proxy

package
v0.0.0-...-ba35baa Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: Apache-2.0 Imports: 21 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client is a client to the Teleport Proxy SSH server on behalf of a user. The Proxy SSH port used to serve only SSH, however portions of the api are being migrated to gRPC to reduce latency. The Client is capable of communicating to the Proxy via both mechanism; by default it will choose to use gRPC over SSH where it is able to.

func NewClient

func NewClient(ctx context.Context, cfg ClientConfig) (*Client, error)

NewClient creates a new Client that attempts to connect to the gRPC server being served by the Proxy SSH port by default. If unable to connect the Client falls back to connecting to the Proxy SSH port via SSH.

If it is known that the gRPC server doesn't serve the required API of the caller, then prefer to use NewSSHClient instead which omits the gRPC dialing altogether.

func (*Client) ClientConfig

func (c *Client) ClientConfig(ctx context.Context, cluster string) (client.Config, error)

ClientConfig returns a client.Config that may be used to connect to the Auth server in the provided cluster via client.New or similar. The client.Config returned will have the correct credentials and dialer set based on the ClientConfig that was provided to create this Client.

func (*Client) Close

func (c *Client) Close() error

Close attempts to close both the gRPC and SSH connections.

func (*Client) ClusterDetails

func (c *Client) ClusterDetails(ctx context.Context) (ClusterDetails, error)

ClusterDetails retrieves cluster information as seen by the Proxy.

func (*Client) ClusterName

func (c *Client) ClusterName() string

ClusterName returns the name of the cluster that the connected Proxy is a member of.

func (*Client) DialHost

func (c *Client) DialHost(ctx context.Context, target, cluster string, keyring agent.ExtendedAgent) (net.Conn, ClusterDetails, error)

DialHost establishes a connection to the `target` in cluster named `cluster`. If a keyring is provided it will only be forwarded if proxy recording mode is enabled in the cluster.

func (*Client) Ping

func (c *Client) Ping(ctx context.Context) error

Ping measures the round trip latency of sending a message to the Proxy.

func (*Client) SSHConfig

func (c *Client) SSHConfig(user string) *ssh.ClientConfig

SSHConfig returns the ssh.ClientConfig for the provided user which should be used when creating a [tracessh.Client] with the returned net.Conn from Client.DialHost.

type ClientConfig

type ClientConfig struct {
	// ProxyAddress is the address of the Proxy server.
	ProxyAddress string
	// TLSRoutingEnabled indicates if the cluster is using TLS Routing.
	TLSRoutingEnabled bool
	// TLSConfigFunc produces the [tls.Config] required for mTLS connections to a specific cluster.
	TLSConfigFunc func(cluster string) (*tls.Config, error)
	// UnaryInterceptors are optional [grpc.UnaryClientInterceptor] to apply
	// to the gRPC client.
	UnaryInterceptors []grpc.UnaryClientInterceptor
	// StreamInterceptors are optional [grpc.StreamClientInterceptor] to apply
	// to the gRPC client.
	StreamInterceptors []grpc.StreamClientInterceptor
	// SSHConfig is the [ssh.ClientConfig] used to connect to the Proxy SSH server.
	SSHConfig *ssh.ClientConfig
	// DialTimeout defines how long to attempt dialing before timing out.
	DialTimeout time.Duration
	// DialOpts define options for dialing the client connection.
	DialOpts []grpc.DialOption
	// ALPNConnUpgradeRequired indicates that ALPN connection upgrades are
	// required for making TLS routing requests.
	ALPNConnUpgradeRequired bool
	// InsecureSkipVerify is an option to skip HTTPS cert check
	InsecureSkipVerify bool
	// ViaJumpHost indicates if the connection to the cluster is direct
	// or via another cluster.
	ViaJumpHost bool
	// PROXYHeaderGetter is used if present to get signed PROXY headers to propagate client's IP.
	// Used by proxy's web server to make calls on behalf of connected clients.
	PROXYHeaderGetter client.PROXYHeaderGetter
	// contains filtered or unexported fields
}

ClientConfig contains configuration needed for a Client to be able to connect to the cluster.

func (*ClientConfig) CheckAndSetDefaults

func (c *ClientConfig) CheckAndSetDefaults(ctx context.Context) error

CheckAndSetDefaults ensures required options are present and sets the default value of any that are omitted.

type ClusterDetails

type ClusterDetails struct {
	// FIPS dictates whether FIPS mode is enabled.
	FIPS bool
}

ClusterDetails provide cluster configuration details as known by the connected Proxy.

Directories

Path Synopsis
transport

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL