func PipeHandlerWithStream(handler Handler, stream func(net.Conn, net.Conn, func(b []byte)), eventNotifier EventNotifier, done func())
PipeHandlerWithStream performs continuous bidirectional transfer of data between handler client and backend takes arguments -> [handler]: Handler-compliant struct. Handler#GetClientConnection and Handler#GetBackendConnection provide client and backend connections (net.Conn) [stream]: function performing continuous bidirectional transfer [eventNotifier]: EventNotifier-compliant struct. EventNotifier#ClientData is passed transfer bytes [done]: function called once when transfer ceases
BaseHandler provides default (shared/common) implementations of Handler interface methods, where it makes sense - the rest of the methods panic if not implemented in the "DerivedHandler" e.g. BaseHandler#Authenticate.
The intention is to keep things DRY by embedding BaseHandler in "DerivedHandler"
There is no requirement to use BaseHandler.
type BaseHandler struct { BackendConnection net.Conn ClientConnection net.Conn EventNotifier EventNotifier HandlerConfig config.Handler Resolver Resolver ShutdownNotifier HandlerShutdownNotifier }
func NewBaseHandler(options HandlerOptions) BaseHandler
NewBaseHandler creates a BaseHandler from HandlerOptions
func (h *BaseHandler) Authenticate(map[string][]byte, *http.Request) error
Authenticate implements plugin_v1.Handler
func (h *BaseHandler) GetBackendConnection() net.Conn
GetBackendConnection implements plugin_v1.Handler
func (h *BaseHandler) GetClientConnection() net.Conn
GetClientConnection implements plugin_v1.Handler
func (h *BaseHandler) GetConfig() config.Handler
GetConfig implements plugin_v1.Handler
func (h *BaseHandler) LoadKeys(keyring agent.Agent) error
LoadKeys implements plugin_v1.Handler
func (h *BaseHandler) PrintDebug(msg string)
Debug: Print only if Debug is enabled
func (h *BaseHandler) Shutdown()
Shutdown implements plugin_v1.Handler
BaseListener provides default (shared/common) implementations of Listener interface methods, where it makes sense - the rest of the methods panic if not implemented in the "DerivedListener" e.g. BaseListener#GetName.
The intention is to keep things DRY by embedding BaseListener in "DerivedListener".
There is no requirement to use BaseListener.
type BaseListener struct {
Config config.Listener
EventNotifier EventNotifier
HandlerConfigs []config.Handler
IsClosed bool
NetListener net.Listener
Resolver Resolver
RunHandlerFunc func(id string, options HandlerOptions) Handler
// contains filtered or unexported fields
}
func NewBaseListener(options ListenerOptions) BaseListener
NewBaseListener creates a BaseListener from ListenerOptions
func (l *BaseListener) AddHandler(handler Handler)
AddHandler appends a given Handler to the slice of Handlers held by BaseListener
func (l *BaseListener) GetConfig() config.Listener
GetConfig implements plugin_v1.Listener
func (l *BaseListener) GetConnections() []net.Conn
GetConnections implements plugin_v1.Listener
func (l *BaseListener) GetHandlers() []Handler
GetHandlers implements plugin_v1.Listener
func (l *BaseListener) GetListener() net.Listener
GetListener implements plugin_v1.Listener
func (l *BaseListener) GetName() string
GetName returns the internal name given to this listener
func (l *BaseListener) GetNotifier() EventNotifier
GetNotifier implements plugin_v1.Listener
func (l *BaseListener) Listen()
Listen implements plugin_v1.Listener
func (l *BaseListener) RemoveHandler(targetHandler Handler)
RemoveHandler removes a given Handler from the slice of Handlers held by BaseListener
func (l *BaseListener) Shutdown() error
Shutdown implements plugin_v1.Listener
func (l *BaseListener) Validate() error
Validate implements plugin_v1.Listener
ConfigurationChangedHandler interface specifies what method is required to support being a target of a ConfigurationManger object.
type ConfigurationChangedHandler interface { // ConfigurationChanged is a method that gets triggered when a ConfigurationManager // has a new configuration that should be loaded. ConfigurationChanged(string, config.Config) error }
ConfigurationManager is the interface used to obtain configuration data and to trigger updates
type ConfigurationManager interface { // Initialize is called to instantiate the ConfigurationManager and provide // a handler that will be notified of configuration object updates. Initialize(handler ConfigurationChangedHandler, configSpec string) error // GetName returns the internal name that the ConfigurationManager was // instantiated with. GetName() string }
ConfigurationManagerOptions contains the configuration for the configuration manager instantiation.
