archive
/
tailscale
mirror of https://github.com/tailscale/tailscale/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

ipn/ipnlocal: fix checks for node-key presence in TKA logic

Browse Source 
Found by tests in another repo. TKA code wasn't always checking enough to be sure a node-key was set for the current state.

Signed-off-by: Tom DNetto <tom@tailscale.com>
pull/6318/head
Tom DNetto 2 years ago committed by Tom
parent 0cc65b4bbe
commit 42855d219b
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File

15
ipn/ipnlocal/network-lock.go
Unescape Escape View File

@ -330,7 +330,7 @@ func (b *LocalBackend) NetworkLockStatus() *ipnstate.NetworkLockStatus {
defer b.mu.Unlock()
var nodeKey *key.NodePublic
if p := b.pm.CurrentPrefs(); p.Valid() {
if p := b.pm.CurrentPrefs(); p.Valid() && p.Persist() != nil && !p.Persist().PrivateNodeKey.IsZero() {
nkp := p.Persist().PublicNodeKey()
nodeKey = &nkp
}
@ -388,7 +388,7 @@ func (b *LocalBackend) NetworkLockInit(keys []tka.Key, disablementValues [][]byt
var ourNodeKey key.NodePublic
b.mu.Lock()
if p := b.pm.CurrentPrefs(); p.Valid() {
if p := b.pm.CurrentPrefs(); p.Valid() && p.Persist() != nil && !p.Persist().PrivateNodeKey.IsZero() {
ourNodeKey = p.Persist().PublicNodeKey()
}
b.mu.Unlock()
@ -516,6 +516,14 @@ func (b *LocalBackend) NetworkLockModify(addKeys, removeKeys []tka.Key) (err err
b.mu.Lock()
defer b.mu.Unlock()
var ourNodeKey key.NodePublic
if p := b.pm.CurrentPrefs(); p.Valid() && p.Persist() != nil && !p.Persist().PrivateNodeKey.IsZero() {
ourNodeKey = p.Persist().PublicNodeKey()
}
if ourNodeKey.IsZero() {
return errors.New("no node-key: is tailscale logged in?")
}
if err := b.CanSupportNetworkLock(); err != nil {
return err
}
@ -545,7 +553,6 @@ func (b *LocalBackend) NetworkLockModify(addKeys, removeKeys []tka.Key) (err err
return nil
}
ourNodeKey := b.pm.CurrentPrefs().Persist().PublicNodeKey()
head := b.tka.authority.Head()
b.mu.Unlock()
resp, err := b.tkaDoSyncSend(ourNodeKey, head, aums, true)
@ -580,7 +587,7 @@ func (b *LocalBackend) NetworkLockDisable(secret []byte) error {
)
b.mu.Lock()
if p := b.pm.CurrentPrefs(); p.Valid() {
if p := b.pm.CurrentPrefs(); p.Valid() && p.Persist() != nil && !p.Persist().PrivateNodeKey.IsZero() {
ourNodeKey = p.Persist().PublicNodeKey()
}
if b.tka == nil {

Write Preview
Loading…
Cancel
Save