ipn/ipnlocal: pull out dns.Config construction to its own func

In prep for other bug fixes & tests. It's hard to test when it was
intermingled into LocalBackend.authReconfig.

Now it's a pure function.

And rename variable 'uc' (user config?) to the since idiomatic
'prefs'.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
pull/2806/head
Brad Fitzpatrick 3 years ago committed by Brad Fitzpatrick
parent b2a3d1da13
commit 2bb0eb5f7e

@ -1728,7 +1728,7 @@ func (b *LocalBackend) blockEngineUpdates(block bool) {
func (b *LocalBackend) authReconfig() { func (b *LocalBackend) authReconfig() {
b.mu.Lock() b.mu.Lock()
blocked := b.blocked blocked := b.blocked
uc := b.prefs prefs := b.prefs
nm := b.netMap nm := b.netMap
hasPAC := b.prevIfState.HasPAC() hasPAC := b.prevIfState.HasPAC()
disableSubnetsIfPAC := nm != nil && nm.Debug != nil && nm.Debug.DisableSubnetsIfPAC.EqualBool(true) disableSubnetsIfPAC := nm != nil && nm.Debug != nil && nm.Debug.DisableSubnetsIfPAC.EqualBool(true)
@ -1742,16 +1742,16 @@ func (b *LocalBackend) authReconfig() {
b.logf("authReconfig: netmap not yet valid. Skipping.") b.logf("authReconfig: netmap not yet valid. Skipping.")
return return
} }
if !uc.WantRunning { if !prefs.WantRunning {
b.logf("authReconfig: skipping because !WantRunning.") b.logf("authReconfig: skipping because !WantRunning.")
return return
} }
var flags netmap.WGConfigFlags var flags netmap.WGConfigFlags
if uc.RouteAll { if prefs.RouteAll {
flags |= netmap.AllowSubnetRoutes flags |= netmap.AllowSubnetRoutes
} }
if uc.AllowSingleHosts { if prefs.AllowSingleHosts {
flags |= netmap.AllowSingleHosts flags |= netmap.AllowSingleHosts
} }
if hasPAC && disableSubnetsIfPAC { if hasPAC && disableSubnetsIfPAC {
@ -1761,15 +1761,26 @@ func (b *LocalBackend) authReconfig() {
} }
} }
cfg, err := nmcfg.WGCfg(nm, b.logf, flags, uc.ExitNodeID) cfg, err := nmcfg.WGCfg(nm, b.logf, flags, prefs.ExitNodeID)
if err != nil { if err != nil {
b.logf("wgcfg: %v", err) b.logf("wgcfg: %v", err)
return return
} }
rcfg := b.routerConfig(cfg, uc) rcfg := b.routerConfig(cfg, prefs)
dcfg := dnsConfigForNetmap(nm, prefs, b.logf)
err = b.e.Reconfig(cfg, rcfg, dcfg, nm.Debug)
if err == wgengine.ErrNoChanges {
return
}
b.logf("[v1] authReconfig: ra=%v dns=%v 0x%02x: %v", prefs.RouteAll, prefs.CorpDNS, flags, err)
b.initPeerAPIListener()
}
dcfg := dns.Config{ func dnsConfigForNetmap(nm *netmap.NetworkMap, prefs *ipn.Prefs, logf logger.Logf) *dns.Config {
dcfg := &dns.Config{
Routes: map[dnsname.FQDN][]dnstype.Resolver{}, Routes: map[dnsname.FQDN][]dnstype.Resolver{},
Hosts: map[dnsname.FQDN][]netaddr.IP{}, Hosts: map[dnsname.FQDN][]netaddr.IP{},
} }
@ -1827,7 +1838,7 @@ func (b *LocalBackend) authReconfig() {
dcfg.Hosts[fqdn] = append(dcfg.Hosts[fqdn], ip) dcfg.Hosts[fqdn] = append(dcfg.Hosts[fqdn], ip)
} }
if uc.CorpDNS { if prefs.CorpDNS {
addDefault := func(resolvers []dnstype.Resolver) { addDefault := func(resolvers []dnstype.Resolver) {
for _, r := range resolvers { for _, r := range resolvers {
dcfg.DefaultResolvers = append(dcfg.DefaultResolvers, normalizeResolver(r)) dcfg.DefaultResolvers = append(dcfg.DefaultResolvers, normalizeResolver(r))
@ -1838,7 +1849,7 @@ func (b *LocalBackend) authReconfig() {
for suffix, resolvers := range nm.DNS.Routes { for suffix, resolvers := range nm.DNS.Routes {
fqdn, err := dnsname.ToFQDN(suffix) fqdn, err := dnsname.ToFQDN(suffix)
if err != nil { if err != nil {
b.logf("[unexpected] non-FQDN route suffix %q", suffix) logf("[unexpected] non-FQDN route suffix %q", suffix)
} }
// Create map entry even if len(resolvers) == 0; Issue 2706. // Create map entry even if len(resolvers) == 0; Issue 2706.
@ -1858,7 +1869,7 @@ func (b *LocalBackend) authReconfig() {
for _, dom := range nm.DNS.Domains { for _, dom := range nm.DNS.Domains {
fqdn, err := dnsname.ToFQDN(dom) fqdn, err := dnsname.ToFQDN(dom)
if err != nil { if err != nil {
b.logf("[unexpected] non-FQDN search domain %q", dom) logf("[unexpected] non-FQDN search domain %q", dom)
} }
dcfg.SearchDomains = append(dcfg.SearchDomains, fqdn) dcfg.SearchDomains = append(dcfg.SearchDomains, fqdn)
} }
@ -1875,7 +1886,7 @@ func (b *LocalBackend) authReconfig() {
switch { switch {
case len(dcfg.DefaultResolvers) != 0: case len(dcfg.DefaultResolvers) != 0:
// Default resolvers already set. // Default resolvers already set.
case !uc.ExitNodeID.IsZero(): case !prefs.ExitNodeID.IsZero():
// When using exit nodes, it's very likely the LAN // When using exit nodes, it's very likely the LAN
// resolvers will become unreachable. So, force use of the // resolvers will become unreachable. So, force use of the
// fallback resolvers until we implement DNS forwarding to // fallback resolvers until we implement DNS forwarding to
@ -1895,14 +1906,7 @@ func (b *LocalBackend) authReconfig() {
addDefault(nm.DNS.FallbackResolvers) addDefault(nm.DNS.FallbackResolvers)
} }
} }
return dcfg
err = b.e.Reconfig(cfg, rcfg, &dcfg, nm.Debug)
if err == wgengine.ErrNoChanges {
return
}
b.logf("[v1] authReconfig: ra=%v dns=%v 0x%02x: %v", uc.RouteAll, uc.CorpDNS, flags, err)
b.initPeerAPIListener()
} }
func normalizeResolver(cfg dnstype.Resolver) dnstype.Resolver { func normalizeResolver(cfg dnstype.Resolver) dnstype.Resolver {

Loading…
Cancel
Save