Documentation ¶
Index ¶
- func RegisterNewSSHServer(fn newSSHServerFunc)
- type LocalBackend
- func (b *LocalBackend) CheckIPForwarding() error
- func (b *LocalBackend) CheckPrefs(p *ipn.Prefs) error
- func (b *LocalBackend) DERPMap() *tailcfg.DERPMap
- func (b *LocalBackend) DebugReSTUN() error
- func (b *LocalBackend) DebugRebind() error
- func (b *LocalBackend) DeleteFile(name string) error
- func (b *LocalBackend) Dialer() *tsdial.Dialer
- func (b *LocalBackend) DoNoiseRequest(req *http.Request) (*http.Response, error)
- func (b *LocalBackend) EditPrefs(mp *ipn.MaskedPrefs) (*ipn.Prefs, error)
- func (b *LocalBackend) FileTargets() ([]*apitype.FileTarget, error)
- func (b *LocalBackend) GetPeerAPIPort(ip netaddr.IP) (port uint16, ok bool)
- func (b *LocalBackend) GetSSH_HostKeys() (keys []ssh.Signer, err error)
- func (b *LocalBackend) HandleQuad100Port80Conn(c net.Conn)
- func (b *LocalBackend) HandleSSHConn(c net.Conn) (err error)
- func (b *LocalBackend) InServerMode() bool
- func (b *LocalBackend) Login(token *tailcfg.Oauth2Token)
- func (b *LocalBackend) Logout()
- func (b *LocalBackend) LogoutSync(ctx context.Context) error
- func (b *LocalBackend) NetMap() *netmap.NetworkMap
- func (b *LocalBackend) OfferingExitNode() bool
- func (b *LocalBackend) OpenFile(name string) (rc io.ReadCloser, size int64, err error)
- func (b *LocalBackend) OperatorUserID() string
- func (b *LocalBackend) PeerCaps(src netaddr.IP) []string
- func (b *LocalBackend) Ping(ctx context.Context, ip netaddr.IP, pingType tailcfg.PingType) (*ipnstate.PingResult, error)
- func (b *LocalBackend) Prefs() *ipn.Prefs
- func (b *LocalBackend) RequestEngineStatus()
- func (b *LocalBackend) ResetForClientDisconnect()
- func (b *LocalBackend) ServePeerAPIConnection(remote, local netaddr.IPPort, c net.Conn)
- func (b *LocalBackend) SetControlClientGetterForTesting(newControlClient func(controlclient.Options) (controlclient.Client, error))
- func (b *LocalBackend) SetCurrentUserID(uid string)
- func (b *LocalBackend) SetDNS(ctx context.Context, name, value string) error
- func (b *LocalBackend) SetDecompressor(fn func() (controlclient.Decompressor, error))
- func (b *LocalBackend) SetDirectFileDoFinalRename(v bool)
- func (b *LocalBackend) SetDirectFileRoot(dir string)
- func (b *LocalBackend) SetExpirySooner(ctx context.Context, expiry time.Time) error
- func (b *LocalBackend) SetHTTPTestClient(c *http.Client)
- func (b *LocalBackend) SetNotifyCallback(notify func(ipn.Notify))
- func (b *LocalBackend) SetPrefs(newp *ipn.Prefs)
- func (b *LocalBackend) SetVarRoot(dir string)
- func (b *LocalBackend) ShouldHandleViaIP(ip netaddr.IP) bool
- func (b *LocalBackend) ShouldRunSSH() bool
- func (b *LocalBackend) Shutdown()
- func (b *LocalBackend) Start(opts ipn.Options) error
- func (b *LocalBackend) StartLoginInteractive()
- func (b *LocalBackend) State() ipn.State
- func (b *LocalBackend) Status() *ipnstate.Status
- func (b *LocalBackend) StatusWithoutPeers() *ipnstate.Status
- func (b *LocalBackend) TailscaleVarRoot() string
- func (b *LocalBackend) TestOnlyPublicKeys() (machineKey key.MachinePublic, nodeKey key.NodePublic)
- func (b *LocalBackend) UpdateStatus(sb *ipnstate.StatusBuilder)
- func (b *LocalBackend) WaitingFiles() ([]apitype.WaitingFile, error)
- func (b *LocalBackend) WhoIs(ipp netaddr.IPPort) (n *tailcfg.Node, u tailcfg.UserProfile, ok bool)
- type SSHServer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RegisterNewSSHServer ¶ added in v1.24.0
func RegisterNewSSHServer(fn newSSHServerFunc)
RegisterNewSSHServer lets the conditionally linked ssh/tailssh package register itself.
