marcodermatt · Sep 12, 2024
diff --git a/‎daemon/internal/servers/grpc.go
+10-6 b/‎daemon/internal/servers/grpc.go
+10-6
diff --git a/‎doc/command/scion/scion.rst
+1 b/‎doc/command/scion/scion.rst
+1
diff --git a/‎doc/command/scion/scion_fabrid.rst
+58 b/‎doc/command/scion/scion_fabrid.rst
+58
diff --git a/‎pkg/daemon/BUILD.bazel
-1 b/‎pkg/daemon/BUILD.bazel
-1
diff --git a/‎pkg/daemon/grpc.go
+1-2 b/‎pkg/daemon/grpc.go
+1-2
diff --git a/‎pkg/proto/daemon/daemon.pb.go
+520-387 b/‎pkg/proto/daemon/daemon.pb.go
+520-387
diff --git a/‎proto/daemon/v1/daemon.proto
+16-5 b/‎proto/daemon/v1/daemon.proto
+16-5
diff --git a/‎scion/cmd/scion/BUILD.bazel
+1-1 b/‎scion/cmd/scion/BUILD.bazel
+1-1
diff --git a/‎scion/cmd/scion/fabrid.go
+2-1 b/‎scion/cmd/scion/fabrid.go
+2-1
diff --git a/‎scion/fabrid/BUILD.bazel
-5 b/‎scion/fabrid/BUILD.bazel
-5
diff --git a/‎scion/fabrid/fabrid.go
+3-3 b/‎scion/fabrid/fabrid.go
+3-3
@@ -658,19 +658,23 @@ func requestToHostHostMeta(req *sdpb.DRKeyHostHostRequest) (drkey.HostHostMeta,
 	}, nil
 }
 
-func (s *DaemonServer) RemotePolicyDescription(ctx context.Context,
-	request *experimental.RemotePolicyDescriptionRequest) (
-	*experimental.RemotePolicyDescriptionResponse, error) {
+func (s *DaemonServer) PolicyDescription(ctx context.Context,
+	request *sdpb.PolicyDescriptionRequest) (
+	*sdpb.PolicyDescriptionResponse, error) {
 	conn, err := s.Dialer.Dial(ctx, &snet.SVCAddr{SVC: addr.SvcCS})
 	if err != nil {
 		log.FromCtx(ctx).Debug("Dialing CS failed", "err", err)
 	}
 	defer conn.Close()
 	client := experimental.NewFABRIDIntraServiceClient(conn)
-	response, err := client.RemotePolicyDescription(ctx, request)
+	response, err := client.RemotePolicyDescription(ctx,
+		&experimental.RemotePolicyDescriptionRequest{
+			PolicyIdentifier: request.PolicyIdentifier,
+			IsdAs:            request.IsdAs,
+		})
 	if err != nil {
-		return &experimental.RemotePolicyDescriptionResponse{}, err
+		return &sdpb.PolicyDescriptionResponse{}, err
 	}
 
-	return response, nil
+	return &sdpb.PolicyDescriptionResponse{Description: response.Description}, nil
 }
@@ -25,6 +25,7 @@ SEE ALSO
 
 * :ref:`scion address <scion_address>` 	 - Show (one of) this host's SCION address(es)
 * :ref:`scion completion <scion_completion>` 	 - Generate the autocompletion script for the specified shell
+* :ref:`scion fabrid <scion_fabrid>` 	 - Display FABRID policy information
 * :ref:`scion ping <scion_ping>` 	 - Test connectivity to a remote SCION host using SCMP echo packets
 * :ref:`scion showpaths <scion_showpaths>` 	 - Display paths to a SCION AS
 * :ref:`scion traceroute <scion_traceroute>` 	 - Trace the SCION route to a remote SCION AS using SCMP traceroute packets
 
@@ -0,0 +1,58 @@
+:orphan:
+
+.. _scion_fabrid:
+
+scion fabrid
+------------
+
+Display FABRID policy information
+
+Synopsis
+~~~~~~~~
+
+
+'fabrid' lists available policies at a remote AS, or shows the
+description of a specific policy.
+
+::
+
+  scion fabrid [flags]
+
+Examples
+~~~~~~~~
+
+::
+
+    scion showpaths 1-ff00:0:110 --extended
+    scion showpaths 1-ff00:0:110 --local 127.0.0.55 --json
+    scion showpaths 1-ff00:0:111 --sequence="0-0#2 0*" # outgoing IfID=2
+    scion showpaths 1-ff00:0:111 --sequence="0* 0-0#41" # incoming IfID=41 at dstIA
+    scion showpaths 1-ff00:0:111 --sequence="0* 1-ff00:0:112 0*" # 1-ff00:0:112 on the path
+    scion showpaths 1-ff00:0:110 --no-probe
+
+Options
+~~~~~~~
+
+::
+
+      --epic                   Enable EPIC.
+  -e, --extended               Show extended path meta data information
+      --format string          Specify the output format (human|json|yaml) (default "human")
+  -h, --help                   help for fabrid
+      --isd-as isd-as          The local ISD-AS to use. (default 0-0)
+  -l, --local ip               Local IP address to listen on. (default invalid IP)
+      --log.level string       Console logging level verbosity (debug|info|error)
+  -m, --maxpaths int           Maximum number of paths that are displayed (default 10)
+      --no-color               disable colored output
+      --no-probe               Do not probe the paths and print the health status
+  -r, --refresh                Set refresh flag for SCION Daemon path request
+      --sciond string          SCION Daemon address. (default "127.0.0.1:30255")
+      --sequence string        Space separated list of hop predicates
+      --timeout duration       Timeout (default 5s)
+      --tracing.agent string   Tracing agent address
+
+SEE ALSO
+~~~~~~~~
+
+* :ref:`scion <scion>` 	 - SCION networking utilities.
+
@@ -21,7 +21,6 @@ go_library(
         "//pkg/private/ctrl/path_mgmt:go_default_library",
         "//pkg/private/prom:go_default_library",
         "//pkg/private/serrors:go_default_library",
-        "//pkg/proto/control_plane/experimental:go_default_library",
         "//pkg/proto/daemon:go_default_library",
         "//pkg/proto/drkey:go_default_library",
         "//pkg/scrypto/cppki:go_default_library",
 