type ConfigurationManagerOptions struct { // Name is the internal name that the configuraton manager will have. This // may be different from the name passed back from the factory. Name string }
ConnectionManager is an interface to be implemented by plugins that want to manage connections for handlers and listeners.
type ConnectionManager interface { // Initialize is called before proxy initialization Initialize(config.Config, func(config.Config) error) error // CreateListener is called for every listener created by Proxy CreateListener(Listener) // NewConnection is called for each new client connection before being // passed to a handler NewConnection(Listener, net.Conn) // CloseConnect is called when a client connection is closed CloseConnection(net.Conn) // CreateHandler is called after listener creates a new handler CreateHandler(Handler, net.Conn) // DestroyHandler is called before a handler is removed DestroyHandler(Handler) // ResolveSecret is called when a provider resolves a variable ResolveSecret(provider Provider, id string, value []byte) // ClientData is called for each inbound packet from clients ClientData(net.Conn, []byte) // ServerData is called for each inbound packet from the backend ServerData(net.Conn, []byte) // Shutdown is called when secretless caught a signal to exit Shutdown() }
EventNotifier is the interface which is used to pass event up from handlers/ listeners/managers back up to the main plugin manager
type EventNotifier interface { // NewConnection is called for each new client connection before being // passed to a handler NewConnection(Listener, net.Conn) // ClientData is called for each inbound packet from clients ClientData(net.Conn, []byte) // CreateHandler is called after listener creates a new handler CreateHandler(Handler, net.Conn) // CreateListener is called for every listener created by Proxy CreateListener(Listener) // ResolveSecret is called when a provider resolves a variable // TODO: unclear why we're reimplementing the StoredSecret functionality here... ResolveSecret(provider Provider, id string, value []byte) // ServerData is called for each inbound packet from the backend ServerData(net.Conn, []byte) }
Handler is an interface which takes a connection and connects it to a backend TODO: Remove Authenticate as it's only used by http listener TODO: Remove LoadKeys as it's only used by sshagent listener
type Handler interface { Authenticate(map[string][]byte, *http.Request) error GetConfig() config.Handler GetClientConnection() net.Conn GetBackendConnection() net.Conn LoadKeys(keyring agent.Agent) error Shutdown() }
HandlerOptions contains the configuration for the handler
type HandlerOptions struct { HandlerConfig config.Handler Channels <-chan ssh.NewChannel ClientConnection net.Conn EventNotifier EventNotifier ShutdownNotifier HandlerShutdownNotifier Resolver Resolver }
HandlerShutdownNotifier is a function signature for notifying of a Handler's Shutdown
type HandlerShutdownNotifier func(Handler)
Listener is the interface which accepts client connections and passes them to a handler
type Listener interface { GetConfig() config.Listener GetConnections() []net.Conn GetHandlers() []Handler GetListener() net.Listener GetName() string GetNotifier() EventNotifier Listen() Validate() error Shutdown() error }
ListenerOptions contains thetype Proxy struct { configuration for the listener
type ListenerOptions struct { EventNotifier EventNotifier HandlerConfigs []config.Handler ListenerConfig config.Listener NetListener net.Listener Resolver Resolver RunHandlerFunc func(string, HandlerOptions) Handler }
Provider is the interface used to obtain values from a secret vault backend.
type Provider interface { // GetName returns the name that the Provider was instantiated with GetName() string // GetValue takes in an id of a variable and returns its resolved value GetValue(id string) ([]byte, error) }
ProviderOptions contains the configuration for the provider instantiation
type ProviderOptions struct { // Name is the internal name that the provider will have. This may be different from // the name passed back from the provider factory. Name string }
Resolver is the interface which is used to pass a generic resolver down to the Listeners/Handlers.
type Resolver interface { // Provider gets back an instance of a named provider and creates it if // one already doesn't exist Provider(name string) (Provider, error) // Resolve accepts an array of variables and returns a map of resolved ones Resolve(variables []config.StoredSecret) (result map[string][]byte, err error) }