Files
EasyTier/easytier/src/proto/web.proto
T
KKRainbow ecd1ea6f8c feat(web): implement secure core-web tunnel with Noise protocol (#1976)
Implement end-to-end encryption for core-web connections using the
Noise protocol framework with the following changes:

Client-side (easytier/src/web_client/):
- Add security.rs module with Noise handshake implementation
- Add upgrade_client_tunnel() for client-side handshake
- Add Noise frame encryption/decryption via TunnelFilter
- Integrate GetFeature RPC for capability negotiation
- Support secure_mode option to enforce encrypted connections
- Handle graceful fallback for backward compatibility

Server-side (easytier-web/):
- Accept Noise handshake in client_manager
- Expose encryption support via GetFeature RPC

The implementation uses Noise_NN_25519_ChaChaPoly_SHA256 pattern for
encryption without authentication. Provides backward compatibility
with automatic fallback to plaintext connections.
2026-03-10 08:48:08 +08:00

31 lines
587 B
Protocol Buffer

syntax = "proto3";
import "common.proto";
package web;
message HeartbeatRequest {
common.UUID machine_id = 1;
common.UUID inst_id = 2;
string user_token = 3;
string easytier_version = 4;
string report_time = 5;
string hostname = 6;
repeated common.UUID running_network_instances = 7;
}
message HeartbeatResponse {}
message GetFeatureRequest {}
message GetFeatureResponse {
bool support_encryption = 1;
}
service WebServerService {
rpc Heartbeat(HeartbeatRequest) returns (HeartbeatResponse);
rpc GetFeature(GetFeatureRequest) returns (GetFeatureResponse);
}