ipn/ipnlocal: sanitize prefs in more notify code paths

Signed-off-by: Maisem Ali <maisem@tailscale.com>
pull/6592/head
Maisem Ali 2 years ago committed by Maisem Ali
parent 7c4d017636
commit cdb924f87b

@ -535,10 +535,10 @@ func stripKeysFromPrefs(p ipn.PrefsView) ipn.PrefsView {
func (b *LocalBackend) Prefs() ipn.PrefsView { func (b *LocalBackend) Prefs() ipn.PrefsView {
b.mu.Lock() b.mu.Lock()
defer b.mu.Unlock() defer b.mu.Unlock()
return b.prefsLocked() return b.sanitizedPrefsLocked()
} }
func (b *LocalBackend) prefsLocked() ipn.PrefsView { func (b *LocalBackend) sanitizedPrefsLocked() ipn.PrefsView {
return stripKeysFromPrefs(b.pm.CurrentPrefs()) return stripKeysFromPrefs(b.pm.CurrentPrefs())
} }
@ -912,7 +912,7 @@ func (b *LocalBackend) setClientStatus(st controlclient.Status) {
// Now complete the lock-free parts of what we started while locked. // Now complete the lock-free parts of what we started while locked.
if prefsChanged { if prefsChanged {
b.notifyPrefs(prefs.View()) b.send(ipn.Notify{Prefs: ptr.To(prefs.View())})
} }
if st.NetMap != nil { if st.NetMap != nil {
@ -927,8 +927,7 @@ func (b *LocalBackend) setClientStatus(st controlclient.Status) {
b.logf("Failed to save new controlclient state: %v", err) b.logf("Failed to save new controlclient state: %v", err)
} }
b.mu.Unlock() b.mu.Unlock()
np := stripKeysFromPrefs(p) b.send(ipn.Notify{ErrMessage: &msg, Prefs: &p})
b.send(ipn.Notify{ErrMessage: &msg, Prefs: &np})
return return
} }
if netMap != nil { if netMap != nil {
@ -1336,7 +1335,7 @@ func (b *LocalBackend) Start(opts ipn.Options) error {
blid := b.backendLogID blid := b.backendLogID
b.logf("Backend: logs: be:%v fe:%v", blid, opts.FrontendLogID) b.logf("Backend: logs: be:%v fe:%v", blid, opts.FrontendLogID)
b.send(ipn.Notify{BackendLogID: &blid}) b.send(ipn.Notify{BackendLogID: &blid})
b.notifyPrefs(prefs) b.send(ipn.Notify{Prefs: &prefs})
if !loggedOut && b.hasNodeKey() { if !loggedOut && b.hasNodeKey() {
// Even if !WantRunning, we should verify our key, if there // Even if !WantRunning, we should verify our key, if there
@ -1348,19 +1347,6 @@ func (b *LocalBackend) Start(opts ipn.Options) error {
return nil return nil
} }
// notifyPrefs delivers prefs to the connected frontend and any API watchers
// from LocalBackend.WatchNotifications (via the LocalAPI).
// It strips keys and other sensitive data prior to sending.
//
// If no frontend is connected or API watchers are backed up, the notification
// is dropped without being delivered.
//
// b.mu must not be held.
func (b *LocalBackend) notifyPrefs(p ipn.PrefsView) {
np := stripKeysFromPrefs(p)
b.send(ipn.Notify{Prefs: &np})
}
var warnInvalidUnsignedNodes = health.NewWarnable() var warnInvalidUnsignedNodes = health.NewWarnable()
// updateFilterLocked updates the packet filter in wgengine based on the // updateFilterLocked updates the packet filter in wgengine based on the
@ -1754,7 +1740,7 @@ func (b *LocalBackend) WatchNotifications(ctx context.Context, mask ipn.NotifyWa
} }
} }
if mask&ipn.NotifyInitialPrefs != 0 { if mask&ipn.NotifyInitialPrefs != 0 {
ini.Prefs = ptr.To(b.prefsLocked()) ini.Prefs = ptr.To(b.sanitizedPrefsLocked())
} }
if mask&ipn.NotifyInitialNetMap != 0 { if mask&ipn.NotifyInitialNetMap != 0 {
ini.NetMap = b.netMap ini.NetMap = b.netMap
@ -1833,8 +1819,13 @@ func (b *LocalBackend) DebugNotify(n ipn.Notify) {
// If no frontend is connected or API watchers are backed up, the notification // If no frontend is connected or API watchers are backed up, the notification
// is dropped without being delivered. // is dropped without being delivered.
// //
// If n contains Prefs, those will be sanitized before being delivered.
//
// b.mu must not be held. // b.mu must not be held.
func (b *LocalBackend) send(n ipn.Notify) { func (b *LocalBackend) send(n ipn.Notify) {
if n.Prefs != nil {
n.Prefs = ptr.To(stripKeysFromPrefs(*n.Prefs))
}
if n.Version == "" { if n.Version == "" {
n.Version = version.Long n.Version = version.Long
} }
@ -2594,7 +2585,7 @@ func (b *LocalBackend) setPrefsLockedOnEntry(caller string, newp *ipn.Prefs) ipn
b.authReconfig() b.authReconfig()
} }
b.notifyPrefs(prefs) b.send(ipn.Notify{Prefs: &prefs})
return prefs return prefs
} }

Loading…
Cancel
Save