|
|
@ -16,6 +16,7 @@ import (
|
|
|
|
"time"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
|
|
"golang.org/x/crypto/nacl/box"
|
|
|
|
"golang.org/x/crypto/nacl/box"
|
|
|
|
|
|
|
|
"golang.org/x/time/rate"
|
|
|
|
"tailscale.com/types/key"
|
|
|
|
"tailscale.com/types/key"
|
|
|
|
"tailscale.com/types/logger"
|
|
|
|
"tailscale.com/types/logger"
|
|
|
|
)
|
|
|
|
)
|
|
|
@ -34,6 +35,7 @@ type Client struct {
|
|
|
|
|
|
|
|
|
|
|
|
wmu sync.Mutex // hold while writing to bw
|
|
|
|
wmu sync.Mutex // hold while writing to bw
|
|
|
|
bw *bufio.Writer
|
|
|
|
bw *bufio.Writer
|
|
|
|
|
|
|
|
rate *rate.Limiter // if non-nil, rate limiter to use
|
|
|
|
|
|
|
|
|
|
|
|
// Owned by Recv:
|
|
|
|
// Owned by Recv:
|
|
|
|
peeked int // bytes to discard on next Recv
|
|
|
|
peeked int // bytes to discard on next Recv
|
|
|
@ -217,7 +219,12 @@ func (c *Client) send(dstKey key.Public, pkt []byte) (ret error) {
|
|
|
|
|
|
|
|
|
|
|
|
c.wmu.Lock()
|
|
|
|
c.wmu.Lock()
|
|
|
|
defer c.wmu.Unlock()
|
|
|
|
defer c.wmu.Unlock()
|
|
|
|
|
|
|
|
if c.rate != nil {
|
|
|
|
|
|
|
|
pktLen := frameHeaderLen + len(dstKey) + len(pkt)
|
|
|
|
|
|
|
|
if !c.rate.AllowN(time.Now(), pktLen) {
|
|
|
|
|
|
|
|
return nil // drop
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
if err := writeFrameHeader(c.bw, frameSendPacket, uint32(len(dstKey)+len(pkt))); err != nil {
|
|
|
|
if err := writeFrameHeader(c.bw, frameSendPacket, uint32(len(dstKey)+len(pkt))); err != nil {
|
|
|
|
return err
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -353,7 +360,22 @@ type PeerPresentMessage key.Public
|
|
|
|
func (PeerPresentMessage) msg() {}
|
|
|
|
func (PeerPresentMessage) msg() {}
|
|
|
|
|
|
|
|
|
|
|
|
// ServerInfoMessage is sent by the server upon first connect.
|
|
|
|
// ServerInfoMessage is sent by the server upon first connect.
|
|
|
|
type ServerInfoMessage struct{}
|
|
|
|
type ServerInfoMessage struct {
|
|
|
|
|
|
|
|
// TokenBucketBytesPerSecond is how many bytes per second the
|
|
|
|
|
|
|
|
// server says it will accept, including all framing bytes.
|
|
|
|
|
|
|
|
//
|
|
|
|
|
|
|
|
// Zero means unspecified. There might be a limit, but the
|
|
|
|
|
|
|
|
// client need not try to respect it.
|
|
|
|
|
|
|
|
TokenBucketBytesPerSecond int
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// TokenBucketBytesBurst is how many bytes the server will
|
|
|
|
|
|
|
|
// allow to burst, temporarily violating
|
|
|
|
|
|
|
|
// TokenBucketBytesPerSecond.
|
|
|
|
|
|
|
|
//
|
|
|
|
|
|
|
|
// Zero means unspecified. There might be a limit, but the
|
|
|
|
|
|
|
|
// client need not try to respect it.
|
|
|
|
|
|
|
|
TokenBucketBytesBurst int
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (ServerInfoMessage) msg() {}
|
|
|
|
func (ServerInfoMessage) msg() {}
|
|
|
|
|
|
|
|
|
|
|
@ -475,12 +497,16 @@ func (c *Client) recvTimeout(timeout time.Duration) (m ReceivedMessage, err erro
|
|
|
|
// needing to wait an RTT to discover the version at startup.
|
|
|
|
// needing to wait an RTT to discover the version at startup.
|
|
|
|
// We'd prefer to give the connection to the client (magicsock)
|
|
|
|
// We'd prefer to give the connection to the client (magicsock)
|
|
|
|
// to start writing as soon as possible.
|
|
|
|
// to start writing as soon as possible.
|
|
|
|
_, err := c.parseServerInfo(b)
|
|
|
|
si, err := c.parseServerInfo(b)
|
|
|
|
if err != nil {
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("invalid server info frame: %v", err)
|
|
|
|
return nil, fmt.Errorf("invalid server info frame: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// TODO: add the results of parseServerInfo to ServerInfoMessage if we ever need it.
|
|
|
|
sm := ServerInfoMessage{
|
|
|
|
return ServerInfoMessage{}, nil
|
|
|
|
TokenBucketBytesPerSecond: si.TokenBucketBytesPerSecond,
|
|
|
|
|
|
|
|
TokenBucketBytesBurst: si.TokenBucketBytesBurst,
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
c.setSendRateLimiter(sm)
|
|
|
|
|
|
|
|
return sm, nil
|
|
|
|
case frameKeepAlive:
|
|
|
|
case frameKeepAlive:
|
|
|
|
// A one-way keep-alive message that doesn't require an acknowledgement.
|
|
|
|
// A one-way keep-alive message that doesn't require an acknowledgement.
|
|
|
|
// This predated framePing/framePong.
|
|
|
|
// This predated framePing/framePong.
|
|
|
@ -537,3 +563,16 @@ func (c *Client) recvTimeout(timeout time.Duration) (m ReceivedMessage, err erro
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (c *Client) setSendRateLimiter(sm ServerInfoMessage) {
|
|
|
|
|
|
|
|
c.wmu.Lock()
|
|
|
|
|
|
|
|
defer c.wmu.Unlock()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if sm.TokenBucketBytesPerSecond == 0 {
|
|
|
|
|
|
|
|
c.rate = nil
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
c.rate = rate.NewLimiter(
|
|
|
|
|
|
|
|
rate.Limit(sm.TokenBucketBytesPerSecond),
|
|
|
|
|
|
|
|
sm.TokenBucketBytesBurst)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|