peerwg

package
v0.8.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 10, 2022 License: AGPL-3.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var DefaultDerpHome = net.JoinHostPort(magicsock.DerpMagicIP, "9")

DefaultDerpHome is the ipv4 representation of a DERP server. The port is the DERP id. We only support using DERP 9 for now.

View Source
var DerpMap = &tailcfg.DERPMap{
	Regions: map[int]*tailcfg.DERPRegion{
		9: {
			RegionID:   9,
			RegionCode: "dfw",
			RegionName: "Dallas",
			Avoid:      false,
			Nodes: []*tailcfg.DERPNode{
				{
					Name:             "9a",
					RegionID:         9,
					HostName:         "derp9.tailscale.com",
					CertName:         "",
					IPv4:             "207.148.3.137",
					IPv6:             "2001:19f0:6401:1d9c:5400:2ff:feef:bb82",
					STUNPort:         0,
					STUNOnly:         false,
					DERPPort:         0,
					InsecureForTests: false,
					STUNTestIP:       "",
				},
				{
					Name:             "9c",
					RegionID:         9,
					HostName:         "derp9c.tailscale.com",
					CertName:         "",
					IPv4:             "155.138.243.219",
					IPv6:             "2001:19f0:6401:fe7:5400:3ff:fe8d:6d9c",
					STUNPort:         0,
					STUNOnly:         false,
					DERPPort:         0,
					InsecureForTests: false,
					STUNTestIP:       "",
				},
				{
					Name:             "9b",
					RegionID:         9,
					HostName:         "derp9b.tailscale.com",
					CertName:         "",
					IPv4:             "144.202.67.195",
					IPv6:             "2001:19f0:6401:eb5:5400:3ff:fe8d:6d9b",
					STUNPort:         0,
					STUNOnly:         false,
					DERPPort:         0,
					InsecureForTests: false,
					STUNTestIP:       "",
				},
			},
		},
	},
	OmitDefaultRegions: true,
}

This is currently set to use Tailscale's DERP server in DFW while we build in our own support for DERP servers.

Functions

func HandshakeRecipientHint

func HandshakeRecipientHint(agentID []byte, msg []byte) (bool, error)

HandshakeRecipientHint parses the first part of a serialized Handshake to quickly determine if the message is meant for the provided recipient.

func UUIDToInet

func UUIDToInet(uid uuid.UUID) pqtype.Inet

func UUIDToNetaddr

func UUIDToNetaddr(uid uuid.UUID) netaddr.IP

Types

type Handshake

type Handshake struct {
	// Recipient is the uuid of the agent that the message was intended for.
	Recipient uuid.UUID `json:"recipient"`
	// DiscoPublicKey is the disco public key of the peer.
	DiscoPublicKey key.DiscoPublic `json:"disco"`
	// NodePublicKey is the public key of the peer.
	NodePublicKey key.NodePublic `json:"public"`
	// IPv6 is the IPv6 address of the peer.
	IPv6 netaddr.IP `json:"ipv6"`
}

Handshake is a message received from a wireguard peer, indicating it would like to connect.

func (Handshake) MarshalText

func (h Handshake) MarshalText() ([]byte, error)

func (*Handshake) UnmarshalText

func (h *Handshake) UnmarshalText(text []byte) error

type Network

type Network struct {
	Netstack *netstack.Impl

	DiscoPublicKey key.DiscoPublic
	NodePrivateKey key.NodePrivate
	// contains filtered or unexported fields
}

func New

func New(logger slog.Logger, addresses []netaddr.IPPrefix) (*Network, error)

New constructs a Wireguard network that filters traffic to destinations matching the addresses provided.

func (*Network) AddPeer

func (n *Network) AddPeer(handshake Handshake) error

AddPeer allows connections from another Wireguard instance with the handshake credentials.

func (*Network) Close

func (n *Network) Close() error

func (*Network) Listen

func (n *Network) Listen(network, addr string) (net.Listener, error)

Listener returns a net.Listener in userspace that can be used to accept connections from the Wireguard network to the specified address. If a listener exists for a given address, all connections will be forwarded to the listener instead of being routed to the host.

func (*Network) Ping

func (n *Network) Ping(ip netaddr.IP) *ipnstate.PingResult

Ping sends a discovery ping to the provided peer. The peer address must be connected before a successful ping will work.

func (*Network) SSH

func (n *Network) SSH(ctx context.Context, ip netaddr.IP) (net.Conn, error)

func (*Network) SSHClient

func (n *Network) SSHClient(ctx context.Context, ip netaddr.IP) (*ssh.Client, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL