ipn/ipnlocal: pull out dns.Config construction to its own func

In prep for other bug fixes & tests. It's hard to test when it was
intermingled into LocalBackend.authReconfig.

Now it's a pure function.

And rename variable 'uc' (user config?) to the since idiomatic
'prefs'.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
pull/2806/head
Brad Fitzpatrick 3 years ago committed by Brad Fitzpatrick
parent b2a3d1da13
commit 2bb0eb5f7e

@ -1728,7 +1728,7 @@ func (b *LocalBackend) blockEngineUpdates(block bool) {
func (b *LocalBackend) authReconfig() {
b.mu.Lock()
blocked := b.blocked
uc := b.prefs
prefs := b.prefs
nm := b.netMap
hasPAC := b.prevIfState.HasPAC()
disableSubnetsIfPAC := nm != nil && nm.Debug != nil && nm.Debug.DisableSubnetsIfPAC.EqualBool(true)
@ -1742,16 +1742,16 @@ func (b *LocalBackend) authReconfig() {
b.logf("authReconfig: netmap not yet valid. Skipping.")
return
}
if !uc.WantRunning {
if !prefs.WantRunning {
b.logf("authReconfig: skipping because !WantRunning.")
return
}
var flags netmap.WGConfigFlags
if uc.RouteAll {
if prefs.RouteAll {
flags |= netmap.AllowSubnetRoutes
}
if uc.AllowSingleHosts {
if prefs.AllowSingleHosts {
flags |= netmap.AllowSingleHosts
}
if hasPAC && disableSubnetsIfPAC {
@ -1761,15 +1761,26 @@ func (b *LocalBackend) authReconfig() {
}
}
cfg, err := nmcfg.WGCfg(nm, b.logf, flags, uc.ExitNodeID)
cfg, err := nmcfg.WGCfg(nm, b.logf, flags, prefs.ExitNodeID)
if err != nil {
b.logf("wgcfg: %v", err)
return
}
rcfg := b.routerConfig(cfg, uc)
rcfg := b.routerConfig(cfg, prefs)
dcfg := dnsConfigForNetmap(nm, prefs, b.logf)
err = b.e.Reconfig(cfg, rcfg, dcfg, nm.Debug)
if err == wgengine.ErrNoChanges {
return
}
b.logf("[v1] authReconfig: ra=%v dns=%v 0x%02x: %v", prefs.RouteAll, prefs.CorpDNS, flags, err)
b.initPeerAPIListener()
}
dcfg := dns.Config{
func dnsConfigForNetmap(nm *netmap.NetworkMap, prefs *ipn.Prefs, logf logger.Logf) *dns.Config {
dcfg := &dns.Config{
Routes: map[dnsname.FQDN][]dnstype.Resolver{},
Hosts: map[dnsname.FQDN][]netaddr.IP{},
}
@ -1827,7 +1838,7 @@ func (b *LocalBackend) authReconfig() {
dcfg.Hosts[fqdn] = append(dcfg.Hosts[fqdn], ip)
}
if uc.CorpDNS {
if prefs.CorpDNS {
addDefault := func(resolvers []dnstype.Resolver) {
for _, r := range resolvers {
dcfg.DefaultResolvers = append(dcfg.DefaultResolvers, normalizeResolver(r))
@ -1838,7 +1849,7 @@ func (b *LocalBackend) authReconfig() {
for suffix, resolvers := range nm.DNS.Routes {
fqdn, err := dnsname.ToFQDN(suffix)
if err != nil {
b.logf("[unexpected] non-FQDN route suffix %q", suffix)
logf("[unexpected] non-FQDN route suffix %q", suffix)
}
// Create map entry even if len(resolvers) == 0; Issue 2706.
@ -1858,7 +1869,7 @@ func (b *LocalBackend) authReconfig() {
for _, dom := range nm.DNS.Domains {
fqdn, err := dnsname.ToFQDN(dom)
if err != nil {
b.logf("[unexpected] non-FQDN search domain %q", dom)
logf("[unexpected] non-FQDN search domain %q", dom)
}
dcfg.SearchDomains = append(dcfg.SearchDomains, fqdn)
}
@ -1875,7 +1886,7 @@ func (b *LocalBackend) authReconfig() {
switch {
case len(dcfg.DefaultResolvers) != 0:
// Default resolvers already set.
case !uc.ExitNodeID.IsZero():
case !prefs.ExitNodeID.IsZero():
// When using exit nodes, it's very likely the LAN
// resolvers will become unreachable. So, force use of the
// fallback resolvers until we implement DNS forwarding to
@ -1895,14 +1906,7 @@ func (b *LocalBackend) authReconfig() {
addDefault(nm.DNS.FallbackResolvers)
}
}
err = b.e.Reconfig(cfg, rcfg, &dcfg, nm.Debug)
if err == wgengine.ErrNoChanges {
return
}
b.logf("[v1] authReconfig: ra=%v dns=%v 0x%02x: %v", uc.RouteAll, uc.CorpDNS, flags, err)
b.initPeerAPIListener()
return dcfg
}
func normalizeResolver(cfg dnstype.Resolver) dnstype.Resolver {

Loading…
Cancel
Save