diff --git a/core/auth.proto b/core/auth.proto index cb069a7..0653b08 100644 --- a/core/auth.proto +++ b/core/auth.proto @@ -13,4 +13,4 @@ message AuthenticateRequest { message AuthenticateResponse { string token = 1; -} \ No newline at end of file +} diff --git a/core/vpn.proto b/core/vpn.proto deleted file mode 100644 index 6db43cd..0000000 --- a/core/vpn.proto +++ /dev/null @@ -1,88 +0,0 @@ -syntax = "proto3"; - -package vpn; - -// This service is used by clients to create a VPN mesh. -service VpnService { - // Store DeviceInfo data on the server so that it can be distributed to other - // clients and used to broker connections. Perform update if the device with - // given id already exists. - rpc RegisterDevice(RegisterDeviceRequest) returns (RegisterDeviceResponse); - - // Get static information about all devices in the system. As the information - // changes, new versions will be streamed back. - rpc GetDevicesInfo(GetDevicesInfoRequest) - returns (stream DevicesInfo); - - // Broker creating a new connection. - // Devices learn about each other via GetDevicesInfo. When they do, they - // should try to connect to each other via this call. Both should send each - // other their ICE info. The server, once it gets a response will forward it - // to the other client and close the stream. The only reason why the response - // is a stream rather than a single RPC is to reflect this RPC's potential - // long duration (e.g. when one of the devices is offline). Each client will - // have at most one `BrokerConnection` per one peer pending. - rpc BrokerConnection(BrokerConnectionRequest) - returns (stream BrokerConnectionResponse); -} - -// The information about a device. -message DeviceInfo { - // User-presentable device name. - string name = 1; - // Unique machine identifier. This is stored on the client device. - int64 id = 2; - // The IP address assigned to the device on the WG interface. - string ip_address = 3; - // Wireguard public key of the device. - string wg_public_key = 4; -} - -message GetDevicesInfoRequest { - int64 device_id = 1; -} - -// A list of DeviceInfos. -message DevicesInfo { - repeated DeviceInfo devices = 1; -} - -message BrokerConnectionRequest { - int64 my_device_id = 1; - int64 peer_device_id = 2; - ICEAgentInfo my_ice_agent_info = 3; -} - -message BrokerConnectionResponse { - int64 peer_device_id = 2; - ICEAgentInfo peer_ice_agent_info = 3; -} - -message RegisterDeviceRequest { - DeviceInfo device = 1; -} - -message RegisterDeviceResponse { - -} - -// This structure contains the information necessary to construct a remote ICE -// agent, except for username fragment -message ICEAgentInfo { - // ICE user & password as described in section 5.3 of RFC 8445. This is - // generated randomly by the clients on every restart. - string user = 1; - string password = 2; - - repeated ICECandidate candidates = 3; -} - -// This structure describes a single ICE candidate according to section 5.3 of -// RFC 8445. Refer to the RFC for meaning of the fields. -message ICECandidate { - string foundation = 1; - int32 priority = 2; - string ip_address = 3; - int32 port = 4; - int32 type = 5; -} diff --git a/wireguard/gateway.proto b/wireguard/gateway.proto index 4b6affb..7245fdb 100644 --- a/wireguard/gateway.proto +++ b/wireguard/gateway.proto @@ -4,9 +4,13 @@ package gateway; import "google/protobuf/empty.proto"; message ConfigurationRequest { - optional string name = 1; + string auth_token = 1; + string hostname = 2; } +/* + * Networking and VPN configuration send from core to gateway. + */ message Configuration { string name = 1; string prvkey = 2; @@ -47,18 +51,35 @@ message PeerStats { } /* - * Allow empty messages to keep the connection alive. + * CoreResponse represents messages send from core to gateway + * in response to CoreRequest. */ -message StatsUpdate { +message CoreResponse { uint64 id = 1; oneof payload { + // Allow empty messages to keep the connection alive. google.protobuf.Empty empty = 2; - PeerStats peer_stats = 3; + Configuration config = 3; + Update update = 4; } } -service GatewayService { - rpc Config (ConfigurationRequest) returns (Configuration); - rpc Updates (google.protobuf.Empty) returns (stream Update); - rpc Stats (stream StatsUpdate) returns (google.protobuf.Empty); +/* + * CoreRequest represents messages send from gateway to core. + */ +message CoreRequest { + uint64 id = 1; + oneof payload { + PeerStats peer_stats = 2; + ConfigurationRequest config_request = 3; + } +} + +/* + * Bi-directional communication between core and gateway. + * For security reasons, the connection has to be initiated by core, + * so requests and responses are actually send in reverse. + */ +service Gateway { + rpc Bidi (stream CoreResponse) returns (stream CoreRequest); }