Documentation ¶
Index ¶
- Constants
- func Consolef(w io.Writer, msg string, params ...interface{})
- func CopyStrings(in []string) []string
- func CreateTLSConfiguration(certFile, keyFile string) (*tls.Config, error)
- func CryptoRandomHex(len int) (string, error)
- func Deduplicate(in []string) []string
- func FatalError(err error)
- func GenerateOTPURL(typ string, label string, parameters map[string][]byte) string
- func GenerateQRCode(u string) ([]byte, error)
- func GenerateSelfSignedSigningCert(entity pkix.Name, dnsNames []string, ttl time.Duration) ([]byte, []byte, error)
- func GetLoginShell(username string) (string, error)
- func GuessHostIP() (ip net.IP, err error)
- func HumanTimeFormat(d time.Time) string
- func InitCLIParser(appName, appHelp string) (app *kingpin.Application)
- func InitLogger(purpose LoggingPurpose, level log.Level)
- func InitLoggerForTests()
- func IsDir(dirPath string) bool
- func IsFile(fp string) bool
- func IsHandshakeFailedError(err error) bool
- func IsLocalhost(host string) bool
- func IsLoopback(host string) bool
- func IsShellFailedError(err error) bool
- func ListenTLS(address string, certFile, keyFile string) (net.Listener, error)
- func MinTTL(a, b time.Duration) time.Duration
- func MultiCloser(closers ...io.Closer) *multiCloser
- func NewChConn(conn ssh.Conn, ch ssh.Channel) *chConn
- func NormalizePath(path string) (string, error)
- func ObeyIdleTimeout(conn net.Conn, timeout time.Duration, ownerName string) net.Conn
- func ObjectToStruct(in interface{}, out interface{}) error
- func OpenFile(path string) (*os.File, error)
- func ParseCertificatePEM(bytes []byte) (*x509.Certificate, error)
- func ParseCertificateRequestPEM(bytes []byte) (*x509.CertificateRequest, error)
- func ParsePrivateKeyDER(der []byte) (crypto.Signer, error)
- func ParsePrivateKeyPEM(bytes []byte) (crypto.Signer, error)
- func PrintVersion()
- func RandomDuration(max time.Duration) time.Duration
- func ReadAll(r io.Reader, bufsize int) (out []byte, err error)
- func ReadEnvironmentFile(filename string) ([]string, error)
- func ReadHostUUID(dataDir string) (string, error)
- func ReadOrMakeHostUUID(dataDir string) (string, error)
- func ReadPath(path string) ([]byte, error)
- func ReplaceLocalhost(addr, replaceWith string) string
- func ResetInterruptSignalHandler()
- func SliceContainsStr(slice []string, value string) bool
- func SplitReaders(r1 io.Reader, r2 io.Reader) io.Reader
- func StartHTTPServer(addr NetAddr, h http.Handler) error
- func StatDir(path string) (os.FileInfo, error)
- func StringMapSlicesEqual(a, b map[string][]string) bool
- func StringMapsEqual(a, b map[string]string) bool
- func StringSlicesEqual(a, b []string) bool
- func SwitchLoggingtoSyslog()
- func ToJSON(data []byte) ([]byte, error)
- func ToTTL(c clockwork.Clock, tm time.Time) time.Duration
- func UTC(t *time.Time)
- func UnmarshalWithSchema(schemaDefinition string, object interface{}, data []byte) error
- func UserMessageFromError(err error) string
- func WriteHostUUID(dataDir string, id string) error
- type AddrStorage
- type CloseBroadcaster
- type FileAddrStorage
- type FileNode
- type HostKeyCallback
- type LoggingPurpose
- type NetAddr
- func (a *NetAddr) FullAddress() string
- func (a *NetAddr) IsEmpty() bool
- func (a *NetAddr) IsLocal() bool
- func (a *NetAddr) IsLoopback() bool
- func (a *NetAddr) MarshalYAML() (interface{}, error)
- func (a *NetAddr) Network() string
- func (a *NetAddr) Set(s string) error
- func (a *NetAddr) String() string
- func (a *NetAddr) UnmarshalYAML(unmarshal func(interface{}) error) error
- type NetAddrList
- type NetAddrVal
- type PipeNetConn
- func (nc *PipeNetConn) Close() error
- func (nc *PipeNetConn) LocalAddr() net.Addr
- func (nc *PipeNetConn) Read(buf []byte) (n int, e error)
- func (nc *PipeNetConn) RemoteAddr() net.Addr
- func (nc *PipeNetConn) SetDeadline(t time.Time) error
- func (nc *PipeNetConn) SetReadDeadline(t time.Time) error
- func (nc *PipeNetConn) SetWriteDeadline(t time.Time) error
- func (nc *PipeNetConn) Write(buf []byte) (n int, e error)
- type PortList
- type RemoveDirCloser
- type SigningKeyStore
- type TLSCredentials
- type TimeoutConn
- type WebSockWrapper
- type WebSocketMode
Constants ¶
