derpserver
package
This package is not in the latest version of its module.
Details
Validgo.mod file
The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
- Redistributable license
Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
- Tagged version
Modules with tagged versions give importers more predictable builds.
- Stable version
When a project reaches major version v1 it is considered stable.
- Learn more about best practices
Repository
Links
Open Source Insights
Documentation¶
Overview¶
Package derpserver implements a DERP server.
Index¶
- Constants
- Variables
- func Handler(s *Server) http.Handler
- func ProbeHandler(w http.ResponseWriter, r *http.Request)
- func ServeNoContent(w http.ResponseWriter, r *http.Request)
- type BytesSentRecv
- type PacketForwarder
- type Server
- func (s *Server) Accept(ctx context.Context, nc derp.Conn, brw *bufio.ReadWriter, remoteAddr string)
- func (s *Server) AddPacketForwarder(dst key.NodePublic, fwd PacketForwarder)
- func (s *Server) Close() error
- func (s *Server) ConsistencyCheck() error
- func (s *Server) ExpVar() expvar.Var
- func (s *Server) HasMeshKey() bool
- func (s *Server) IsClientConnectedForTest(k key.NodePublic) bool
- func (s *Server) MeshKey() key.DERPMesh
- func (s *Server) MetaCert() []byte
- func (s *Server) ModifyTLSConfigToAddMetaCert(c *tls.Config)
- func (s *Server) PrivateKey() key.NodePrivate
- func (s *Server) PublicKey() key.NodePublic
- func (s *Server) RemovePacketForwarder(dst key.NodePublic, fwd PacketForwarder)
- func (s *Server) ServeDebugTraffic(w http.ResponseWriter, r *http.Request)
- func (s *Server) SetMeshKey(v string) error
- func (s *Server) SetTCPWriteTimeout(d time.Duration)
- func (s *Server) SetTailscaledSocketPath(path string)
- func (s *Server) SetVerifyClient(v bool)
- func (s *Server) SetVerifyClientURL(v string)
- func (s *Server) SetVerifyClientURLFailOpen(v bool)
- type ServerInfo
Constants¶
const (NoContentChallengeHeader = "X-Tailscale-Challenge"NoContentResponseHeader = "X-Tailscale-Response")
const (DefaultTCPWiteTimeout = 2 *time.Second)Variables¶
var IdealNodeContextKey =ctxkey.New("ideal-node", "")IdealNodeContextKey is the context key used to pass the IdealNodeHeader valuefrom the HTTP handler to the DERP server's Accept method.
Functions¶
funcProbeHandler¶
func ProbeHandler(whttp.ResponseWriter, r *http.Request)
ProbeHandler is the endpoint that clients without UDP access (including js/wasm) hit to measureDERP latency, as a replacement for UDP STUN queries.
funcServeNoContent¶
func ServeNoContent(whttp.ResponseWriter, r *http.Request)
ServeNoContent generates the /generate_204 response used by Tailscale'scaptive portal detection.
Types¶
typeBytesSentRecv¶
type BytesSentRecv struct {Sentuint64Recvuint64// Key is the public key of the client which sent/received these bytes.Keykey.NodePublic}BytesSentRecv records the number of bytes that have been sent since the last traffic checkfor a given process, as well as the public key of the process sending those bytes.
typePacketForwarder¶
type PacketForwarder interface {ForwardPacket(src, dstkey.NodePublic, payload []byte)errorString()string}PacketForwarder is something that can forward packets.
It's mostly an interface for circular dependency reasons; thetypical implementation is derphttp.Client. The other implementationis a multiForwarder, which this package creates as needed if apublic key gets more than one PacketForwarder registered for it.
typeServer¶
type Server struct {// WriteTimeout, if non-zero, specifies how long to wait// before failing when writing to a client.WriteTimeouttime.Duration// contains filtered or unexported fields}Server is a DERP server.
funcNew¶
func New(privateKeykey.NodePrivate, logflogger.Logf) *Server
New returns a new DERP server. It doesn't listen on its own.Connections are given to it via Server.Accept.
func (*Server)Accept¶
Accept adds a new connection to the server and serves it.
The provided bufio ReadWriter must be already connected to nc.Accept blocks until the Server is closed or the connection closeson its own.
Accept closes nc.
func (*Server)AddPacketForwarder¶
func (s *Server) AddPacketForwarder(dstkey.NodePublic, fwdPacketForwarder)
AddPacketForwarder registers fwd as a packet forwarder for dst.fwd must be comparable.
func (*Server)ConsistencyCheck¶
func (*Server)ExpVar¶
ExpVar returns an expvar variable suitable for registering with expvar.Publish.
func (*Server)HasMeshKey¶
HasMeshKey reports whether the server is configured with a mesh key.
func (*Server)IsClientConnectedForTest¶
func (s *Server) IsClientConnectedForTest(kkey.NodePublic)bool
IsClientConnectedForTest reports whether the client with specified key is connected.This is used in tests to verify that nodes are connected.
func (*Server)MetaCert¶
MetaCert returns the server metadata cert that can be sent by theTLS server to let the client skip a round trip during start-up.
func (*Server)ModifyTLSConfigToAddMetaCert¶
ModifyTLSConfigToAddMetaCert modifies c.GetCertificate to makeit append s.MetaCert to the returned certificates.
It panics if c or c.GetCertificate is nil.
func (*Server)PrivateKey¶
func (s *Server) PrivateKey()key.NodePrivate
PrivateKey returns the server's private key.
func (*Server)PublicKey¶
func (s *Server) PublicKey()key.NodePublic
PublicKey returns the server's public key.
func (*Server)RemovePacketForwarder¶
func (s *Server) RemovePacketForwarder(dstkey.NodePublic, fwdPacketForwarder)
RemovePacketForwarder removes fwd as a packet forwarder for dst.fwd must be comparable.
func (*Server)ServeDebugTraffic¶
func (s *Server) ServeDebugTraffic(whttp.ResponseWriter, r *http.Request)
func (*Server)SetMeshKey¶
SetMesh sets the pre-shared key that regional DERP servers used to meshamongst themselves.
It must be called before serving begins.
func (*Server)SetTCPWriteTimeout¶
SetTCPWriteTimeout sets the timeout for writing to connected clients.This timeout does not apply to mesh connections.Defaults to 2 seconds.
func (*Server)SetTailscaledSocketPath¶
SetTailscaledSocketPath sets the unix socket path to use to talk totailscaled if client verification is enabled.
If unset or set to the empty string, the default path for the operatingsystem is used.
func (*Server)SetVerifyClient¶
SetVerifyClients sets whether this DERP server verifies clients through tailscaled.
It must be called before serving begins.
func (*Server)SetVerifyClientURL¶
SetVerifyClientURL sets the admission controller URL to use for verifying clients.If empty, all clients are accepted (unless restricted by SetVerifyClient checkingagainst tailscaled).
func (*Server)SetVerifyClientURLFailOpen¶
SetVerifyClientURLFailOpen sets whether to allow clients to connect if theadmission controller URL is unreachable.
typeServerInfo¶
type ServerInfo =derp.ServerInfo
Source Files