control/controlhttp: allow setting, getting Upgrade headers in Noise upgrade

Not currently used, but will allow us to usually remove a round-trip for a future feature. Updates #5972 Change-Id: I2770ea28e3e6ec9626d1cbb505a38ba51df7fba2 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-08-13 14:43:19 +00:00 · 2022-10-17 14:50:52 -07:00
parent 03ecf335f7
commit 246274b8e9
6 changed files with 65 additions and 26 deletions
--- a/control/controlhttp/client_common.go
+++ b/control/controlhttp/client_common.go
@@ -0,0 +1,26 @@
+// Copyright (c) 2022 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package controlhttp
+
+import (
+	"net/http"
+
+	"tailscale.com/control/controlbase"
+)
+
+// ClientConn is a Tailscale control client as returned by the Dialer.
+//
+// It's effectively just a *controlbase.Conn (which it embeds) with
+// optional metadata.
+type ClientConn struct {
+	// Conn is the noise connection.
+	*controlbase.Conn
+
+	// UntrustedUpgradeHeaders are the HTTP headers seen in the
+	// 101 Switching Protocols upgrade response. They may be nil
+	// or even might've been tampered with by a middlebox.
+	// They should not be trusted.
+	UntrustedUpgradeHeaders http.Header
+}