wgengine: avoid holding any locks during HandshakeDone

Because wgLock is held while some wireguard-go methods run,
trying to hold wgLock during HandshakeDone potentially creates
lock cycles between wgengine and internals of wireguard-go.

Arguably wireguard-go should call HandshakeDone in a new goroutine,
but until its API promises that, don't make any assumptions here.

Maybe for #110.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
pull/115/head
David Crawshaw 5 years ago
parent 06bf0d980e
commit c576a57067

@ -167,7 +167,7 @@ func newUserspaceEngineAdvanced(logf logger.Logf, tundev tun.Device, routerGen R
if ones, bits := allowedIPs[0].Mask.Size(); ones == bits && ones != 0 {
var ip wgcfg.IP
copy(ip.Addr[:], allowedIPs[0].IP.To16())
e.startPinger(peerKey, ip)
go e.pinger(peerKey, ip)
return
}
}
@ -226,11 +226,11 @@ func newUserspaceEngineAdvanced(logf logger.Logf, tundev tun.Device, routerGen R
return e, nil
}
// startPinger starts a goroutine that sends ping packets for a few seconds.
// pinger sends ping packets for a few seconds.
//
// These generated packets are used to ensure we trigger the spray logic in
// the magicsock package for NAT traversal.
func (e *userspaceEngine) startPinger(peerKey wgcfg.Key, ip wgcfg.IP) {
func (e *userspaceEngine) pinger(peerKey wgcfg.Key, ip wgcfg.IP) {
e.logf("generating initial ping traffic to %s (%v)", peerKey.ShortString(), ip)
var srcIP packet.IP
@ -264,7 +264,6 @@ func (e *userspaceEngine) startPinger(peerKey wgcfg.Key, ip wgcfg.IP) {
payload := []byte("magicsock_spray") // no meaning
go func() {
defer func() {
e.mu.Lock()
defer e.mu.Unlock()
@ -294,7 +293,6 @@ func (e *userspaceEngine) startPinger(peerKey wgcfg.Key, ip wgcfg.IP) {
ipid++
e.wgdev.SendPacket(b)
}
}()
}
// TODO(apenwarr): dnsDomains really ought to be in wgcfg.Config.

Loading…
Cancel
Save