const ( // DefaultLRUCapacity is a capacity for LRU session cache DefaultLRUCapacity = 1024 // DefaultCertTTL sets the TTL of the self-signed certificate (1 year) DefaultCertTTL = (24 * time.Hour) * 365 )
const ( // HumanTimeFormatString is a human readable date formatting HumanTimeFormatString = "Mon Jan _2 15:04 UTC" // CertTeleportUser specifies teleport user CertTeleportUser = "x-teleport-user" // CertTeleportUserCA specifies teleport certificate authority CertTeleportUserCA = "x-teleport-user-ca" // CertExtensionRole specifies teleport role CertExtensionRole = "x-teleport-role" // CertExtensionAuthority specifies teleport authority's name // that signed this domain CertExtensionAuthority = "x-teleport-authority" // HostUUIDFile is the file name where the host UUID file is stored HostUUIDFile = "host_uuid" // CertTeleportClusterName is a name of the teleport cluster CertTeleportClusterName = "x-teleport-cluster-name" )
const ( WebSocketBinaryMode = iota WebSocketTextMode )
Variables ¶
This section is empty.
Functions ¶
func Consolef ¶ added in v1.0.0
Consolef prints the same message to a 'ui console' (if defined) and also to the logger with INFO priority
func CopyStrings ¶
func CreateTLSConfiguration ¶
CreateTLSConfiguration sets up default TLS configuration
func CryptoRandomHex ¶ added in v1.0.0
CryptoRandomHex returns hex encoded random string generated with crypto-strong pseudo random generator of the given bytes
func FatalError ¶ added in v1.0.0
func FatalError(err error)
FatalError is for CLI front-ends: it detects gravitational/trace debugging information, sends it to the logger, strips it off and prints a clean message to stderr
func GenerateOTPURL ¶
GenerateOTPURL returns a OTP Key URL that can be used to construct a HOTP or TOTP key. For more details see: https://github.com/google/google-authenticator/wiki/Key-Uri-Format Example: otpauth://totp/foo:bar@baz.com?secret=qux
func GenerateQRCode ¶
GenerateQRCode takes in a OTP Key URL and returns a PNG-encoded QR code.
func GenerateSelfSignedSigningCert ¶
func GenerateSelfSignedSigningCert(entity pkix.Name, dnsNames []string, ttl time.Duration) ([]byte, []byte, error)
GenerateSelfSignedSigningCert generates self-signed certificate used for digital signatures
func GetLoginShell ¶ added in v1.0.0
GetLoginShell determines the login shell for a given username
func GuessHostIP ¶ added in v1.0.0
GuessIP tries to guess an IP address this machine is reachable at on the internal network, always picking IPv4 from the internal address space
If no internal IPs are found, it returns 127.0.0.1 but it never returns an address from the public IP space
func HumanTimeFormat ¶
HumanTimeFormat formats time as recognized by humans
func InitCLIParser ¶ added in v1.0.0
func InitCLIParser(appName, appHelp string) (app *kingpin.Application)
InitCLIParser configures kingpin command line args parser with some defaults common for all Teleport CLI tools
func InitLogger ¶
func InitLogger(purpose LoggingPurpose, level log.Level)
InitLogger configures the global logger for a given purpose / verbosity level
func InitLoggerForTests ¶ added in v1.0.0
func InitLoggerForTests()
func IsDir ¶ added in v1.0.0
IsDir is a helper function to quickly check if a given path is a valid directory
func IsHandshakeFailedError ¶ added in v1.0.0
IsHandshakeFailedError specifies whether this error indicates failed handshake
func IsLocalhost ¶ added in v1.0.0
IsLocalhost returns true if this is a local hostname or ip
func IsLoopback ¶ added in v1.0.0
IsLoopback returns 'true' if a given hostname resolves to local host's loopback interface
func IsShellFailedError ¶ added in v1.0.0
IsShellFailedError specifies whether this error indicates failed attempt to start shell
func ListenTLS ¶ added in v1.0.0
ListenTLS sets up TLS listener for the http handler, starts listening on a TCP socket and returns the socket which is ready to be used for http.Serve
func MultiCloser ¶
MultiCloser implements io.Close, it sequentially calls Close() on each object
func NormalizePath ¶
NormalizePath normalises path, evaluating symlinks and converting local paths to absolute
func ObeyIdleTimeout ¶
ObeyIdleTimeout wraps an existing network connection with timeout-obeying Write() and Read() - it will drop the connection after 'timeout' on idle
Example: ObeyIdletimeout(conn, time.Second * 60, "api server").
