206 lines
5.5 KiB
Protocol Buffer
206 lines
5.5 KiB
Protocol Buffer
syntax = "proto3";
|
||
|
||
// 注意
|
||
// 1. network_id, ip地址等分配的逻辑已经迁移到后端https服务
|
||
// 2. 端的强制升级逻辑也迁移到了https服务
|
||
// 3. 假设一个udp包的最大有效负载为1400字节;因此虚拟网卡启动的时候mtu需要控制一下,因为每个包里面都有自己的元数据信息, 端上的mtu值先统一为:1250
|
||
|
||
// 基础公共类型定义
|
||
|
||
message SDLV4Info {
|
||
uint32 port = 1;
|
||
bytes v4 = 2;
|
||
uint32 nat_type = 3;
|
||
}
|
||
|
||
message SDLV6Info {
|
||
uint32 port = 1;
|
||
bytes v6 = 2;
|
||
}
|
||
|
||
message SDLEmpty {
|
||
uint32 pkt_id = 1;
|
||
}
|
||
|
||
// 这里修改成了扁平的结构, 否则有些字段不好找放的位置
|
||
message SDLRegisterSuper {
|
||
// 所有需要建立请求和响应对应关系的,都是通过4字节的pktId来对应
|
||
uint32 pkt_id = 1;
|
||
string client_id = 2;
|
||
// 网络地址信息已经有https请求分配了
|
||
// 注册的时候需要带上(network_id, mac, ip, mask_len, hostname)
|
||
uint32 network_id = 3;
|
||
bytes mac = 4;
|
||
uint32 ip = 5;
|
||
uint32 mask_len = 6;
|
||
string hostname = 7;
|
||
|
||
string pub_key = 8;
|
||
// 客户端使用http协议请求后端,通过token或者账号密码登录时, 统一返回一个access_token;
|
||
// RegisterSuper的时候,验证凭证是否合法 (access_token)
|
||
string access_token = 9;
|
||
}
|
||
|
||
message SDLRegisterSuperAck {
|
||
uint32 pkt_id = 1;
|
||
bytes aes_key = 2;
|
||
// 验证通过后,返回session_token; 后续通讯的合法行需哟啊通过session_token来保证
|
||
// 在SDLQueryInfo,SDLStunRequest, SDLData, SDLArpRequest等需要服务器端介入的地方都增加了session_token的验证(端和端之间的SDLData不需要校验)
|
||
bytes session_token = 3;
|
||
}
|
||
|
||
// 注册失败时候的消息体
|
||
message SDLRegisterSuperNak {
|
||
uint32 pkt_id = 1;
|
||
uint32 error_code = 2;
|
||
string error_message = 3;
|
||
}
|
||
|
||
// 网络地址查询
|
||
message SDLQueryInfo {
|
||
uint32 pkt_id = 1;
|
||
uint32 network_id = 2;
|
||
bytes src_mac = 3;
|
||
bytes dst_mac = 4;
|
||
bytes session_token = 5;
|
||
}
|
||
|
||
message SDLPeerInfo {
|
||
uint32 pkt_id = 1;
|
||
uint32 network_id = 2;
|
||
bytes dst_mac = 3;
|
||
SDLV4Info v4_info = 4;
|
||
optional SDLV6Info v6_info = 5;
|
||
}
|
||
|
||
message SDLEmptyPeerInfo {
|
||
uint32 pkt_id = 1;
|
||
uint32 network_id = 2;
|
||
bytes dst_mac = 3;
|
||
}
|
||
|
||
// 事件定义, 下面的事件是服务器主动推送的,不需要响应
|
||
|
||
message SDLNatChangedEvent {
|
||
uint32 network_id = 1;
|
||
bytes mac = 2;
|
||
uint32 ip = 3;
|
||
}
|
||
|
||
// 被清理掉的Endpoints
|
||
// 协议改成udp后,服务端只能通过定时器来集中清理掉线的端(通过心跳机制SDLStunRequest)
|
||
message SDLDropMacsEvent {
|
||
uint32 network_id = 1;
|
||
repeated bytes macs = 2;
|
||
}
|
||
|
||
// 通知端上必须重新校验
|
||
// 服务器端认为端已经掉线了,但是这个时候还在向服务端发送消息;服务端要求端上重新校验(SDLRegisterSuper)