Types ¶
type LocalBackend ¶
type LocalBackend struct {
// contains filtered or unexported fields
}
LocalBackend is the glue between the major pieces of the Tailscale network software: the cloud control plane (via controlclient), the network data plane (via wgengine), and the user-facing UIs and CLIs (collectively called "frontends", via LocalBackend's implementation of the Backend interface).
LocalBackend implements the overall state machine for the Tailscale application. Frontends, controlclient and wgengine can feed events into LocalBackend to advance the state machine, and advancing the state machine generates events back out to zero or more components.
func NewLocalBackend ¶
func NewLocalBackend(logf logger.Logf, logid string, store ipn.StateStore, dialer *tsdial.Dialer, e wgengine.Engine, loginFlags controlclient.LoginFlags) (*LocalBackend, error)
NewLocalBackend returns a new LocalBackend that is ready to run, but is not actually running.
If dialer is nil, a new one is made.
func (*LocalBackend) CheckIPForwarding ¶ added in v1.8.0
func (b *LocalBackend) CheckIPForwarding() error
func (*LocalBackend) CheckPrefs ¶ added in v1.24.0
func (b *LocalBackend) CheckPrefs(p *ipn.Prefs) error
func (*LocalBackend) DERPMap ¶ added in v1.12.0
func (b *LocalBackend) DERPMap() *tailcfg.DERPMap
DERPMap returns the current DERPMap in use, or nil if not connected.
func (*LocalBackend) DebugReSTUN ¶ added in v1.20.0
func (b *LocalBackend) DebugReSTUN() error
func (*LocalBackend) DebugRebind ¶ added in v1.20.0
func (b *LocalBackend) DebugRebind() error
func (*LocalBackend) DeleteFile ¶ added in v1.8.0
func (b *LocalBackend) DeleteFile(name string) error
func (*LocalBackend) Dialer ¶ added in v1.20.0
func (b *LocalBackend) Dialer() *tsdial.Dialer
Dialer returns the backend's dialer.
func (*LocalBackend) DoNoiseRequest ¶ added in v1.24.0
DoNoiseRequest sends a request to URL over the the control plane Noise connection.
func (*LocalBackend) EditPrefs ¶ added in v1.8.0
func (b *LocalBackend) EditPrefs(mp *ipn.MaskedPrefs) (*ipn.Prefs, error)
func (*LocalBackend) FileTargets ¶ added in v1.8.0
func (b *LocalBackend) FileTargets() ([]*apitype.FileTarget, error)
FileTargets lists nodes that the current node can send files to.
func (*LocalBackend) GetPeerAPIPort ¶ added in v1.20.4
func (b *LocalBackend) GetPeerAPIPort(ip netaddr.IP) (port uint16, ok bool)
GetPeerAPIPort returns the port number for the peerapi server running on the provided IP.
func (*LocalBackend) GetSSH_HostKeys ¶ added in v1.22.0
func (b *LocalBackend) GetSSH_HostKeys() (keys []ssh.Signer, err error)
func (*LocalBackend) HandleQuad100Port80Conn ¶ added in v1.26.0
func (b *LocalBackend) HandleQuad100Port80Conn(c net.Conn)
HandleQuad100Port80Conn serves http://100.100.100.100/ on port 80 (and the equivalent tsaddr.TailscaleServiceIPv6 address).
func (*LocalBackend) HandleSSHConn ¶ added in v1.24.0
func (b *LocalBackend) HandleSSHConn(c net.Conn) (err error)
func (*LocalBackend) InServerMode ¶
func (b *LocalBackend) InServerMode() bool
func (*LocalBackend) Login ¶
func (b *LocalBackend) Login(token *tailcfg.Oauth2Token)
Login implements Backend. As of 2022-02-17, this is only exists for tests.
func (*LocalBackend) Logout ¶
func (b *LocalBackend) Logout()
Logout tells the controlclient that we want to log out, and transitions the local engine to the logged-out state without waiting for controlclient to be in that state.
func (*LocalBackend) LogoutSync ¶ added in v1.8.0
func (b *LocalBackend) LogoutSync(ctx context.Context) error
func (*LocalBackend) NetMap ¶
func (b *LocalBackend) NetMap() *netmap.NetworkMap
NetMap returns the latest cached network map received from controlclient, or nil if no network map was received yet.