func ObjectToStruct ¶
func ObjectToStruct(in interface{}, out interface{}) error
ObjectToStruct is converts any structure into JSON and then unmarshalls it into another structure.
Teleport configuration uses this (strange, at first) trick to convert from one struct type to another, if their fields are loosely compatible via their `json` tags
Example: assume you have two structs:
type A struct { Name string `json:"name"` Age int `json:"age"` }
type B struct { FullName string `json:"name"` }
Now you can convert B to A:
b := &B{ FullName: "Bob Dilan"} var a *A utils.ObjectToStruct(b, &a) fmt.Println(a.Name) > "Bob Dilan"
func ParseCertificatePEM ¶
func ParseCertificatePEM(bytes []byte) (*x509.Certificate, error)
ParseCertificatePEM parses PEM-encoded certificate
func ParseCertificateRequestPEM ¶
func ParseCertificateRequestPEM(bytes []byte) (*x509.CertificateRequest, error)
ParseCertificateRequestPEM parses PEM-encoded certificate signing request
func ParsePrivateKeyDER ¶
ParsePrivateKeyDER parses unencrypted DER-encoded private key
func ParsePrivateKeyPEM ¶
ParsePrivateKeyPEM parses PEM-encoded private key
func RandomDuration ¶ added in v1.0.0
RandomDuration returns a duration in a range [0, max)
func ReadAll ¶ added in v1.0.0
ReadAll is similarl to ioutil.ReadAll, except it doesn't use ever-increasing internal buffer, instead asking for the exact buffer size.
This is useful when you want to limit the sze of Read/Writes (websockets)
func ReadEnvironmentFile ¶
ReadEnvironmentFile will read environment variables from a passed in location. Lines that start with "#" or empty lines are ignored. Assignments are in the form name=value and no variable expansion occurs.
func ReadHostUUID ¶ added in v1.0.0
ReadHostUUID reads host UUID from the file in the data dir
func ReadOrMakeHostUUID ¶ added in v1.0.0
ReadOrMakeHostUUID looks for a hostid file in the data dir. If present, returns the UUID from it, otherwise generates one
func ReplaceLocalhost ¶ added in v1.0.0
ReplaceLocalhost checks if a given address is link-local (like 0.0.0.0 or 127.0.0.1) and replaces it with the IP taken from replaceWith, preserving the original port
Both addresses are in "host:port" format The function returns the original value if it encounters any problems with parsing
func ResetInterruptSignalHandler ¶
func ResetInterruptSignalHandler()
ResetInterruptSignal will reset the handler for SIGINT back to the default handler. We need to do this because when sysvinit launches Teleport on some operating systems (like CentOS 6.8) it configures Teleport to ignore SIGINT signals. See the following for more details:
http://garethrees.org/2015/08/07/ping/ https://github.com/openssh/openssh-portable/commit/4e0f5e1ec9b6318ef251180dbca50eaa01f74536
func SliceContainsStr ¶
SliceContainsStr returns 'true' if the slice contains the given value
func StringMapSlicesEqual ¶
StringMapSlicesEqual returns true if two maps of string slices are equal
func StringMapsEqual ¶
StringMapsEqual returns true if two strings maps are equal
func StringSlicesEqual ¶
StringSlicesEqual returns true if string slices equal
func SwitchLoggingtoSyslog ¶
func SwitchLoggingtoSyslog()
SwitchLoggingtoSyslog tells the logger to send the output to syslog
func ToJSON ¶
ToJSON converts a single YAML document into a JSON document or returns an error. If the document appears to be JSON the YAML decoding path is not used (so that error messages are JSON specific). Creds to: k8s.io for the code
func ToTTL ¶
ToTTL converts expiration time to TTL duration relative to current time as provided by clock
func UnmarshalWithSchema ¶
UnmarshalWithSchema processes YAML or JSON encoded object with JSON schema, sets defaults and unmarshals resulting object into given struct
