mirror of
https://github.com/juanfont/headscale.git
synced 2025-01-04 00:09:34 +01:00
67 lines
1.7 KiB
Go
67 lines
1.7 KiB
Go
|
package headscale
|
||
|
|
||
|
import (
|
||
|
"encoding/json"
|
||
|
"net/http"
|
||
|
"strconv"
|
||
|
|
||
|
"github.com/rs/zerolog/log"
|
||
|
"tailscale.com/tailcfg"
|
||
|
)
|
||
|
|
||
|
// KeyHandler provides the Headscale pub key
|
||
|
// Listens in /key.
|
||
|
func (h *Headscale) KeyHandler(
|
||
|
writer http.ResponseWriter,
|
||
|
req *http.Request,
|
||
|
) {
|
||
|
// New Tailscale clients send a 'v' parameter to indicate the CurrentCapabilityVersion
|
||
|
clientCapabilityStr := req.URL.Query().Get("v")
|
||
|
if clientCapabilityStr != "" {
|
||
|
clientCapabilityVersion, err := strconv.Atoi(clientCapabilityStr)
|
||
|
if err != nil {
|
||
|
writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
|
||
|
writer.WriteHeader(http.StatusBadRequest)
|
||
|
_, err := writer.Write([]byte("Wrong params"))
|
||
|
if err != nil {
|
||
|
log.Error().
|
||
|
Caller().
|
||
|
Err(err).
|
||
|
Msg("Failed to write response")
|
||
|
}
|
||
|
|
||
|
return
|
||
|
}
|
||
|
|
||
|
if clientCapabilityVersion >= NoiseCapabilityVersion {
|
||
|
// Tailscale has a different key for the TS2021 protocol
|
||
|
resp := tailcfg.OverTLSPublicKeyResponse{
|
||
|
LegacyPublicKey: h.privateKey.Public(),
|
||
|
PublicKey: h.noisePrivateKey.Public(),
|
||
|
}
|
||
|
writer.Header().Set("Content-Type", "application/json")
|
||
|
writer.WriteHeader(http.StatusOK)
|
||
|
err = json.NewEncoder(writer).Encode(resp)
|
||
|
if err != nil {
|
||
|
log.Error().
|
||
|
Caller().
|
||
|
Err(err).
|
||
|
Msg("Failed to write response")
|
||
|
}
|
||
|
|
||
|
return
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// Old clients don't send a 'v' parameter, so we send the legacy public key
|
||
|
writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
|
||
|
writer.WriteHeader(http.StatusOK)
|
||
|
_, err := writer.Write([]byte(MachinePublicKeyStripPrefix(h.privateKey.Public())))
|
||
|
if err != nil {
|
||
|
log.Error().
|
||
|
Caller().
|
||
|
Err(err).
|
||
|
Msg("Failed to write response")
|
||
|
}
|
||
|
}
|