diff --git a/ipn/ipnlocal/local.go b/ipn/ipnlocal/local.go index 345799752..2ef520e5e 100644 --- a/ipn/ipnlocal/local.go +++ b/ipn/ipnlocal/local.go @@ -3320,13 +3320,6 @@ func dnsConfigForNetmap(nm *netmap.NetworkMap, peers map[tailcfg.NodeID]tailcfg. return dcfg } - // If we're using an exit node and that exit node is IsWireGuardOnly with - // ExitNodeDNSResolver set, then add that as the default. - if resolvers, ok := wireguardExitNodeDNSResolvers(nm, peers, prefs.ExitNodeID()); ok { - addDefault(resolvers) - return dcfg - } - addDefault(nm.DNS.Resolvers) for suffix, resolvers := range nm.DNS.Routes { fqdn, err := dnsname.ToFQDN(suffix) @@ -4744,30 +4737,6 @@ func exitNodeCanProxyDNS(nm *netmap.NetworkMap, peers map[tailcfg.NodeID]tailcfg return "", false } -// wireguardExitNodeDNSResolvers returns the DNS resolvers to use for a -// WireGuard-only exit node, if it has resolver addresses. -func wireguardExitNodeDNSResolvers(nm *netmap.NetworkMap, peers map[tailcfg.NodeID]tailcfg.NodeView, exitNodeID tailcfg.StableNodeID) ([]*dnstype.Resolver, bool) { - if exitNodeID.IsZero() { - return nil, false - } - - for _, p := range peers { - if p.StableID() == exitNodeID && p.IsWireGuardOnly() { - resolvers := p.ExitNodeDNSResolvers() - if !resolvers.IsNil() && resolvers.Len() > 0 { - copies := make([]*dnstype.Resolver, resolvers.Len()) - for i := range resolvers.LenIter() { - copies[i] = resolvers.At(i).AsStruct() - } - return copies, true - } - return nil, false - } - } - - return nil, false -} - func peerCanProxyDNS(p tailcfg.NodeView) bool { if p.Cap() >= 26 { // Actually added at 25 diff --git a/ipn/ipnlocal/local_test.go b/ipn/ipnlocal/local_test.go index a55b6f638..c80a497e9 100644 --- a/ipn/ipnlocal/local_test.go +++ b/ipn/ipnlocal/local_test.go @@ -22,7 +22,6 @@ import ( "tailscale.com/tailcfg" "tailscale.com/tsd" "tailscale.com/tstest" - "tailscale.com/types/dnstype" "tailscale.com/types/key" "tailscale.com/types/logger" "tailscale.com/types/logid" @@ -856,109 +855,3 @@ func TestUpdateNetmapDelta(t *testing.T) { } } } - -func TestWireguardExitNodeDNSResolvers(t *testing.T) { - type tc struct { - name string - id tailcfg.StableNodeID - peers []*tailcfg.Node - wantOK bool - wantResolvers []*dnstype.Resolver - } - - tests := []tc{ - { - name: "no peers", - id: "1", - wantOK: false, - wantResolvers: nil, - }, - { - name: "non wireguard peer", - id: "1", - peers: []*tailcfg.Node{ - { - ID: 1, - StableID: "1", - IsWireGuardOnly: false, - ExitNodeDNSResolvers: []*dnstype.Resolver{{Addr: "dns.example.com"}}, - }, - }, - wantOK: false, - wantResolvers: nil, - }, - { - name: "no matching IDs", - id: "2", - peers: []*tailcfg.Node{ - { - ID: 1, - StableID: "1", - IsWireGuardOnly: true, - ExitNodeDNSResolvers: []*dnstype.Resolver{{Addr: "dns.example.com"}}, - }, - }, - wantOK: false, - wantResolvers: nil, - }, - { - name: "wireguard peer", - id: "1", - peers: []*tailcfg.Node{ - { - ID: 1, - StableID: "1", - IsWireGuardOnly: true, - ExitNodeDNSResolvers: []*dnstype.Resolver{{Addr: "dns.example.com"}}, - }, - }, - wantOK: true, - wantResolvers: []*dnstype.Resolver{{Addr: "dns.example.com"}}, - }, - } - - for _, tc := range tests { - peers := peersMap(nodeViews(tc.peers)) - nm := &netmap.NetworkMap{} - gotResolvers, gotOK := wireguardExitNodeDNSResolvers(nm, peers, tc.id) - - if gotOK != tc.wantOK || !resolversEqual(gotResolvers, tc.wantResolvers) { - t.Errorf("case: %s: got %v, %v, want %v, %v", tc.name, gotOK, gotResolvers, tc.wantOK, tc.wantResolvers) - } - } -} - -func TestDNSConfigForNetmapForWireguardExitNode(t *testing.T) { - resolvers := []*dnstype.Resolver{{Addr: "dns.example.com"}} - nm := &netmap.NetworkMap{} - peers := map[tailcfg.NodeID]tailcfg.NodeView{ - 1: (&tailcfg.Node{ - ID: 1, - StableID: "1", - IsWireGuardOnly: true, - ExitNodeDNSResolvers: resolvers, - Hostinfo: (&tailcfg.Hostinfo{}).View(), - }).View(), - } - prefs := &ipn.Prefs{ - ExitNodeID: "1", - CorpDNS: true, - } - - got := dnsConfigForNetmap(nm, peers, prefs.View(), t.Logf, "") - if !resolversEqual(got.DefaultResolvers, resolvers) { - t.Errorf("got %v, want %v", got.DefaultResolvers, resolvers) - } -} - -func resolversEqual(a, b []*dnstype.Resolver) bool { - if len(a) != len(b) { - return false - } - for i := range a { - if !a[i].Equal(b[i]) { - return false - } - } - return true -}