Copyright 2017 Gravitational, Inc.

CheckCompatibilityFlag check that the compatibility flag is valid.

Consolef prints the same message to a 'ui console' (if defined) and also to the logger with INFO priority.

CopyStringMap makes a deep copy of a map[string]string and returns the copy.

CopyStringMapInterface makes a deep copy of the passed in map[string]interface{} and returns the copy.

CopyStringMapSlices makes a deep copy of the passed in map[string][]string and returns the copy.

CopyStrings makes a deep copy of the passed in string slice and returns the copy.

CreateTLSConfiguration sets up default TLS configuration.

CryptoRandomHex returns hex encoded random string generated with crypto-strong pseudo random generator of the given bytes.

Deduplicate deduplicates list of strings.

DualPipeAddrConn creates a net.Pipe to connect a client and a server.

FatalError is for CLI front-ends: it detects gravitational/trace debugging information, sends it to the logger, strips it off and prints a clean message to stderr.

FromAddr returns NetAddr from golang standard net.Addr.

GenerateOTPURL returns a OTP Key URL that can be used to construct a HOTP or TOTP key.

GenerateQRCode takes in a OTP Key URL and returns a PNG-encoded QR code.

GenerateSelfSignedCert generates a self signed certificate that is valid for given domain names and ips, returns PEM-encoded bytes with key and cert.

GenerateSelfSignedSigningCert generates self-signed certificate used for digital signatures.

GetFreeTCPPorts returns n ports starting from port 20000.

GuessIP tries to guess an IP address this machine is reachable at on the internal network, always picking IPv4 from the internal address space If no internal IPs are found, it returns 127.0.0.1 but it never returns an address from the public IP space.

HumanTimeFormat formats time as recognized by humans.

InitCLIParser configures kingpin command line args parser with some defaults common for all Teleport CLI tools.

InitLogger configures the global logger for a given purpose / verbosity level.

InterfaceMapsEqual returns true if two interface maps are equal.

IsDir is a helper function to quickly check if a given path is a valid directory.

IsFile returns true if a given file path points to an existing file.

IsGroupMember returns whether currently logged user is a member of a group.

IsHandshakeFailedError specifies whether this error indicates failed handshake.

IsLocalhost returns true if this is a local hostname or ip.

IsLoopback returns 'true' if a given hostname resolves to local host's loopback interface.

IsSelfSigned checks if the certificate is a self-signed certificate.

IsShellFailedError specifies whether this error indicates failed attempt to start shell.

ListenTLS sets up TLS listener for the http handler, starts listening on a TCP socket and returns the socket which is ready to be used for http.Serve.

MinTTL finds min non 0 TTL duration, if both durations are 0, fails.

MultiCloser implements io.Close, it sequentially calls Close() on each object.

MustParseAddr parses the provided string into NetAddr or panics on an error.

NewCloseBroadcaster returns new instance of close broadcaster.

NewCloserConn returns new connection wrapper that when closed will also close passed closers.

NewFileAddrStorage returns new instance of file-based address storage.

NewLoadBalancer returns new load balancer listening on frontend and redirecting requests to backends using round robin algo.

NewSwitchTicker returns new instance of the switch ticker.

NormalizePath normalises path, evaluating symlinks and converting local paths to absolute.

ObeyIdleTimeout wraps an existing network connection with timeout-obeying Write() and Read() - it will drop the connection after 'timeout' on idle Example: ObeyIdletimeout(conn, time.Second * 60, "api server").

ObjectToStruct is converts any structure into JSON and then unmarshalls it into another structure.

OpenFile opens file and returns file handle.

ParseAddr takes strings like "tcp://host:port/path" and returns *NetAddr or an error.

ParseCertificatePEM parses PEM-encoded certificate.

ParseCertificateRequestPEM parses PEM-encoded certificate signing request.

ParseHostPortAddr takes strings like "host:port" and returns *NetAddr or an error If defaultPort == -1 it expects 'hostport' string to have it.

ParseOnOff parses whether value is "on" or "off", parameterName is passed for error reporting purposes, defaultValue is returned when no value is set.

ParsePrivateKeyDER parses unencrypted DER-encoded private key.

