utils

package
v2.5.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 15, 2018 License: Apache-2.0 Imports: 50 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// DefaultLRUCapacity is a capacity for LRU session cache
	DefaultLRUCapacity = 1024
	// DefaultCertTTL sets the TTL of the self-signed certificate (1 year)
	DefaultCertTTL = (24 * time.Hour) * 365
)
View Source
const (
	// HumanTimeFormatString is a human readable date formatting
	HumanTimeFormatString = "Mon Jan _2 15:04 UTC"
	// CertTeleportUser specifies teleport user
	CertTeleportUser = "x-teleport-user"
	// CertTeleportUserCA specifies teleport certificate authority
	CertTeleportUserCA = "x-teleport-user-ca"
	// CertExtensionRole specifies teleport role
	CertExtensionRole = "x-teleport-role"
	// CertExtensionAuthority specifies teleport authority's name
	// that signed this domain
	CertExtensionAuthority = "x-teleport-authority"
	// HostUUIDFile is the file name where the host UUID file is stored
	HostUUIDFile = "host_uuid"
	// CertTeleportClusterName is a name of the teleport cluster
	CertTeleportClusterName = "x-teleport-cluster-name"
	// CertTeleportUserCertificate is the certificate of the authenticated in user.
	CertTeleportUserCertificate = "x-teleport-certificate"
)
View Source
const (
	WebSocketBinaryMode = iota
	WebSocketTextMode
)

Variables

This section is empty.

Functions

func CheckCertificateFormatFlag

func CheckCertificateFormatFlag(s string) (string, error)

CheckCertificateFormatFlag checks if the certificate format is valid.

func CheckVersions

func CheckVersions(clientVersion, serverVersion string) error

CheckVersions compares client and server versions and makes sure they are compatible using Teleport convention

func Consolef added in v1.0.0

func Consolef(w io.Writer, msg string, params ...interface{})

Consolef prints the same message to a 'ui console' (if defined) and also to the logger with INFO priority

func CopyStringMap

func CopyStringMap(a map[string]string) map[string]string

CopyStringMap makes a deep copy of a map[string]string and returns the copy.

func CopyStringMapInterface

func CopyStringMapInterface(a map[string]interface{}) map[string]interface{}

CopyStringMapInterface makes a deep copy of the passed in map[string]interface{} and returns the copy.

func CopyStringMapSlices

func CopyStringMapSlices(a map[string][]string) map[string][]string

CopyStringMapSlices makes a deep copy of the passed in map[string][]string and returns the copy.

func CopyStrings

func CopyStrings(in []string) []string

CopyStrings makes a deep copy of the passed in string slice and returns the copy.

func CreateTLSConfiguration

func CreateTLSConfiguration(certFile, keyFile string) (*tls.Config, error)

CreateTLSConfiguration sets up default TLS configuration

func CryptoRandomHex added in v1.0.0

func CryptoRandomHex(len int) (string, error)

CryptoRandomHex returns hex encoded random string generated with crypto-strong pseudo random generator of the given bytes

func Deduplicate

func Deduplicate(in []string) []string

Deduplicate deduplicates list of strings

func DualPipeNetConn

func DualPipeNetConn(srcAddr net.Addr, dstAddr net.Addr) (*PipeNetConn, *PipeNetConn)

DualPipeAddrConn creates a net.Pipe to connect a client and a server. The two net.Conn instances are wrapped in an addrConn which holds the source and destination addresses.

func FatalError added in v1.0.0

func FatalError(err error)

FatalError is for CLI front-ends: it detects gravitational/trace debugging information, sends it to the logger, strips it off and prints a clean message to stderr

func GenerateOTPURL

func GenerateOTPURL(typ string, label string, parameters map[string][]byte) string

GenerateOTPURL returns a OTP Key URL that can be used to construct a HOTP or TOTP key. For more details see: https://github.com/google/google-authenticator/wiki/Key-Uri-Format Example: otpauth://totp/foo:bar@baz.com?secret=qux

func GenerateQRCode

func GenerateQRCode(u string) ([]byte, error)

GenerateQRCode takes in a OTP Key URL and returns a PNG-encoded QR code.

func GenerateSelfSignedSigningCert

func GenerateSelfSignedSigningCert(entity pkix.Name, dnsNames []string, ttl time.Duration) ([]byte, []byte, error)

GenerateSelfSignedSigningCert generates self-signed certificate used for digital signatures

func GetListenerFile

func GetListenerFile(listener net.Listener) (*os.File, error)

GetListenerFile returns file associated with listener

func GuessHostIP added in v1.0.0

func GuessHostIP() (ip net.IP, err error)

GuessIP tries to guess an IP address this machine is reachable at on the internal network, always picking IPv4 from the internal address space

If no internal IPs are found, it returns 127.0.0.1 but it never returns an address from the public IP space

func Host

func Host(hostname string) (string, error)

Host extracts host from host:port string

func HumanTimeFormat

func HumanTimeFormat(d time.Time) string

HumanTimeFormat formats time as recognized by humans

func InitCLIParser added in v1.0.0

func InitCLIParser(appName, appHelp string) (app *kingpin.Application)

InitCLIParser configures kingpin command line args parser with some defaults common for all Teleport CLI tools

func InitLogger

func InitLogger(purpose LoggingPurpose, level log.Level)

InitLogger configures the global logger for a given purpose / verbosity level

func InitLoggerForTests added in v1.0.0

func InitLoggerForTests()

func InterfaceMapsEqual

func InterfaceMapsEqual(a, b map[string]interface{}) bool

InterfaceMapsEqual returns true if two interface maps are equal.

func IsDir added in v1.0.0

func IsDir(dirPath string) bool

IsDir is a helper function to quickly check if a given path is a valid directory

func IsFile added in v1.0.0

func IsFile(fp string) bool

IsFile returns true if a given file path points to an existing file

func IsGroupMember

func IsGroupMember(gid int) (bool, error)

IsGroupMember returns whether currently logged user is a member of a group

func IsHandshakeFailedError added in v1.0.0

func IsHandshakeFailedError(err error) bool

IsHandshakeFailedError specifies whether this error indicates failed handshake

func IsLocalhost added in v1.0.0

func IsLocalhost(host string) bool

IsLocalhost returns true if this is a local hostname or ip

func IsLoopback added in v1.0.0

func IsLoopback(host string) bool

IsLoopback returns 'true' if a given hostname resolves to local host's loopback interface

func IsSelfSigned

func IsSelfSigned(certificateChain []*x509.Certificate) bool

IsSelfSigned checks if the certificate is a self-signed certificate. To check if a certificate is self signed, we make sure that only one certificate is in the chain and that the SubjectKeyId and AuthorityKeyId match.

From RFC5280: https://tools.ietf.org/html/rfc5280#section-4.2.1.1

The signature on a self-signed certificate is generated with the private
key associated with the certificate's subject public key.  (This
proves that the issuer possesses both the public and private keys.)
In this case, the subject and authority key identifiers would be
identical, but only the subject key identifier is needed for
certification path building.

func IsShellFailedError added in v1.0.0

func IsShellFailedError(err error) bool

IsShellFailedError specifies whether this error indicates failed attempt to start shell

func ListenTLS added in v1.0.0

func ListenTLS(address string, certFile, keyFile string) (net.Listener, error)

ListenTLS sets up TLS listener for the http handler, starts listening on a TCP socket and returns the socket which is ready to be used for http.Serve

func MinTTL

func MinTTL(a, b time.Duration) time.Duration

MinTTL finds min non 0 TTL duration, if both durations are 0, fails

func MultiCloser

func MultiCloser(closers ...io.Closer) *multiCloser

MultiCloser implements io.Close, it sequentially calls Close() on each object

func NewChConn added in v1.0.0

func NewChConn(conn ssh.Conn, ch ssh.Channel) *chConn

func NewHMACAnonymizer

func NewHMACAnonymizer(key string) (*hmacAnonymizer, error)

NewHMACAnonymizer returns a new HMAC-based anonymizer

func NormalizePath

func NormalizePath(path string) (string, error)

NormalizePath normalises path, evaluating symlinks and converting local paths to absolute

func ObeyIdleTimeout

func ObeyIdleTimeout(conn net.Conn, timeout time.Duration, ownerName string) net.Conn

ObeyIdleTimeout wraps an existing network connection with timeout-obeying Write() and Read() - it will drop the connection after 'timeout' on idle

Example: ObeyIdletimeout(conn, time.Second * 60, "api server").

func ObjectToStruct

func ObjectToStruct(in interface{}, out interface{}) error

ObjectToStruct is converts any structure into JSON and then unmarshalls it into another structure.

Teleport configuration uses this (strange, at first) trick to convert from one struct type to another, if their fields are loosely compatible via their `json` tags

Example: assume you have two structs:

type A struct {
    Name string `json:"name"`
	   Age  int    `json:"age"`
}
type B struct {
	   FullName string `json:"name"`
}

Now you can convert B to A:

		b := &B{ FullName: "Bob Dilan"}
		var a *A
		utils.ObjectToStruct(b, &a)
		fmt.Println(a.Name)

 > "Bob Dilan"

func OpenFile

func OpenFile(path string) (*os.File, error)

OpenFile opens file and returns file handle

func ParseCertificatePEM

func ParseCertificatePEM(bytes []byte) (*x509.Certificate, error)

ParseCertificatePEM parses PEM-encoded certificate

func ParseCertificateRequestPEM

func ParseCertificateRequestPEM(bytes []byte) (*x509.CertificateRequest, error)

ParseCertificateRequestPEM parses PEM-encoded certificate signing request

func ParseOnOff

func ParseOnOff(parameterName, val string, defaultValue bool) (bool, error)

ParseOnOff parses whether value is "on" or "off", parameterName is passed for error reporting purposes, defaultValue is returned when no value is set

func ParsePrivateKeyDER

func ParsePrivateKeyDER(der []byte) (crypto.Signer, error)

ParsePrivateKeyDER parses unencrypted DER-encoded private key

func ParsePrivateKeyPEM

func ParsePrivateKeyPEM(bytes []byte) (crypto.Signer, error)

ParsePrivateKeyPEM parses PEM-encoded private key

func PrintVersion added in v1.0.0

func PrintVersion()

PrintVersion prints human readable version

func RandomDuration added in v1.0.0

func RandomDuration(max time.Duration) time.Duration

RandomDuration returns a duration in a range [0, max)

func ReadAll added in v1.0.0

func ReadAll(r io.Reader, bufsize int) (out []byte, err error)

ReadAll is similarl to ioutil.ReadAll, except it doesn't use ever-increasing internal buffer, instead asking for the exact buffer size.

This is useful when you want to limit the sze of Read/Writes (websockets)

func ReadCertificateChain

func ReadCertificateChain(certificateChainBytes []byte) ([]*x509.Certificate, error)

ReadCertificateChain parses PEM encoded bytes that can contain one or multiple certificates and returns a slice of x509.Certificate.

func ReadEnvironmentFile

func ReadEnvironmentFile(filename string) ([]string, error)

ReadEnvironmentFile will read environment variables from a passed in location. Lines that start with "#" or empty lines are ignored. Assignments are in the form name=value and no variable expansion occurs.

func ReadHostUUID added in v1.0.0

func ReadHostUUID(dataDir string) (string, error)

ReadHostUUID reads host UUID from the file in the data dir

func ReadOrMakeHostUUID added in v1.0.0

func ReadOrMakeHostUUID(dataDir string) (string, error)

ReadOrMakeHostUUID looks for a hostid file in the data dir. If present, returns the UUID from it, otherwise generates one

func ReadPath

func ReadPath(path string) ([]byte, error)

func ReplaceLocalhost added in v1.0.0

func ReplaceLocalhost(addr, replaceWith string) string

ReplaceLocalhost checks if a given address is link-local (like 0.0.0.0 or 127.0.0.1) and replaces it with the IP taken from replaceWith, preserving the original port

Both addresses are in "host:port" format The function returns the original value if it encounters any problems with parsing

func Roundtrip

func Roundtrip(addr string) (string, error)

Roundtrip is a single connection simplistic HTTP client that allows us to bypass a connection pool to test load balancing used in tests, as it only supports GET request on /

func RoundtripWithConn

func RoundtripWithConn(conn net.Conn) (string, error)

