luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Update plugin proto to send tls.ConnectionState (Op.2) (#12581)

This commit is contained in:
Tim Peoples 2021-10-07 05:06:09 -07:00 committed by GitHub
parent f21be1ed1c
commit 17eb29f1d3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 712 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changelog/12581.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note: improvements
core/plugin: Update plugin proto to send tls.ConnectionState across gRPC boundary
```

666
sdk/plugin/pb/backend.pb.go
View File

@ -3109,7 +3109,10 @@ type Connection struct {
unknownFields protoimpl.UnknownFields
// RemoteAddr is the network address that sent the request.
RemoteAddr string `protobuf:"bytes,1,opt,name=remote_addr,json=remoteAddr,proto3" json:"remote_addr,omitempty"`
RemoteAddr string `sentinel:"" protobuf:"bytes,1,opt,name=remote_addr,json=remoteAddr,proto3" json:"remote_addr,omitempty"`
// ConnectionState is the marshalled tls.ConnectionState from the original
// request
ConnectionState *ConnectionState `sentinel:"" protobuf:"bytes,2,opt,name=connection_state,json=connectionState,proto3" json:"connection_state,omitempty"`
}
func (x *Connection) Reset() {
@ -3151,6 +3154,242 @@ func (x *Connection) GetRemoteAddr() string {
return ""
}
func (x *Connection) GetConnectionState() *ConnectionState {
if x != nil {
return x.ConnectionState
}
return nil
}
type ConnectionState struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Version uint32 `sentinel:"" protobuf:"varint,1,opt,name=version,proto3" json:"version,omitempty"`
HandshakeComplete bool `sentinel:"" protobuf:"varint,2,opt,name=handshake_complete,json=handshakeComplete,proto3" json:"handshake_complete,omitempty"`
DidResume bool `sentinel:"" protobuf:"varint,3,opt,name=did_resume,json=didResume,proto3" json:"did_resume,omitempty"`
CipherSuite uint32 `sentinel:"" protobuf:"varint,4,opt,name=cipher_suite,json=cipherSuite,proto3" json:"cipher_suite,omitempty"`
NegotiatedProtocol string `sentinel:"" protobuf:"bytes,5,opt,name=negotiated_protocol,json=negotiatedProtocol,proto3" json:"negotiated_protocol,omitempty"`
NegotiatedProtocolIsMutual bool `sentinel:"" protobuf:"varint,6,opt,name=negotiated_protocol_is_mutual,json=negotiatedProtocolIsMutual,proto3" json:"negotiated_protocol_is_mutual,omitempty"`
ServerName string `sentinel:"" protobuf:"bytes,7,opt,name=server_name,json=serverName,proto3" json:"server_name,omitempty"`
PeerCertificates *CertificateChain `sentinel:"" protobuf:"bytes,8,opt,name=peer_certificates,json=peerCertificates,proto3" json:"peer_certificates,omitempty"`
VerifiedChains []*CertificateChain `sentinel:"" protobuf:"bytes,9,rep,name=verified_chains,json=verifiedChains,proto3" json:"verified_chains,omitempty"`
SignedCertificateTimestamps [][]byte `sentinel:"" protobuf:"bytes,10,rep,name=signed_certificate_timestamps,json=signedCertificateTimestamps,proto3" json:"signed_certificate_timestamps,omitempty"`
OcspResponse []byte `sentinel:"" protobuf:"bytes,11,opt,name=ocsp_response,json=ocspResponse,proto3" json:"ocsp_response,omitempty"`
TlsUnique []byte `sentinel:"" protobuf:"bytes,12,opt,name=tls_unique,json=tlsUnique,proto3" json:"tls_unique,omitempty"`
}
func (x *ConnectionState) Reset() {
*x = ConnectionState{}
if protoimpl.UnsafeEnabled {
mi := &file_sdk_plugin_pb_backend_proto_msgTypes[47]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *ConnectionState) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*ConnectionState) ProtoMessage() {}
func (x *ConnectionState) ProtoReflect() protoreflect.Message {
mi := &file_sdk_plugin_pb_backend_proto_msgTypes[47]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use ConnectionState.ProtoReflect.Descriptor instead.
func (*ConnectionState) Descriptor() ([]byte, []int) {
return file_sdk_plugin_pb_backend_proto_rawDescGZIP(), []int{47}
}
func (x *ConnectionState) GetVersion() uint32 {
if x != nil {
return x.Version
}
return 0
}
func (x *ConnectionState) GetHandshakeComplete() bool {
if x != nil {
return x.HandshakeComplete
}
return false
}
func (x *ConnectionState) GetDidResume() bool {
if x != nil {
return x.DidResume
}
return false
}
func (x *ConnectionState) GetCipherSuite() uint32 {
if x != nil {
return x.CipherSuite
}
return 0
}
func (x *ConnectionState) GetNegotiatedProtocol() string {
if x != nil {
return x.NegotiatedProtocol
}
return ""
}
func (x *ConnectionState) GetNegotiatedProtocolIsMutual() bool {
if x != nil {
return x.NegotiatedProtocolIsMutual
}
return false
}
func (x *ConnectionState) GetServerName() string {
if x != nil {
return x.ServerName
}
return ""
}
func (x *ConnectionState) GetPeerCertificates() *CertificateChain {
if x != nil {
return x.PeerCertificates
}
return nil
}
func (x *ConnectionState) GetVerifiedChains() []*CertificateChain {
if x != nil {
return x.VerifiedChains
}
return nil
}
func (x *ConnectionState) GetSignedCertificateTimestamps() [][]byte {
if x != nil {
return x.SignedCertificateTimestamps
}
return nil
}
func (x *ConnectionState) GetOcspResponse() []byte {
if x != nil {
return x.OcspResponse
}
return nil
}
func (x *ConnectionState) GetTlsUnique() []byte {
if x != nil {
return x.TlsUnique
}
return nil
}
type Certificate struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Asn1Data []byte `sentinel:"" protobuf:"bytes,1,opt,name=asn1_data,json=asn1Data,proto3" json:"asn1_data,omitempty"`
}
func (x *Certificate) Reset() {
*x = Certificate{}
if protoimpl.UnsafeEnabled {
mi := &file_sdk_plugin_pb_backend_proto_msgTypes[48]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *Certificate) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*Certificate) ProtoMessage() {}
func (x *Certificate) ProtoReflect() protoreflect.Message {
mi := &file_sdk_plugin_pb_backend_proto_msgTypes[48]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use Certificate.ProtoReflect.Descriptor instead.
