func HashRegisterRequest(versiontailcfg.SignatureType, tstime.Time, serverURLstring, deviceCert []byte,serverPubKey, machinePubKeykey.MachinePublic) ([]byte,error)

func NetmapFromMapResponseForDebug(ctxcontext.Context, prpersist.PersistView, resp *tailcfg.MapResponse) (*netmap.NetworkMap,error)

type Auto struct {// contains filtered or unexported fields}

funcNew¶

func New(optsOptions) (*Auto,error)

New creates and starts a new Auto.

func (*Auto)AuthCantContinue¶added inv1.8.0

func (c *Auto) AuthCantContinue()bool

func (*Auto)ClientID¶added inv1.90.0

func (c *Auto) ClientID()int64

ClientID returns the ClientID of the direct controlClient

func (*Auto)DirectForTest¶added inv1.50.0

func (c *Auto) DirectForTest() *Direct

DirectForTest returns the underlying direct client object.It's used in tests only.

func (*Auto)DoNoiseRequest¶added inv1.24.0

func (c *Auto) DoNoiseRequest(req *http.Request) (*http.Response,error)

func (*Auto)ExpiryForTests¶added inv1.50.0

func (c *Auto) ExpiryForTests()time.Time

ExpiryForTests returns the credential expiration time, or the zero value ifthe expiration time isn't known. It's used in tests only.

func (*Auto)Login¶added inv1.8.0

func (c *Auto) Login(flagsLoginFlags)

func (*Auto)Logout¶added inv1.8.0

func (c *Auto) Logout(ctxcontext.Context)error

func (*Auto)SendAuditLog¶added inv1.82.0

func (c *Auto) SendAuditLog(ctxcontext.Context, auditLogtailcfg.AuditLogRequest) (errerror)

SendAuditLog implements [auditlog.Transport] by sending an audit log synchronously to the control plane.

See docs ontailcfg.AuditLogRequest and [auditlog.Logger] for background.

func (*Auto)SetDNS¶added inv1.10.0

func (c *Auto) SetDNS(ctxcontext.Context, req *tailcfg.SetDNSRequest)error

SetDNS sends the SetDNSRequest request to the control plane server,requesting a DNS record be created or updated.

func (*Auto)SetDeviceAttrs¶added inv1.80.0

func (c *Auto) SetDeviceAttrs(ctxcontext.Context, attrstailcfg.AttrUpdate)error

SetDeviceAttrs does a synchronous call to the control plane to updatethe node's attributes.

See docs ontailcfg.SetDeviceAttributesRequest for background.

func (*Auto)SetDiscoPublicKey¶added inv1.92.0

func (c *Auto) SetDiscoPublicKey(keykey.DiscoPublic)

SetDiscoPublicKey sets the client's Disco public to key and sends the changeto the control server.

func (*Auto)SetExpirySooner¶added inv1.24.0

func (c *Auto) SetExpirySooner(ctxcontext.Context, expirytime.Time)error

func (*Auto)SetHostinfo¶added inv1.8.0

func (c *Auto) SetHostinfo(hi *tailcfg.Hostinfo)

func (*Auto)SetNetInfo¶added inv1.8.0

func (c *Auto) SetNetInfo(ni *tailcfg.NetInfo)

func (*Auto)SetPaused¶added inv1.8.0

func (c *Auto) SetPaused(pausedbool)

SetPaused controls whether HTTP activity should be paused.

The client can be paused and unpaused repeatedly, unlike Start and Shutdown, which can only be used once.

func (*Auto)SetTKAHead¶added inv1.34.0

func (c *Auto) SetTKAHead(headHashstring)

SetTKAHead updates the TKA head hash that map-request infrastructure sends.

func (*Auto)Shutdown¶added inv1.8.0

func (c *Auto) Shutdown()

func (*Auto)StartForTest¶added inv1.92.0

func (c *Auto) StartForTest()

StartForTest starts the client's goroutines.