RoundtripWithConn uses HTTP GET on the existing connection, used in tests as it only performs GET request on /

func SliceContainsStr

func SliceContainsStr(slice []string, value string) bool

SliceContainsStr returns 'true' if the slice contains the given value

func SplitHostPort

func SplitHostPort(hostname string) (string, string, error)

SplitHostPort splits host and port and checks that host is not empty

func SplitReaders

func SplitReaders(r1 io.Reader, r2 io.Reader) io.Reader

func StartHTTPServer

func StartHTTPServer(addr NetAddr, h http.Handler) error

func StatDir

func StatDir(path string) (os.FileInfo, error)

StatDir stats directory, returns error if file exists, but not a directory

func StringMapSlicesEqual

func StringMapSlicesEqual(a, b map[string][]string) bool

StringMapSlicesEqual returns true if two maps of string slices are equal

func StringMapsEqual

func StringMapsEqual(a, b map[string]string) bool

StringMapsEqual returns true if two strings maps are equal

func StringSlicesEqual

func StringSlicesEqual(a, b []string) bool

StringSlicesEqual returns true if string slices equal

func StringsSet

func StringsSet(in []string) map[string]struct{}

StringsSet creates set of string (map[string]struct{}) from a list of strings

func SwitchLoggingtoSyslog

func SwitchLoggingtoSyslog()

SwitchLoggingtoSyslog tells the logger to send the output to syslog

func TLSConfig

func TLSConfig() *tls.Config

TLSConfig returns default TLS configuration with strict TLS settings configured (e.g. min TLS1.2)

func ToJSON

func ToJSON(data []byte) ([]byte, error)

ToJSON converts a single YAML document into a JSON document or returns an error. If the document appears to be JSON the YAML decoding path is not used (so that error messages are JSON specific). Creds to: k8s.io for the code

func ToTTL

func ToTTL(c clockwork.Clock, tm time.Time) time.Duration

ToTTL converts expiration time to TTL duration relative to current time as provided by clock

func UTC

func UTC(t *time.Time)

UTC converts time to UTC timezone

func UnmarshalWithSchema

func UnmarshalWithSchema(schemaDefinition string, object interface{}, data []byte) error

UnmarshalWithSchema processes YAML or JSON encoded object with JSON schema, sets defaults and unmarshals resulting object into given struct

func UserMessageFromError added in v1.0.0

func UserMessageFromError(err error) string

UserMessageFromError returns user friendly error message from error

func VerifyCertificateChain

func VerifyCertificateChain(certificateChain []*x509.Certificate) error

VerifyCertificateChain reads in chain of certificates and makes sure the chain from leaf to root is valid. This ensures that clients (web browsers and CLI) won't have problem validating the chain.

func WriteHostUUID added in v1.0.0

func WriteHostUUID(dataDir string, id string) error

WriteHostUUID writes host UUID into a file

Types

type AddrStorage added in v1.0.0

type AddrStorage interface {
	// SetAddresses saves addresses
	SetAddresses([]NetAddr) error
	// GetAddresses
	GetAddresses() ([]NetAddr, error)
}

AddrStorage is used to store information locally for every client that connects in the cluster, so it can always have up-to-date info about auth servers

type Anonymizer

type Anonymizer interface {
	// Anonymize returns anonymized string from the provided data
	Anonymize(data []byte) string
}

Anonymizer defines an interface for anonymizing data

type CloseBroadcaster added in v1.0.0

type CloseBroadcaster struct {
	sync.Once
	C chan struct{}
}

CloseBroadcaster is a helper struct that implements io.Closer and uses channel to broadcast it's closed state once called

func NewCloseBroadcaster added in v1.0.0

func NewCloseBroadcaster() *CloseBroadcaster

NewCloseBroadcaster returns new instance of close broadcaster

func (*CloseBroadcaster) Close added in v1.0.0

func (b *CloseBroadcaster) Close() error

Close closes channel (once) to start broadcasting it's closed state

type CloserConn

type CloserConn struct {
	net.Conn
	// contains filtered or unexported fields
}

CloserConn wraps connection and attaches additional closers to it

func NewCloserConn

func NewCloserConn(conn net.Conn, closers ...io.Closer) *CloserConn

NewCloserConn returns new connection wrapper that when closed will also close passed closers

func (*CloserConn) AddCloser

func (c *CloserConn) AddCloser(closer io.Closer)