func (*Certificate) Descriptor() ([]byte, []int) {
return file_sdk_plugin_pb_backend_proto_rawDescGZIP(), []int{48}
}
func (x *Certificate) GetAsn1Data() []byte {
if x != nil {
return x.Asn1Data
}
return nil
}
type CertificateChain struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Certificates []*Certificate `sentinel:"" protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
}
func (x *CertificateChain) Reset() {
*x = CertificateChain{}
if protoimpl.UnsafeEnabled {
mi := &file_sdk_plugin_pb_backend_proto_msgTypes[49]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *CertificateChain) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*CertificateChain) ProtoMessage() {}
func (x *CertificateChain) ProtoReflect() protoreflect.Message {
mi := &file_sdk_plugin_pb_backend_proto_msgTypes[49]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use CertificateChain.ProtoReflect.Descriptor instead.
func (*CertificateChain) Descriptor() ([]byte, []int) {
return file_sdk_plugin_pb_backend_proto_rawDescGZIP(), []int{49}
}
func (x *CertificateChain) GetCertificates() []*Certificate {
if x != nil {
return x.Certificates
}
return nil
}
var File_sdk_plugin_pb_backend_proto protoreflect.FileDescriptor
var file_sdk_plugin_pb_backend_proto_rawDesc = []byte{
@ -3517,96 +3756,144 @@ var file_sdk_plugin_pb_backend_proto_rawDesc = []byte{
0x65, 0x72, 0x61, 0x74, 0x65, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x46, 0x72, 0x6f,
0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x1a, 0x0a, 0x08,
0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08,
0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x22, 0x2d, 0x0a, 0x0a, 0x43, 0x6f, 0x6e, 0x6e,
0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x22, 0x6d, 0x0a, 0x0a, 0x43, 0x6f, 0x6e, 0x6e,
0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1f, 0x0a, 0x0b, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65,
0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x65, 0x6d,
0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x32, 0xa5, 0x03, 0x0a, 0x07, 0x42, 0x61, 0x63, 0x6b,
0x65, 0x6e, 0x64, 0x12, 0x3e, 0x0a, 0x0d, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x52, 0x65, 0x71,
0x75, 0x65, 0x73, 0x74, 0x12, 0x15, 0x2e, 0x70, 0x62, 0x2e, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65,
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x16, 0x2e, 0x70, 0x62,
0x2e, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, 0x65,
0x70, 0x6c, 0x79, 0x12, 0x30, 0x0a, 0x0c, 0x53, 0x70, 0x65, 0x63, 0x69, 0x61, 0x6c, 0x50, 0x61,
0x74, 0x68, 0x73, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x15,
0x2e, 0x70, 0x62, 0x2e, 0x53, 0x70, 0x65, 0x63, 0x69, 0x61, 0x6c, 0x50, 0x61, 0x74, 0x68, 0x73,
0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x53, 0x0a, 0x14, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x45,
0x78, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x1c, 0x2e,
0x70, 0x62, 0x2e, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x45, 0x78, 0x69, 0x73, 0x74, 0x65, 0x6e,
0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x1d, 0x2e, 0x70, 0x62,
0x2e, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x45, 0x78, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x65,
0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x1f, 0x0a, 0x07, 0x43, 0x6c,
0x65, 0x61, 0x6e, 0x75, 0x70, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79,
0x1a, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x31, 0x0a, 0x0d, 0x49,
0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x15, 0x2e, 0x70,
0x62, 0x2e, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41,
0x72, 0x67, 0x73, 0x1a, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x26,
0x0a, 0x05, 0x53, 0x65, 0x74, 0x75, 0x70, 0x12, 0x0d, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x65, 0x74,
0x75, 0x70, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x0e, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x65, 0x74, 0x75,
0x70, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x35, 0x0a, 0x0a, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61,
0x6c, 0x69, 0x7a, 0x65, 0x12, 0x12, 0x2e, 0x70, 0x62, 0x2e, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61,
0x6c, 0x69, 0x7a, 0x65, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x13, 0x2e, 0x70, 0x62, 0x2e, 0x49, 0x6e,
0x69, 0x74, 0x69, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x20, 0x0a,
0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79,
0x1a, 0x0d, 0x2e, 0x70, 0x62, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x32,
0xd5, 0x01, 0x0a, 0x07, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x12, 0x31, 0x0a, 0x04, 0x4c,
0x69, 0x73, 0x74, 0x12, 0x13, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65,
0x4c, 0x69, 0x73, 0x74, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74,
0x6f, 0x72, 0x61, 0x67, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x2e,
0x0a, 0x03, 0x47, 0x65, 0x74, 0x12, 0x12, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61,
0x67, 0x65, 0x47, 0x65, 0x74, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x13, 0x2e, 0x70, 0x62, 0x2e, 0x53,
0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x47, 0x65, 0x74, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x2e,
0x0a, 0x03, 0x50, 0x75, 0x74, 0x12, 0x12, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61,
0x67, 0x65, 0x50, 0x75, 0x74, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x13, 0x2e, 0x70, 0x62, 0x2e, 0x53,
0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x50, 0x75, 0x74, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x37,
0x0a, 0x06, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x12, 0x15, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74,
0x6f, 0x72, 0x61, 0x67, 0x65, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x72, 0x67, 0x73, 0x1a,
0x16, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x44, 0x65, 0x6c, 0x65,
0x74, 0x65, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x32, 0xb1, 0x05, 0x0a, 0x0a, 0x53, 0x79, 0x73, 0x74,
0x65, 0x6d, 0x56, 0x69, 0x65, 0x77, 0x12, 0x2a, 0x0a, 0x0f, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c,
0x74, 0x4c, 0x65, 0x61, 0x73, 0x65, 0x54, 0x54, 0x4c, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45,
