From fbf89789b80d564c2bdeb3d4643eb899223d17c9 Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Tue, 4 Aug 2020 17:04:02 -0700 Subject: [PATCH] wgengine/magicsock: don't deadlock on pre-disco Endpoints w/ lazy wireguard configs Fixes tailscale/tailscale#637 (cherry picked from commit 7c38db0c971b450636841a8b9be5ae5c00b1f1f2) --- wgengine/magicsock/magicsock.go | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/wgengine/magicsock/magicsock.go b/wgengine/magicsock/magicsock.go index 587f4f72d..e842eb3cd 100644 --- a/wgengine/magicsock/magicsock.go +++ b/wgengine/magicsock/magicsock.go @@ -2626,16 +2626,17 @@ func (c *Conn) CreateEndpoint(pubKey [32]byte, addrs string) (conn.Endpoint, err pk := key.Public(pubKey) c.logf("magicsock: CreateEndpoint: key=%s: %s", pk.ShortString(), derpStr(addrs)) + if !c.canCreateEPUnlocked.Get() { // sorry + c.mu.Lock() + defer c.mu.Unlock() + } + if strings.HasSuffix(addrs, controlclient.EndpointDiscoSuffix) { discoHex := strings.TrimSuffix(addrs, controlclient.EndpointDiscoSuffix) discoKey, err := key.NewPublicFromHexMem(mem.S(discoHex)) if err != nil { return nil, fmt.Errorf("magicsock: invalid discokey endpoint %q for %v: %w", addrs, pk.ShortString(), err) } - if !c.canCreateEPUnlocked.Get() { // sorry - c.mu.Lock() - defer c.mu.Unlock() - } de := &discoEndpoint{ c: c, publicKey: tailcfg.NodeKey(pk), // peer public key (for WireGuard + DERP) @@ -2679,9 +2680,6 @@ func (c *Conn) CreateEndpoint(pubKey [32]byte, addrs string) (conn.Endpoint, err } } - c.mu.Lock() - defer c.mu.Unlock() - // If this endpoint is being updated, remember its old set of // endpoints so we can remove any (from c.addrsByUDP) that are // not in the new set.