driveimpl

package

v1.66.0 Latest Latest Go to latest Published: May 8, 2024 License: BSD-3-Clause Imports: 29 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/tailscale/tailscale

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package driveimpl provides an implementation of package drive.

Index ¶

type FileServer
- func NewFileServer() (*FileServer, error)
type FileSystemForLocal
- func NewFileSystemForLocal(logf logger.Logf) *FileSystemForLocal
type FileSystemForRemote
- func NewFileSystemForRemote(logf logger.Logf) *FileSystemForRemote

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type FileServer ¶

type FileServer struct {
	// contains filtered or unexported fields
}

FileServer is a standalone WebDAV server that dynamically serves up shares. It's typically used in a separate process from the actual Taildrive server to serve up files as an unprivileged user.

func NewFileServer ¶

func NewFileServer() (*FileServer, error)

NewFileServer constructs a FileServer.

The server attempts to listen at a random address on 127.0.0.1. The listen address is available via the Addr() method.

The server has to be told about shares before it can serve them. This is accomplished either by calling SetShares(), or locking the shares with LockShares(), clearing them with ClearSharesLocked(), adding them individually with AddShareLocked(), and finally unlocking them with UnlockShares().

The server doesn't actually process requests until the Serve() method is called.

func (*FileServer) AddShareLocked ¶

func (s *FileServer) AddShareLocked(share, path string)

AddShareLocked adds a share to the map of shares, assuming that LockShares() has been called first.

func (*FileServer) Addr ¶

func (s *FileServer) Addr() string

Addr returns the address at which this FileServer is listening. This includes the secret token in front of the address, delimited by a pipe |.

func (*FileServer) ClearSharesLocked ¶

func (s *FileServer) ClearSharesLocked()

ClearSharesLocked clears the map of shares, assuming that LockShares() has been called first.

func (*FileServer) Close ¶

func (s *FileServer) Close() error

func (*FileServer) LockShares ¶

func (s *FileServer) LockShares()

LockShares locks the map of shares in preparation for manipulating it.

func (*FileServer) Serve ¶

func (s *FileServer) Serve() error

Serve() starts serving files and blocks until it encounters a fatal error.

func (*FileServer) ServeHTTP ¶

func (s *FileServer) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP implements the http.Handler interface. This requires a secret token in the path in order to prevent Mark-of-the-Web (MOTW) bypass attacks of the below sort:

Attacker with write access to the share puts a malicious file via http://100.100.100.100:8080/<tailnet>/<machine>/</share>/bad.exe
Attacker then induces victim to visit http://localhost:[PORT]/<share>/bad.exe
Because that is loaded from localhost, it does not get the MOTW thereby bypasses some OS-level security.

The path on this file server is actually not as above, but rather http://localhost:[PORT]/<secretToken>/<share>/bad.exe. Unless the attacker can discover the secretToken, the attacker cannot craft a localhost URL that will work.

func (*FileServer) SetShares ¶

func (s *FileServer) SetShares(shares map[string]string)

SetShares sets the full map of shares to the new value, mapping name->path.

func (*FileServer) UnlockShares ¶

func (s *FileServer) UnlockShares()

UnlockShares unlocks the map of shares.

type FileSystemForLocal ¶

type FileSystemForLocal struct {
	// contains filtered or unexported fields
}

FileSystemForLocal is the Taildrive filesystem exposed to local clients. It provides a unified WebDAV interface to remote Taildrive shares on other nodes.

func NewFileSystemForLocal ¶

func NewFileSystemForLocal(logf logger.Logf) *FileSystemForLocal

NewFileSystemForLocal starts serving a filesystem for local clients. Inbound connections must be handed to HandleConn.

func (*FileSystemForLocal) Close ¶

func (s *FileSystemForLocal) Close() error

Close() stops serving the WebDAV content

func (*FileSystemForLocal) HandleConn ¶

func (s *FileSystemForLocal) HandleConn(conn net.Conn, remoteAddr net.Addr) error

HandleConn handles connections from local WebDAV clients

func (*FileSystemForLocal) SetRemotes ¶

func (s *FileSystemForLocal) SetRemotes(domain string, remotes []*drive.Remote, transport http.RoundTripper)

SetRemotes sets the complete set of remotes on the given tailnet domain using a map of name -> url. If transport is specified, that transport will be used to connect to these remotes.

type FileSystemForRemote ¶

type FileSystemForRemote struct {
	// contains filtered or unexported fields
}

FileSystemForRemote implements drive.FileSystemForRemote.

func NewFileSystemForRemote ¶

func NewFileSystemForRemote(logf logger.Logf) *FileSystemForRemote

func (*FileSystemForRemote) Close ¶

func (s *FileSystemForRemote) Close() error

Close() implements drive.FileSystemForRemote.

func (*FileSystemForRemote) ServeHTTPWithPerms ¶

func (s *FileSystemForRemote) ServeHTTPWithPerms(permissions drive.Permissions, w http.ResponseWriter, r *http.Request)

ServeHTTPWithPerms implements drive.FileSystemForRemote.

func (*FileSystemForRemote) SetFileServerAddr ¶

func (s *FileSystemForRemote) SetFileServerAddr(addr string)

SetFileServerAddr implements drive.FileSystemForRemote.

func (*FileSystemForRemote) SetShares ¶

func (s *FileSystemForRemote) SetShares(shares []*drive.Share)

SetShares implements drive.FileSystemForRemote. Shares must be sorted according to drive.CompareShares.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
compositedav Package compositedav provides an http.Handler that composes multiple WebDAV services into a single WebDAV service that presents each of them as its own folder.	Package compositedav provides an http.Handler that composes multiple WebDAV services into a single WebDAV service that presents each of them as its own folder.
dirfs Package dirfs provides a webdav.FileSystem that looks like a read-only directory containing only subdirectories.	Package dirfs provides a webdav.FileSystem that looks like a read-only directory containing only subdirectories.
shared Package shared contains types and functions shared by different drive packages.	Package shared contains types and functions shared by different drive packages.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL