ipn: apply ControlURL policy before login

Unlike most prefs, the ControlURL policy needs to take effect before
login. This resolves an issue where on first start, even when the
ControlURL policy is set, it will generate a login URL to the Tailscale
SaaS server.

Updates tailscale/coral#118
Fixes #10736

Change-Id: I6da2a521f64028c15dbb6ac8175839fc3cc4e858
Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
pull/10891/head^2
Adrian Dewhurst 11 months ago committed by Adrian Dewhurst
parent d50303bef7
commit c05c4bdce4

@ -152,6 +152,7 @@ tailscale.com/cmd/derper dependencies: (generated by github.com/tailscale/depawa
tailscale.com/util/set from tailscale.com/health+ tailscale.com/util/set from tailscale.com/health+
tailscale.com/util/singleflight from tailscale.com/net/dnscache tailscale.com/util/singleflight from tailscale.com/net/dnscache
tailscale.com/util/slicesx from tailscale.com/cmd/derper+ tailscale.com/util/slicesx from tailscale.com/cmd/derper+
tailscale.com/util/syspolicy from tailscale.com/ipn
tailscale.com/util/vizerror from tailscale.com/tsweb+ tailscale.com/util/vizerror from tailscale.com/tsweb+
W 💣 tailscale.com/util/winutil from tailscale.com/hostinfo+ W 💣 tailscale.com/util/winutil from tailscale.com/hostinfo+
tailscale.com/version from tailscale.com/derp+ tailscale.com/version from tailscale.com/derp+
@ -231,7 +232,7 @@ tailscale.com/cmd/derper dependencies: (generated by github.com/tailscale/depawa
encoding/pem from crypto/tls+ encoding/pem from crypto/tls+
errors from bufio+ errors from bufio+
expvar from tailscale.com/cmd/derper+ expvar from tailscale.com/cmd/derper+
flag from tailscale.com/cmd/derper flag from tailscale.com/cmd/derper+
fmt from compress/flate+ fmt from compress/flate+
go/token from google.golang.org/protobuf/internal/strs go/token from google.golang.org/protobuf/internal/strs
hash from crypto+ hash from crypto+
@ -271,7 +272,7 @@ tailscale.com/cmd/derper dependencies: (generated by github.com/tailscale/depawa
runtime/debug from golang.org/x/crypto/acme+ runtime/debug from golang.org/x/crypto/acme+
runtime/metrics from github.com/prometheus/client_golang/prometheus+ runtime/metrics from github.com/prometheus/client_golang/prometheus+
runtime/pprof from net/http/pprof runtime/pprof from net/http/pprof
runtime/trace from net/http/pprof runtime/trace from net/http/pprof+
slices from tailscale.com/ipn/ipnstate+ slices from tailscale.com/ipn/ipnstate+
sort from compress/flate+ sort from compress/flate+
strconv from compress/flate+ strconv from compress/flate+
@ -279,6 +280,7 @@ tailscale.com/cmd/derper dependencies: (generated by github.com/tailscale/depawa
sync from compress/flate+ sync from compress/flate+
sync/atomic from context+ sync/atomic from context+
syscall from crypto/rand+ syscall from crypto/rand+
testing from tailscale.com/util/syspolicy
text/tabwriter from runtime/pprof text/tabwriter from runtime/pprof
time from compress/gzip+ time from compress/gzip+
unicode from bytes+ unicode from bytes+

@ -157,6 +157,7 @@ tailscale.com/cmd/tailscale dependencies: (generated by github.com/tailscale/dep
tailscale.com/util/set from tailscale.com/health+ tailscale.com/util/set from tailscale.com/health+
tailscale.com/util/singleflight from tailscale.com/net/dnscache+ tailscale.com/util/singleflight from tailscale.com/net/dnscache+
tailscale.com/util/slicesx from tailscale.com/net/dnscache+ tailscale.com/util/slicesx from tailscale.com/net/dnscache+
tailscale.com/util/syspolicy from tailscale.com/ipn
tailscale.com/util/testenv from tailscale.com/cmd/tailscale/cli tailscale.com/util/testenv from tailscale.com/cmd/tailscale/cli
tailscale.com/util/truncate from tailscale.com/cmd/tailscale/cli tailscale.com/util/truncate from tailscale.com/cmd/tailscale/cli
tailscale.com/util/vizerror from tailscale.com/types/ipproto+ tailscale.com/util/vizerror from tailscale.com/types/ipproto+
@ -296,6 +297,7 @@ tailscale.com/cmd/tailscale dependencies: (generated by github.com/tailscale/dep
regexp from github.com/tailscale/goupnp/httpu+ regexp from github.com/tailscale/goupnp/httpu+
regexp/syntax from regexp regexp/syntax from regexp
runtime/debug from tailscale.com/util/singleflight+ runtime/debug from tailscale.com/util/singleflight+
runtime/trace from testing
slices from tailscale.com/cmd/tailscale/cli+ slices from tailscale.com/cmd/tailscale/cli+
sort from compress/flate+ sort from compress/flate+
strconv from compress/flate+ strconv from compress/flate+
@ -303,6 +305,7 @@ tailscale.com/cmd/tailscale dependencies: (generated by github.com/tailscale/dep
sync from compress/flate+ sync from compress/flate+
sync/atomic from context+ sync/atomic from context+
syscall from crypto/rand+ syscall from crypto/rand+
testing from tailscale.com/util/syspolicy
text/tabwriter from github.com/peterbourgon/ff/v3/ffcli+ text/tabwriter from github.com/peterbourgon/ff/v3/ffcli+
text/template from html/template text/template from html/template
text/template/parse from html/template+ text/template/parse from html/template+

@ -26,6 +26,7 @@ import (
"tailscale.com/types/preftype" "tailscale.com/types/preftype"
"tailscale.com/types/views" "tailscale.com/types/views"
"tailscale.com/util/dnsname" "tailscale.com/util/dnsname"
"tailscale.com/util/syspolicy"
) )
// DefaultControlURL is the URL base of the control plane // DefaultControlURL is the URL base of the control plane
@ -637,11 +638,16 @@ func (p PrefsView) ControlURLOrDefault() string {
// If not configured, or if the configured value is a legacy name equivalent to // If not configured, or if the configured value is a legacy name equivalent to
// the default, then DefaultControlURL is returned instead. // the default, then DefaultControlURL is returned instead.
func (p *Prefs) ControlURLOrDefault() string { func (p *Prefs) ControlURLOrDefault() string {
if p.ControlURL != "" { controlURL, err := syspolicy.GetString(syspolicy.ControlURL, p.ControlURL)
if p.ControlURL != DefaultControlURL && IsLoginServerSynonym(p.ControlURL) { if err != nil {
controlURL = p.ControlURL
}
if controlURL != "" {
if controlURL != DefaultControlURL && IsLoginServerSynonym(controlURL) {
return DefaultControlURL return DefaultControlURL
} }
return p.ControlURL return controlURL
} }
return DefaultControlURL return DefaultControlURL
} }

Loading…
Cancel
Save