waygate

package module
v0.0.0-...-d306aca Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 17, 2025 License: MIT Imports: 51 Imported by: 0

Documentation

Overview

Code in this file was adapted from https://github.com/crmejia/certmagic-sqlite3

Code in this file was adapted from https://github.com/crmejia/certmagic-sqlite3

Index

Constants

View Source 
const (
	MessageTypeTunnelConfig = iota
	MessageTypeSuccess
	MessageTypeListen
	MessageTypeStream
	MessageTypeDial
	MessageTypeError
)
View Source 
const DomainStatusPending = "Pending"
View Source 
const DomainStatusReady = "Ready"
View Source 
const ListenerDefaultKey = "default-listener"
View Source 
const PROXY_PROTO_PP2_TYPE_MIN_CUSTOM = 0xe0
View Source 
const PROXY_PROTO_SERVER_NAME_OFFSET = PROXY_PROTO_PP2_TYPE_MIN_CUSTOM + 0
View Source 
const TerminationTypeClient = "client"
View Source 
const TerminationTypeServer = "server"
View Source 
const TunnelTypeHTTPS = "HTTPS"
View Source 
const TunnelTypeTCP = "TCP"
View Source 
const TunnelTypeTLS = "TLS"
View Source 
const TunnelTypeUDP = "UDP"
View Source 
const WebTransportCodeCancel = 0

Variables

View Source 
var (
	DefaultToken   string = ""
	DefaultCertDir string = "./"
	DebugMode      bool   = false
)
View Source 
var WaygateServerDomain string = "wg8.org"

Functions

func ConnectConns 

func ConnectConns(downstreamConn connCloseWriter, upstreamConn connCloseWriter)

func DoDeviceFlow 

func DoDeviceFlow() (string, error)

func ExitOnError 

func ExitOnError(err error)

func NewKvStore 

func NewKvStore(sqlDb *sql.DB) (*kvStore, error)

func ProxyHttp 

func ProxyHttp(w http.ResponseWriter, r *http.Request, httpClient *http.Client, upstreamAddr string, behindProxy bool)

Types

type CertmagicSqliteStorage 

type CertmagicSqliteStorage struct {
	// contains filtered or unexported fields
}

func NewCertmagicSqliteStorage 

func NewCertmagicSqliteStorage(sqlDb *sql.DB) (*CertmagicSqliteStorage, error)

func (*CertmagicSqliteStorage) Delete 

func (s *CertmagicSqliteStorage) Delete(ctx context.Context, key string) error

func (*CertmagicSqliteStorage) Exists 

func (s *CertmagicSqliteStorage) Exists(ctx context.Context, key string) bool

func (*CertmagicSqliteStorage) List 

func (s *CertmagicSqliteStorage) List(ctx context.Context, prefix string, recursive bool) ([]string, error)

func (*CertmagicSqliteStorage) Load 

func (s *CertmagicSqliteStorage) Load(ctx context.Context, key string) ([]byte, error)

func (*CertmagicSqliteStorage) Lock 

func (s *CertmagicSqliteStorage) Lock(ctx context.Context, name string) error

func (*CertmagicSqliteStorage) Stat 

func (s *CertmagicSqliteStorage) Stat(ctx context.Context, key string) (certmagic.KeyInfo, error)

func (*CertmagicSqliteStorage) Store 

func (s *CertmagicSqliteStorage) Store(ctx context.Context, key string, value []byte) error

func (*CertmagicSqliteStorage) Unlock 

func (s *CertmagicSqliteStorage) Unlock(ctx context.Context, name string) error

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(config *ClientConfig) *Client

func (*Client) AddTunnel 

func (c *Client) AddTunnel(ctx context.Context, params url.Values) error

func (*Client) CreateSession 

func (c *Client) CreateSession(id string) (code string, err error)

func (*Client) DeleteDomain 

func (c *Client) DeleteDomain(domain string) error

func (*Client) DeleteTunnel 

func (c *Client) DeleteTunnel(tunType TunnelType, addr string) error

func (*Client) GetDomains 

func (c *Client) GetDomains() ([]Domain, error)

func (*Client) GetTunnels 

func (c *Client) GetTunnels() ([]*ClientTunnel, error)

