irosh 0.2.0

SSH sessions over Iroh peer-to-peer transport
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

//! Configuration data structures for the library.
//!
//! These types define the runtime configuration, state storage paths,
//! and security parameters used across the irosh subsystem.

use std::path::{Path, PathBuf};

/// Defines where `irosh` stores persistent state.
///
/// This directory is used by the storage layer for identity material, trust
/// records, and saved peer aliases.
///
/// Under the `C-CALLER-CONTROL` principle, this type does **NOT** implement
/// `Default`. The consuming application must explicitly choose a state
/// directory path.
///
/// # Example
///
/// ```no_run
/// use irosh::StateConfig;
///
/// let state = StateConfig::new("/tmp/irosh-client".into());
/// assert!(state.root().ends_with("irosh-client"));
/// ```
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct StateConfig {
    /// The root directory for state files.
    root: PathBuf,
}

impl StateConfig {
    /// Creates a new `StateConfig` anchored at the provided path.
    ///
    /// The directory does not need to exist prior to initialization;
    /// the relevant storage modules will create subdirectories as needed.
    pub fn new(root: PathBuf) -> Self {
        Self { root }
    }

    /// Returns the root directory used for state storage.
    pub fn root(&self) -> &Path {
        &self.root
    }
}

/// Defines the policy for handling remote host keys.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum HostKeyPolicy {
    /// Strictly verify host keys against the trust store. Connections to
    /// unknown or mismatched hosts will fail.
    Strict,
    /// Trust on first use. Unknown host keys will be automatically trusted and
    /// saved. Mismatched keys will still be rejected.
    Tofu,
    /// Automatically accept any host key without verification or saving.
    /// This is insecure and should only be used for testing.
    AcceptAll,
}

/// Defines security policies and connection semantics.
///
/// This type currently controls host-key validation behavior for SSH sessions.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub struct SecurityConfig {
    /// The policy used to validate remote host keys.
    pub host_key_policy: HostKeyPolicy,
}

impl Default for SecurityConfig {
    /// Provides a safe default security posture.
    ///
    /// By default, TOFU (Trust On First Use) is enabled as it provides a good
    /// balance between security and usability for P2P.
    fn default() -> Self {
        Self {
            host_key_policy: HostKeyPolicy::Tofu,
        }
    }
}

/// Persistent application configuration stored on disk.
///
/// This includes global settings like stealth secrets, custom relays,
/// and default usernames.
#[cfg_attr(feature = "storage", derive(serde::Serialize, serde::Deserialize))]
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct AppConfig {
    /// Shared ALPN secret for extra stealth.
    pub stealth_secret: Option<String>,
    /// Custom relay server URL.
    pub relay_url: Option<String>,
    /// Logging verbosity (debug, info, warn, error).
    pub log_level: String,
    /// Default wormhole expiry duration in seconds.
    pub wormhole_timeout: u64,
    /// Default username for connections.
    pub default_user: Option<String>,
}

impl Default for AppConfig {
    fn default() -> Self {
        Self {
            stealth_secret: None,
            relay_url: None,
            log_level: "info".to_string(),
            wormhole_timeout: 3600, // 1 hour
            default_user: None,
        }
    }
}