AddCloser adds any closer in ctx that will be called whenever server closes session channel

func (*CloserConn) Close

func (c *CloserConn) Close() error

type FileAddrStorage added in v1.0.0

type FileAddrStorage struct {
	// contains filtered or unexported fields
}

FileAddrStorage is a file based address storage

func NewFileAddrStorage added in v1.0.0

func NewFileAddrStorage(filePath string) *FileAddrStorage

NewFileAddrStorage returns new instance of file-based address storage

func (*FileAddrStorage) GetAddresses added in v1.0.0

func (fs *FileAddrStorage) GetAddresses() ([]NetAddr, error)

GetAddresses returns saved address list

func (*FileAddrStorage) SetAddresses added in v1.0.0

func (fs *FileAddrStorage) SetAddresses(addrs []NetAddr) error

SetAddresses updates storage with new address list

type FileNode

type FileNode struct {
	Parent string `json:"parent"`
	Name   string `json:"name"`
	Dir    bool   `json:"bool"`
	Size   int64  `json:"size"`
	Mode   int64  `json:"mode"`
}

type HostKeyCallback added in v1.0.0

type HostKeyCallback func(hostID string, remote net.Addr, key ssh.PublicKey) error

type LoadBalancer

type LoadBalancer struct {
	sync.RWMutex

	*log.Entry
	// contains filtered or unexported fields
}

LoadBalancer implements naive round robin TCP load balancer used in tests.

func NewLoadBalancer

func NewLoadBalancer(ctx context.Context, frontend NetAddr, backends ...NetAddr) (*LoadBalancer, error)

NewLoadBalancer returns new load balancer listening on frontend and redirecting requests to backends using round robin algo

func (*LoadBalancer) AddBackend

func (l *LoadBalancer) AddBackend(b NetAddr)

AddBackend adds backend

func (*LoadBalancer) Close

func (l *LoadBalancer) Close() error

func (*LoadBalancer) Listen

func (l *LoadBalancer) Listen() error

Listen creates a listener on the frontend addr

func (*LoadBalancer) ListenAndServe

func (l *LoadBalancer) ListenAndServe() error

ListenAndServe starts listening socket and serves connections on it

func (*LoadBalancer) RemoveBackend

func (l *LoadBalancer) RemoveBackend(b NetAddr)

RemoveBackend removes backend

func (*LoadBalancer) Serve

func (l *LoadBalancer) Serve() error

Serve starts accepting connections

func (*LoadBalancer) Wait

func (l *LoadBalancer) Wait()

this is to workaround issue https://github.com/golang/go/issues/10527 in tests

type LoggingPurpose

type LoggingPurpose int
const (
	LoggingForDaemon LoggingPurpose = iota
	LoggingForCLI
	LoggingForTests
)

type NetAddr

type NetAddr struct {
	// Addr is the host:port address, like "localhost:22"
	Addr string `json:"addr"`
	// AddrNetwork is the type of a network socket, like "tcp" or "unix"
	AddrNetwork string `json:"network,omitempty"`
	// Path is a socket file path, like '/var/path/to/socket' in "unix:///var/path/to/socket"
	Path string `json:"path,omitempty"`
}

NetAddr is network address that includes network, optional path and host port

func FromAddr

func FromAddr(a net.Addr) NetAddr

FromAddr returns NetAddr from golang standard net.Addr

func MustParseAddr added in v1.0.0

func MustParseAddr(a string) *NetAddr

MustParseAddr parses the provided string into NetAddr or panics on an error

func ParseAddr

func ParseAddr(a string) (*NetAddr, error)

ParseAddr takes strings like "tcp://host:port/path" and returns *NetAddr or an error

func ParseHostPortAddr added in v1.0.0

func ParseHostPortAddr(hostport string, defaultPort int) (*NetAddr, error)

ParseHostPortAddr takes strings like "host:port" and returns *NetAddr or an error