0x6d, 0x70, 0x74, 0x79, 0x1a, 0x0c, 0x2e, 0x70, 0x62, 0x2e, 0x54, 0x54, 0x4c, 0x52, 0x65, 0x70,
0x6c, 0x79, 0x12, 0x26, 0x0a, 0x0b, 0x4d, 0x61, 0x78, 0x4c, 0x65, 0x61, 0x73, 0x65, 0x54, 0x54,
0x4c, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x0c, 0x2e, 0x70,
0x62, 0x2e, 0x54, 0x54, 0x4c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x26, 0x0a, 0x07, 0x54, 0x61,
0x69, 0x6e, 0x74, 0x65, 0x64, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79,
0x1a, 0x10, 0x2e, 0x70, 0x62, 0x2e, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x52, 0x65, 0x70,
0x6c, 0x79, 0x12, 0x36, 0x0a, 0x0f, 0x43, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x44, 0x69, 0x73,
0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79,
0x1a, 0x18, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x67, 0x44, 0x69, 0x73,
0x61, 0x62, 0x6c, 0x65, 0x64, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x38, 0x0a, 0x10, 0x52, 0x65,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x09,
0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x19, 0x2e, 0x70, 0x62, 0x2e, 0x52,
0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52,
0x65, 0x70, 0x6c, 0x79, 0x12, 0x47, 0x0a, 0x10, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
0x57, 0x72, 0x61, 0x70, 0x44, 0x61, 0x74, 0x61, 0x12, 0x18, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x65,
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x57, 0x72, 0x61, 0x70, 0x44, 0x61, 0x74, 0x61, 0x41, 0x72,
0x67, 0x73, 0x1a, 0x19, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
0x57, 0x72, 0x61, 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x30, 0x0a,
0x0c, 0x4d, 0x6c, 0x6f, 0x63, 0x6b, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x09, 0x2e,
0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x15, 0x2e, 0x70, 0x62, 0x2e, 0x4d, 0x6c,
0x6f, 0x63, 0x6b, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12,
0x2c, 0x0a, 0x0a, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4d, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x09, 0x2e,
0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x13, 0x2e, 0x70, 0x62, 0x2e, 0x4c, 0x6f,
0x63, 0x61, 0x6c, 0x4d, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x35, 0x0a,
0x0a, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x12, 0x2e, 0x70, 0x62,
0x2e, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x41, 0x72, 0x67, 0x73, 0x1a,
0x13, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x52,
0x65, 0x70, 0x6c, 0x79, 0x12, 0x2a, 0x0a, 0x09, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x45, 0x6e,
0x76, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x12, 0x2e, 0x70,
0x62, 0x2e, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x45, 0x6e, 0x76, 0x52, 0x65, 0x70, 0x6c, 0x79,
0x12, 0x3f, 0x0a, 0x0f, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x46, 0x6f, 0x72, 0x45, 0x6e, 0x74,
0x69, 0x74, 0x79, 0x12, 0x12, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x49,
0x6e, 0x66, 0x6f, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x18, 0x2e, 0x70, 0x62, 0x2e, 0x47, 0x72, 0x6f,
0x75, 0x70, 0x73, 0x46, 0x6f, 0x72, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x65, 0x70, 0x6c,
0x79, 0x12, 0x68, 0x0a, 0x1a, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x50, 0x61, 0x73,
0x73, 0x77, 0x6f, 0x72, 0x64, 0x46, 0x72, 0x6f, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12,
0x25, 0x2e, 0x70, 0x62, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x50, 0x61, 0x73,
0x73, 0x77, 0x6f, 0x72, 0x64, 0x46, 0x72, 0x6f, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52,
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x70, 0x62, 0x2e, 0x47, 0x65, 0x6e, 0x65,
0x72, 0x61, 0x74, 0x65, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x46, 0x72, 0x6f, 0x6d,
0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x42, 0x2a, 0x5a, 0x28, 0x67,
0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63,
0x6f, 0x72, 0x70, 0x2f, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2f, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x6c,
0x75, 0x67, 0x69, 0x6e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x12, 0x3e, 0x0a, 0x10, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
0x0b, 0x32, 0x13, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x0f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69,
0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x22, 0xbb, 0x04, 0x0a, 0x0f, 0x43, 0x6f, 0x6e, 0x6e,
0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x76,
0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x07, 0x76, 0x65,
0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x2d, 0x0a, 0x12, 0x68, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61,
0x6b, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6c, 0x65, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
0x08, 0x52, 0x11, 0x68, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x43, 0x6f, 0x6d, 0x70,
0x6c, 0x65, 0x74, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x64, 0x69, 0x64, 0x5f, 0x72, 0x65, 0x73, 0x75,
0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x64, 0x69, 0x64, 0x52, 0x65, 0x73,
0x75, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x5f, 0x73, 0x75,
0x69, 0x74, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0b, 0x63, 0x69, 0x70, 0x68, 0x65,
0x72, 0x53, 0x75, 0x69, 0x74, 0x65, 0x12, 0x2f, 0x0a, 0x13, 0x6e, 0x65, 0x67, 0x6f, 0x74, 0x69,
0x61, 0x74, 0x65, 0x64, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x05, 0x20,
0x01, 0x28, 0x09, 0x52, 0x12, 0x6e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x65, 0x64, 0x50,
0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x41, 0x0a, 0x1d, 0x6e, 0x65, 0x67, 0x6f, 0x74,
0x69, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x5f, 0x69,
0x73, 0x5f, 0x6d, 0x75, 0x74, 0x75, 0x61, 0x6c, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a,
0x6e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x65, 0x64, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
0x6f, 0x6c, 0x49, 0x73, 0x4d, 0x75, 0x74, 0x75, 0x61, 0x6c, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x65,
0x72, 0x76, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52,
