From 290ec8bb19aa1a4290929a7d848daf719e4ebce1 Mon Sep 17 00:00:00 2001 From: Juan Font Alonso Date: Fri, 2 Sep 2022 00:05:43 +0200 Subject: [PATCH] Migrate ACLs to net/netip --- acls_test.go | 110 +++++++++++++++++++++++++------------------------- acls_types.go | 8 ++-- 2 files changed, 59 insertions(+), 59 deletions(-) diff --git a/acls_test.go b/acls_test.go index fe2217c3..db04ee3d 100644 --- a/acls_test.go +++ b/acls_test.go @@ -2,11 +2,11 @@ package headscale import ( "errors" + "net/netip" "reflect" "testing" "gopkg.in/check.v1" - "inet.af/netaddr" "tailscale.com/tailcfg" ) @@ -131,7 +131,7 @@ func (s *Suite) TestValidExpandTagOwnersInSources(c *check.C) { NodeKey: "bar", DiscoKey: "faa", Hostname: "testmachine", - IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.1")}, + IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.1")}, NamespaceID: namespace.ID, RegisterMethod: RegisterMethodAuthKey, AuthKeyID: uint(pak.ID), @@ -181,7 +181,7 @@ func (s *Suite) TestValidExpandTagOwnersInDestinations(c *check.C) { NodeKey: "bar", DiscoKey: "faa", Hostname: "testmachine", - IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.1")}, + IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.1")}, NamespaceID: namespace.ID, RegisterMethod: RegisterMethodAuthKey, AuthKeyID: uint(pak.ID), @@ -231,7 +231,7 @@ func (s *Suite) TestInvalidTagValidNamespace(c *check.C) { NodeKey: "bar", DiscoKey: "faa", Hostname: "testmachine", - IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.1")}, + IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.1")}, NamespaceID: namespace.ID, RegisterMethod: RegisterMethodAuthKey, AuthKeyID: uint(pak.ID), @@ -280,7 +280,7 @@ func (s *Suite) TestValidTagInvalidNamespace(c *check.C) { NodeKey: "bar", DiscoKey: "faa", Hostname: "webserver", - IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.1")}, + IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.1")}, NamespaceID: namespace.ID, RegisterMethod: RegisterMethodAuthKey, AuthKeyID: uint(pak.ID), @@ -299,7 +299,7 @@ func (s *Suite) TestValidTagInvalidNamespace(c *check.C) { NodeKey: "bar2", DiscoKey: "faab", Hostname: "user", - IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.2")}, + IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.2")}, NamespaceID: namespace.ID, RegisterMethod: RegisterMethodAuthKey, AuthKeyID: uint(pak.ID), @@ -844,10 +844,10 @@ func Test_expandAlias(t *testing.T) { args: args{ alias: "*", machines: []Machine{ - {IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.1")}}, + {IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.1")}}, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.78.84.227"), + netip.MustParseAddr("100.78.84.227"), }, }, }, @@ -864,25 +864,25 @@ func Test_expandAlias(t *testing.T) { machines: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.3"), + netip.MustParseAddr("100.64.0.3"), }, Namespace: Namespace{Name: "marc"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "mickael"}, }, @@ -902,25 +902,25 @@ func Test_expandAlias(t *testing.T) { machines: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.3"), + netip.MustParseAddr("100.64.0.3"), }, Namespace: Namespace{Name: "marc"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "mickael"}, }, @@ -951,7 +951,7 @@ func Test_expandAlias(t *testing.T) { machines: []Machine{}, aclPolicy: ACLPolicy{ Hosts: Hosts{ - "homeNetwork": netaddr.MustParseIPPrefix("192.168.1.0/24"), + "homeNetwork": netip.MustParsePrefix("192.168.1.0/24"), }, }, stripEmailDomain: true, @@ -988,7 +988,7 @@ func Test_expandAlias(t *testing.T) { machines: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -999,7 +999,7 @@ func Test_expandAlias(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1010,13 +1010,13 @@ func Test_expandAlias(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.3"), + netip.MustParseAddr("100.64.0.3"), }, Namespace: Namespace{Name: "marc"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "joe"}, }, @@ -1036,25 +1036,25 @@ func Test_expandAlias(t *testing.T) { machines: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.3"), + netip.MustParseAddr("100.64.0.3"), }, Namespace: Namespace{Name: "marc"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "mickael"}, }, @@ -1077,27 +1077,27 @@ func Test_expandAlias(t *testing.T) { machines: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, ForcedTags: []string{"tag:hr-webserver"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, ForcedTags: []string{"tag:hr-webserver"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.3"), + netip.MustParseAddr("100.64.0.3"), }, Namespace: Namespace{Name: "marc"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "mickael"}, }, @@ -1115,14 +1115,14 @@ func Test_expandAlias(t *testing.T) { machines: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, ForcedTags: []string{"tag:hr-webserver"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1133,13 +1133,13 @@ func Test_expandAlias(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.3"), + netip.MustParseAddr("100.64.0.3"), }, Namespace: Namespace{Name: "marc"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "mickael"}, }, @@ -1161,7 +1161,7 @@ func Test_expandAlias(t *testing.T) { machines: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1172,7 +1172,7 @@ func Test_expandAlias(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1183,13 +1183,13 @@ func Test_expandAlias(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.3"), + netip.MustParseAddr("100.64.0.3"), }, Namespace: Namespace{Name: "marc"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "joe"}, }, @@ -1245,7 +1245,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { nodes: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1256,7 +1256,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1267,7 +1267,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "joe"}, }, @@ -1277,7 +1277,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, want: []Machine{ { - IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.4")}, + IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.4")}, Namespace: Namespace{Name: "joe"}, }, }, @@ -1296,7 +1296,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { nodes: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1307,7 +1307,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1318,7 +1318,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "joe"}, }, @@ -1328,7 +1328,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, want: []Machine{ { - IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.4")}, + IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.4")}, Namespace: Namespace{Name: "joe"}, }, }, @@ -1342,7 +1342,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { nodes: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1353,14 +1353,14 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, ForcedTags: []string{"tag:accountant-webserver"}, }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "joe"}, }, @@ -1370,7 +1370,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, want: []Machine{ { - IPAddresses: MachineAddresses{netaddr.MustParseIP("100.64.0.4")}, + IPAddresses: MachineAddresses{netip.MustParseAddr("100.64.0.4")}, Namespace: Namespace{Name: "joe"}, }, }, @@ -1384,7 +1384,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { nodes: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1395,7 +1395,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1406,7 +1406,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "joe"}, }, @@ -1417,7 +1417,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { want: []Machine{ { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.1"), + netip.MustParseAddr("100.64.0.1"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1428,7 +1428,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.2"), + netip.MustParseAddr("100.64.0.2"), }, Namespace: Namespace{Name: "joe"}, HostInfo: HostInfo{ @@ -1439,7 +1439,7 @@ func Test_excludeCorrectlyTaggedNodes(t *testing.T) { }, { IPAddresses: MachineAddresses{ - netaddr.MustParseIP("100.64.0.4"), + netip.MustParseAddr("100.64.0.4"), }, Namespace: Namespace{Name: "joe"}, }, diff --git a/acls_types.go b/acls_types.go index 0f73d6fd..8ffa12f5 100644 --- a/acls_types.go +++ b/acls_types.go @@ -2,11 +2,11 @@ package headscale import ( "encoding/json" + "net/netip" "strings" "github.com/tailscale/hujson" "gopkg.in/yaml.v3" - "inet.af/netaddr" ) // ACLPolicy represents a Tailscale ACL Policy. @@ -30,7 +30,7 @@ type ACL struct { type Groups map[string][]string // Hosts are alias for IP addresses or subnets. -type Hosts map[string]netaddr.IPPrefix +type Hosts map[string]netip.Prefix // TagOwners specify what users (namespaces?) are allow to use certain tags. type TagOwners map[string][]string @@ -60,7 +60,7 @@ func (hosts *Hosts) UnmarshalJSON(data []byte) error { if !strings.Contains(prefixStr, "/") { prefixStr += "/32" } - prefix, err := netaddr.ParseIPPrefix(prefixStr) + prefix, err := netip.ParsePrefix(prefixStr) if err != nil { return err } @@ -81,7 +81,7 @@ func (hosts *Hosts) UnmarshalYAML(data []byte) error { return err } for host, prefixStr := range hostIPPrefixMap { - prefix, err := netaddr.ParseIPPrefix(prefixStr) + prefix, err := netip.ParsePrefix(prefixStr) if err != nil { return err }