You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/net
Andrew Dunham c4ccdd1bd1 net/interfaces: ensure we return valid 'self' IP in LikelyHomeRouterIP
Before this fix, LikelyHomeRouterIP could return a 'self' IP that
doesn't correspond to the gateway address, since it picks the first
private address when iterating over the set interfaces as the 'self' IP,
without checking that the address corresponds with the
previously-detected gateway.

This behaviour was introduced by accident in aaf2df7, where we deleted
the following code:

    for _, prefix := range privatev4s {
        if prefix.Contains(gateway) && prefix.Contains(ip) {
            myIP = ip
            ok = true
            return
        }
    }

Other than checking that 'gateway' and 'ip' were private IP addresses
(which were correctly replaced with a call to the netip.Addr.IsPrivate
method), it also implicitly checked that both 'gateway' and 'ip' were a
part of the *same* prefix, and thus likely to be the same interface.

Restore that behaviour by explicitly checking pfx.Contains(gateway),
which, given that the 'ip' variable is derived from our prefix 'pfx',
ensures that the 'self' IP will correspond to the returned 'gateway'.

Fixes #10466

Signed-off-by: Andrew Dunham <andrew@du.nham.ca>
Change-Id: Iddd2ee70cefb9fb40071986fefeace9ca2441ee6
12 months ago
..
art net/art: allow non-pointers as values 1 year ago
connstats net/connstats: exclude traffic with internal Tailscale service (#7904) 2 years ago
dns net/dns: use an additional registry setting to disable dynamic DNS updates for our interface on Windows 12 months ago
dnscache net/dnscache: remove completed TODO 1 year ago
dnsfallback net/dnsfallback: add singleflight to recursive resolver 1 year ago
flowtrack all: update copyright and license headers 2 years ago
interfaces net/interfaces: ensure we return valid 'self' IP in LikelyHomeRouterIP 12 months ago
memnet net/memnet: export the network name (#9111) 1 year ago
netaddr all: update copyright and license headers 2 years ago
netcheck net/netcheck,wgengine/magicsock: reduce coupling between netcheck and magicsock 1 year ago
neterror net/neterror, wgengine/magicsock: use UDP GSO and GRO on Linux (#7791) 2 years ago
netkernelconf client/tailscale,ipn/{ipnlocal,localapi}: check UDP GRO config (#10071) 1 year ago
netknob all: update copyright and license headers 2 years ago
netmon net/netmon: log when the gateway/self IP changes 1 year ago
netns net/{interfaces,netmon}: remove "interesting", EqualFiltered API 1 year ago
netstat net/{netns,netstat}: use new x/sys/cpu.IsBigEndian 2 years ago
netutil cmd/tailscale: refactor shared utility methods 1 year ago
packet net/packet: split off checksum munging into different pkg 1 year ago
ping net/ping: fix ICMP echo code field to 0 1 year ago
portmapper net/portmapper: avoid alloc in getUPnPErrorsMetric 1 year ago
proxymux all: update copyright and license headers 2 years ago
routetable net/routetable: include unknown flags in the routetable doctor output 2 years ago
socks5 net/socks5: add password auth support 2 years ago
sockstats net/dns: retry forwarder requests over TCP 1 year ago
speedtest all: update copyright and license headers 2 years ago
stun wgengine/magicsock, types/nettype, etc: finish ReadFromUDPAddrPort netip migration 2 years ago
tcpinfo net/tcpinfo: add package to allow fetching TCP information 1 year ago
tlsdial cmd/tailscale/cli: make netcheck run even if machine lacks TLS certs 1 year ago
tsaddr types/netmap: remove NetworkMap.{Addresses,MachineStatus} 1 year ago
tsdial types/netmap: remove NetworkMap.{Addresses,MachineStatus} 1 year ago
tshttpproxy net/tshttpproxy: don't proxy through ourselves 2 years ago
tstun cmd/tailscaled,net/tstun: fix data race on start-up in TUN mode 1 year ago
wsconn net/wsconn: accept a remote addr string and plumb it through 1 year ago