ParsePrivateKeyPEM parses PEM-encoded private key.

ParseSigningKeyStore parses signing key store from PEM encoded key pair.

PrintVersion prints human readable version.

RandomDuration returns a duration in a range [0, max).

ReadAll is similarl to ioutil.ReadAll, except it doesn't use ever-increasing internal buffer, instead asking for the exact buffer size.

ReadCertificateChain parses PEM encoded bytes that can contain one or multiple certificates and returns a slice of x509.Certificate.

ReadEnvironmentFile will read environment variables from a passed in location.

ReadHostUUID reads host UUID from the file in the data dir.

ReadOrMakeHostUUID looks for a hostid file in the data dir.

ReplaceLocalhost checks if a given address is link-local (like 0.0.0.0 or 127.0.0.1) and replaces it with the IP taken from replaceWith, preserving the original port Both addresses are in "host:port" format The function returns the original value if it encounters any problems with parsing.

Roundtrip is a single connection simplistic HTTP client that allows us to bypass a connection pool to test load balancing used in tests, as it only supports GET request on /.

RoundtripWithConn uses HTTP GET on the existing connection, used in tests as it only performs GET request on /.

SliceContainsStr returns 'true' if the slice contains the given value.

SplitHostPort splits host and port and checks that host is not empty.

StatDir stats directory, returns error if file exists, but not a directory.

StringMapsEqual returns true if two strings maps are equal.

StringMapSlicesEqual returns true if two maps of string slices are equal.

StringSlicesEqual returns true if string slices equal.

SwitchLoggingtoSyslog tells the logger to send the output to syslog.

TLSConfig returns default TLS configuration with strict TLS settings configured (e.g.

ToJSON converts a single YAML document into a JSON document or returns an error.

ToTTL converts expiration time to TTL duration relative to current time as provided by clock.

UnmarshalWithSchema processes YAML or JSON encoded object with JSON schema, sets defaults and unmarshals resulting object into given struct.

UserMessageFromError returns user friendly error message from error.

UTC converts time to UTC timezone.

VerifyCertificateChain reads in chain of certificates and makes sure the chain from leaf to root is valid.

WriteHostUUID writes host UUID into a file.

CertExtensionAuthority specifies teleport authority's name that signed this domain.

CertExtensionRole specifies teleport role.

CertTeleportClusterName is a name of the teleport cluster.

CertTeleportUser specifies teleport user.

CertTeleportUserCA specifies teleport certificate authority.

CertTeleportUserCertificate is the certificate of the authenticated in user.

DefaultCertTTL sets the TTL of the self-signed certificate (1 year).

DefaultLRUCapacity is a capacity for LRU session cache.

HostUUIDFile is the file name where the host UUID file is stored.

HumanTimeFormatString is a human readable date formatting.

CloseBroadcaster is a helper struct that implements io.Closer and uses channel to broadcast it's closed state once called.

CloserConn wraps connection and attaches additional closers to it.

FileAddrStorage is a file based address storage.

LoadBalancer implements naive round robin TCP load balancer used in tests.

NetAddr is network address that includes network, optional path and host port.

PipeNetConn implemetns net.Conn from io.Reader,io.Writer and io.Closer.

RemoveDirCloser removes directory and all it's contents when Close is called.

SigningKeyStore is used to sign using X509 digital signatures.

SwitchTicker switches between slow and fast ticker based on the number of failures.

TimeoutConn wraps an existing net.Conn and adds read/write timeouts for it, allowing to implement "disconnect after XX of idle time" policy Usage example: tc := utils.ObeyIdleTimeout(conn, time.Second * 30, "ssh connection") io.Copy(tc, xxx) .

TLSCredentials keeps the typical 3 components of a proper HTTPS configuration.

WebSockWrapper wraps the raw websocket and converts Write() calls to proper websocket.Send() working in binary or text mode.

AddrStorage is used to store information locally for every client that connects in the cluster, so it can always have up-to-date info about auth servers.

NetAddrList is a list of NetAddrs that supports helper methods for parsing from CLI tools.

NetAddrVal can be used with flag package.

PortList is a list of TCP port.

WebSocketMode allows to create WebSocket wrappers working in text or binary mode.