0x0a, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x41, 0x0a, 0x11, 0x70,
0x65, 0x65, 0x72, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73,
0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x65, 0x72, 0x74,
0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x52, 0x10, 0x70, 0x65,
0x65, 0x72, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x12, 0x3d,
0x0a, 0x0f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x5f, 0x63, 0x68, 0x61, 0x69, 0x6e,
0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x65, 0x72,
0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x52, 0x0e, 0x76,
0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x42, 0x0a,
0x1d, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x64, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
0x61, 0x74, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x73, 0x18, 0x0a,
0x20, 0x03, 0x28, 0x0c, 0x52, 0x1b, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74,
0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
0x73, 0x12, 0x23, 0x0a, 0x0d, 0x6f, 0x63, 0x73, 0x70, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e,
0x73, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x6f, 0x63, 0x73, 0x70, 0x52, 0x65,
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x74, 0x6c, 0x73, 0x5f, 0x75, 0x6e,
0x69, 0x71, 0x75, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x74, 0x6c, 0x73, 0x55,
0x6e, 0x69, 0x71, 0x75, 0x65, 0x22, 0x2a, 0x0a, 0x0b, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
0x63, 0x61, 0x74, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x61, 0x73, 0x6e, 0x31, 0x5f, 0x64, 0x61, 0x74,
0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x61, 0x73, 0x6e, 0x31, 0x44, 0x61, 0x74,
0x61, 0x22, 0x47, 0x0a, 0x10, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
0x43, 0x68, 0x61, 0x69, 0x6e, 0x12, 0x33, 0x0a, 0x0c, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x70, 0x62,
0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x0c, 0x63, 0x65,
0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x32, 0xa5, 0x03, 0x0a, 0x07, 0x42,
0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x12, 0x3e, 0x0a, 0x0d, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65,
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x15, 0x2e, 0x70, 0x62, 0x2e, 0x48, 0x61, 0x6e,
0x64, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x16,
0x2e, 0x70, 0x62, 0x2e, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
0x74, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x30, 0x0a, 0x0c, 0x53, 0x70, 0x65, 0x63, 0x69, 0x61,
0x6c, 0x50, 0x61, 0x74, 0x68, 0x73, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74,
0x79, 0x1a, 0x15, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x70, 0x65, 0x63, 0x69, 0x61, 0x6c, 0x50, 0x61,
0x74, 0x68, 0x73, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x53, 0x0a, 0x14, 0x48, 0x61, 0x6e, 0x64,
0x6c, 0x65, 0x45, 0x78, 0x69, 0x73, 0x74, 0x65, 0x6e, 0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b,
0x12, 0x1c, 0x2e, 0x70, 0x62, 0x2e, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x45, 0x78, 0x69, 0x73,
0x74, 0x65, 0x6e, 0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x1d,
0x2e, 0x70, 0x62, 0x2e, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x45, 0x78, 0x69, 0x73, 0x74, 0x65,
0x6e, 0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x1f, 0x0a,
0x07, 0x43, 0x6c, 0x65, 0x61, 0x6e, 0x75, 0x70, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d,
0x70, 0x74, 0x79, 0x1a, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x31,
0x0a, 0x0d, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12,
0x15, 0x2e, 0x70, 0x62, 0x2e, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x4b,
0x65, 0x79, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74,
0x79, 0x12, 0x26, 0x0a, 0x05, 0x53, 0x65, 0x74, 0x75, 0x70, 0x12, 0x0d, 0x2e, 0x70, 0x62, 0x2e,
0x53, 0x65, 0x74, 0x75, 0x70, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x0e, 0x2e, 0x70, 0x62, 0x2e, 0x53,
0x65, 0x74, 0x75, 0x70, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x35, 0x0a, 0x0a, 0x49, 0x6e, 0x69,
0x74, 0x69, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x12, 0x12, 0x2e, 0x70, 0x62, 0x2e, 0x49, 0x6e, 0x69,
0x74, 0x69, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x13, 0x2e, 0x70, 0x62,
0x2e, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x52, 0x65, 0x70, 0x6c, 0x79,
0x12, 0x20, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d,
0x70, 0x74, 0x79, 0x1a, 0x0d, 0x2e, 0x70, 0x62, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x65, 0x70,
0x6c, 0x79, 0x32, 0xd5, 0x01, 0x0a, 0x07, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x12, 0x31,
0x0a, 0x04, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x13, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74, 0x6f, 0x72,
0x61, 0x67, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x14, 0x2e, 0x70, 0x62,
0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x70, 0x6c,
0x79, 0x12, 0x2e, 0x0a, 0x03, 0x47, 0x65, 0x74, 0x12, 0x12, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74,
0x6f, 0x72, 0x61, 0x67, 0x65, 0x47, 0x65, 0x74, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x13, 0x2e, 0x70,
0x62, 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x47, 0x65, 0x74, 0x52, 0x65, 0x70, 0x6c,
0x79, 0x12, 0x2e, 0x0a, 0x03, 0x50, 0x75, 0x74, 0x12, 0x12, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74,
0x6f, 0x72, 0x61, 0x67, 0x65, 0x50, 0x75, 0x74, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x13, 0x2e, 0x70,
0x62, 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x50, 0x75, 0x74, 0x52, 0x65, 0x70, 0x6c,
0x79, 0x12, 0x37, 0x0a, 0x06, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x12, 0x15, 0x2e, 0x70, 0x62,
0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x72,
0x67, 0x73, 0x1a, 0x16, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x44,
0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x32, 0xb1, 0x05, 0x0a, 0x0a, 0x53,
0x79, 0x73, 0x74, 0x65, 0x6d, 0x56, 0x69, 0x65, 0x77, 0x12, 0x2a, 0x0a, 0x0f, 0x44, 0x65, 0x66,
0x61, 0x75, 0x6c, 0x74, 0x4c, 0x65, 0x61, 0x73, 0x65, 0x54, 0x54, 0x4c, 0x12, 0x09, 0x2e, 0x70,
