iroh_relay/lib.rs
1//! Iroh's relay is a feature within [iroh](https://github.com/n0-computer/iroh), a peer-to-peer
2//! networking system designed to facilitate direct, encrypted connections between devices. Iroh
3//! aims to simplify decentralized communication by automatically handling connections through
4//! "relays" when direct connections aren't immediately possible. The relay server helps establish
5//! connections by temporarily routing encrypted traffic until a direct, P2P connection is
6//! feasible. Once this direct path is set up, the relay server steps back, and the data flows
7//! directly between devices. This approach allows Iroh to maintain a secure, low-latency
8//! connection, even in challenging network situations.
9//!
10//! This crate provides a complete setup for creating and interacting with iroh relays, including:
11//! - [`protos::relay`]: The protocol used to communicate between relay servers and clients. It's a
12//! revised version of the Designated Encrypted Relay for Packets (DERP) protocol written by
13//! Tailscale.
14#![cfg_attr(
15 feature = "server",
16 doc = "- [`server`]: A fully-fledged iroh-relay server over HTTP or HTTPS."
17)]
18#![cfg_attr(
19 not(feature = "server"),
20 doc = "- `server`: A fully-fledged iroh-relay server over HTTP or HTTPS."
21)]
22//!
23//! Optionally will also expose a QAD endpoint and metrics. (requires the feature flag `server`)
24//! - [`client`]: A client for establishing connections to the relay.
25//! - *Server Binary*: A CLI for running your own relay server. It can be configured to also offer
26//! QAD support and expose metrics.
27// Based on tailscale/derp/derp.go
28
29#![cfg_attr(iroh_docsrs, feature(doc_cfg))]
30#![deny(missing_docs, rustdoc::broken_intra_doc_links)]
31#![cfg_attr(not(test), deny(clippy::unwrap_used))]
32
33pub mod client;
34pub mod defaults;
35pub mod http;
36pub mod protos;
37pub mod quic;
38#[cfg(feature = "server")]
39pub mod server;
40
41mod ping_tracker;
42
43mod key_cache;
44mod relay_map;
45pub(crate) use key_cache::KeyCache;
46
47#[cfg(not(wasm_browser))]
48pub mod dns;
49pub mod endpoint_info;
50
51pub use protos::relay::MAX_PACKET_SIZE;
52
53pub use self::{
54 ping_tracker::PingTracker,
55 relay_map::{RelayConfig, RelayMap, RelayQuicConfig},
56};
57
58/// This trait allows anything that ends up potentially
59/// wrapping a TLS stream use the underlying [`export_keying_material`]
60/// function.
61///
62/// [`export_keying_material`]: rustls::ConnectionCommon::export_keying_material
63pub(crate) trait ExportKeyingMaterial {
64 /// If this type ends up wrapping a TLS stream, then this tries
65 /// to export keying material by calling the underlying [`export_keying_material`]
66 /// function.
67 ///
68 /// However unlike that function, this returns `Option`, in case the
69 /// underlying stream might not be wrapping TLS, e.g. as in the case of
70 /// [`MaybeTlsStream`].
71 ///
72 /// For more information on what this function does, see the
73 /// [`export_keying_material`] documentation.
74 ///
75 /// [`export_keying_material`]: rustls::ConnectionCommon::export_keying_material
76 /// [`MaybeTlsStream`]: crate::client::streams::MaybeTlsStream
77 #[cfg_attr(wasm_browser, allow(unused))]
78 fn export_keying_material<T: AsMut<[u8]>>(
79 &self,
80 output: T,
81 label: &[u8],
82 context: Option<&[u8]>,
83 ) -> Option<T>;
84}