common

package
v0.0.0-...-5c79d48 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var DatabaseProtocols = []Protocol{
	ProtocolPostgres,
	ProtocolMySQL,
	ProtocolMongoDB,
	ProtocolOracle,
	ProtocolRedisDB,
	ProtocolSQLServer,
	ProtocolSnowflake,
	ProtocolCassandra,
	ProtocolElasticsearch,
	ProtocolOpenSearch,
	ProtocolDynamoDB,
	ProtocolClickhouse,
}

DatabaseProtocols is the list of the database protocols supported.

View Source 
var ProtocolsWithPingSupport = append(
	DatabaseProtocols,
	ProtocolTCP,
)

ProtocolsWithPingSupport is the list of protocols that Ping connection is supported. For now, only database protocols are supported.

View Source 
var SupportedProtocols = WithPingProtocols(
	append([]Protocol{

		ProtocolHTTP,
		ProtocolHTTP2,
		ProtocolProxySSH,
		ProtocolReverseTunnel,
		ProtocolAuth,
		ProtocolTCP,
		ProtocolProxySSHGRPC,
		ProtocolProxyGRPCInsecure,
		ProtocolProxyGRPCSecure,
	}, DatabaseProtocols...),
)

SupportedProtocols is the list of supported ALPN protocols.

Functions

func HasPingSupport 

func HasPingSupport(protocol Protocol) bool

HasPingSupport checks if the provided protocol supports Ping protocol.

func IsDBTLSProtocol 

func IsDBTLSProtocol(protocol Protocol) bool

IsDBTLSProtocol returns if DB protocol has supported native TLS protocol. where connection can be TLS terminated on ALPN proxy side. For protocol like MySQL or Postgres where custom TLS implementation is used the incoming connection needs to be forwarded to proxy database service where custom TLS handler is invoked to terminated DB connection.

func IsPingProtocol 

func IsPingProtocol(protocol Protocol) bool

IsPingProtocol checks if the provided protocol is suffixed with Ping.

func KubeLocalProxySNI 

func KubeLocalProxySNI(teleportCluster, kubeCluster string) string

KubeLocalProxySNI generates the SNI used for Kube local proxy.

func KubeLocalProxyWildcardDomain 

func KubeLocalProxyWildcardDomain(teleportCluster string) string

KubeLocalProxyWildcardDomain returns the wildcard domain used to generate local self-signed CA for provided Teleport cluster.

func ProtocolsToString 

func ProtocolsToString(protocols []Protocol) []string

ProtocolsToString converts the list of Protocols to the list of strings.

func TeleportClusterFromKubeLocalProxySNI 

func TeleportClusterFromKubeLocalProxySNI(serverName string) string

TeleportClusterFromKubeLocalProxySNI returns Teleport cluster name from SNI.

Types

type Protocol 

type Protocol string

Protocol is the TLS ALPN protocol type. 

const (
	// ProtocolPostgres is TLS ALPN protocol value used to indicate Postgres protocol.
	ProtocolPostgres Protocol = "teleport-postgres"

	// ProtocolMySQL is TLS ALPN protocol value used to indicate MySQL protocol.
	ProtocolMySQL Protocol = "teleport-mysql"

	// ProtocolMongoDB is TLS ALPN protocol value used to indicate Mongo protocol.
	ProtocolMongoDB Protocol = "teleport-mongodb"

	// ProtocolOracle is TLS ALPN protocol value used to indicate Oracle protocol.
	ProtocolOracle Protocol = "teleport-oracle"

	// ProtocolRedisDB is TLS ALPN protocol value used to indicate Redis protocol.
	ProtocolRedisDB Protocol = "teleport-redis"

	// ProtocolSQLServer is the TLS ALPN protocol value used to indicate SQL Server protocol.
	ProtocolSQLServer Protocol = "teleport-sqlserver"

	// ProtocolSnowflake is TLS ALPN protocol value used to indicate Snowflake protocol.
	ProtocolSnowflake Protocol = "teleport-snowflake"