func (*Client) ListenEvents 

func (c *Client) ListenEvents(eventCh chan interface{})

func (*Client) Proxy 

func (c *Client) Proxy(domain, addr string)

func (*Client) Run 

func (c *Client) Run() error

func (*Client) SetTunnel 

func (c *Client) SetTunnel(tunnel *ClientTunnel) error

type ClientConfig 

type ClientConfig struct {
	Users           []string
	ServerURI       string
	Token           string
	Dir             string
	Public          bool
	NoBrowser       bool
	DNSProvider     string
	DNSUser         string
	DNSToken        string
	ACMEEmail       string
	ClientName      string
	TerminationType TerminationType
}

type ClientDatabase 

type ClientDatabase struct {
	// contains filtered or unexported fields
}

func NewClientDatabase 

func NewClientDatabase(path string) (*ClientDatabase, error)

func (*ClientDatabase) DeleteDomain 

func (d *ClientDatabase) DeleteDomain(domain string) error

func (*ClientDatabase) DeleteTunnel 

func (d *ClientDatabase) DeleteTunnel(tunnelType TunnelType, address string) error

func (*ClientDatabase) GetACMEEmail 

func (d *ClientDatabase) GetACMEEmail() (string, error)

func (*ClientDatabase) GetClientName 

func (d *ClientDatabase) GetClientName() (string, error)

func (*ClientDatabase) GetDomains 

func (d *ClientDatabase) GetDomains() ([]Domain, error)

func (*ClientDatabase) GetSQLDB 

func (d *ClientDatabase) GetSQLDB() *sql.DB

func (*ClientDatabase) GetServerUri 

func (d *ClientDatabase) GetServerUri() (string, error)

func (*ClientDatabase) GetToken 

func (d *ClientDatabase) GetToken() (string, error)

func (*ClientDatabase) GetTunnel 

func (s *ClientDatabase) GetTunnel(serverAddr string) (*ClientTunnel, error)

func (*ClientDatabase) GetTunnels 

func (d *ClientDatabase) GetTunnels() ([]*ClientTunnel, error)

func (*ClientDatabase) GetUsers 

func (d *ClientDatabase) GetUsers() ([]user, error)

func (*ClientDatabase) SetACMEEmail 

func (d *ClientDatabase) SetACMEEmail(val string) error

func (*ClientDatabase) SetClientName 

func (d *ClientDatabase) SetClientName(value string) error

func (*ClientDatabase) SetDomain 

func (d *ClientDatabase) SetDomain(v Domain) error

func (*ClientDatabase) SetServerUri 

func (d *ClientDatabase) SetServerUri(serverUri string) error

func (*ClientDatabase) SetToken 

func (d *ClientDatabase) SetToken(value string) error

func (*ClientDatabase) SetTunnel 

func (d *ClientDatabase) SetTunnel(f *ClientTunnel) error

func (*ClientDatabase) SetUser 

func (d *ClientDatabase) SetUser(v user) error

type ClientMux 

type ClientMux struct {
	// contains filtered or unexported fields
}

func NewClientMux 

func NewClientMux(authHandler *decentauth.Handler, db *ClientDatabase, adminID string) *ClientMux

func (*ClientMux) Handle 

func (s *ClientMux) Handle(p string, h http.Handler)

func (*ClientMux) HandleFunc 

func (s *ClientMux) HandleFunc(p string, f func(w http.ResponseWriter, r *http.Request))

func (*ClientMux) ServeHTTP 

func (m *ClientMux) ServeHTTP(w http.ResponseWriter, r *http.Request)

type ClientSession 

type ClientSession struct {
	DoneChan chan int
	// contains filtered or unexported fields
}

func NewClientSession 

func NewClientSession(token string, db *ClientDatabase, certConfig *certmagic.Config, terminationType TerminationType) (*ClientSession, error)

func (*ClientSession) DialUDP 

func (s *ClientSession) DialUDP(network string, dstAddr *net.UDPAddr) (*UDPConn, error)

func (*ClientSession) GetTunnelConfig 

func (s *ClientSession) GetTunnelConfig() TunnelConfig

func (*ClientSession) Listen 

func (s *ClientSession) Listen(network, address string) (*Listener, error)

func (*ClientSession) ListenUDP 

func (s *ClientSession) ListenUDP(network string, udpAddr *net.UDPAddr) (*UDPConn, error)

type ClientTunnel 

type ClientTunnel struct {
	ServerAddress  string     `db:"server_address"`
	ClientAddress  string     `db:"client_address"`
	Protected      bool       `db:"protected"`
	Type           TunnelType `db:"type"`
	TLSPassthrough bool       `db:"tls_passthrough"`
}

type DNSProvider 

type DNSProvider interface {
	libdns.ZoneLister
	libdns.RecordGetter
	libdns.RecordSetter
	libdns.RecordAppender
	libdns.RecordDeleter
}

type Database 

type Database interface {
	GetDomains() ([]Domain, error)
	SetDomain(v Domain) error
	GetACMEEmail() (string, error)
	GetSQLDB() *sql.DB
}

type DialRequest 

type DialRequest struct {
	Network string `json:"network"`
	Address string `json:"address"`
}

type DialResponse 

type DialResponse struct {
	Success bool   `json:"success"`
	Message string `json:"message"`
	Address string `json:"address"`
}

type Domain 

type Domain struct {
	Domain string `db:"domain"`
	Status string `db:"status"`
}

type ErrorEvent 

type ErrorEvent struct {
	Code int
}

type ListenOptions 

type ListenOptions struct {
	Token string
	Db    *ClientDatabase
}

type ListenRequest 

type ListenRequest struct {
	Network string `json:"network"`
	Address string `json:"address"`
}

type ListenResponse 

type ListenResponse struct {
	Success bool   `json:"success"`
	Message string `json:"message"`
}

type Listener 

type Listener struct {
	// contains filtered or unexported fields
}

func (*Listener) Accept 

func (l *Listener) Accept() (net.Conn, error)

func (*Listener) Addr 

func (l *Listener) Addr() net.Addr

func (*Listener) Close 

func (l *Listener) Close() error

func (*Listener) GetTunnelConfig 

func (l *Listener) GetTunnelConfig() TunnelConfig

type MessageType 

type MessageType uint8

func (MessageType) String 

func (t MessageType) String() string

type MuxadoTunnel 

type MuxadoTunnel struct {
	// contains filtered or unexported fields
}

func NewTlsMuxadoClientTunnel 

func NewTlsMuxadoClientTunnel(tunnelReq TunnelRequest) (*MuxadoTunnel, error)

func NewTlsMuxadoServerTunnel 

func NewTlsMuxadoServerTunnel(tlsConn *tls.Conn, jose *josencillo.JOSE, public bool) (*MuxadoTunnel, error)

func NewWebSocketMuxadoClientTunnel 

func NewWebSocketMuxadoClientTunnel(tunReq TunnelRequest) (*MuxadoTunnel, error)

func NewWebSocketMuxadoServerTunnel 

func NewWebSocketMuxadoServerTunnel(
	w http.ResponseWriter,
	r *http.Request,
	jose *josencillo.JOSE,
	public bool,
	tunnelDomains []string,
	gauge prometheus.Gauge,
) (*MuxadoTunnel, error)

func (*MuxadoTunnel) AcceptStream 

func (t *MuxadoTunnel) AcceptStream() (connCloseWriter, error)

func (*MuxadoTunnel) AcceptStreamType 

func (t *MuxadoTunnel) AcceptStreamType() (connCloseWriter, MessageType, error)

func (*MuxadoTunnel) Events 

func (t *MuxadoTunnel) Events() chan TunnelEvent

func (*MuxadoTunnel) GetConfig 

func (t *MuxadoTunnel) GetConfig() TunnelConfig

func (*MuxadoTunnel) HandleRequests 

func (t *MuxadoTunnel) HandleRequests(callback func(interface{}) interface{}) error

func (*MuxadoTunnel) OpenStream 

func (t *MuxadoTunnel) OpenStream() (connCloseWriter, error)

func (*MuxadoTunnel) OpenStreamType 

func (t *MuxadoTunnel) OpenStreamType(msgType MessageType) (connCloseWriter, error)

func (*MuxadoTunnel) ReceiveDatagram 

func (t *MuxadoTunnel) ReceiveDatagram() ([]byte, net.Addr, net.Addr, error)

