Expand description
Taildrop peer-to-peer file transfer store. Taildrop file store — the receiving half of Tailscale’s peer-to-peer file transfer.
A peer sends a file to this node via the peerAPI route PUT /v0/put/<name> (handled in
peerapi). This module owns the on-disk store those puts land in, faithfully mirroring
Go’s taildrop.manager:
- Incoming bytes are written to a per-transfer partial file (
<base>.partial) so an interrupted transfer never exposes a truncated file under its real name, and can be resumed from an offset. - On successful completion the partial is atomically renamed to the final base name. If the
final name already exists, a non-clobbering
(n)suffix is chosen (GonextFilename). - File names are strictly validated (
validate_base_name) to defeat path traversal and reserved-suffix abuse before any path is constructed — this is the security boundary.
§Anti-abuse / safety
Every name is validated to be a single, local, non-traversing path component before it touches
the filesystem; a name containing /, \, .., a NUL, control chars, or the reserved
.partial / .deleted suffixes is rejected with TaildropError::InvalidFileName. The store
root is fixed at construction; all I/O is confined to it by joining only validated base names.
Structs§
- Taildrop
Store - A Taildrop file store rooted at a fixed directory. All operations are confined to this root by
joining only
validate_base_name-validated names. - Waiting
File - A waiting (fully-received) Taildrop file, as reported to the embedder. Mirrors Go
apitype.WaitingFile(default field-name JSON marshalling:Name,Size).
Enums§
- Taildrop
Error - Errors from the Taildrop file store.
Functions§
- validate_
base_ name - Validate a Taildrop base name, mirroring Go
taildrop.validateBaseName.