|
||
message SDLRefreshAuthEvent {
|
||
uint32 network_id = 1;
|
||
}
|
||
|
||
message SDLSendRegisterEvent {
|
||
uint32 network_id = 1;
|
||
bytes dst_mac = 2;
|
||
uint32 nat_ip = 3;
|
||
uint32 nat_port = 4;
|
||
uint32 nat_type = 5;
|
||
optional SDLV6Info v6_info = 6;
|
||
}
|
||
|
||
message SDLNetworkShutdownEvent {
|
||
uint32 network_id = 1;
|
||
string message = 2;
|
||
}
|
||
|
||
// UDP通讯消息
|
||
message SDLStunRequest {
|
||
string client_id = 1;
|
||
uint32 network_id = 2;
|
||
bytes mac = 3;
|
||
uint32 ip = 4;
|
||
uint32 nat_type = 5;
|
||
optional SDLV6Info v6_info = 6;
|
||
bytes session_token = 7;
|
||
}
|
||
|
||
message SDLData {
|
||
uint32 network_id = 1;
|
||
bytes src_mac = 2;
|
||
bytes dst_mac = 3;
|
||
bool is_p2p = 4;
|
||
uint32 ttl = 5;
|
||
bytes data = 6;
|
||
bytes session_token = 7;
|
||
// 端通过https登录的时候,服务端会分配该端对应的权限标识
|
||
// 后续的请求过程中需要带上这个值,对端通过这个值要判断对数据包是否放行
|
||
uint32 identity_id = 8;
|
||
}
|
||
|
||
// 这个是客户端之间的相互打洞的数据
|
||
|
||
message SDLRegister {
|
||
uint32 network_id = 1;
|
||
bytes src_mac = 2;
|
||
bytes dst_mac = 3;
|
||
}
|
||
|
||
message SDLRegisterAck {
|
||
uint32 network_id = 1;
|
||
bytes src_mac = 2;
|
||
bytes dst_mac = 3;
|
||
}
|
||
|
||
// 网络类型探测
|
||
|
||
message SDLStunProbe {
|
||
uint32 cookie = 1;
|
||
uint32 attr = 2;
|
||
// 增加step是为了方便端上判断,收到的请求和响应之间的映射关系;服务器端原样返回
|
||
uint32 step = 3;
|
||
}
|
||
|
||
message SDLStunProbeReply {
|
||
uint32 cookie = 1;
|
||
// 增加step是为了方便端上判断,收到的请求和响应之间的映射关系;服务器端原样返回
|
||
uint32 step = 2;
|
||
uint32 port = 3;
|
||
uint32 ip = 4;
|
||
}
|
||
|
||
// ARP查询相关
|
||
// 真实的arp请求是通过广播的形式获取到的,但是针对于macos这种tun的实现;是能够分析出arp请求包的;对于当前网络来说,服务端是知道mac对应的ip地址的,因此没有必要广播;直接通过服务器端返回
|
||
message SDLArpRequest {
|
||
uint32 network_id = 1;
|
||
uint32 target_ip = 2;
|
||
bytes session_token = 3;
|
||
}
|
||
|
||
message SDLArpResponse {
|
||
uint32 network_id = 1;
|
||
uint32 target_ip = 2;
|
||
bytes target_mac = 3;
|
||
}
|
||
|
||
// 权限请求查询相关
|
||
message SDLPolicyRequest {
|
||
uint32 network_id = 1;
|
||
uint32 src_identity_id = 2;
|
||
uint32 dst_identity_id = 3;
|
||
bytes session_token = 4;
|
||
}
|
||
|
||
message SDLPolicyResponse {
|
||
uint32 network_id = 1;
|
||
uint32 src_identity_id = 2;
|
||
uint32 dst_identity_id = 3;
|
||
// 版本号,客户端需要比较版本号确定是否覆盖
|
||
uint32 version = 4;
|
||
// 总包数
|
||
uint32 total_num = 5;
|
||
// 当前分片
|
||
uint32 index = 6;
|
||
// 4+1+2 的稀疏序列化规则
|
||
bytes rules = 7;
|
||
} |