func UserMessageFromError ¶ added in v1.0.0
UserMessageFromError returns user friendly error message from error
func WriteHostUUID ¶ added in v1.0.0
WriteHostUUID writes host UUID into a file
Types ¶
type AddrStorage ¶ added in v1.0.0
type AddrStorage interface { // SetAddresses saves addresses SetAddresses([]NetAddr) error // GetAddresses GetAddresses() ([]NetAddr, error) }
AddrStorage is used to store information locally for every client that connects in the cluster, so it can always have up-to-date info about auth servers
type CloseBroadcaster ¶ added in v1.0.0
CloseBroadcaster is a helper struct that implements io.Closer and uses channel to broadcast it's closed state once called
func NewCloseBroadcaster ¶ added in v1.0.0
func NewCloseBroadcaster() *CloseBroadcaster
NewCloseBroadcaster returns new instance of close broadcaster
func (*CloseBroadcaster) Close ¶ added in v1.0.0
func (b *CloseBroadcaster) Close() error
Close closes channel (once) to start broadcasting it's closed state
type FileAddrStorage ¶ added in v1.0.0
type FileAddrStorage struct {
// contains filtered or unexported fields
}
FileAddrStorage is a file based address storage
func NewFileAddrStorage ¶ added in v1.0.0
func NewFileAddrStorage(filePath string) *FileAddrStorage
NewFileAddrStorage returns new instance of file-based address storage
func (*FileAddrStorage) GetAddresses ¶ added in v1.0.0
func (fs *FileAddrStorage) GetAddresses() ([]NetAddr, error)
GetAddresses returns saved address list
func (*FileAddrStorage) SetAddresses ¶ added in v1.0.0
func (fs *FileAddrStorage) SetAddresses(addrs []NetAddr) error
SetAddresses updates storage with new address list
type HostKeyCallback ¶ added in v1.0.0
type LoggingPurpose ¶
type LoggingPurpose int
const ( LoggingForDaemon LoggingPurpose = iota LoggingForCLI LoggingForTests )
type NetAddr ¶
type NetAddr struct { // Addr is the host:port address, like "localhost:22" Addr string `json:"addr"` // AddrNetwork is the type of a network socket, like "tcp" or "unix" AddrNetwork string `json:"network,omitempty"` // Path is a socket file path, like '/var/path/to/socket' in "unix:///var/path/to/socket" Path string `json:"path,omitempty"` }
NetAddr is network address that includes network, optional path and host port
func MustParseAddr ¶ added in v1.0.0
MustParseAddr parses the provided string into NetAddr or panics on an error
func ParseAddr ¶
ParseAddr takes strings like "tcp://host:port/path" and returns *NetAddr or an error
func ParseHostPortAddr ¶ added in v1.0.0
ParseHostPortAddr takes strings like "host:port" and returns *NetAddr or an error
If defaultPort == -1 it expects 'hostport' string to have it
func (*NetAddr) FullAddress ¶
FullAddress returns full address including network and address (tcp://0.0.0.0:1243)
func (*NetAddr) IsLoopback ¶ added in v1.0.0
IsLoopback returns true if this is a loopback address
func (*NetAddr) MarshalYAML ¶ added in v1.0.0
MarshalYAML defines how a network address should be marshalled to a string
func (*NetAddr) UnmarshalYAML ¶
UnmarshalYAML defines how a string can be unmarshalled into a network address
type NetAddrList ¶
type NetAddrList []NetAddr
NetAddrList is a list of NetAddrs that supports helper methods for parsing from CLI tools
func (*NetAddrList) Addresses ¶ added in v1.0.0
func (nl *NetAddrList) Addresses() []string
Addresses returns a slice of strings converted from the addresses
func (*NetAddrList) String ¶
func (nl *NetAddrList) String() string
String returns debug-friendly representation of the tool
type NetAddrVal ¶
type NetAddrVal NetAddr
NetAddrVal can be used with flag package
func NewNetAddrVal ¶
func NewNetAddrVal(defaultVal NetAddr, val *NetAddr) *NetAddrVal