It should only be called for clients created with [Options.SkipStartForTests].

func (*Auto)TestOnlyNodePublicKey¶added inv1.8.0

func (c *Auto) TestOnlyNodePublicKey()key.NodePublic

NodePublicKey returns the node public key currently in use. This isused exclusively in tests.

func (*Auto)TestOnlySetAuthKey¶added inv1.8.0

func (c *Auto) TestOnlySetAuthKey(authkeystring)

func (*Auto)TestOnlyTimeNow¶added inv1.8.0

func (c *Auto) TestOnlyTimeNow()time.Time

func (*Auto)UpdateEndpoints¶added inv1.8.0

func (c *Auto) UpdateEndpoints(endpoints []tailcfg.Endpoint)

UpdateEndpoints sets the client's discovered endpoints and sendsthem to the control server if they've changed.

It does not retain the provided slice.

type AutoUpdate struct {ClientIDint64// The ID field is used for consumers to differentiate instances of Direct.Valuebool// The Value represents DefaultAutoUpdate from [tailcfg.MapResponse].}

type Client interface {// Shutdown closes this session, which should not be used any further// afterwards.Shutdown()// Login begins an interactive or non-interactive login process.// Client will eventually call the Status callback with either a// LoginFinished flag (on success) or an auth URL (if further// interaction is needed). It merely sets the process in motion,// and doesn't wait for it to complete.Login(LoginFlags)// Logout starts a synchronous logout process. It doesn't return// until the logout operation has been completed.Logout(context.Context)error// SetPaused pauses or unpauses the controlclient activity as much// as possible, without losing its internal state, to minimize// unnecessary network activity.// TODO: It might be better to simply shutdown the controlclient and// make a new one when it's time to unpause.SetPaused(bool)// AuthCantContinue returns whether authentication is blocked. If it// is, you either need to visit the auth URL (previously sent in a// Status callback) or call the Login function appropriately.// TODO: this probably belongs in the Status itself instead.AuthCantContinue()bool// SetHostinfo changes the Hostinfo structure that will be sent in// subsequent node registration requests.// TODO: a server-side change would let us simply upload this// in a separate http request. It has nothing to do with the rest of// the state machine.SetHostinfo(*tailcfg.Hostinfo)// SetNetinfo changes the NetIinfo structure that will be sent in// subsequent node registration requests.// TODO: a server-side change would let us simply upload this// in a separate http request. It has nothing to do with the rest of// the state machine.SetNetInfo(*tailcfg.NetInfo)// SetTKAHead changes the TKA head hash value that will be sent in// subsequent netmap requests.SetTKAHead(headHashstring)// UpdateEndpoints changes the Endpoint structure that will be sent// in subsequent node registration requests.// TODO: a server-side change would let us simply upload this// in a separate http request. It has nothing to do with the rest of// the state machine.// Note: the auto client uploads the new endpoints to control immediately.UpdateEndpoints(endpoints []tailcfg.Endpoint)// SetDiscoPublicKey updates the disco public key that will be sent in// future map requests. This should be called after rotating the discovery key.// Note: the auto client uploads the new key to control immediately.SetDiscoPublicKey(key.DiscoPublic)// ClientID returns the ClientID of a client. This ID is meant to// distinguish one client from another.ClientID()int64}

type ControlDialPlanner interface {// Load returns the current plan for how to connect to control.//// The returned plan can be nil. If so, connections should be made by// resolving the control URL using DNS.Load() *tailcfg.ControlDialPlan// Store updates the dial plan with new directions from the control// server.//// The dial plan can span multiple connections to the control server.// That is, a dial plan received when connected over Wi-Fi is still// valid for a subsequent connection over LTE after a network switch.Store(*tailcfg.ControlDialPlan)}

type ControlTime struct {ClientIDint64// The ID field is used for consumers to differentiate instances of Direct.Valuetime.Time// The Value represents ControlTime from [tailcfg.MapResponse].}

type Direct struct {// contains filtered or unexported fields}

funcNewDirect¶

func NewDirect(optsOptions) (*Direct,error)

NewDirect returns a new Direct client.

func (*Direct)ClientID¶added inv1.90.0

func (c *Direct) ClientID()int64

ClientID returns the controlClientID of the controlClient.

func (*Direct)Close¶added inv1.24.0

func (c *Direct) Close()error

Close closes the underlying Noise connection(s).

