Integrate BACKBEAT SDK and resolve KACHING license validation
Major integrations and fixes: - Added BACKBEAT SDK integration for P2P operation timing - Implemented beat-aware status tracking for distributed operations - Added Docker secrets support for secure license management - Resolved KACHING license validation via HTTPS/TLS - Updated docker-compose configuration for clean stack deployment - Disabled rollback policies to prevent deployment failures - Added license credential storage (CHORUS-DEV-MULTI-001) Technical improvements: - BACKBEAT P2P operation tracking with phase management - Enhanced configuration system with file-based secrets - Improved error handling for license validation - Clean separation of KACHING and CHORUS deployment stacks 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
anthonyrawlins
18
vendor/github.com/libp2p/go-libp2p/p2p/net/pnet/protector.go
generated
vendored
Normal file
18
vendor/github.com/libp2p/go-libp2p/p2p/net/pnet/protector.go
generated
vendored
Normal file
@@ -0,0 +1,18 @@
|
||||
package pnet
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"net"
|
||||
|
||||
ipnet "github.com/libp2p/go-libp2p/core/pnet"
|
||||
)
|
||||
|
||||
// NewProtectedConn creates a new protected connection
|
||||
func NewProtectedConn(psk ipnet.PSK, conn net.Conn) (net.Conn, error) {
|
||||
if len(psk) != 32 {
|
||||
return nil, errors.New("expected 32 byte PSK")
|
||||
}
|
||||
var p [32]byte
|
||||
copy(p[:], psk)
|
||||
return newPSKConn(&p, conn)
|
||||
}
|
||||
83
vendor/github.com/libp2p/go-libp2p/p2p/net/pnet/psk_conn.go
generated
vendored
Normal file
83
vendor/github.com/libp2p/go-libp2p/p2p/net/pnet/psk_conn.go
generated
vendored
Normal file
@@ -0,0 +1,83 @@
|
||||
package pnet
|
||||
|
||||
import (
|
||||
"crypto/cipher"
|
||||
"crypto/rand"
|
||||
"io"
|
||||
"net"
|
||||
|
||||
"github.com/libp2p/go-libp2p/core/pnet"
|
||||
|
||||
"github.com/davidlazar/go-crypto/salsa20"
|
||||
pool "github.com/libp2p/go-buffer-pool"
|
||||
)
|
||||
|
||||
// we are using buffer pool as user needs their slice back
|
||||
// so we can't do XOR cripter in place
|
||||
var (
|
||||
errShortNonce = pnet.NewError("could not read full nonce")
|
||||
errInsecureNil = pnet.NewError("insecure is nil")
|
||||
errPSKNil = pnet.NewError("pre-shread key is nil")
|
||||
)
|
||||
|
||||
type pskConn struct {
|
||||
net.Conn
|
||||
psk *[32]byte
|
||||
|
||||
writeS20 cipher.Stream
|
||||
readS20 cipher.Stream
|
||||
}
|
||||
|
||||
func (c *pskConn) Read(out []byte) (int, error) {
|
||||
if c.readS20 == nil {
|
||||
nonce := make([]byte, 24)
|
||||
_, err := io.ReadFull(c.Conn, nonce)
|
||||
if err != nil {
|
||||
return 0, errShortNonce
|
||||
}
|
||||
c.readS20 = salsa20.New(c.psk, nonce)
|
||||
}
|
||||
|
||||
n, err := c.Conn.Read(out) // read to in
|
||||
if n > 0 {
|
||||
c.readS20.XORKeyStream(out[:n], out[:n]) // decrypt to out buffer
|
||||
}
|
||||
return n, err
|
||||
}
|
||||
|
||||
func (c *pskConn) Write(in []byte) (int, error) {
|
||||
if c.writeS20 == nil {
|
||||
nonce := make([]byte, 24)
|
||||
_, err := rand.Read(nonce)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
_, err = c.Conn.Write(nonce)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
|
||||
c.writeS20 = salsa20.New(c.psk, nonce)
|
||||
}
|
||||
out := pool.Get(len(in))
|
||||
defer pool.Put(out)
|
||||
|
||||
c.writeS20.XORKeyStream(out, in) // encrypt
|
||||
|
||||
return c.Conn.Write(out) // send
|
||||
}
|
||||
|
||||
var _ net.Conn = (*pskConn)(nil)
|
||||
|
||||
func newPSKConn(psk *[32]byte, insecure net.Conn) (net.Conn, error) {
|
||||
if insecure == nil {
|
||||
return nil, errInsecureNil
|
||||
}
|
||||
if psk == nil {
|
||||
return nil, errPSKNil
|
||||
}
|
||||
return &pskConn{
|
||||
Conn: insecure,
|
||||
psk: psk,
|
||||
}, nil
|
||||
}
|
||||
Reference in New Issue
Block a user