If defaultPort == -1 it expects 'hostport' string to have it

func (*NetAddr) Equals

func (a *NetAddr) Equals(other NetAddr) bool

Equals returns true if address is equal to other

func (*NetAddr) FullAddress

func (a *NetAddr) FullAddress() string

FullAddress returns full address including network and address (tcp://0.0.0.0:1243)

func (*NetAddr) IsEmpty

func (a *NetAddr) IsEmpty() bool

IsEmpty returns true if address is empty

func (*NetAddr) IsLocal added in v1.0.0

func (a *NetAddr) IsLocal() bool

IsLocal returns true if this is a local address

func (*NetAddr) IsLoopback added in v1.0.0

func (a *NetAddr) IsLoopback() bool

IsLoopback returns true if this is a loopback address

func (*NetAddr) MarshalYAML added in v1.0.0

func (a *NetAddr) MarshalYAML() (interface{}, error)

MarshalYAML defines how a network address should be marshalled to a string

func (*NetAddr) Network

func (a *NetAddr) Network() string

Network returns the scheme for this network address (tcp or unix)

func (*NetAddr) Set

func (a *NetAddr) Set(s string) error

func (*NetAddr) String

func (a *NetAddr) String() string

String returns address without network (0.0.0.0:1234)

func (*NetAddr) UnmarshalYAML

func (a *NetAddr) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML defines how a string can be unmarshalled into a network address

type NetAddrList

type NetAddrList []NetAddr

NetAddrList is a list of NetAddrs that supports helper methods for parsing from CLI tools

func (*NetAddrList) Addresses added in v1.0.0

func (nl *NetAddrList) Addresses() []string

Addresses returns a slice of strings converted from the addresses

func (*NetAddrList) Set

func (nl *NetAddrList) Set(s string) error

Set is called by CLI tools

func (*NetAddrList) String

func (nl *NetAddrList) String() string

String returns debug-friendly representation of the tool

type NetAddrVal

type NetAddrVal NetAddr

NetAddrVal can be used with flag package

func NewNetAddrVal

func NewNetAddrVal(defaultVal NetAddr, val *NetAddr) *NetAddrVal

func (*NetAddrVal) Get

func (a *NetAddrVal) Get() interface{}

func (*NetAddrVal) Set

func (a *NetAddrVal) Set(s string) error

func (*NetAddrVal) String

func (a *NetAddrVal) String() string

type PipeNetConn

type PipeNetConn struct {
	// contains filtered or unexported fields
}

PipeNetConn implemetns net.Conn from io.Reader,io.Writer and io.Closer

func NewPipeNetConn

func NewPipeNetConn(reader io.Reader,
	writer io.Writer,
	closer io.Closer,
	fakelocalAddr net.Addr,
	fakeRemoteAddr net.Addr) *PipeNetConn

func (*PipeNetConn) Close

func (nc *PipeNetConn) Close() error

func (*PipeNetConn) LocalAddr

func (nc *PipeNetConn) LocalAddr() net.Addr

func (*PipeNetConn) Read

func (nc *PipeNetConn) Read(buf []byte) (n int, e error)

func (*PipeNetConn) RemoteAddr

func (nc *PipeNetConn) RemoteAddr() net.Addr

func (*PipeNetConn) SetDeadline

func (nc *PipeNetConn) SetDeadline(t time.Time) error

func (*PipeNetConn) SetReadDeadline

func (nc *PipeNetConn) SetReadDeadline(t time.Time) error

func (*PipeNetConn) SetWriteDeadline

func (nc *PipeNetConn) SetWriteDeadline(t time.Time) error

func (*PipeNetConn) Write

func (nc *PipeNetConn) Write(buf []byte) (n int, e error)

type PortList added in v1.0.0

type PortList []string

PortList is a list of TCP port

func GetFreeTCPPorts added in v1.0.0

func GetFreeTCPPorts(n int) (PortList, error)

GetFreeTCPPorts returns n ports starting from port 20000.

func (*PortList) Pop added in v1.0.0

func (p *PortList) Pop() string

Pop returns a value from the list, it panics if the value is not there

type RemoveDirCloser

type RemoveDirCloser struct {
	Path string
}

RemoveDirCloser removes directory and all it's contents when Close is called

func (*RemoveDirCloser) Close

func (r *RemoveDirCloser) Close() error

Close removes directory and all it's contents

type SigningKeyStore

type SigningKeyStore struct {
	// contains filtered or unexported fields
}

SigningKeyStore is used to sign using X509 digital signatures

func ParseSigningKeyStorePEM

func ParseSigningKeyStorePEM(keyPEM, certPEM string) (*SigningKeyStore, error)

ParseSigningKeyStore parses signing key store from PEM encoded key pair

func (*SigningKeyStore) GetKeyPair

func (ks *SigningKeyStore) GetKeyPair() (*rsa.PrivateKey, []byte, error)

type SwitchTicker

type SwitchTicker struct {
	// contains filtered or unexported fields
}

SwitchTicker switches between slow and fast ticker based on the number of failures

func NewSwitchTicker

func NewSwitchTicker(threshold int, slowPeriod time.Duration, fastPeriod time.Duration) (*SwitchTicker, error)

NewSwitchTicker returns new instance of the switch ticker

func (*SwitchTicker) Channel

func (c *SwitchTicker) Channel() <-chan time.Time

Channel returns either channel with fast ticker or slow ticker based on whether failure count exceeds threshold or not

func (*SwitchTicker) IncrementFailureCount

func (c *SwitchTicker) IncrementFailureCount()

IncrementFailureCount increments internal failure count

func (*SwitchTicker) Reset

func (c *SwitchTicker) Reset()

Reset resets internal failure counter and switches back to fast retry period

func (*SwitchTicker) Stop

func (c *SwitchTicker) Stop()

Stop stops tickers and has to be called to prevent timer leaks

type TLSCredentials added in v1.0.0

type TLSCredentials struct {
	// PublicKey in PEM format
	PublicKey []byte
	// PrivateKey in PEM format
	PrivateKey []byte
	Cert       []byte
}

TLSCredentials keeps the typical 3 components of a proper HTTPS configuration

func GenerateSelfSignedCert added in v1.0.0

func GenerateSelfSignedCert(hostNames []string) (*TLSCredentials, error)

GenerateSelfSignedCert generates a self signed certificate that is valid for given domain names and ips, returns PEM-encoded bytes with key and cert

type TimeoutConn added in v1.2.6

type TimeoutConn struct {
	net.Conn
	TimeoutDuration time.Duration

	// Name is only useful for debugging/logging, it's a convenient
	// way to tag every idle connection
	OwnerName string
}

TimeoutConn wraps an existing net.Conn and adds read/write timeouts for it, allowing to implement "disconnect after XX of idle time" policy

Usage example: tc := utils.ObeyIdleTimeout(conn, time.Second * 30, "ssh connection") io.Copy(tc, xxx)

func (*TimeoutConn) Read added in v1.2.6

func (tc *TimeoutConn) Read(p []byte) (n int, err error)

func (*TimeoutConn) Write added in v1.2.6

func (tc *TimeoutConn) Write(p []byte) (n int, err error)

type WebSockWrapper added in v1.0.0

type WebSockWrapper struct {
	io.ReadWriteCloser
	sync.Mutex
	// contains filtered or unexported fields
}

WebSockWrapper wraps the raw websocket and converts Write() calls to proper websocket.Send() working in binary or text mode. If text mode is selected, it converts the data passed to Write() into UTF8 bytes

We need this to make sure that the entire buffer in io.Writer.Write(buffer) is delivered as a single chunk to the web browser, instead of being split into multiple frames. This wrapper basically substitutes every Write() with Send() and every Read() with Receive()

func NewWebSockWrapper added in v1.0.0

func NewWebSockWrapper(ws *websocket.Conn, m WebSocketMode) *WebSockWrapper

func (*WebSockWrapper) Close added in v1.0.0

func (w *WebSockWrapper) Close() error

func (*WebSockWrapper) Read added in v1.0.0

func (w *WebSockWrapper) Read(out []byte) (n int, err error)

Read does the opposite of write: it replaces websocket's raw "Read" with

It replaces raw Read() with "Message.Receive()"

func (*WebSockWrapper) Write added in v1.0.0

func (w *WebSockWrapper) Write(data []byte) (n int, err error)

Write implements io.WriteCloser for WebSockWriter (that's the reason we're wrapping the websocket)

It replaces raw Write() with "Message.Send()"

type WebSocketMode added in v1.0.0

type WebSocketMode int

WebSocketMode allows to create WebSocket wrappers working in text or binary mode

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL