Merge remote-tracking branch 'origin/master' into multiport

2025-12-18 12:58:27 +01:00 · 2023-05-03 10:50:06 -04:00
parent e71059a410 397fe5f879
commit 28ecfcbc03
46 changed files with 1371 additions and 173 deletions
--- a/interface.go
+++ b/interface.go
@@ -16,6 +16,7 @@ import (
 	"github.com/slackhq/nebula/cert"
 	"github.com/slackhq/nebula/config"
 	"github.com/slackhq/nebula/firewall"
+	"github.com/slackhq/nebula/header"
 	"github.com/slackhq/nebula/iputil"
 	"github.com/slackhq/nebula/overlay"
 	"github.com/slackhq/nebula/udp"
@@ -101,6 +102,18 @@ type MultiPortConfig struct {
 	TxHandshakeDelay int
 }

+type EncWriter interface {
+	SendVia(via *HostInfo,
+		relay *Relay,
+		ad,
+		nb,
+		out []byte,
+		nocopy bool,
+	)
+	SendMessageToVpnIp(t header.MessageType, st header.MessageSubType, vpnIp iputil.VpnIp, p, nb, out []byte)
+	Handshake(vpnIp iputil.VpnIp)
+}
+
 type sendRecvErrorConfig uint8

 const (
@@ -252,7 +265,7 @@ func (f *Interface) listenOut(i int) {

 	lhh := f.lightHouse.NewRequestHandler()
 	conntrackCache := firewall.NewConntrackCacheTicker(f.conntrackCacheTimeout)
-	li.ListenOut(f.readOutsidePackets, lhh.HandleRequest, conntrackCache, i)
+	li.ListenOut(readOutsidePackets(f), lhHandleRequest(lhh, f), conntrackCache, i)
 }

 func (f *Interface) listenIn(reader io.ReadWriteCloser, i int) {
@@ -396,6 +409,8 @@ func (f *Interface) emitStats(ctx context.Context, i time.Duration) {

 	var rawStats func()

+	certExpirationGauge := metrics.GetOrRegisterGauge("certificate.ttl_seconds", nil)
+
 	for {
 		select {
 		case <-ctx.Done():
@@ -410,6 +425,7 @@ func (f *Interface) emitStats(ctx context.Context, i time.Duration) {
 				}
 				rawStats()
 			}
+			certExpirationGauge.Update(int64(f.certState.Load().certificate.Details.NotAfter.Sub(time.Now()) / time.Second))
 		}
 	}
 }