func (*Direct)DoNoiseRequest¶added inv1.24.0

func (c *Direct) DoNoiseRequest(req *http.Request) (*http.Response,error)

func (*Direct)FetchNetMapForTest¶added inv1.48.0

func (c *Direct) FetchNetMapForTest(ctxcontext.Context) (*netmap.NetworkMap,error)

FetchNetMapForTest fetches the netmap once.

func (*Direct)GetPersist¶

func (c *Direct) GetPersist()persist.PersistView

func (*Direct)PollNetMap¶

func (c *Direct) PollNetMap(ctxcontext.Context, nuNetmapUpdater)error

PollNetMap makes a /map request to download the network map, callingNetmapUpdater on each update from the control plane.

It always returns a non-nil error describing the reason for the failure orwhy the request ended.

func (*Direct)SendUpdate¶added inv1.48.0

func (c *Direct) SendUpdate(ctxcontext.Context)error

SendUpdate makes a /map request to update the server of our latest state, butdoes not fetch anything. It returns an error if the server did not return asuccessful 200 OK response.

func (*Direct)SetConnectionHandleForTest¶added inv1.84.0

func (c *Direct) SetConnectionHandleForTest(handlestring)

SetConnectionHandleForTest stores a new MapRequest.ConnectionHandleForTestvalue for the next update.

func (*Direct)SetDNS¶added inv1.10.0

func (c *Direct) SetDNS(ctxcontext.Context, req *tailcfg.SetDNSRequest) (errerror)

SetDNS sends the SetDNSRequest request to the control plane server,requesting a DNS record be created or updated.

func (*Direct)SetDeviceAttrs¶added inv1.80.0

func (c *Direct) SetDeviceAttrs(ctxcontext.Context, attrstailcfg.AttrUpdate)error

SetDeviceAttrs does a synchronous call to the control plane to updatethe node's attributes.

See docs ontailcfg.SetDeviceAttributesRequest for background.

func (*Direct)SetDiscoPublicKey¶added inv1.92.0

func (c *Direct) SetDiscoPublicKey(keykey.DiscoPublic)

SetDiscoPublicKey updates the disco public key in local state.It does not implicitly trigger [SendUpdate]; callers should arrange for that.

func (*Direct)SetEndpoints¶

func (c *Direct) SetEndpoints(endpoints []tailcfg.Endpoint) (changedbool)

SetEndpoints updates the list of locally advertised endpoints.It won't be replicated to the server until a *fresh* call to PollNetMap().You don't need to restart PollNetMap if we return changed==false.

func (*Direct)SetExpirySooner¶added inv1.24.0

func (c *Direct) SetExpirySooner(ctxcontext.Context, expirytime.Time)error

SetExpirySooner attempts to shorten the expiry to the specified time.

func (*Direct)SetHostinfo¶

func (c *Direct) SetHostinfo(hi *tailcfg.Hostinfo)bool

SetHostinfo clones the provided Hostinfo and remembers it for thenext update. It reports whether the Hostinfo has changed.

func (*Direct)SetNetInfo¶

func (c *Direct) SetNetInfo(ni *tailcfg.NetInfo)bool

SetNetInfo clones the provided NetInfo and remembers it for thenext update. It reports whether the NetInfo has changed.

func (*Direct)SetTKAHead¶added inv1.34.0

func (c *Direct) SetTKAHead(tkaHeadstring)bool

SetTKAHead stores a new TKA head value for next update.It reports whether the TKA head changed.

func (*Direct)TryLogin¶

func (c *Direct) TryLogin(ctxcontext.Context, flagsLoginFlags) (urlstring, errerror)

func (*Direct)TryLogout¶

func (c *Direct) TryLogout(ctxcontext.Context)error

func (*Direct)WaitLoginURL¶

func (c *Direct) WaitLoginURL(ctxcontext.Context, urlstring) (newURLstring, errerror)

WaitLoginURL sits in a long poll waiting for the user to authenticate at url.

