ipn: always guard LocalBackend.netMapCache with mu

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
pull/115/head
David Crawshaw 5 years ago
parent 67ede8d6d2
commit e7cdc11654

@ -46,7 +46,7 @@ type LocalBackend struct {
prefs *Prefs
state State
hiCache *tailcfg.Hostinfo
netMapCache *controlclient.NetworkMap // TODO: many uses without holding mu
netMapCache *controlclient.NetworkMap
engineStatus EngineStatus // TODO: many uses without holding mu
endPoints []string // TODO: many uses without holding mu
blocked bool
@ -169,7 +169,7 @@ func (b *LocalBackend) Start(opts Options) error {
b.netMapCache = nil
b.mu.Unlock()
b.updateFilter()
b.updateFilter(nil)
var err error
persist := b.prefs.Persist
@ -215,14 +215,17 @@ func (b *LocalBackend) Start(opts Options) error {
b.send(Notify{Prefs: b.prefs.Clone()})
}
if newSt.NetMap != nil {
b.mu.Lock()
if b.netMapCache != nil && b.cmpDiff != nil {
s1 := strings.Split(b.netMapCache.Concise(), "\n")
s2 := strings.Split(newSt.NetMap.Concise(), "\n")
b.logf("netmap diff:\n%v\n", b.cmpDiff(s1, s2))
}
b.netMapCache = newSt.NetMap
b.mu.Unlock()
b.send(Notify{NetMap: newSt.NetMap})
b.updateFilter()
b.updateFilter(newSt.NetMap)
}
if newSt.URL != "" {
b.logf("Received auth URL: %.20v...\n", newSt.URL)
@ -288,15 +291,15 @@ func (b *LocalBackend) Start(opts Options) error {
return nil
}
func (b *LocalBackend) updateFilter() {
func (b *LocalBackend) updateFilter(netMap *controlclient.NetworkMap) {
if !b.Prefs().UsePacketFilter {
b.e.SetFilter(filter.NewAllowAll())
} else if b.netMapCache == nil {
} else if netMap == nil {
// Not configured yet, block everything
b.e.SetFilter(filter.NewAllowNone())
} else {
b.logf("netmap packet filter: %v\n", b.netMapCache.PacketFilter)
b.e.SetFilter(filter.New(b.netMapCache.PacketFilter))
b.e.SetFilter(filter.New(netMap.PacketFilter))
}
}
@ -665,10 +668,15 @@ func (b *LocalBackend) enterState(newState State) {
}
func (b *LocalBackend) nextState() State {
c := b.mustClient()
b.mu.Lock()
b.assertClientLocked()
c := b.c
netMap := b.netMapCache
b.mu.Unlock()
state := b.State()
if b.netMapCache == nil {
if netMap == nil {
if c.AuthCantContinue() {
// Auth was interrupted or waiting for URL visit,
// so it won't proceed without human help.
@ -679,9 +687,9 @@ func (b *LocalBackend) nextState() State {
}
} else if !b.prefs.WantRunning {
return Stopped
} else if e := b.netMapCache.Expiry; !e.IsZero() && time.Until(e) <= 0 {
} else if e := netMap.Expiry; !e.IsZero() && time.Until(e) <= 0 {
return NeedsLogin
} else if b.netMapCache.MachineStatus != tailcfg.MachineAuthorized {
} else if netMap.MachineStatus != tailcfg.MachineAuthorized {
// TODO(crawshaw): handle tailcfg.MachineInvalid
return NeedsMachineAuth
} else if state == NeedsMachineAuth {
@ -734,18 +742,19 @@ func (b *LocalBackend) requestEngineStatusAndWait() {
// Maybe that's for the better; if someone logs out accidentally,
// rebooting will fix it.
func (b *LocalBackend) Logout() {
c := b.mustClient()
b.mu.Lock()
b.assertClientLocked()
c := b.c
b.netMapCache = nil
b.mu.Unlock()
c.Logout()
b.netMapCache = nil
b.stateMachine()
}
func (b *LocalBackend) mustClient() *controlclient.Client {
b.mu.Lock()
defer b.mu.Unlock()
b.assertClientLocked()
return b.c
b.netMapCache = nil
b.mu.Unlock()
b.stateMachine()
}
func (b *LocalBackend) assertClientLocked() {

Loading…
Cancel
Save