func (*LocalBackend) OfferingExitNode ¶ added in v1.20.0
func (b *LocalBackend) OfferingExitNode() bool
OfferingExitNode reports whether b is currently offering exit node access.
func (*LocalBackend) OpenFile ¶ added in v1.8.0
func (b *LocalBackend) OpenFile(name string) (rc io.ReadCloser, size int64, err error)
func (*LocalBackend) OperatorUserID ¶ added in v1.8.0
func (b *LocalBackend) OperatorUserID() string
OperatorUserID returns the current pref's OperatorUser's ID (in os/user.User.Uid string form), or the empty string if none.
func (*LocalBackend) PeerCaps ¶ added in v1.24.0
func (b *LocalBackend) PeerCaps(src netaddr.IP) []string
PeerCaps returns the capabilities that remote src IP has to ths current node.
func (*LocalBackend) Ping ¶
func (b *LocalBackend) Ping(ctx context.Context, ip netaddr.IP, pingType tailcfg.PingType) (*ipnstate.PingResult, error)
func (*LocalBackend) Prefs ¶ added in v1.8.0
func (b *LocalBackend) Prefs() *ipn.Prefs
Prefs returns a copy of b's current prefs, with any private keys removed.
func (*LocalBackend) RequestEngineStatus ¶
func (b *LocalBackend) RequestEngineStatus()
RequestEngineStatus implements Backend.
func (*LocalBackend) ResetForClientDisconnect ¶ added in v1.8.0
func (b *LocalBackend) ResetForClientDisconnect()
ResetForClientDisconnect resets the backend for GUI clients running in interactive (non-headless) mode. This is currently used only by Windows. This causes all state to be cleared, lest an unrelated user connect to tailscaled next. But it does not trigger a logout; we don't want to the user to have to reauthenticate in the future when they restart the GUI.
func (*LocalBackend) ServePeerAPIConnection ¶ added in v1.20.4
func (b *LocalBackend) ServePeerAPIConnection(remote, local netaddr.IPPort, c net.Conn)
ServePeerAPIConnection serves an already-accepted connection c.
The remote parameter is the remote address. The local paramater is the local address (either a Tailscale IPv4 or IPv6 IP and the peerapi port for that address).
The connection will be closed by ServePeerAPIConnection.
func (*LocalBackend) SetControlClientGetterForTesting ¶ added in v1.8.0
func (b *LocalBackend) SetControlClientGetterForTesting(newControlClient func(controlclient.Options) (controlclient.Client, error))
SetControlClientGetterForTesting sets the func that creates a control plane client. It can be called at most once, before Start.
func (*LocalBackend) SetCurrentUserID ¶
func (b *LocalBackend) SetCurrentUserID(uid string)
func (*LocalBackend) SetDNS ¶ added in v1.10.0
func (b *LocalBackend) SetDNS(ctx context.Context, name, value string) error
SetDNS adds a DNS record for the given domain name & TXT record value.
It's meant for use with dns-01 ACME (LetsEncrypt) challenges.
This is the low-level interface. Other layers will provide more friendly options to get HTTPS certs.
func (*LocalBackend) SetDecompressor ¶
func (b *LocalBackend) SetDecompressor(fn func() (controlclient.Decompressor, error))
SetDecompressor sets a decompression function, which must be a zstd reader.
This exists because the iOS/Mac NetworkExtension is very resource constrained, and the zstd package is too heavy to fit in the constrained RSS limit.
func (*LocalBackend) SetDirectFileDoFinalRename ¶ added in v1.18.2
func (b *LocalBackend) SetDirectFileDoFinalRename(v bool)
SetDirectFileDoFinalRename sets whether the peerapi file server should rename a received "name.partial" file to "name" when the download is complete.
This only applies when SetDirectFileRoot is non-empty. The default is false.
func (*LocalBackend) SetDirectFileRoot ¶ added in v1.8.0
func (b *LocalBackend) SetDirectFileRoot(dir string)
SetDirectFileRoot sets the directory to download files to directly, without buffering them through an intermediate daemon-owned tailcfg.UserID-specific directory.
This must be called before the LocalBackend starts being used.
func (*LocalBackend) SetExpirySooner ¶ added in v1.24.0
SetExpiry updates the expiry of the current node key to t, as long as it's only sooner than the old expiry.
