2023-01-27 13:37:20 -08:00
|
|
|
// Copyright (c) Tailscale Inc & AUTHORS
|
|
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
2022-06-02 16:20:42 -07:00
|
|
|
|
|
|
|
package controlhttp
|
|
|
|
|
2022-09-16 15:06:25 -04:00
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
"net/url"
|
|
|
|
"time"
|
|
|
|
|
2024-04-26 10:12:46 -07:00
|
|
|
"tailscale.com/health"
|
2022-09-16 15:06:25 -04:00
|
|
|
"tailscale.com/net/dnscache"
|
2023-04-17 16:01:41 -07:00
|
|
|
"tailscale.com/net/netmon"
|
2022-09-23 13:06:55 -04:00
|
|
|
"tailscale.com/tailcfg"
|
2023-08-04 19:29:44 -04:00
|
|
|
"tailscale.com/tstime"
|
2022-09-16 15:06:25 -04:00
|
|
|
"tailscale.com/types/key"
|
|
|
|
"tailscale.com/types/logger"
|
|
|
|
)
|
|
|
|
|
2022-06-02 16:20:42 -07:00
|
|
|
const (
|
|
|
|
// upgradeHeader is the value of the Upgrade HTTP header used to
|
|
|
|
// indicate the Tailscale control protocol.
|
|
|
|
upgradeHeaderValue = "tailscale-control-protocol"
|
|
|
|
|
|
|
|
// handshakeHeaderName is the HTTP request header that can
|
|
|
|
// optionally contain base64-encoded initial handshake
|
|
|
|
// payload, to save an RTT.
|
|
|
|
handshakeHeaderName = "X-Tailscale-Handshake"
|
|
|
|
|
|
|
|
// serverUpgradePath is where the server-side HTTP handler to
|
|
|
|
// to do the protocol switch is located.
|
|
|
|
serverUpgradePath = "/ts2021"
|
|
|
|
)
|
2022-09-16 15:06:25 -04:00
|
|
|
|
2024-10-01 20:08:55 -07:00
|
|
|
// NoPort is a sentinel value for Dialer.HTTPSPort to indicate that HTTPS
|
|
|
|
// should not be tried on any port. It exists primarily for some localhost
|
|
|
|
// tests where the control plane only runs on HTTP.
|
|
|
|
const NoPort = "none"
|
|
|
|
|
2022-09-16 15:06:25 -04:00
|
|
|
// Dialer contains configuration on how to dial the Tailscale control server.
|
|
|
|
type Dialer struct {
|
|
|
|
// Hostname is the hostname to connect to, with no port number.
|
|
|
|
//
|
|
|
|
// This field is required.
|
|
|
|
Hostname string
|
|
|
|
|
|
|
|
// MachineKey contains the current machine's private key.
|
|
|
|
//
|
|
|
|
// This field is required.
|
|
|
|
MachineKey key.MachinePrivate
|
|
|
|
|
|
|
|
// ControlKey contains the expected public key for the control server.
|
|
|
|
//
|
|
|
|
// This field is required.
|
|
|
|
ControlKey key.MachinePublic
|
|
|
|
|
|
|
|
// ProtocolVersion is the expected protocol version to negotiate.
|
|
|
|
//
|
|
|
|
// This field is required.
|
|
|
|
ProtocolVersion uint16
|
|
|
|
|
|
|
|
// HTTPPort is the port number to use when making a HTTP connection.
|
|
|
|
//
|
|
|
|
// If not specified, this defaults to port 80.
|
|
|
|
HTTPPort string
|
|
|
|
|
|
|
|
// HTTPSPort is the port number to use when making a HTTPS connection.
|
|
|
|
//
|
|
|
|
// If not specified, this defaults to port 443.
|
2024-10-01 20:08:55 -07:00
|
|
|
//
|
|
|
|
// If "none" (NoPort), HTTPS is disabled.
|
2022-09-16 15:06:25 -04:00
|
|
|
HTTPSPort string
|
|
|
|
|
|
|
|
// Dialer is the dialer used to make outbound connections.
|
|
|
|
//
|
|
|
|
// If not specified, this defaults to net.Dialer.DialContext.
|
|
|
|
Dialer dnscache.DialContextFunc
|
|
|
|
|
2023-04-29 20:25:37 -07:00
|
|
|
// DNSCache is the caching Resolver used by this Dialer.
|
|
|
|
//
|
|
|
|
// If not specified, a new Resolver is created per attempt.
|
|
|
|
DNSCache *dnscache.Resolver
|
|
|
|
|
2022-09-16 15:06:25 -04:00
|
|
|
// Logf, if set, is a logging function to use; if unset, logs are
|
|
|
|
// dropped.
|
|
|
|
Logf logger.Logf
|
|
|
|
|
2023-04-17 16:01:41 -07:00
|
|
|
NetMon *netmon.Monitor
|
|
|
|
|
2024-04-26 10:12:46 -07:00
|
|
|
// HealthTracker, if non-nil, is the health tracker to use.
|
|
|
|
HealthTracker *health.Tracker
|
|
|
|
|
2022-09-23 13:06:55 -04:00
|
|
|
// DialPlan, if set, contains instructions from the control server on
|
|
|
|
// how to connect to it. If present, we will try the methods in this
|
|
|
|
// plan before falling back to DNS.
|
|
|
|
DialPlan *tailcfg.ControlDialPlan
|
|
|
|
|
2022-09-16 15:06:25 -04:00
|
|
|
proxyFunc func(*http.Request) (*url.URL, error) // or nil
|
|
|
|
|
|
|
|
// For tests only
|
2023-02-08 18:24:30 +00:00
|
|
|
drainFinished chan struct{}
|
|
|
|
omitCertErrorLogging bool
|
|
|
|
testFallbackDelay time.Duration
|
2023-08-04 19:29:44 -04:00
|
|
|
|
2024-10-01 09:13:57 -07:00
|
|
|
// Clock, if non-nil, overrides the clock to use.
|
|
|
|
// If nil, tstime.StdClock is used.
|
|
|
|
// This exists primarily for tests.
|
2023-08-04 19:29:44 -04:00
|
|
|
Clock tstime.Clock
|
2022-09-16 15:06:25 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func strDef(v1, v2 string) string {
|
|
|
|
if v1 != "" {
|
|
|
|
return v1
|
|
|
|
}
|
|
|
|
return v2
|
|
|
|
}
|