@@ -31,7 +31,6 @@ import (
 	"github.com/scionproto/scion/pkg/private/common"
 	"github.com/scionproto/scion/pkg/private/ctrl/path_mgmt"
 	"github.com/scionproto/scion/pkg/private/serrors"
-	cppb "github.com/scionproto/scion/pkg/proto/control_plane/experimental"
 	sdpb "github.com/scionproto/scion/pkg/proto/daemon"
 	dkpb "github.com/scionproto/scion/pkg/proto/drkey"
 	"github.com/scionproto/scion/pkg/scrypto/cppki"
@@ -282,7 +281,7 @@ func (c grpcConn) RemotePolicyDescription(ctx context.Context,
 	identifier uint32, ia addr.IA) (string, error) {
 
 	client := sdpb.NewDaemonServiceClient(c.conn)
-	response, err := client.RemotePolicyDescription(ctx, &cppb.RemotePolicyDescriptionRequest{
+	response, err := client.PolicyDescription(ctx, &sdpb.PolicyDescriptionRequest{
 		PolicyIdentifier: identifier,
 		IsdAs:            uint64(ia),
 	})
 
@@ -48,11 +48,10 @@ service DaemonService {
     rpc DRKeyHostHost (DRKeyHostHostRequest) returns (DRKeyHostHostResponse) {}
     // FabridKeys returns the DRKeys for FABRID
     rpc FabridKeys (FabridKeysRequest) returns (FabridKeysResponse) {}
-    // Used by a host inside the AS to request a policy description for another AS. The control
-    // service will request the policy description from the remote AS if it is unknown to the
-    // control service.
-    rpc RemotePolicyDescription(proto.control_plane.experimental.v1.RemotePolicyDescriptionRequest) returns
-        (proto.control_plane.experimental.v1.RemotePolicyDescriptionResponse) {}
+    // Used by a host inside the AS to request a policy description. Global policies are fetched
+    // from GitHub, non-global policies are handled by the control service.
+    rpc PolicyDescription(PolicyDescriptionRequest) returns
+        (PolicyDescriptionResponse) {}
 }
 
 message PathsRequest {
@@ -178,6 +177,18 @@ message FabridKeysResponse {
     optional FabridKeyResponse host_host_key = 2;
 }
 
+message PolicyDescriptionRequest {
+    // The identifier for the policy
+    uint32 policy_identifier = 1;
+    // Remote ISD-AS of the non-global policy identifier
+    uint64 isd_as = 2;
+}
+
+message PolicyDescriptionResponse {
+    // A description of the local policy.
+    string description = 1;
+}
+
 message EpicAuths {
     // AuthPHVF is the authenticator use to calculate the PHVF.
     bytes auth_phvf = 1;
 
@@ -6,13 +6,13 @@ go_library(
     srcs = [
         "address.go",
         "common.go",
+        "fabrid.go",
         "gendocs.go",
         "main.go",
         "observability.go",
         "ping.go",
         "showpaths.go",
         "traceroute.go",
-        "fabrid.go",
     ],
     importpath = "github.com/scionproto/scion/scion/cmd/scion",
     visibility = ["//visibility:private"],
 
@@ -21,14 +21,15 @@ import (
 	"strconv"
 	"time"
 
+	"github.com/spf13/cobra"
+
 	"github.com/scionproto/scion/pkg/addr"
 	"github.com/scionproto/scion/pkg/log"
 	"github.com/scionproto/scion/pkg/private/serrors"
 	"github.com/scionproto/scion/private/app"
 	"github.com/scionproto/scion/private/app/flag"
 	"github.com/scionproto/scion/private/tracing"
 	"github.com/scionproto/scion/scion/fabrid"
-	"github.com/spf13/cobra"
 )
 
 func newFabrid(pather CommandPather) *cobra.Command {
 
@@ -11,11 +11,6 @@ go_library(
     deps = [
         "//pkg/addr:go_default_library",
         "//pkg/daemon:go_default_library",
-        "//pkg/private/common:go_default_library",
         "//pkg/private/serrors:go_default_library",
-        "//pkg/snet:go_default_library",
-        "//private/app/path:go_default_library",
-        "//private/app/path/pathprobe:go_default_library",
-        "//private/path/pathpol:go_default_library",
     ],
 )
@@ -18,11 +18,12 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"io/ioutil"
+	"net/http"
+
 	"github.com/scionproto/scion/pkg/addr"
 	"github.com/scionproto/scion/pkg/daemon"
 	"github.com/scionproto/scion/pkg/private/serrors"
-	"io/ioutil"
-	"net/http"
 )
 
 // Result contains all the discovered paths.
@@ -46,7 +47,6 @@ func Run(ctx context.Context, dst *addr.IA, identifier uint32, cfg Config) (*Res
 			return nil, serrors.WrapStr("retrieving description from the SCION Daemon", err)
 		}
 	} else {
-		// Replace with the raw URL of your GitHub content (e.g., https://raw.githubusercontent.com/user/repo/branch/path/to/policies.json)
 		globalPolicyURL := "https://raw.githubusercontent.com/marcodermatt/fabrid-global-policies/main/policy-descriptions.json"
 
 		// Fetch the global policy from the URL