If t is in the past, the key is expired immediately. If t is after the current expiry, an error is returned.
func (*LocalBackend) SetHTTPTestClient ¶ added in v1.8.0
func (b *LocalBackend) SetHTTPTestClient(c *http.Client)
SetHTTPTestClient sets an alternate HTTP client to use with connections to the coordination server. It exists for testing. Using nil means to use the default.
func (*LocalBackend) SetNotifyCallback ¶ added in v1.8.0
func (b *LocalBackend) SetNotifyCallback(notify func(ipn.Notify))
func (*LocalBackend) SetPrefs ¶
func (b *LocalBackend) SetPrefs(newp *ipn.Prefs)
SetPrefs saves new user preferences and propagates them throughout the system. Implements Backend.
func (*LocalBackend) SetVarRoot ¶ added in v1.18.0
func (b *LocalBackend) SetVarRoot(dir string)
SetVarRoot sets the root directory of Tailscale's writable storage area . (e.g. "/var/lib/tailscale")
It should only be called before the LocalBackend is used.
func (*LocalBackend) ShouldHandleViaIP ¶ added in v1.24.0
func (b *LocalBackend) ShouldHandleViaIP(ip netaddr.IP) bool
ShouldHandleViaIP reports whether whether ip is an IPv6 address in the Tailscale ULA's v6 "via" range embedding an IPv4 address to be forwarded to by Tailscale.
func (*LocalBackend) ShouldRunSSH ¶ added in v1.22.0
func (b *LocalBackend) ShouldRunSSH() bool
func (*LocalBackend) Shutdown ¶
func (b *LocalBackend) Shutdown()
Shutdown halts the backend and all its sub-components. The backend can no longer be used after Shutdown returns.
func (*LocalBackend) Start ¶
func (b *LocalBackend) Start(opts ipn.Options) error
Start applies the configuration specified in opts, and starts the state machine.
TODO(danderson): this function is trying to do too many things at once: it loads state, or imports it, or updates prefs sometimes, contains some settings that are one-shot things done by `tailscale up` because we had nowhere else to put them, and there's no clear guarantee that switching from one user's state to another is actually a supported operation (it should be, but it's very unclear from the following whether or not that is a safe transition).
func (*LocalBackend) StartLoginInteractive ¶
func (b *LocalBackend) StartLoginInteractive()
StartLoginInteractive implements Backend. It requests a new interactive login from controlclient, unless such a flow is already in progress, in which case StartLoginInteractive attempts to pick up the in-progress flow where it left off.
func (*LocalBackend) State ¶
func (b *LocalBackend) State() ipn.State
State returns the backend state machine's current state.
func (*LocalBackend) Status ¶
func (b *LocalBackend) Status() *ipnstate.Status
Status returns the latest status of the backend and its sub-components.
func (*LocalBackend) StatusWithoutPeers ¶ added in v1.8.0
func (b *LocalBackend) StatusWithoutPeers() *ipnstate.Status
StatusWithoutPeers is like Status but omits any details of peers.
func (*LocalBackend) TailscaleVarRoot ¶ added in v1.14.5
func (b *LocalBackend) TailscaleVarRoot() string
TailscaleVarRoot returns the root directory of Tailscale's writable storage area. (e.g. "/var/lib/tailscale")
It returns an empty string if there's no configured or discovered location.
func (*LocalBackend) TestOnlyPublicKeys ¶
func (b *LocalBackend) TestOnlyPublicKeys() (machineKey key.MachinePublic, nodeKey key.NodePublic)
TestOnlyPublicKeys returns the current machine and node public keys. Used in tests only to facilitate automated node authorization in the test harness.
func (*LocalBackend) UpdateStatus ¶
func (b *LocalBackend) UpdateStatus(sb *ipnstate.StatusBuilder)
UpdateStatus implements ipnstate.StatusUpdater.
func (*LocalBackend) WaitingFiles ¶ added in v1.8.0
func (b *LocalBackend) WaitingFiles() ([]apitype.WaitingFile, error)
func (*LocalBackend) WhoIs ¶
func (b *LocalBackend) WhoIs(ipp netaddr.IPPort) (n *tailcfg.Node, u tailcfg.UserProfile, ok bool)
WhoIs reports the node and user who owns the node with the given IP:port. If the IP address is a Tailscale IP, the provided port may be 0. If ok == true, n and u are valid.
type SSHServer ¶ added in v1.24.0
type SSHServer interface { HandleSSHConn(net.Conn) error // OnPolicyChange is called when the SSH access policy changes, // so that existing sessions can be re-evaluated for validity // and closed if they'd no longer be accepted. OnPolicyChange() // Shutdown is called when tailscaled is shutting down. Shutdown() }
SSHServer is the interface of the conditionally linked ssh/tailssh.server.