cmd/tailscale/cli: don't permit setting self IP as exit node (#1491)

This change makes it impossible to set your own IP address as the exit node for this system.

Fixes #1489

Signed-off-by: Christine Dodrill <xe@tailscale.com>
pull/1506/head
Christine Dodrill 4 years ago committed by GitHub
parent ab2a8a7493
commit deff20edc6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -53,12 +53,7 @@ var statusArgs struct {
peers bool // in CLI mode, show status of peer machines peers bool // in CLI mode, show status of peer machines
} }
func runStatus(ctx context.Context, args []string) error { func getStatusFromServer(ctx context.Context, c net.Conn, bc *ipn.BackendClient) func() (*ipnstate.Status, error) {
c, bc, ctx, cancel := connect(ctx)
defer cancel()
bc.AllowVersionSkew = true
ch := make(chan *ipnstate.Status, 1) ch := make(chan *ipnstate.Status, 1)
bc.SetNotifyCallback(func(n ipn.Notify) { bc.SetNotifyCallback(func(n ipn.Notify) {
if n.ErrMessage != nil { if n.ErrMessage != nil {
@ -80,7 +75,7 @@ func runStatus(ctx context.Context, args []string) error {
}) })
go pump(ctx, bc, c) go pump(ctx, bc, c)
getStatus := func() (*ipnstate.Status, error) { return func() (*ipnstate.Status, error) {
bc.RequestStatus() bc.RequestStatus()
select { select {
case st := <-ch: case st := <-ch:
@ -89,6 +84,15 @@ func runStatus(ctx context.Context, args []string) error {
return nil, ctx.Err() return nil, ctx.Err()
} }
} }
}
func runStatus(ctx context.Context, args []string) error {
c, bc, ctx, cancel := connect(ctx)
defer cancel()
bc.AllowVersionSkew = true
getStatus := getStatusFromServer(ctx, c, bc)
st, err := getStatus() st, err := getStatus()
if err != nil { if err != nil {
return err return err

@ -249,6 +249,18 @@ func runUp(ctx context.Context, args []string) error {
c, bc, ctx, cancel := connect(ctx) c, bc, ctx, cancel := connect(ctx)
defer cancel() defer cancel()
if !prefs.ExitNodeIP.IsZero() {
st, err := getStatusFromServer(ctx, c, bc)()
if err != nil {
fatalf("can't fetch status from tailscaled: %v", err)
}
for _, ip := range st.TailscaleIPs {
if prefs.ExitNodeIP == ip {
fatalf("cannot use %s as the exit node as it is a local IP address to this machine, did you mean --advertise-exit-node?", ip)
}
}
}
var printed bool var printed bool
var loginOnce sync.Once var loginOnce sync.Once
startLoginInteractive := func() { loginOnce.Do(func() { bc.StartLoginInteractive() }) } startLoginInteractive := func() { loginOnce.Do(func() { bc.StartLoginInteractive() }) }

Loading…
Cancel
Save