	// ProtocolCassandra is the TLS ALPN protocol value used to indicate Cassandra protocol.
	ProtocolCassandra Protocol = "teleport-cassandra"

	// ProtocolElasticsearch is TLS ALPN protocol value used to indicate Elasticsearch protocol.
	ProtocolElasticsearch Protocol = "teleport-elasticsearch"

	// ProtocolOpenSearch is TLS ALPN protocol value used to indicate OpenSearch protocol.
	ProtocolOpenSearch Protocol = "teleport-opensearch"

	// ProtocolDynamoDB is TLS ALPN protocol value used to indicate DynamoDB protocol.
	ProtocolDynamoDB Protocol = "teleport-dynamodb"

	// ProtocolClickhouse is TLS ALPN protocol value used to indicate Clickhouse Protocol.
	ProtocolClickhouse Protocol = "teleport-clickhouse"

	// ProtocolProxySSH is TLS ALPN protocol value used to indicate Proxy SSH protocol.
	ProtocolProxySSH Protocol = "teleport-proxy-ssh"

	// ProtocolProxySSHGRPC is TLS ALPN protocol value used to indicate gRPC
	// traffic intended for the Teleport Proxy on the SSH port.
	ProtocolProxySSHGRPC Protocol = "teleport-proxy-ssh-grpc"

	// ProtocolReverseTunnel is TLS ALPN protocol value used to indicate Proxy reversetunnel protocol.
	ProtocolReverseTunnel Protocol = "teleport-reversetunnel"

	// ProtocolReverseTunnelV2 is TLS ALPN protocol value used to indicate reversetunnel clients
	// that are aware of proxy peering. This is only used on the client side to allow intermediate
	// load balancers to make decisions based on the ALPN header. ProtocolReverseTunnel should still
	// be included in the list of ALPN header for the proxy server to handle the connection properly.
	ProtocolReverseTunnelV2 Protocol = "teleport-reversetunnelv2"

	// ProtocolHTTP is TLS ALPN protocol value used to indicate HTTP 1.1 protocol
	ProtocolHTTP Protocol = "http/1.1"

	// ProtocolHTTP2 is TLS ALPN protocol value used to indicate HTTP2 protocol.
	ProtocolHTTP2 Protocol = "h2"

	// ProtocolDefault is default TLS ALPN value.
	ProtocolDefault Protocol = ""

	// ProtocolAuth allows dialing local/remote auth service based on SNI cluster name value.
	ProtocolAuth Protocol = "teleport-auth@"

	// ProtocolProxyGRPCInsecure is TLS ALPN protocol value used to indicate gRPC
	// traffic intended for the Teleport proxy join service.
	// Credentials are not verified since this is used for node joining.
	ProtocolProxyGRPCInsecure Protocol = "teleport-proxy-grpc"

	// ProtocolProxyGRPCSecure is TLS ALPN protocol value used to indicate gRPC
	// traffic intended for the Teleport proxy service with mTLS authentication.
	ProtocolProxyGRPCSecure Protocol = "teleport-proxy-grpc-mtls"

	// ProtocolMySQLWithVerPrefix is TLS ALPN prefix used by tsh to carry
	// MySQL server version.
	ProtocolMySQLWithVerPrefix = Protocol(string(ProtocolMySQL) + "-")

	// ProtocolTCP is TLS ALPN protocol value used to indicate plain TCP connection.
	ProtocolTCP Protocol = "teleport-tcp"

	// ProtocolPingSuffix is TLS ALPN suffix used to wrap connections with
	// Ping.
	ProtocolPingSuffix Protocol = "-ping"
)

func ProtocolWithPing 

func ProtocolWithPing(protocol Protocol) Protocol

ProtocolWithPing receives a protocol and returns it with the Ping protocol suffix.

func ToALPNProtocol 

func ToALPNProtocol(dbProtocol string) (Protocol, error)

ToALPNProtocol maps provided database protocol to ALPN protocol.

func WithPingProtocols 

func WithPingProtocols(protocols []Protocol) []Protocol

WithPingProtocols adds Ping protocols to the list for each protocol that supports Ping.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.