func (*MuxadoTunnel) Request 

func (t *MuxadoTunnel) Request(req interface{}) (interface{}, error)

func (*MuxadoTunnel) SendDatagram 

func (t *MuxadoTunnel) SendDatagram(msg []byte, srcAddr, dstAddr net.Addr) error

type NameGenerator 

type NameGenerator struct {
	// contains filtered or unexported fields
}

func NewNameGenerator 

func NewNameGenerator() (generator *NameGenerator, err error)

func (*NameGenerator) GenerateName 

func (g *NameGenerator) GenerateName() string

type OAuth2AuthUriEvent 

type OAuth2AuthUriEvent struct {
	Uri string
}

type OAuth2Handler 

type OAuth2Handler struct {
	// contains filtered or unexported fields
}

func NewOAuth2Handler 

func NewOAuth2Handler(db *ServerDatabase, serverUri, prefix string, jose *josencillo.JOSE, tmpl *template.Template) *OAuth2Handler

func (*OAuth2Handler) ServeHTTP 

func (h *OAuth2Handler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OmnistreamsTunnel 

type OmnistreamsTunnel struct {
	// contains filtered or unexported fields
}

func NewOmnistreamsClientTunnel 

func NewOmnistreamsClientTunnel(tunReq TunnelRequest) (*OmnistreamsTunnel, error)

func NewOmnistreamsServerTunnel 

func NewOmnistreamsServerTunnel(
	w http.ResponseWriter,
	r *http.Request,
	jose *josencillo.JOSE,
	public bool,
	tunnelDomains []string,
	numStreamsGauge prometheus.Gauge,
	dash *dashtui.DashTUI,
) (*OmnistreamsTunnel, error)

func (*OmnistreamsTunnel) AcceptStream 

func (t *OmnistreamsTunnel) AcceptStream() (connCloseWriter, error)

func (*OmnistreamsTunnel) AcceptStreamType 

func (t *OmnistreamsTunnel) AcceptStreamType() (connCloseWriter, MessageType, error)

func (*OmnistreamsTunnel) Events 

func (t *OmnistreamsTunnel) Events() chan TunnelEvent

func (*OmnistreamsTunnel) GetConfig 

func (t *OmnistreamsTunnel) GetConfig() TunnelConfig

func (*OmnistreamsTunnel) HandleRequests 

func (t *OmnistreamsTunnel) HandleRequests(callback func(interface{}) interface{}) error

func (*OmnistreamsTunnel) OpenStream 

func (t *OmnistreamsTunnel) OpenStream() (connCloseWriter, error)

func (*OmnistreamsTunnel) OpenStreamType 

func (t *OmnistreamsTunnel) OpenStreamType(msgType MessageType) (connCloseWriter, error)

func (*OmnistreamsTunnel) ReceiveDatagram 

func (t *OmnistreamsTunnel) ReceiveDatagram() ([]byte, net.Addr, net.Addr, error)

func (*OmnistreamsTunnel) Request 

func (t *OmnistreamsTunnel) Request(req interface{}) (interface{}, error)

func (*OmnistreamsTunnel) SendDatagram 

func (t *OmnistreamsTunnel) SendDatagram(msg []byte, srcAddr, dstAddr net.Addr) error

func (*OmnistreamsTunnel) SendMessage 

func (t *OmnistreamsTunnel) SendMessage(msg interface{}) (interface{}, error)

type PassthroughListener 

type PassthroughListener struct {
	// contains filtered or unexported fields
}

func NewPassthroughListener 

func NewPassthroughListener() *PassthroughListener

func (*PassthroughListener) Accept 

func (f *PassthroughListener) Accept() (net.Conn, error)

func (*PassthroughListener) Addr 

func (f *PassthroughListener) Addr() net.Addr

func (*PassthroughListener) Close 

func (f *PassthroughListener) Close() error

func (*PassthroughListener) PassConn 

func (f *PassthroughListener) PassConn(conn net.Conn)

type ProxyConn 

type ProxyConn struct {
	// contains filtered or unexported fields
}

This type creates a new net.Conn that's the same as an old one, except a new reader is provided. So it proxies every method except Read. This is necessary because by calling peekClientHello, part of the reader is read, so we need to create a new reader with the already read data inserted back in the front. I'm sure there's a cleaner way to do this...

func NewProxyConn 

func NewProxyConn(conn net.Conn, reader io.Reader) *ProxyConn

func (ProxyConn) Close 

func (c ProxyConn) Close() error

TODO: is this safe? Will it actually close properly, or does it need to be connected to the reader somehow?

func (ProxyConn) CloseWrite 

func (c ProxyConn) CloseWrite() error

func (ProxyConn) LocalAddr 

func (c ProxyConn) LocalAddr() net.Addr

func (ProxyConn) Read 

func (c ProxyConn) Read(p []byte) (int, error)

func (ProxyConn) RemoteAddr 

func (c ProxyConn) RemoteAddr() net.Addr

func (ProxyConn) SetDeadline 

func (c ProxyConn) SetDeadline(t time.Time) error

func (ProxyConn) SetReadDeadline 

func (c ProxyConn) SetReadDeadline(t time.Time) error

func (ProxyConn) SetWriteDeadline 

func (c ProxyConn) SetWriteDeadline(t time.Time) error

func (ProxyConn) Write 

func (c ProxyConn) Write(p []byte) (int, error)

type Server 

type Server struct {
	// contains filtered or unexported fields
}

func NewServer 

func NewServer(config *ServerConfig) *Server

func (*Server) Run 

func (s *Server) Run() int

type ServerConfig 

type ServerConfig struct {
	Domain           string
	ACMEEmail        string
	Port             int
	Public           bool
	DnsProvider      string
	DnsToken         string
	DnsUser          string
	TunnelDomains    []string
	DisableTUI       bool
	TUIDisplayPeriod time.Duration
	Users            []string
}

type ServerDatabase 

type ServerDatabase struct {
	// contains filtered or unexported fields
}

func NewServerDatabase 

func NewServerDatabase(path string) (*ServerDatabase, error)

func (*ServerDatabase) DeleteDomain 

func (d *ServerDatabase) DeleteDomain(domain string) error

func (*ServerDatabase) GetACMEEmail 

func (d *ServerDatabase) GetACMEEmail() (string, error)

func (*ServerDatabase) GetDomains 

func (d *ServerDatabase) GetDomains() ([]Domain, error)

func (*ServerDatabase) GetJWKS 

func (d *ServerDatabase) GetJWKS() (string, error)

func (*ServerDatabase) GetSQLDB 

func (d *ServerDatabase) GetSQLDB() *sql.DB

func (*ServerDatabase) GetUsers 

func (d *ServerDatabase) GetUsers() ([]user, error)

func (*ServerDatabase) SetACMEEmail 

func (d *ServerDatabase) SetACMEEmail(val string) error

func (*ServerDatabase) SetDomain 

func (d *ServerDatabase) SetDomain(v Domain) error

func (*ServerDatabase) SetJWKS 

func (d *ServerDatabase) SetJWKS(jwks string) error

func (*ServerDatabase) SetUser 

func (d *ServerDatabase) SetUser(v user) error

type ServerMux 

type ServerMux struct {
	// contains filtered or unexported fields
}

func NewServerMux 

func NewServerMux(authHandler *decentauth.Handler, adminID string) *ServerMux

func (*ServerMux) Handle 

func (s *ServerMux) Handle(p string, h http.Handler)

func (*ServerMux) HandleFunc 

func (s *ServerMux) HandleFunc(p string, f func(w http.ResponseWriter, r *http.Request))

func (*ServerMux) ServeHTTP 

func (m *ServerMux) ServeHTTP(w http.ResponseWriter, r *http.Request)

type SessionCreatedEvent 

type SessionCreatedEvent struct {
}

type TerminationType 

type TerminationType string

type TokenFlow 

type TokenFlow struct {
	// contains filtered or unexported fields
}

func NewTokenFlow 

func NewTokenFlow() (*TokenFlow, error)

func (*TokenFlow) GetAuthUri 

func (f *TokenFlow) GetAuthUri() string

func (*TokenFlow) GetToken 

func (f *TokenFlow) GetToken() (string, error)

func (*TokenFlow) GetTokenWithRedirect 

func (f *TokenFlow) GetTokenWithRedirect(redirUriCh chan string) (string, error)

type Tunnel 

type Tunnel interface {
	OpenStream() (connCloseWriter, error)
	OpenStreamType(MessageType) (connCloseWriter, error)
	AcceptStream() (connCloseWriter, error)
	AcceptStreamType() (connCloseWriter, MessageType, error)
	GetConfig() TunnelConfig
	Request(req interface{}) (interface{}, error)
	HandleRequests(callback func(interface{}) interface{}) error
	SendDatagram(msg []byte, srcAddr, dstAddr net.Addr) error
	ReceiveDatagram() ([]byte, net.Addr, net.Addr, error)
	Events() chan TunnelEvent
}

type TunnelConfig 

type TunnelConfig struct {
	Domain           string `json:"domain"`
	TerminationType  string `json:"termination_type"`
	UseProxyProtocol bool   `json:"use_proxy_protocol"`
	ClientName       string `json:"client_name"`
}

type TunnelConnectedEvent 

type TunnelConnectedEvent struct {
	TunnelConfig TunnelConfig
}

type TunnelEvent 

type TunnelEvent interface{}

type TunnelEventClose 

type TunnelEventClose struct{}

type TunnelRequest 

type TunnelRequest struct {
	Token            string `json:"token"`
	TerminationType  string `json:"termination_type"`
	UseProxyProtocol bool   `json:"use_proxy_protocol"`
	ClientName       string `json:"client_name"`
}

type TunnelType 

type TunnelType string

type UDPConn 

type UDPConn struct {
	// contains filtered or unexported fields
}

func (*UDPConn) ReadFromUDP 

func (c *UDPConn) ReadFromUDP(buf []byte) (int, *net.UDPAddr, error)

func (*UDPConn) WriteToUDP 

func (c *UDPConn) WriteToUDP(p []byte, addr *net.UDPAddr) (int, error)

type WebTransportTunnel 

type WebTransportTunnel struct {
	// contains filtered or unexported fields
}

func NewWebTransportClientTunnel 

func NewWebTransportClientTunnel(tunnelReq TunnelRequest) (*WebTransportTunnel, error)

func NewWebTransportServerTunnel 

func NewWebTransportServerTunnel(
	w http.ResponseWriter,
	r *http.Request,
	wtServer webtransport.Server,
	jose *josencillo.JOSE,
	public bool,
	tunnelDomains []string,
) (*WebTransportTunnel, error)

func (*WebTransportTunnel) AcceptStream 

func (t *WebTransportTunnel) AcceptStream() (connCloseWriter, error)

func (*WebTransportTunnel) AcceptStreamType 

func (t *WebTransportTunnel) AcceptStreamType() (connCloseWriter, MessageType, error)

func (*WebTransportTunnel) Events 

func (t *WebTransportTunnel) Events() chan TunnelEvent

func (*WebTransportTunnel) GetConfig 

func (t *WebTransportTunnel) GetConfig() TunnelConfig

func (*WebTransportTunnel) HandleRequests 

func (t *WebTransportTunnel) HandleRequests(callback func(interface{}) interface{}) error

func (*WebTransportTunnel) OpenStream 

func (t *WebTransportTunnel) OpenStream() (connCloseWriter, error)

func (*WebTransportTunnel) OpenStreamType 

func (t *WebTransportTunnel) OpenStreamType(msgType MessageType) (connCloseWriter, error)

func (*WebTransportTunnel) ReceiveDatagram 

func (t *WebTransportTunnel) ReceiveDatagram() ([]byte, net.Addr, net.Addr, error)

func (*WebTransportTunnel) Request 

func (t *WebTransportTunnel) Request(req interface{}) (interface{}, error)

func (*WebTransportTunnel) SendDatagram 

func (t *WebTransportTunnel) SendDatagram(msg []byte, srcAddr, dstAdd net.Addr) error

type Words 

type Words struct {
	Adjectives []string `json:"adjectives"`
	Colors     []string `json:"colors"`
	Animals    []string `json:"animals"`
}

Source Files

View all Source files

Directories

Path Synopsis
cmd
waygate command
waygate-gui command
examples
listen_specific_domain command
minimal_client command
tcp_listen command
udp_dial command
udp_listen command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.