ipn/ipnlocal: fix use of stale profile while processing netmap

Signed-off-by: Tom DNetto <tom@tailscale.com>
pull/6626/head
Tom DNetto 2 years ago committed by Tom
parent c933b8882c
commit 9c773af04c

@ -829,7 +829,9 @@ func (b *LocalBackend) setClientStatus(st controlclient.Status) {
if err := b.pm.DeleteProfile(b.pm.CurrentProfile().ID); err != nil { if err := b.pm.DeleteProfile(b.pm.CurrentProfile().ID); err != nil {
b.logf("error deleting profile: %v", err) b.logf("error deleting profile: %v", err)
} }
b.resetForProfileChangeLockedOnEntry() if err := b.resetForProfileChangeLockedOnEntry(); err != nil {
b.logf("resetForProfileChangeLockedOnEntry err: %v", err)
}
return return
} }
@ -851,9 +853,6 @@ func (b *LocalBackend) setClientStatus(st controlclient.Status) {
if !prefs.Persist.View().Equals(*st.Persist) { if !prefs.Persist.View().Equals(*st.Persist) {
prefsChanged = true prefsChanged = true
prefs.Persist = st.Persist.AsStruct() prefs.Persist = st.Persist.AsStruct()
if err := b.initTKALocked(); err != nil {
b.logf("initTKALocked: %v", err)
}
} }
} }
if st.URL != "" { if st.URL != "" {
@ -873,7 +872,26 @@ func (b *LocalBackend) setClientStatus(st controlclient.Status) {
if findExitNodeIDLocked(prefs, st.NetMap) { if findExitNodeIDLocked(prefs, st.NetMap) {
prefsChanged = true prefsChanged = true
} }
// Prefs will be written out; this is not safe unless locked or cloned.
// Perform all mutations of prefs based on the netmap here.
if st.NetMap != nil {
if b.updatePersistFromNetMapLocked(st.NetMap, prefs) {
prefsChanged = true
}
}
// Prefs will be written out if stale; this is not safe unless locked or cloned.
if prefsChanged {
if err := b.pm.SetPrefs(prefs.View()); err != nil {
b.logf("Failed to save new controlclient state: %v", err)
}
}
// initTKALocked is dependent on CurrentProfile.ID, which is initialized
// (for new profiles) on the first call to b.pm.SetPrefs.
if err := b.initTKALocked(); err != nil {
b.logf("initTKALocked: %v", err)
}
// Perform all reconfiguration based on the netmap here.
if st.NetMap != nil { if st.NetMap != nil {
b.capTailnetLock = hasCapability(st.NetMap, tailcfg.CapabilityTailnetLockAlpha) b.capTailnetLock = hasCapability(st.NetMap, tailcfg.CapabilityTailnetLockAlpha)
@ -896,18 +914,9 @@ func (b *LocalBackend) setClientStatus(st controlclient.Status) {
if !envknob.TKASkipSignatureCheck() { if !envknob.TKASkipSignatureCheck() {
b.tkaFilterNetmapLocked(st.NetMap) b.tkaFilterNetmapLocked(st.NetMap)
} }
if b.updatePersistFromNetMapLocked(st.NetMap, prefs) {
prefsChanged = true
}
b.setNetMapLocked(st.NetMap) b.setNetMapLocked(st.NetMap)
b.updateFilterLocked(st.NetMap, prefs.View()) b.updateFilterLocked(st.NetMap, prefs.View())
} }
if prefsChanged {
if err := b.pm.SetPrefs(prefs.View()); err != nil {
b.logf("Failed to save new controlclient state: %v", err)
}
}
b.mu.Unlock() b.mu.Unlock()
// Now complete the lock-free parts of what we started while locked. // Now complete the lock-free parts of what we started while locked.

@ -300,6 +300,8 @@ func (b *LocalBackend) tkaApplyDisablementLocked(secret []byte) error {
// chonkPathLocked returns the absolute path to the directory in which TKA // chonkPathLocked returns the absolute path to the directory in which TKA
// state (the 'tailchonk') is stored. // state (the 'tailchonk') is stored.
//
// b.mu must be held.
func (b *LocalBackend) chonkPathLocked() string { func (b *LocalBackend) chonkPathLocked() string {
return filepath.Join(b.TailscaleVarRoot(), "tka-profiles", string(b.pm.CurrentProfile().ID)) return filepath.Join(b.TailscaleVarRoot(), "tka-profiles", string(b.pm.CurrentProfile().ID))
} }

Loading…
Cancel
Save