func (*NetAddrVal) Get ¶
func (a *NetAddrVal) Get() interface{}
func (*NetAddrVal) Set ¶
func (a *NetAddrVal) Set(s string) error
func (*NetAddrVal) String ¶
func (a *NetAddrVal) String() string
type PipeNetConn ¶
type PipeNetConn struct {
// contains filtered or unexported fields
}
PipeNetConn implemetns net.Conn from io.Reader,io.Writer and io.Closer
func NewPipeNetConn ¶
func (*PipeNetConn) Close ¶
func (nc *PipeNetConn) Close() error
func (*PipeNetConn) LocalAddr ¶
func (nc *PipeNetConn) LocalAddr() net.Addr
func (*PipeNetConn) RemoteAddr ¶
func (nc *PipeNetConn) RemoteAddr() net.Addr
func (*PipeNetConn) SetDeadline ¶
func (nc *PipeNetConn) SetDeadline(t time.Time) error
func (*PipeNetConn) SetReadDeadline ¶
func (nc *PipeNetConn) SetReadDeadline(t time.Time) error
func (*PipeNetConn) SetWriteDeadline ¶
func (nc *PipeNetConn) SetWriteDeadline(t time.Time) error
type PortList ¶ added in v1.0.0
type PortList []string
PortList is a list of TCP port
func GetFreeTCPPorts ¶ added in v1.0.0
GetFreeTCPPorts returns a lit of available ports on localhost used for testing
type RemoveDirCloser ¶
type RemoveDirCloser struct {
Path string
}
RemoveDirCloser removes directory and all it's contents when Close is called
func (*RemoveDirCloser) Close ¶
func (r *RemoveDirCloser) Close() error
Close removes directory and all it's contents
type SigningKeyStore ¶
type SigningKeyStore struct {
// contains filtered or unexported fields
}
SigningKeyStore is used to sign using X509 digital signatures
func ParseSigningKeyStorePEM ¶
func ParseSigningKeyStorePEM(keyPEM, certPEM string) (*SigningKeyStore, error)
ParseSigningKeyStore parses signing key store from PEM encoded key pair
func (*SigningKeyStore) GetKeyPair ¶
func (ks *SigningKeyStore) GetKeyPair() (*rsa.PrivateKey, []byte, error)
type TLSCredentials ¶ added in v1.0.0
type TLSCredentials struct { // PublicKey in PEM format PublicKey []byte // PrivateKey in PEM format PrivateKey []byte Cert []byte }
TLSCredentials keeps the typical 3 components of a proper HTTPS configuration
func GenerateSelfSignedCert ¶ added in v1.0.0
func GenerateSelfSignedCert(hostNames []string) (*TLSCredentials, error)
GenerateSelfSignedCert generates a self signed certificate that is valid for given domain names and ips, returns PEM-encoded bytes with key and cert
type TimeoutConn ¶ added in v1.2.6
type TimeoutConn struct { net.Conn TimeoutDuration time.Duration // Name is only useful for debugging/logging, it's a convenient // way to tag every idle connection OwnerName string }
TimeoutConn wraps an existing net.Conn and adds read/write timeouts for it, allowing to implement "disconnect after XX of idle time" policy
Usage example: tc := utils.ObeyIdleTimeout(conn, time.Second * 30, "ssh connection") io.Copy(tc, xxx)
type WebSockWrapper ¶ added in v1.0.0
type WebSockWrapper struct { io.ReadWriteCloser sync.Mutex // contains filtered or unexported fields }
WebSockWrapper wraps the raw websocket and converts Write() calls to proper websocket.Send() working in binary or text mode. If text mode is selected, it converts the data passed to Write() into UTF8 bytes
We need this to make sure that the entire buffer in io.Writer.Write(buffer) is delivered as a single chunk to the web browser, instead of being split into multiple frames. This wrapper basically substitues every Write() with Send() and every Read() with Receive()
func NewWebSockWrapper ¶ added in v1.0.0
func NewWebSockWrapper(ws *websocket.Conn, m WebSocketMode) *WebSockWrapper
func (*WebSockWrapper) Close ¶ added in v1.0.0
func (w *WebSockWrapper) Close() error
type WebSocketMode ¶ added in v1.0.0
type WebSocketMode int
WebSocketMode allows to create WebSocket wrappers working in text or binary mode