0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x0c, 0x2e, 0x70, 0x62, 0x2e, 0x54, 0x54, 0x4c,
0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x26, 0x0a, 0x0b, 0x4d, 0x61, 0x78, 0x4c, 0x65, 0x61, 0x73,
0x65, 0x54, 0x54, 0x4c, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a,
0x0c, 0x2e, 0x70, 0x62, 0x2e, 0x54, 0x54, 0x4c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x26, 0x0a,
0x07, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d,
0x70, 0x74, 0x79, 0x1a, 0x10, 0x2e, 0x70, 0x62, 0x2e, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64,
0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x36, 0x0a, 0x0f, 0x43, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x67,
0x44, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d,
0x70, 0x74, 0x79, 0x1a, 0x18, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x67,
0x44, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x38, 0x0a,
0x10, 0x52, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74,
0x65, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x19, 0x2e, 0x70,
0x62, 0x2e, 0x52, 0x65, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61,
0x74, 0x65, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x47, 0x0a, 0x10, 0x52, 0x65, 0x73, 0x70, 0x6f,
0x6e, 0x73, 0x65, 0x57, 0x72, 0x61, 0x70, 0x44, 0x61, 0x74, 0x61, 0x12, 0x18, 0x2e, 0x70, 0x62,
0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x57, 0x72, 0x61, 0x70, 0x44, 0x61, 0x74,
0x61, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x19, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f,
0x6e, 0x73, 0x65, 0x57, 0x72, 0x61, 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x65, 0x70, 0x6c, 0x79,
0x12, 0x30, 0x0a, 0x0c, 0x4d, 0x6c, 0x6f, 0x63, 0x6b, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64,
0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x15, 0x2e, 0x70, 0x62,
0x2e, 0x4d, 0x6c, 0x6f, 0x63, 0x6b, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x52, 0x65, 0x70,
0x6c, 0x79, 0x12, 0x2c, 0x0a, 0x0a, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4d, 0x6f, 0x75, 0x6e, 0x74,
0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x13, 0x2e, 0x70, 0x62,
0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x4d, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x70, 0x6c, 0x79,
0x12, 0x35, 0x0a, 0x0a, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x12,
0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x41, 0x72,
0x67, 0x73, 0x1a, 0x13, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x49, 0x6e,
0x66, 0x6f, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x2a, 0x0a, 0x09, 0x50, 0x6c, 0x75, 0x67, 0x69,
0x6e, 0x45, 0x6e, 0x76, 0x12, 0x09, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a,
0x12, 0x2e, 0x70, 0x62, 0x2e, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x45, 0x6e, 0x76, 0x52, 0x65,
0x70, 0x6c, 0x79, 0x12, 0x3f, 0x0a, 0x0f, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x46, 0x6f, 0x72,
0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x12, 0x12, 0x2e, 0x70, 0x62, 0x2e, 0x45, 0x6e, 0x74, 0x69,
0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x41, 0x72, 0x67, 0x73, 0x1a, 0x18, 0x2e, 0x70, 0x62, 0x2e,
0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x46, 0x6f, 0x72, 0x45, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52,
0x65, 0x70, 0x6c, 0x79, 0x12, 0x68, 0x0a, 0x1a, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65,
0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x46, 0x72, 0x6f, 0x6d, 0x50, 0x6f, 0x6c, 0x69,
0x63, 0x79, 0x12, 0x25, 0x2e, 0x70, 0x62, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65,
0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x46, 0x72, 0x6f, 0x6d, 0x50, 0x6f, 0x6c, 0x69,
0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x70, 0x62, 0x2e, 0x47,
0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x46,
0x72, 0x6f, 0x6d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x42, 0x2a,
0x5a, 0x28, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73,
0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x76, 0x61, 0x75, 0x6c, 0x74, 0x2f, 0x73, 0x64, 0x6b,
0x2f, 0x70, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x33,
}
var (
@ -3621,7 +3908,7 @@ func file_sdk_plugin_pb_backend_proto_rawDescGZIP() []byte {
return file_sdk_plugin_pb_backend_proto_rawDescData
}
var file_sdk_plugin_pb_backend_proto_msgTypes = make([]protoimpl.MessageInfo, 52)
var file_sdk_plugin_pb_backend_proto_msgTypes = make([]protoimpl.MessageInfo, 55)
var file_sdk_plugin_pb_backend_proto_goTypes = []interface{}{
(*Empty)(nil), // 0: pb.Empty
(*Header)(nil), // 1: pb.Header
@ -3670,35 +3957,38 @@ var file_sdk_plugin_pb_backend_proto_goTypes = []interface{}{
(*GeneratePasswordFromPolicyRequest)(nil), // 44: pb.GeneratePasswordFromPolicyRequest
(*GeneratePasswordFromPolicyReply)(nil), // 45: pb.GeneratePasswordFromPolicyReply
(*Connection)(nil), // 46: pb.Connection
nil, // 47: pb.Request.HeadersEntry
nil, // 48: pb.Auth.MetadataEntry
nil, // 49: pb.TokenEntry.MetaEntry
nil, // 50: pb.Response.HeadersEntry
nil, // 51: pb.SetupArgs.ConfigEntry
(*logical.Alias)(nil), // 52: logical.Alias
(*timestamppb.Timestamp)(nil), // 53: google.protobuf.Timestamp
(*logical.Entity)(nil), // 54: logical.Entity
(*logical.Group)(nil), // 55: logical.Group
(*logical.PluginEnvironment)(nil), // 56: logical.PluginEnvironment
(*ConnectionState)(nil), // 47: pb.ConnectionState
(*Certificate)(nil), // 48: pb.Certificate
(*CertificateChain)(nil), // 49: pb.CertificateChain
nil, // 50: pb.Request.HeadersEntry
nil, // 51: pb.Auth.MetadataEntry
nil, // 52: pb.TokenEntry.MetaEntry
nil, // 53: pb.Response.HeadersEntry
nil, // 54: pb.SetupArgs.ConfigEntry
(*logical.Alias)(nil), // 55: logical.Alias
(*timestamppb.Timestamp)(nil), // 56: google.protobuf.Timestamp
(*logical.Entity)(nil), // 57: logical.Entity
(*logical.Group)(nil), // 58: logical.Group
(*logical.PluginEnvironment)(nil), // 59: logical.PluginEnvironment
}
var file_sdk_plugin_pb_backend_proto_depIDxs = []int32{
8, // 0: pb.Request.secret:type_name -> pb.Secret
5, // 1: pb.Request.auth:type_name -> pb.Auth
47, // 2: pb.Request.headers:type_name -> pb.Request.HeadersEntry
50, // 2: pb.Request.headers:type_name -> pb.Request.HeadersEntry
11, // 3: pb.Request.wrap_info:type_name -> pb.RequestWrapInfo
46, // 4: pb.Request.connection:type_name -> pb.Connection
7, // 5: pb.Auth.lease_options:type_name -> pb.LeaseOptions
48, // 6: pb.Auth.metadata:type_name -> pb.Auth.MetadataEntry
52, // 7: pb.Auth.alias:type_name -> logical.Alias
52, // 8: pb.Auth.group_aliases:type_name -> logical.Alias
49, // 9: pb.TokenEntry.meta:type_name -> pb.TokenEntry.MetaEntry
53, // 10: pb.LeaseOptions.issue_time:type_name -> google.protobuf.Timestamp
51, // 6: pb.Auth.metadata:type_name -> pb.Auth.MetadataEntry
55, // 7: pb.Auth.alias:type_name -> logical.Alias
55, // 8: pb.Auth.group_aliases:type_name -> logical.Alias
52, // 9: pb.TokenEntry.meta:type_name -> pb.TokenEntry.MetaEntry
56, // 10: pb.LeaseOptions.issue_time:type_name -> google.protobuf.Timestamp
7, // 11: pb.Secret.lease_options:type_name -> pb.LeaseOptions
8, // 12: pb.Response.secret:type_name -> pb.Secret
5, // 13: pb.Response.auth:type_name -> pb.Auth
10, // 14: pb.Response.wrap_info:type_name -> pb.ResponseWrapInfo
50, // 15: pb.Response.headers:type_name -> pb.Response.HeadersEntry
53, // 16: pb.ResponseWrapInfo.creation_time:type_name -> google.protobuf.Timestamp
53, // 15: pb.Response.headers:type_name -> pb.Response.HeadersEntry
56, // 16: pb.ResponseWrapInfo.creation_time:type_name -> google.protobuf.Timestamp
4, // 17: pb.HandleRequestArgs.request:type_name -> pb.Request
9, // 18: pb.HandleRequestReply.response:type_name -> pb.Response
2, // 19: pb.HandleRequestReply.err:type_name -> pb.ProtoError
@ -3706,68 +3996,72 @@ var file_sdk_plugin_pb_backend_proto_depIDxs = []int32{
3, // 21: pb.SpecialPathsReply.paths:type_name -> pb.Paths
4, // 22: pb.HandleExistenceCheckArgs.request:type_name -> pb.Request
2, // 23: pb.HandleExistenceCheckReply.err:type_name -> pb.ProtoError
51, // 24: pb.SetupArgs.Config:type_name -> pb.SetupArgs.ConfigEntry
54, // 24: pb.SetupArgs.Config:type_name -> pb.SetupArgs.ConfigEntry
23, // 25: pb.StorageGetReply.entry:type_name -> pb.StorageEntry
23, // 26: pb.StoragePutArgs.entry:type_name -> pb.StorageEntry
10, // 27: pb.ResponseWrapDataReply.wrap_info:type_name -> pb.ResponseWrapInfo
54, // 28: pb.EntityInfoReply.entity:type_name -> logical.Entity
55, // 29: pb.GroupsForEntityReply.groups:type_name -> logical.Group
56, // 30: pb.PluginEnvReply.plugin_environment:type_name -> logical.PluginEnvironment
1, // 31: pb.Request.HeadersEntry.value:type_name -> pb.Header
1, // 32: pb.Response.HeadersEntry.value:type_name -> pb.Header
12, // 33: pb.Backend.HandleRequest:input_type -> pb.HandleRequestArgs
0, // 34: pb.Backend.SpecialPaths:input_type -> pb.Empty
17, // 35: pb.Backend.HandleExistenceCheck:input_type -> pb.HandleExistenceCheckArgs
0, // 36: pb.Backend.Cleanup:input_type -> pb.Empty
22, // 37: pb.Backend.InvalidateKey:input_type -> pb.InvalidateKeyArgs
19, // 38: pb.Backend.Setup:input_type -> pb.SetupArgs
14, // 39: pb.Backend.Initialize:input_type -> pb.InitializeArgs
0, // 40: pb.Backend.Type:input_type -> pb.Empty
24, // 41: pb.Storage.List:input_type -> pb.StorageListArgs
26, // 42: pb.Storage.Get:input_type -> pb.StorageGetArgs
28, // 43: pb.Storage.Put:input_type -> pb.StoragePutArgs
30, // 44: pb.Storage.Delete:input_type -> pb.StorageDeleteArgs
0, // 45: pb.SystemView.DefaultLeaseTTL:input_type -> pb.Empty
0, // 46: pb.SystemView.MaxLeaseTTL:input_type -> pb.Empty
0, // 47: pb.SystemView.Tainted:input_type -> pb.Empty
0, // 48: pb.SystemView.CachingDisabled:input_type -> pb.Empty
0, // 49: pb.SystemView.ReplicationState:input_type -> pb.Empty
36, // 50: pb.SystemView.ResponseWrapData:input_type -> pb.ResponseWrapDataArgs
0, // 51: pb.SystemView.MlockEnabled:input_type -> pb.Empty
0, // 52: pb.SystemView.LocalMount:input_type -> pb.Empty
40, // 53: pb.SystemView.EntityInfo:input_type -> pb.EntityInfoArgs
0, // 54: pb.SystemView.PluginEnv:input_type -> pb.Empty
40, // 55: pb.SystemView.GroupsForEntity:input_type -> pb.EntityInfoArgs
44, // 56: pb.SystemView.GeneratePasswordFromPolicy:input_type -> pb.GeneratePasswordFromPolicyRequest
13, // 57: pb.Backend.HandleRequest:output_type -> pb.HandleRequestReply
16, // 58: pb.Backend.SpecialPaths:output_type -> pb.SpecialPathsReply
18, // 59: pb.Backend.HandleExistenceCheck:output_type -> pb.HandleExistenceCheckReply
0, // 60: pb.Backend.Cleanup:output_type -> pb.Empty
0, // 61: pb.Backend.InvalidateKey:output_type -> pb.Empty
20, // 62: pb.Backend.Setup:output_type -> pb.SetupReply
15, // 63: pb.Backend.Initialize:output_type -> pb.InitializeReply
21, // 64: pb.Backend.Type:output_type -> pb.TypeReply
25, // 65: pb.Storage.List:output_type -> pb.StorageListReply
27, // 66: pb.Storage.Get:output_type -> pb.StorageGetReply
29, // 67: pb.Storage.Put:output_type -> pb.StoragePutReply
31, // 68: pb.Storage.Delete:output_type -> pb.StorageDeleteReply
32, // 69: pb.SystemView.DefaultLeaseTTL:output_type -> pb.TTLReply
32, // 70: pb.SystemView.MaxLeaseTTL:output_type -> pb.TTLReply
33, // 71: pb.SystemView.Tainted:output_type -> pb.TaintedReply
34, // 72: pb.SystemView.CachingDisabled:output_type -> pb.CachingDisabledReply
35, // 73: pb.SystemView.ReplicationState:output_type -> pb.ReplicationStateReply
37, // 74: pb.SystemView.ResponseWrapData:output_type -> pb.ResponseWrapDataReply
38, // 75: pb.SystemView.MlockEnabled:output_type -> pb.MlockEnabledReply
39, // 76: pb.SystemView.LocalMount:output_type -> pb.LocalMountReply
41, // 77: pb.SystemView.EntityInfo:output_type -> pb.EntityInfoReply
43, // 78: pb.SystemView.PluginEnv:output_type -> pb.PluginEnvReply
42, // 79: pb.SystemView.GroupsForEntity:output_type -> pb.GroupsForEntityReply
45, // 80: pb.SystemView.GeneratePasswordFromPolicy:output_type -> pb.GeneratePasswordFromPolicyReply
57, // [57:81] is the sub-list for method output_type
33, // [33:57] is the sub-list for method input_type
33, // [33:33] is the sub-list for extension type_name
33, // [33:33] is the sub-list for extension extendee
0, // [0:33] is the sub-list for field type_name
57, // 28: pb.EntityInfoReply.entity:type_name -> logical.Entity
58, // 29: pb.GroupsForEntityReply.groups:type_name -> logical.Group
59, // 30: pb.PluginEnvReply.plugin_environment:type_name -> logical.PluginEnvironment
47, // 31: pb.Connection.connection_state:type_name -> pb.ConnectionState
49, // 32: pb.ConnectionState.peer_certificates:type_name -> pb.CertificateChain
49, // 33: pb.ConnectionState.verified_chains:type_name -> pb.CertificateChain
48, // 34: pb.CertificateChain.certificates:type_name -> pb.Certificate
1, // 35: pb.Request.HeadersEntry.value:type_name -> pb.Header
1, // 36: pb.Response.HeadersEntry.value:type_name -> pb.Header
12, // 37: pb.Backend.HandleRequest:input_type -> pb.HandleRequestArgs
0, // 38: pb.Backend.SpecialPaths:input_type -> pb.Empty
17, // 39: pb.Backend.HandleExistenceCheck:input_type -> pb.HandleExistenceCheckArgs
0, // 40: pb.Backend.Cleanup:input_type -> pb.Empty
22, // 41: pb.Backend.InvalidateKey:input_type -> pb.InvalidateKeyArgs
19, // 42: pb.Backend.Setup:input_type -> pb.SetupArgs
14, // 43: pb.Backend.Initialize:input_type -> pb.InitializeArgs
0, // 44: pb.Backend.Type:input_type -> pb.Empty
24, // 45: pb.Storage.List:input_type -> pb.StorageListArgs
26, // 46: pb.Storage.Get:input_type -> pb.StorageGetArgs
28, // 47: pb.Storage.Put:input_type -> pb.StoragePutArgs
30, // 48: pb.Storage.Delete:input_type -> pb.StorageDeleteArgs
0, // 49: pb.SystemView.DefaultLeaseTTL:input_type -> pb.Empty
0, // 50: pb.SystemView.MaxLeaseTTL:input_type -> pb.Empty
0, // 51: pb.SystemView.Tainted:input_type -> pb.Empty
0, // 52: pb.SystemView.CachingDisabled:input_type -> pb.Empty
0, // 53: pb.SystemView.ReplicationState:input_type -> pb.Empty
36, // 54: pb.SystemView.ResponseWrapData:input_type -> pb.ResponseWrapDataArgs
0, // 55: pb.SystemView.MlockEnabled:input_type -> pb.Empty
0, // 56: pb.SystemView.LocalMount:input_type -> pb.Empty
40, // 57: pb.SystemView.EntityInfo:input_type -> pb.EntityInfoArgs
0, // 58: pb.SystemView.PluginEnv:input_type -> pb.Empty
40, // 59: pb.SystemView.GroupsForEntity:input_type -> pb.EntityInfoArgs
44, // 60: pb.SystemView.GeneratePasswordFromPolicy:input_type -> pb.GeneratePasswordFromPolicyRequest
13, // 61: pb.Backend.HandleRequest:output_type -> pb.HandleRequestReply
16, // 62: pb.Backend.SpecialPaths:output_type -> pb.SpecialPathsReply
18, // 63: pb.Backend.HandleExistenceCheck:output_type -> pb.HandleExistenceCheckReply
0, // 64: pb.Backend.Cleanup:output_type -> pb.Empty
0, // 65: pb.Backend.InvalidateKey:output_type -> pb.Empty
20, // 66: pb.Backend.Setup:output_type -> pb.SetupReply
15, // 67: pb.Backend.Initialize:output_type -> pb.InitializeReply
21, // 68: pb.Backend.Type:output_type -> pb.TypeReply
25, // 69: pb.Storage.List:output_type -> pb.StorageListReply
27, // 70: pb.Storage.Get:output_type -> pb.StorageGetReply
29, // 71: pb.Storage.Put:output_type -> pb.StoragePutReply
31, // 72: pb.Storage.Delete:output_type -> pb.StorageDeleteReply
32, // 73: pb.SystemView.DefaultLeaseTTL:output_type -> pb.TTLReply
32, // 74: pb.SystemView.MaxLeaseTTL:output_type -> pb.TTLReply
33, // 75: pb.SystemView.Tainted:output_type -> pb.TaintedReply
34, // 76: pb.SystemView.CachingDisabled:output_type -> pb.CachingDisabledReply
35, // 77: pb.SystemView.ReplicationState:output_type -> pb.ReplicationStateReply
37, // 78: pb.SystemView.ResponseWrapData:output_type -> pb.ResponseWrapDataReply
38, // 79: pb.SystemView.MlockEnabled:output_type -> pb.MlockEnabledReply
39, // 80: pb.SystemView.LocalMount:output_type -> pb.LocalMountReply
41, // 81: pb.SystemView.EntityInfo:output_type -> pb.EntityInfoReply
43, // 82: pb.SystemView.PluginEnv:output_type -> pb.PluginEnvReply
42, // 83: pb.SystemView.GroupsForEntity:output_type -> pb.GroupsForEntityReply
45, // 84: pb.SystemView.GeneratePasswordFromPolicy:output_type -> pb.GeneratePasswordFromPolicyReply
61, // [61:85] is the sub-list for method output_type
37, // [37:61] is the sub-list for method input_type
37, // [37:37] is the sub-list for extension type_name
37, // [37:37] is the sub-list for extension extendee
0, // [0:37] is the sub-list for field type_name
}
func init() { file_sdk_plugin_pb_backend_proto_init() }
@ -4340,6 +4634,42 @@ func file_sdk_plugin_pb_backend_proto_init() {
return nil
}
}
file_sdk_plugin_pb_backend_proto_msgTypes[47].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*ConnectionState); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_sdk_plugin_pb_backend_proto_msgTypes[48].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*Certificate); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_sdk_plugin_pb_backend_proto_msgTypes[49].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*CertificateChain); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
}
type x struct{}
out := protoimpl.TypeBuilder{
@ -4347,7 +4677,7 @@ func file_sdk_plugin_pb_backend_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_sdk_plugin_pb_backend_proto_rawDesc,
NumEnums: 0,
NumMessages: 52,
NumMessages: 55,
NumExtensions: 0,
NumServices: 3,
},

30
sdk/plugin/pb/backend.proto
View File

@ -620,4 +620,34 @@ service SystemView {
message Connection {
// RemoteAddr is the network address that sent the request.
string remote_addr = 1;
// ConnectionState is the marshalled tls.ConnectionState from the original
// request
ConnectionState connection_state = 2;
}
message ConnectionState {
uint32 version = 1;
bool handshake_complete = 2;
bool did_resume = 3;
uint32 cipher_suite = 4;
string negotiated_protocol = 5;
bool negotiated_protocol_is_mutual = 6;
string server_name = 7;
CertificateChain peer_certificates = 8;
repeated CertificateChain verified_chains = 9;
repeated bytes signed_certificate_timestamps = 10;
bytes ocsp_response = 11;
bytes tls_unique = 12;
}
message Certificate {
bytes asn1_data = 1;
}
message CertificateChain {
repeated Certificate certificates = 1;
}

143
sdk/plugin/pb/translation.go
View File

@ -1,6 +1,8 @@
package pb
import (
"crypto/tls"
"crypto/x509"
"encoding/json"
"errors"
"time"
@ -284,6 +286,11 @@ func ProtoRequestToLogicalRequest(r *Request) (*logical.Request, error) {
}
}
connection, err := ProtoConnectionToLogicalConnection(r.Connection)
if err != nil {
return nil, err
}
return &logical.Request{
ID: r.ID,
ReplicationCluster: r.ReplicationCluster,
