Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9861830

Browse files
authored
fix: never send local endpoints if disabled (#12138)
1 parentc63f569 commit9861830

File tree

4 files changed

+63
-3
lines changed

4 files changed

+63
-3
lines changed

‎go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ replace github.com/dlclark/regexp2 => github.com/dlclark/regexp2 v1.7.0
3333

3434
// There are a few minor changes we make to Tailscale that we're slowly upstreaming. Compare here:
3535
// https://github.com/tailscale/tailscale/compare/main...coder:tailscale:main
36-
replacetailscale.com =>github.com/coder/tailscalev1.1.1-0.20231205095743-61c97bad8c8b
36+
replacetailscale.com =>github.com/coder/tailscalev1.1.1-0.20240214140224-3788ab894ba1
3737

3838
// Fixes a race-condition in coder/wgtunnel.
3939
// Upstream PR: https://github.com/WireGuard/wireguard-go/pull/85

‎go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -202,8 +202,8 @@ github.com/coder/retry v1.5.1 h1:iWu8YnD8YqHs3XwqrqsjoBTAVqT9ml6z9ViJ2wlMiqc=
202202
github.com/coder/retryv1.5.1/go.mod h1:blHMk9vs6LkoRT9ZHyuZo360cufXEhrxqvEzeMtRGoY=
203203
github.com/coder/sshv0.0.0-20231128192721-70855dedb788 h1:YoUSJ19E8AtuUFVYBpXuOD6a/zVP3rcxezNsoDseTUw=
204204
github.com/coder/sshv0.0.0-20231128192721-70855dedb788/go.mod h1:aGQbuCLyhRLMzZF067xc84Lh7JDs1FKwCmF1Crl9dxQ=
205-
github.com/coder/tailscalev1.1.1-0.20231205095743-61c97bad8c8b h1:ut/aL6oI8TjGdg4JI8+bKB9w5j73intbe0dJAmcmYyQ=
206-
github.com/coder/tailscalev1.1.1-0.20231205095743-61c97bad8c8b/go.mod h1:L8tPrwSi31RAMEMV8rjb0vYTGs7rXt8rAHbqY/p41j4=
205+
github.com/coder/tailscalev1.1.1-0.20240214140224-3788ab894ba1 h1:A7dZHNidAVH6Kxn5D3hTEH+iRO8slnM0aRer6/cxlyE=
206+
github.com/coder/tailscalev1.1.1-0.20240214140224-3788ab894ba1/go.mod h1:L8tPrwSi31RAMEMV8rjb0vYTGs7rXt8rAHbqY/p41j4=
207207
github.com/coder/terraform-provider-coderv0.17.0 h1:qwdLSbh6vPN+QDDvw1WNSYYEFlFwJFwzzP9vrvwr/ks=
208208
github.com/coder/terraform-provider-coderv0.17.0/go.mod h1:pACHRoXSHBGyY696mLeQ1hR/Ag1G2wFk5bw0mT5Zp2g=
209209
github.com/coder/wgtunnelv0.1.13-0.20231127054351-578bfff9b92a h1:KhR9LUVllMZ+e9lhubZ1HNrtJDgH5YLoTvpKwmrGag4=

‎tailnet/conn.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -168,6 +168,7 @@ func NewConn(options *Options) (conn *Conn, err error) {
168168

169169
magicConn:=sys.MagicSock.Get()
170170
magicConn.SetDERPForceWebsockets(options.DERPForceWebSockets)
171+
magicConn.SetBlockEndpoints(options.BlockEndpoints)
171172
ifoptions.DERPHeader!=nil {
172173
magicConn.SetDERPHeader(options.DERPHeader.Clone())
173174
}
@@ -345,6 +346,7 @@ func (c *Conn) SetDERPForceWebSockets(v bool) {
345346
func (c*Conn)SetBlockEndpoints(blockEndpointsbool) {
346347
c.configMaps.setBlockEndpoints(blockEndpoints)
347348
c.nodeUpdater.setBlockEndpoints(blockEndpoints)
349+
c.magicConn.SetBlockEndpoints(blockEndpoints)
348350
}
349351

350352
// SetDERPRegionDialer updates the dialer to use for connecting to DERP regions.

‎tailnet/conn_test.go

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ import (
44
"context"
55
"net/netip"
66
"testing"
7+
"time"
78

89
"github.com/google/uuid"
910
"github.com/stretchr/testify/assert"
@@ -412,6 +413,63 @@ parentLoop:
412413
require.True(t,client2.AwaitReachable(awaitReachableCtx4,ip))
413414
}
414415

416+
funcTestConn_BlockEndpoints(t*testing.T) {
417+
t.Parallel()
418+
logger:=slogtest.Make(t,nil).Leveled(slog.LevelDebug)
419+
420+
derpMap,_:=tailnettest.RunDERPAndSTUN(t)
421+
422+
// Setup conn 1.
423+
ip1:=tailnet.IP()
424+
conn1,err:=tailnet.NewConn(&tailnet.Options{
425+
Addresses: []netip.Prefix{netip.PrefixFrom(ip1,128)},
426+
Logger:logger.Named("w1"),
427+
DERPMap:derpMap,
428+
BlockEndpoints:true,
429+
})
430+
require.NoError(t,err)
431+
deferfunc() {
432+
err:=conn1.Close()
433+
assert.NoError(t,err)
434+
}()
435+
436+
// Setup conn 2.
437+
ip2:=tailnet.IP()
438+
conn2,err:=tailnet.NewConn(&tailnet.Options{
439+
Addresses: []netip.Prefix{netip.PrefixFrom(ip2,128)},
440+
Logger:logger.Named("w2"),
441+
DERPMap:derpMap,
442+
BlockEndpoints:true,
443+
})
444+
require.NoError(t,err)
445+
deferfunc() {
446+
err:=conn2.Close()
447+
assert.NoError(t,err)
448+
}()
449+
450+
// Connect them together and wait for them to be reachable.
451+
stitch(t,conn2,conn1)
452+
stitch(t,conn1,conn2)
453+
awaitReachableCtx,awaitReachableCancel:=context.WithTimeout(context.Background(),testutil.WaitShort)
454+
deferawaitReachableCancel()
455+
require.True(t,conn1.AwaitReachable(awaitReachableCtx,ip2))
456+
457+
// Wait 10s for endpoints to potentially be sent over Disco. There's no way
458+
// to force Disco to send endpoints immediately.
459+
time.Sleep(10*time.Second)
460+
461+
// Double check that both peers don't have endpoints for the other peer
462+
// according to magicsock.
463+
conn1Status,ok:=conn1.Status().Peer[conn2.Node().Key]
464+
require.True(t,ok)
465+
require.Empty(t,conn1Status.Addrs)
466+
require.Empty(t,conn1Status.CurAddr)
467+
conn2Status,ok:=conn2.Status().Peer[conn1.Node().Key]
468+
require.True(t,ok)
469+
require.Empty(t,conn2Status.Addrs)
470+
require.Empty(t,conn2Status.CurAddr)
471+
}
472+
415473
// stitch sends node updates from src Conn as peer updates to dst Conn. Sort of
416474
// like the Coordinator would, but without actually needing a Coordinator.
417475
funcstitch(t*testing.T,dst,src*tailnet.Conn) {

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp