mirror/Easytier
1
0
Fork 0
mirror of https://github.com/EasyTier/EasyTier.git synced 2026-05-09 11:14:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(credential): implement credential peer auth and trust propagation (#1968)

Browse Source 
- add credential manager and RPC/CLI for generate/list/revoke
- support credential-based Noise authentication and revocation handling
- propagate trusted credential metadata through OSPF route sync
- classify direct peers by auth level in session maintenance
- normalize sender credential flag for legacy non-secure compatibility
- add unit/integration tests for credential join, relay and revocation
This commit is contained in:
KKRainbow
2026-03-07 22:58:15 +08:00
committed by GitHub
parent 59d4475743
commit c4eacf4591
31 changed files with 4289 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files
easytier/src/tests/three_node.rs
+16 -8
View File
@@ -7,8 +7,9 @@ use std::{
time::Duration,
};
use rand::Rng;
use rand::{rngs::OsRng, Rng};
use tokio::{net::UdpSocket, task::JoinSet};
use x25519_dalek::StaticSecret;
use super::*;
@@ -2763,21 +2764,28 @@ pub async fn config_patch_test() {
drop_insts(insts).await;
}
/// Generate SecureModeConfig with random x25519 keypair
fn generate_secure_mode_config() -> SecureModeConfig {
/// Generate SecureModeConfig with specified x25519 private key
pub fn generate_secure_mode_config_with_key(
private_key: &x25519_dalek::StaticSecret,
) -> SecureModeConfig {
use base64::{prelude::BASE64_STANDARD, Engine};
use rand::rngs::OsRng;
use x25519_dalek::{PublicKey, StaticSecret};
use x25519_dalek::PublicKey;
let private = StaticSecret::random_from_rng(OsRng);
let public = PublicKey::from(&private);
let public = PublicKey::from(private_key);
SecureModeConfig {
enabled: true,
local_private_key: Some(BASE64_STANDARD.encode(private.as_bytes())),
local_private_key: Some(BASE64_STANDARD.encode(private_key.as_bytes())),
local_public_key: Some(BASE64_STANDARD.encode(public.as_bytes())),
}
}
/// Generate SecureModeConfig with random x25519 keypair
pub fn generate_secure_mode_config() -> SecureModeConfig {
let private = StaticSecret::random_from_rng(OsRng);
generate_secure_mode_config_with_key(&private)
}
/// Test relay peer end-to-end encryption with TCP
#[rstest::rstest]
#[tokio::test]