Documentation
¶
Index ¶
- type CLICommandProvider
- type Config
- type Gateway
- func (g *Gateway) CLICommand() (string, error)
- func (g *Gateway) Close() error
- func (g *Gateway) LocalAddress() string
- func (g *Gateway) LocalPort() string
- func (g *Gateway) LocalPortInt() int
- func (g *Gateway) Log() *logrus.Entry
- func (g *Gateway) Protocol() string
- func (g *Gateway) ReloadCert() error
- func (g *Gateway) RouteToDatabase() tlsca.RouteToDatabase
- func (g *Gateway) Serve() error
- func (g *Gateway) SetTargetSubresourceName(value string)
- func (g *Gateway) SetURI(newURI uri.ResourceURI)
- func (g *Gateway) TargetName() string
- func (g *Gateway) TargetSubresourceName() string
- func (g *Gateway) TargetURI() string
- func (g *Gateway) TargetUser() string
- func (g *Gateway) URI() uri.ResourceURI
- type NetTCPPortAllocator
- type OnExpiredCertFunc
- type TCPPortAllocator
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CLICommandProvider ¶
CLICommandProvider provides a CLI command for gateways which support CLI clients.
type Config ¶
type Config struct {
// URI is the gateway URI
URI uri.ResourceURI
// TargetName is the remote resource name
TargetName string
// TargetURI is the remote resource URI
TargetURI string
// TargetUser is the target user name
TargetUser string
// TargetSubresourceName points at a subresource of the remote resource, for example a database
// name on a database server. It is used only for generating the CLI command.
TargetSubresourceName string
// Port is the gateway port
LocalPort string
// LocalAddress is the local address
LocalAddress string
// Protocol is the gateway protocol
Protocol string
// CertPath
CertPath string
// KeyPath
KeyPath string
// Insecure
Insecure bool
// WebProxyAddr
WebProxyAddr string
// Log is a component logger
Log *logrus.Entry
// CLICommandProvider returns a CLI command for the gateway
CLICommandProvider CLICommandProvider
// TCPPortAllocator creates listeners on the given ports. This interface lets us avoid occupying
// hardcoded ports in tests.
TCPPortAllocator TCPPortAllocator
// Clock is used by Gateway.localProxy to check cert expiration.
Clock clockwork.Clock
// OnExpiredCert is called when a new downstream connection is accepted by the
// gateway but cannot be proxied because the cert used by the gateway has expired.
//
// Handling of the connection is blocked until OnExpiredCert returns.
OnExpiredCert OnExpiredCertFunc
}
Config describes gateway configuration
func (*Config) CheckAndSetDefaults ¶
CheckAndSetDefaults checks and sets the defaults
func (*Config) RouteToDatabase ¶
func (c *Config) RouteToDatabase() tlsca.RouteToDatabase
RouteToDatabase returns tlsca.RouteToDatabase based on the config of the gateway.
The tlsca.RouteToDatabase.Database field is skipped, as it's an optional field and gateways can change their Config.TargetSubresourceName at any moment.
type Gateway ¶
type Gateway struct {
// contains filtered or unexported fields
}
Gateway describes local proxy that creates a gateway to the remote Teleport resource.
Gateway is not safe for concurrent use in itself. However, all access to gateways is gated by daemon.Service which obtains a lock for any operation pertaining to gateways.
In the future if Gateway becomes more complex it might be worthwhile to add an RWMutex to it.
func New ¶
New creates an instance of Gateway. It starts a listener on the specified port but it doesn't start the proxy – that's the job of Serve.
func NewWithLocalPort ¶
NewWithLocalPort initializes a copy of an existing gateway which has all config fields identical to the existing gateway with the exception of the local port.
func (*Gateway) CLICommand ¶
CLICommand returns a command which launches a CLI client pointed at the given gateway.
func (*Gateway) Close ¶
Close terminates gateway connection. Fails if called on an already closed gateway.
func (*Gateway) LocalAddress ¶
func (*Gateway) LocalPortInt ¶
LocalPortInt returns the port of a gateway as an integer rather than a string.
func (*Gateway) ReloadCert ¶
ReloadCert loads the key pair from cfg.CertPath & cfg.KeyPath and updates the cert of the running local proxy. This is typically done after the cert is reissued and saved to disk.
In the future, we're probably going to make this method accept the cert as an arg rather than reading from disk.
func (*Gateway) RouteToDatabase ¶
func (g *Gateway) RouteToDatabase() tlsca.RouteToDatabase
RouteToDatabase returns tlsca.RouteToDatabase based on the config of the gateway.
The tlsca.RouteToDatabase.Database field is skipped, as it's an optional field and gateways can change their Config.TargetSubresourceName at any moment.
func (*Gateway) Serve ¶
Serve starts the underlying ALPN proxy. Blocks until closeContext is canceled.
func (*Gateway) SetTargetSubresourceName ¶
func (*Gateway) SetURI ¶
func (g *Gateway) SetURI(newURI uri.ResourceURI)
func (*Gateway) TargetName ¶
func (*Gateway) TargetSubresourceName ¶
func (*Gateway) TargetUser ¶
func (*Gateway) URI ¶
func (g *Gateway) URI() uri.ResourceURI
type NetTCPPortAllocator ¶
type NetTCPPortAllocator struct{}
type OnExpiredCertFunc ¶
OnExpiredCertFunc is the type of a function that is called when a new downstream connection is accepted by the gateway but cannot be proxied because the cert used by the gateway has expired.
Handling of the connection is blocked until the function returns.
Source Files