@ -301,7 +308,7 @@ func ProtoRequestToLogicalRequest(r *Request) (*logical.Request, error) {
MountAccessor: r.MountAccessor,
WrapInfo: ProtoRequestWrapInfoToLogicalRequestWrapInfo(r.WrapInfo),
ClientTokenRemainingUses: int(r.ClientTokenRemainingUses),
Connection: ProtoConnectionToLogicalConnection(r.Connection),
Connection: connection,
EntityID: r.EntityID,
PolicyOverride: r.PolicyOverride,
Unauthenticated: r.Unauthenticated,
@ -314,18 +321,25 @@ func LogicalConnectionToProtoConnection(c *logical.Connection) *Connection {
}
return &Connection{
RemoteAddr: c.RemoteAddr,
RemoteAddr: c.RemoteAddr,
ConnectionState: TLSConnectionStateToProtoConnectionState(c.ConnState),
}
}
func ProtoConnectionToLogicalConnection(c *Connection) *logical.Connection {
func ProtoConnectionToLogicalConnection(c *Connection) (*logical.Connection, error) {
if c == nil {
return nil
return nil, nil
}
cs, err := ProtoConnectionStateToTLSConnectionState(c.ConnectionState)
if err != nil {
return nil, err
}
return &logical.Connection{
RemoteAddr: c.RemoteAddr,
}
ConnState: cs,
}, nil
}
func LogicalRequestWrapInfoToProtoRequestWrapInfo(i *logical.RequestWrapInfo) *RequestWrapInfo {
@ -642,3 +656,122 @@ func ProtoTokenEntryToLogicalTokenEntry(t *TokenEntry) (*logical.TokenEntry, err
Type: logical.TokenType(t.Type),
}, nil
}
func TLSConnectionStateToProtoConnectionState(connState *tls.ConnectionState) *ConnectionState {
if connState == nil {
return nil
}
var verifiedChains []*CertificateChain
if lvc := len(connState.VerifiedChains); lvc > 0 {
verifiedChains = make([]*CertificateChain, lvc)
for i, vc := range connState.VerifiedChains {
verifiedChains[i] = CertificateChainToProtoCertificateChain(vc)
}
}
return &ConnectionState{
Version: uint32(connState.Version),
HandshakeComplete: connState.HandshakeComplete,
DidResume: connState.DidResume,
CipherSuite: uint32(connState.CipherSuite),
NegotiatedProtocol: connState.NegotiatedProtocol,
NegotiatedProtocolIsMutual: connState.NegotiatedProtocolIsMutual,
ServerName: connState.ServerName,
PeerCertificates: CertificateChainToProtoCertificateChain(connState.PeerCertificates),
VerifiedChains: verifiedChains,
SignedCertificateTimestamps: connState.SignedCertificateTimestamps,
OcspResponse: connState.OCSPResponse,
TlsUnique: connState.TLSUnique,
}
}
func ProtoConnectionStateToTLSConnectionState(cs *ConnectionState) (*tls.ConnectionState, error) {
if cs == nil {
return nil, nil
}
var (
err error
peerCertificates []*x509.Certificate
verifiedChains [][]*x509.Certificate
)
if peerCertificates, err = ProtoCertificateChainToCertificateChain(cs.PeerCertificates); err != nil {
return nil, err
}
if lvc := len(cs.VerifiedChains); lvc > 0 {
verifiedChains = make([][]*x509.Certificate, lvc)
for i, vc := range cs.VerifiedChains {
if verifiedChains[i], err = ProtoCertificateChainToCertificateChain(vc); err != nil {
return nil, err
}
}
}
connState := &tls.ConnectionState{
Version: uint16(cs.Version),
HandshakeComplete: cs.HandshakeComplete,
DidResume: cs.DidResume,
CipherSuite: uint16(cs.CipherSuite),
NegotiatedProtocol: cs.NegotiatedProtocol,
NegotiatedProtocolIsMutual: cs.NegotiatedProtocolIsMutual,
ServerName: cs.ServerName,
PeerCertificates: peerCertificates,
VerifiedChains: verifiedChains,
SignedCertificateTimestamps: cs.SignedCertificateTimestamps,
OCSPResponse: cs.OcspResponse,
TLSUnique: cs.TlsUnique,
}
return connState, nil
}
func CertificateChainToProtoCertificateChain(chain []*x509.Certificate) *CertificateChain {
if len(chain) == 0 {
return nil
}
cc := &CertificateChain{Certificates: make([]*Certificate, len(chain))}
for i, c := range chain {
cc.Certificates[i] = X509CertificateToProtoCertificate(c)
}
return cc
}
func ProtoCertificateChainToCertificateChain(cc *CertificateChain) ([]*x509.Certificate, error) {
if cc == nil || len(cc.Certificates) == 0 {
return nil, nil
}
certs := make([]*x509.Certificate, len(cc.Certificates))
for i, c := range cc.Certificates {
var err error
if certs[i], err = ProtoCertificateToX509Certificate(c); err != nil {
return nil, err
}
}
return certs, nil
}
func X509CertificateToProtoCertificate(cert *x509.Certificate) *Certificate {
if cert == nil {
return nil
}
return &Certificate{Asn1Data: cert.Raw}
}
func ProtoCertificateToX509Certificate(c *Certificate) (*x509.Certificate, error) {
if c == nil {
return nil, nil
}
return x509.ParseCertificate(c.Asn1Data)
}

43
sdk/plugin/pb/translation_test.go
View File

@ -1,6 +1,9 @@
package pb
import (
"crypto/tls"
"crypto/x509"
"encoding/pem"
"errors"
"reflect"
"testing"
@ -55,6 +58,11 @@ func TestTranslation_StorageEntry(t *testing.T) {
}
func TestTranslation_Request(t *testing.T) {
certs, err := peerCertificates()
if err != nil {
t.Logf("No test certificates were generated: %v", err)
}
tCases := []*logical.Request{
nil,
{
@ -74,6 +82,11 @@ func TestTranslation_Request(t *testing.T) {
Unauthenticated: true,
Connection: &logical.Connection{
RemoteAddr: "localhost",
ConnState: &tls.ConnectionState{
Version: tls.VersionTLS12,
HandshakeComplete: true,
PeerCertificates: certs,
},
},
},
{
@ -267,3 +280,33 @@ func TestTranslation_Response(t *testing.T) {
}
}
}
// This is the contents of $GOROOT/src/crypto/tls/testdata/example-cert.pem
// If it's good enough for testing the crypto/tls package it's good enough
// for Vault.
const exampleCert = `
-----BEGIN CERTIFICATE-----
MIIBhTCCASugAwIBAgIQIRi6zePL6mKjOipn+dNuaTAKBggqhkjOPQQDAjASMRAw
DgYDVQQKEwdBY21lIENvMB4XDTE3MTAyMDE5NDMwNloXDTE4MTAyMDE5NDMwNlow
EjEQMA4GA1UEChMHQWNtZSBDbzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD0d
7VNhbWvZLWPuj/RtHFjvtJBEwOkhbN/BnnE8rnZR8+sbwnc/KhCk3FhnpHZnQz7B
5aETbbIgmuvewdjvSBSjYzBhMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggr
BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdEQQiMCCCDmxvY2FsaG9zdDo1
NDUzgg4xMjcuMC4wLjE6NTQ1MzAKBggqhkjOPQQDAgNIADBFAiEA2zpJEPQyz6/l
Wf86aX6PepsntZv2GYlA5UpabfT2EZICICpJ5h/iI+i341gBmLiAFQOyTDT+/wQc
6MF9+Yw1Yy0t
-----END CERTIFICATE-----`
func peerCertificates() ([]*x509.Certificate, error) {
blk, _ := pem.Decode([]byte(exampleCert))
if blk == nil {
return nil, errors.New("cannot decode example certificate")
}
cert, err := x509.ParseCertificate(blk.Bytes)
if err != nil {
return nil, err
}
return []*x509.Certificate{cert}, nil
}