On success, newURL and err will both be nil.

type LoginFlagsint

type LoginGoal struct {// contains filtered or unexported fields}

type NetmapDeltaUpdater interface {// UpdateNetmapDelta is called with discrete changes to the network map.//// The ok result is whether the implementation was able to apply the// mutations. It might return false if its internal state doesn't// support applying them or a NetmapUpdater it's wrapping doesn't// implement the NetmapDeltaUpdater optional method.UpdateNetmapDelta([]netmap.NodeMutation) (okbool)}

type NetmapUpdater interface {UpdateFullNetmap(*netmap.NetworkMap)}

type Observer interface {// SetControlClientStatus is called when the client has a new status to// report. The Client is provided to allow the Observer to track which// Client is reporting the status, allowing it to ignore stale status// reports from previous Clients.SetControlClientStatus(Client,Status)}

type Options struct {Persistpersist.Persist// initial persistent dataGetMachinePrivateKey func() (key.MachinePrivate,error)// returns the machine key to useServerURLstring// URL of the tailcontrol serverAuthKeystring// optional node auth key for auto registrationClocktstime.ClockHostinfo             *tailcfg.Hostinfo// non-nil passes ownership, nil means to use default using os.Hostname, etcDiscoPublicKeykey.DiscoPublicPolicyClientpolicyclient.Client// or nil for noneLogflogger.LogfHTTPTestClient       *http.Client// optional HTTP client to use (for tests only)NoiseTestClient      *http.Client// optional HTTP client to use for noise RPCs (tests only)DebugFlags           []string// debug settings to send to controlHealthTracker        *health.TrackerPopBrowserURL        func(urlstring)// optional func to open browserDialer               *tsdial.Dialer// non-nilC2NHandlerhttp.Handler// or nilControlKnobs         *controlknobs.Knobs// or nil to ignoreBus                  *eventbus.Bus// non-nil, for setting up publishersSkipStartForTestsbool// if true, don't call [Auto.Start] to avoid any background goroutines (for tests only)// StartPaused indicates whether the client should start in a paused state// where it doesn't do network requests. This primarily exists for testing// but not necessarily "go test" tests, so it isn't restricted to only// being used in tests.StartPausedbool// Observer is called when there's a change in status to report// from the control client.// If nil, no status updates are reported.ObserverObserver// SkipIPForwardingCheck declares that the host's IP// forwarding works and should not be double-checked by the// controlclient package.SkipIPForwardingCheckbool// Pinger optionally specifies the Pinger to use to satisfy// MapResponse.PingRequest queries from the control plane.// If nil, PingRequest queries are not answered.PingerPinger// DialPlan contains and stores a previous dial plan that we received// from the control server; if nil, we fall back to using DNS.//// If we receive a new DialPlan from the server, this value will be// updated.DialPlanControlDialPlanner// Shutdown is an optional function that will be called before client shutdown is// attempted. It is used to allow the client to clean up any resources or complete any// tasks that are dependent on a live client.Shutdown func()}

type Pinger interface {// Ping is a request to do a ping with the peer handling the given IP.Ping(ctxcontext.Context, ipnetip.Addr, pingTypetailcfg.PingType, sizeint) (*ipnstate.PingResult,error)}

type Status struct {// Err, if non-nil, is an error that occurred while logging in.//// If it's of type UserVisibleError then it's meant to be shown to users in// their Tailscale client. Otherwise it's just logged to tailscaled's logs.Errerror// URL, if non-empty, is the interactive URL to visit to finish logging in.URLstring// LoggedIn, if true, indicates that serveRegister has completed and no// other login change is in progress.LoggedInbool// InMapPoll, if true, indicates that we've received at least one netmap// and are connected to receive updates.InMapPollbool// NetMap is the latest server-pushed state of the tailnet network.NetMap *netmap.NetworkMap// Persist, when Valid, is the locally persisted configuration.//// TODO(bradfitz,maisem): clarify this.Persistpersist.PersistView// contains filtered or unexported fields}

func (*Status)Equal¶

func (s *Status) Equal(s2 *Status)bool

Equal reports whether s and s2 are equal.

type UserVisibleErrorstring

func (UserVisibleError)Error¶added inv1.18.0

func (eUserVisibleError) Error()string

func (UserVisibleError)UserVisibleError¶added inv1.18.0

func (eUserVisibleError) UserVisibleError()string