@ -11,7 +11,6 @@ import (
"errors"
"errors"
"fmt"
"fmt"
"io"
"io"
"net"
"os"
"os"
"reflect"
"reflect"
"runtime"
"runtime"
@ -502,15 +501,7 @@ func isTrimmablePeer(p *wgcfg.Peer, numPeers int) bool {
if forceFullWireguardConfig ( numPeers ) {
if forceFullWireguardConfig ( numPeers ) {
return false
return false
}
}
if ! isSingleEndpoint ( p . Endpoints ) {
if p . Endpoints . DiscoKey . IsZero ( ) {
return false
}
host , _ , err := net . SplitHostPort ( p . Endpoints )
if err != nil {
return false
}
if ! strings . HasSuffix ( host , ".disco.tailscale" ) {
return false
return false
}
}
@ -580,26 +571,6 @@ func (e *userspaceEngine) isActiveSince(dk tailcfg.DiscoKey, ip netaddr.IP, t ti
return unixTime >= t . Unix ( )
return unixTime >= t . Unix ( )
}
}
// discoKeyFromPeer returns the DiscoKey for a wireguard config's Peer.
//
// Invariant: isTrimmablePeer(p) == true, so it should have 1 endpoint with
// Host of form "<64-hex-digits>.disco.tailscale". If invariant is violated,
// we return the zero value.
func discoKeyFromPeer ( p * wgcfg . Peer ) tailcfg . DiscoKey {
if len ( p . Endpoints ) < 64 {
return tailcfg . DiscoKey { }
}
host , rest := p . Endpoints [ : 64 ] , p . Endpoints [ 64 : ]
if ! strings . HasPrefix ( rest , ".disco.tailscale" ) {
return tailcfg . DiscoKey { }
}
k , err := key . NewPublicFromHexMem ( mem . S ( host ) )
if err != nil {
return tailcfg . DiscoKey { }
}
return tailcfg . DiscoKey ( k )
}
// discoChanged are the set of peers whose disco keys have changed, implying they've restarted.
// discoChanged are the set of peers whose disco keys have changed, implying they've restarted.
// If a peer is in this set and was previously in the live wireguard config,
// If a peer is in this set and was previously in the live wireguard config,
// it needs to be first removed and then re-added to flush out its wireguard session key.
// it needs to be first removed and then re-added to flush out its wireguard session key.
@ -647,7 +618,7 @@ func (e *userspaceEngine) maybeReconfigWireguardLocked(discoChanged map[key.Publ
}
}
continue
continue
}
}
dk := discoKeyFromPeer ( p )
dk := p . Endpoints . DiscoKey
trackDisco = append ( trackDisco , dk )
trackDisco = append ( trackDisco , dk )
recentlyActive := false
recentlyActive := false
for _ , cidr := range p . AllowedIPs {
for _ , cidr := range p . AllowedIPs {
@ -797,19 +768,19 @@ func (e *userspaceEngine) Reconfig(cfg *wgcfg.Config, routerCfg *router.Config,
// and a second time with it.
// and a second time with it.
discoChanged := make ( map [ key . Public ] bool )
discoChanged := make ( map [ key . Public ] bool )
{
{
prevEP := make ( map [ key . Public ] string )
prevEP := make ( map [ key . Public ] tailcfg . DiscoKey )
for i := range e . lastCfgFull . Peers {
for i := range e . lastCfgFull . Peers {
if p := & e . lastCfgFull . Peers [ i ] ; isSingleEndpoint ( p . Endpoints ) {
if p := & e . lastCfgFull . Peers [ i ] ; ! p . Endpoints . DiscoKey . IsZero ( ) {
prevEP [ key . Public ( p . PublicKey ) ] = p . Endpoints
prevEP [ key . Public ( p . PublicKey ) ] = p . Endpoints . DiscoKey
}
}
}
}
for i := range cfg . Peers {
for i := range cfg . Peers {
p := & cfg . Peers [ i ]
p := & cfg . Peers [ i ]
if ! isSingleEndpoint ( p . Endpoints ) {
if p . Endpoints . DiscoKey . IsZero ( ) {
continue
continue
}
}
pub := key . Public ( p . PublicKey )
pub := key . Public ( p . PublicKey )
if old , ok := prevEP [ pub ] ; ok && old != p . Endpoints {
if old , ok := prevEP [ pub ] ; ok && old != p . Endpoints . DiscoKey {
discoChanged [ pub ] = true
discoChanged [ pub ] = true
e . logf ( "wgengine: Reconfig: %s changed from %q to %q" , pub . ShortString ( ) , old , p . Endpoints )
e . logf ( "wgengine: Reconfig: %s changed from %q to %q" , pub . ShortString ( ) , old , p . Endpoints )
}
}
@ -853,11 +824,6 @@ func (e *userspaceEngine) Reconfig(cfg *wgcfg.Config, routerCfg *router.Config,
return nil
return nil
}
}
// isSingleEndpoint reports whether endpoints contains exactly one host:port pair.
func isSingleEndpoint ( s string ) bool {
return s != "" && ! strings . Contains ( s , "," )
}
func ( e * userspaceEngine ) GetFilter ( ) * filter . Filter {
func ( e * userspaceEngine ) GetFilter ( ) * filter . Filter {
return e . tundev . GetFilter ( )
return e . tundev . GetFilter ( )
}
}