control/controlclient: rename uflags, give it a type, remove dead code

pull/590/head
Brad Fitzpatrick 4 years ago
parent 32ecdea157
commit 3b0514ef6d

@ -161,35 +161,21 @@ func (nm *NetworkMap) JSON() string {
return string(b) return string(b)
} }
const ( // WGConfigFlags is a bitmask of flags to control the behavior of the
UAllowSingleHosts = 1 << iota // wireguard configuration generation done by NetMap.WGCfg.
UAllowSubnetRoutes type WGConfigFlags int
UAllowDefaultRoute
UHackDefaultRoute
UDefault = 0 const (
AllowSingleHosts WGConfigFlags = 1 << iota
AllowSubnetRoutes
AllowDefaultRoute
HackDefaultRoute
) )
// Several programs need to parse these arguments into uflags, so let's
// centralize it here.
func UFlagsHelper(uroutes, rroutes, droutes bool) int {
uflags := 0
if uroutes {
uflags |= UAllowSingleHosts
}
if rroutes {
uflags |= UAllowSubnetRoutes
}
if droutes {
uflags |= UAllowDefaultRoute
}
return uflags
}
// TODO(bradfitz): UAPI seems to only be used by the old confnode and // TODO(bradfitz): UAPI seems to only be used by the old confnode and
// pingnode; delete this when those are deleted/rewritten? // pingnode; delete this when those are deleted/rewritten?
func (nm *NetworkMap) UAPI(uflags int, dnsOverride []wgcfg.IP) string { func (nm *NetworkMap) UAPI(flags WGConfigFlags, dnsOverride []wgcfg.IP) string {
wgcfg, err := nm.WGCfg(log.Printf, uflags, dnsOverride) wgcfg, err := nm.WGCfg(log.Printf, flags, dnsOverride)
if err != nil { if err != nil {
log.Fatalf("WGCfg() failed unexpectedly: %v", err) log.Fatalf("WGCfg() failed unexpectedly: %v", err)
} }
@ -206,7 +192,7 @@ func (nm *NetworkMap) UAPI(uflags int, dnsOverride []wgcfg.IP) string {
const EndpointDiscoSuffix = ".disco.tailscale:12345" const EndpointDiscoSuffix = ".disco.tailscale:12345"
// WGCfg returns the NetworkMaps's Wireguard configuration. // WGCfg returns the NetworkMaps's Wireguard configuration.
func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP) (*wgcfg.Config, error) { func (nm *NetworkMap) WGCfg(logf logger.Logf, flags WGConfigFlags, dnsOverride []wgcfg.IP) (*wgcfg.Config, error) {
cfg := &wgcfg.Config{ cfg := &wgcfg.Config{
Name: "tailscale", Name: "tailscale",
PrivateKey: nm.PrivateKey, PrivateKey: nm.PrivateKey,
@ -220,7 +206,7 @@ func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP
if Debug.OnlyDisco && peer.DiscoKey.IsZero() { if Debug.OnlyDisco && peer.DiscoKey.IsZero() {
continue continue
} }
if (uflags&UAllowSingleHosts) == 0 && len(peer.AllowedIPs) < 2 { if (flags&AllowSingleHosts) == 0 && len(peer.AllowedIPs) < 2 {
logf("wgcfg: %v skipping a single-host peer.", peer.Key.ShortString()) logf("wgcfg: %v skipping a single-host peer.", peer.Key.ShortString())
continue continue
} }
@ -249,16 +235,16 @@ func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP
} }
for _, allowedIP := range peer.AllowedIPs { for _, allowedIP := range peer.AllowedIPs {
if allowedIP.Mask == 0 { if allowedIP.Mask == 0 {
if (uflags & UAllowDefaultRoute) == 0 { if (flags & AllowDefaultRoute) == 0 {
logf("wgcfg: %v skipping default route", peer.Key.ShortString()) logf("wgcfg: %v skipping default route", peer.Key.ShortString())
continue continue
} }
if (uflags & UHackDefaultRoute) != 0 { if (flags & HackDefaultRoute) != 0 {
allowedIP = wgcfg.CIDR{IP: wgcfg.IPv4(10, 0, 0, 0), Mask: 8} allowedIP = wgcfg.CIDR{IP: wgcfg.IPv4(10, 0, 0, 0), Mask: 8}
logf("wgcfg: %v converting default route => %v", peer.Key.ShortString(), allowedIP.String()) logf("wgcfg: %v converting default route => %v", peer.Key.ShortString(), allowedIP.String())
} }
} else if allowedIP.Mask < 32 { } else if allowedIP.Mask < 32 {
if (uflags & UAllowSubnetRoutes) == 0 { if (flags & AllowSubnetRoutes) == 0 {
logf("wgcfg: %v skipping subnet route", peer.Key.ShortString()) logf("wgcfg: %v skipping subnet route", peer.Key.ShortString())
continue continue
} }

@ -832,20 +832,20 @@ func (b *LocalBackend) authReconfig() {
return return
} }
uflags := controlclient.UDefault var flags controlclient.WGConfigFlags
if uc.RouteAll { if uc.RouteAll {
uflags |= controlclient.UAllowDefaultRoute flags |= controlclient.AllowDefaultRoute
// TODO(apenwarr): Make subnet routes a different pref? // TODO(apenwarr): Make subnet routes a different pref?
uflags |= controlclient.UAllowSubnetRoutes flags |= controlclient.AllowSubnetRoutes
// TODO(apenwarr): Remove this once we sort out subnet routes. // TODO(apenwarr): Remove this once we sort out subnet routes.
// Right now default routes are broken in Windows, but // Right now default routes are broken in Windows, but
// controlclient doesn't properly send subnet routes. So // controlclient doesn't properly send subnet routes. So
// let's convert a default route into a subnet route in order // let's convert a default route into a subnet route in order
// to allow experimentation. // to allow experimentation.
uflags |= controlclient.UHackDefaultRoute flags |= controlclient.HackDefaultRoute
} }
if uc.AllowSingleHosts { if uc.AllowSingleHosts {
uflags |= controlclient.UAllowSingleHosts flags |= controlclient.AllowSingleHosts
} }
dns := nm.DNS dns := nm.DNS
@ -854,7 +854,7 @@ func (b *LocalBackend) authReconfig() {
dns = []wgcfg.IP{} dns = []wgcfg.IP{}
dom = []string{} dom = []string{}
} }
cfg, err := nm.WGCfg(b.logf, uflags, dns) cfg, err := nm.WGCfg(b.logf, flags, dns)
if err != nil { if err != nil {
b.logf("wgcfg: %v", err) b.logf("wgcfg: %v", err)
return return
@ -864,7 +864,7 @@ func (b *LocalBackend) authReconfig() {
if err == wgengine.ErrNoChanges { if err == wgengine.ErrNoChanges {
return return
} }
b.logf("authReconfig: ra=%v dns=%v 0x%02x: %v", uc.RouteAll, uc.CorpDNS, uflags, err) b.logf("authReconfig: ra=%v dns=%v 0x%02x: %v", uc.RouteAll, uc.CorpDNS, flags, err)
} }
// routerConfig produces a router.Config from a wireguard config, // routerConfig produces a router.Config from a wireguard config,

Loading…
Cancel
Save