github.com/scionproto/scion/private/app"
+	"github.com/scionproto/scion/private/app/flag"
+	"github.com/scionproto/scion/private/tracing"
+	"github.com/scionproto/scion/scion/fabrid"
+	"github.com/spf13/cobra"
+)
+
+func newFabrid(pather CommandPather) *cobra.Command {
+	var envFlags flag.SCIONEnvironment
+	var flags struct {
+		timeout  time.Duration
+		cfg      fabrid.Config
+		extended bool
+		json     bool
+		logLevel string
+		noColor  bool
+		tracer   string
+		format   string
+	}
+
+	var cmd = &cobra.Command{
+		Use:   "fabrid",
+		Short: "Display FABRID policy information",
+		Args:  cobra.ExactArgs(1),
+		Example: fmt.Sprintf(`  %[1]s showpaths 1-ff00:0:110 --extended
+  %[1]s showpaths 1-ff00:0:110 --local 127.0.0.55 --json
+  %[1]s showpaths 1-ff00:0:111 --sequence="0-0#2 0*" # outgoing IfID=2
+  %[1]s showpaths 1-ff00:0:111 --sequence="0* 0-0#41" # incoming IfID=41 at dstIA
+  %[1]s showpaths 1-ff00:0:111 --sequence="0* 1-ff00:0:112 0*" # 1-ff00:0:112 on the path
+  %[1]s showpaths 1-ff00:0:110 --no-probe`, pather.CommandPath()),
+		Long: `'fabrid' lists available policies at a remote AS, or shows the
+description of a specific policy.`,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			dst, err := addr.ParseIA(args[0])
+			if err != nil {
+				return serrors.WrapStr("invalid destination ISD-AS", err)
+			}
+			if err := app.SetupLog(flags.logLevel); err != nil {
+				return serrors.WrapStr("setting up logging", err)
+			}
+			closer, err := setupTracer("fabrid", flags.tracer)
+			if err != nil {
+				return serrors.WrapStr("setting up tracing", err)
+			}
+			defer closer()
+
+			if flags.json && !cmd.Flags().Lookup("format").Changed {
+				flags.format = "json"
+			}
+			printf, err := getPrintf(flags.format, cmd.OutOrStdout())
+			if err != nil {
+				return serrors.WrapStr("get formatting", err)
+			}
+
+			cmd.SilenceUsage = true
+
+			if err := envFlags.LoadExternalVars(); err != nil {
+				return err
+			}
+
+			flags.cfg.Daemon = envFlags.Daemon()
+			flags.cfg.Local = net.IP(envFlags.Local().AsSlice())
+			log.Debug("Resolved SCION environment flags",
+				"daemon", flags.cfg.Daemon,
+				"local", flags.cfg.Local,
+			)
+
+			span, traceCtx := tracing.CtxWith(context.Background(), "run")
+			span.SetTag("dst.isd_as", dst)
+			defer span.Finish()
+
+			ctx, cancel := context.WithTimeout(traceCtx, flags.timeout)
+			defer cancel()
+			res, err := fabrid.Run(ctx, dst, flags.cfg)
+			if err != nil {
+				return err
+			}
+
+			switch flags.format {
+			case "human":
+				if res.IsLocal() {
+					printf("Empty path, destination is local AS %s\n", res.Destination)
+					return nil
+				}
+				printf("Available policies at %s\n", res.Destination)
+				if len(res.Paths) == 0 {
+					return app.WithExitCode(serrors.New("no policies found"), 1)
+				}
+				res.Human(cmd.OutOrStdout(), flags.extended, !flags.noColor)
+			case "json":
+				return serrors.New("Not implemented", "format", flags.format)
+			case "yaml":
+				return serrors.New("Not implemented", "format", flags.format)
+			default:
+				return serrors.New("output format not supported", "format", flags.format)
+			}
+			return nil
+		},
+	}
+
+	envFlags.Register(cmd.Flags())
+	cmd.Flags().DurationVar(&flags.timeout, "timeout", 5*time.Second, "Timeout")
+	cmd.Flags().StringVar(&flags.cfg.Sequence, "sequence", "", app.SequenceUsage)
+	cmd.Flags().IntVarP(&flags.cfg.MaxPaths, "maxpaths", "m", 10,
+		"Maximum number of paths that are displayed")
+	cmd.Flags().BoolVarP(&flags.extended, "extended", "e", false,
+		"Show extended path meta data information")
+	cmd.Flags().BoolVarP(&flags.cfg.Refresh, "refresh", "r", false,
+		"Set refresh flag for SCION Daemon path request")
+	cmd.Flags().BoolVar(&flags.cfg.NoProbe, "no-probe", false,
+		"Do not probe the paths and print the health status")
+	cmd.Flags().BoolVarP(&flags.json, "json", "j", false,
+		"Write the output as machine readable json")
+	cmd.Flags().StringVar(&flags.format, "format", "human",
+		"Specify the output format (human|json|yaml)")
+	cmd.Flags().BoolVar(&flags.noColor, "no-color", false, "disable colored output")
+	cmd.Flags().StringVar(&flags.logLevel, "log.level", "", app.LogLevelUsage)
+	cmd.Flags().StringVar(&flags.tracer, "tracing.agent", "", "Tracing agent address")
+	cmd.Flags().BoolVar(&flags.cfg.Epic, "epic", false, "Enable EPIC.")
+	err := cmd.Flags().MarkDeprecated("json", "json flag is deprecated, use format flag")
+	if err != nil {
+		panic(err)
+	}
+	return cmd
+}

scion/cmd/scion/fabrid.go

@@ -0,0 +1,21 @@
+load("//tools/lint:go.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "config.go",
+        "showpaths.go",
+    ],
+    importpath = "github.com/scionproto/scion/scion/fabrid",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/addr:go_default_library",
+        "//pkg/daemon:go_default_library",
+        "//pkg/private/common:go_default_library",
+        "//pkg/private/serrors:go_default_library",
+        "//pkg/snet:go_default_library",
+        "//private/app/path:go_default_library",
+        "//private/app/path/pathprobe:go_default_library",
+        "//private/path/pathpol:go_default_library",
+    ],
+)

scion/fabrid/BUILD.bazel

@@ -0,0 +1,44 @@
+// Copyright 2020 Anapaya Systems
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package fabrid
+
+import (
+	"net"
+)
+
+// DefaultMaxPaths is the maximum number of paths that are displayed by default.
+const DefaultMaxPaths = 10
+
+// Config configures the showpath run.
+type Config struct {
+	// Local configures the local IP address to use. If this option is not provided,
+	// a local IP that can reach SCION hosts is selected with the help of the kernel.
+	Local net.IP
+	// Daemon configures a specific SCION Daemon address.
+	Daemon string
+	// MaxPaths configures the maximum number of displayed paths. If this option is
+	// not provided, the DefaultMaxPaths is used.
+	MaxPaths int
+	// Refresh configures whether the daemon is queried with the refresh flag.
+	Refresh bool
+	// NoProbe configures whether the path status is probed or not.
+	NoProbe bool
+	// Sequence is a string of space separated Hop Predicates that is used for
+	// filtering.
+	Sequence string
+	// Epic filters paths for which EPIC is not available, and when probing, the
+	// EPIC path type header is used.
+	Epic bool
+}