Commit Graph

1480 Commits

Author SHA1 Message Date
Ward Vandewege
cb2ea300ad Fix linter errors. 2021-11-27 13:59:39 -05:00
Kristoffer Dalby
c38f00fab8 Unmarshal keys in the non-deprecated way 2021-11-26 23:50:42 +00:00
Kristoffer Dalby
0012c76170 Make it easier to run cli integration tests 2021-11-26 23:34:11 +00:00
Kristoffer Dalby
cfd53bc4aa Factor wgkey to types/key
This commit converts all the uses of wgkey to the new key interfaces.

It now has specific  machine, node and discovery keys and we now should
use them correctly.

Please note the new logic which strips a key prefix (in utils.go) that
is now standard inside tailscale.

In theory we could put it in the database, but to preserve backwards
compatibility and not spend a lot of resources on accounting for both,
we just strip them.
2021-11-26 23:30:42 +00:00
Kristoffer Dalby
07418140a2 Remove config loading of private key path 2021-11-26 23:29:41 +00:00
Kristoffer Dalby
c63c259d31 Switch wgkey for types/key
We dont seem to need the wireguard key anymore, we generate a key on
startup based on the new library and the users fetch it from /key.

Clean up app.go and update docs
2021-11-26 23:28:06 +00:00
Kristoffer Dalby
50b47adaa3 Upgrade tailscale to 1.18 2021-11-26 23:27:09 +00:00
Ward Vandewege
b6ae60cc44 The create-node subcommand under debug needs a 64 character key. 2021-11-26 14:49:51 -05:00
Ward Vandewege
d944aa6e79
Merge pull request #237 from cure/preauthkeys-fix-default-expiration
Fix default preauthkey expiration
2021-11-26 11:09:43 -05:00
Kristoffer Dalby
06f05d6cc2
Merge branch 'main' into preauthkeys-fix-default-expiration 2021-11-26 15:46:00 +00:00
Kristoffer Dalby
0819c6515a
Merge pull request #238 from juanfont/kradalby-patch-3 2021-11-26 15:45:38 +00:00
Ward Vandewege
c7f3e0632b When creating a preauthkey, the default expiration was passed through as
a nil value, instead of the default value (1h). This resulted in the
preauthkey being created with expiration key '0001-01-01 00:00:00',
which meant the key would not work, because it was already expired.

This commit applies the default expiration time (1h) when a preauthkey
is created without a specific expiration. It also updates an integration
test to make sure this bug does not reoccur.
2021-11-26 10:04:26 -05:00
Kristoffer Dalby
58fd6c4ba5
Revert postgres constant value
changes "postgresql" to "postgres"
2021-11-26 07:13:00 +00:00
Kristoffer Dalby
aab4a6043a
Merge branch 'main' into kradalby-patch-2 2021-11-25 08:38:59 +00:00
Kristoffer Dalby
a52a4d45c0
Merge pull request #236 from restanrm/fix-derp-example-config
fix(derp-example): change regionid in node
2021-11-25 08:37:45 +00:00
Juan Font
45bc3f7a09
Merge branch 'main' into fix-derp-example-config 2021-11-24 18:57:31 +01:00
Kristoffer Dalby
5620858549
Merge pull request #227 from kradalby/expired-issue 2021-11-24 17:49:33 +00:00
Adrien Raffin-Caboisse
f2e273b8a2 fix(derp-example): change regionid in nodes
Using a wrong regionid value lead to non working DERP custom server. No checks are performed for this kind of errors making it difficult to find.
2021-11-24 15:54:22 +01:00
Kristoffer Dalby
cec1e86b58 Add missing request arguemnt 2021-11-24 12:16:56 +00:00
Kristoffer Dalby
dcbf289470 Rename idKey to machineKey to keep consistency 2021-11-24 12:15:55 +00:00
Kristoffer Dalby
fdd64d98c8 Add missing iff to handle expired preauthkey machines 2021-11-24 12:15:32 +00:00
Kristoffer Dalby
9968992be0 Fix prettier 2021-11-24 10:47:20 +00:00
Kristoffer Dalby
f50f9ac894 Merge branch 'expired-issue' of github.com:kradalby/headscale into expired-issue 2021-11-24 10:13:49 +00:00
Kristoffer Dalby
2eca344f0e Fix gocritic 2021-11-24 10:13:41 +00:00
Kristoffer Dalby
349264830b
Use .1 2021-11-23 11:27:44 +00:00
Kristoffer Dalby
0b5c29022b
Merge branch 'main' into expired-issue 2021-11-22 20:13:33 +00:00
Kristoffer Dalby
1f1c45a2c0 Fix cli_test 2021-11-22 19:59:44 +00:00
Kristoffer Dalby
68dc2a70db Update neighbours if node is expired or refreshed
In addition, only pass the map of registered and not expired nodes to
clients.
2021-11-22 19:51:16 +00:00
Kristoffer Dalby
caf1b1cabc Fix typo 2021-11-22 19:35:24 +00:00
Kristoffer Dalby
021c464148 Add cache for requested expiry times
This commit adds a sentral cache to keep track of clients whom has
requested an expiry time, but were we need to keep hold of it until the
second request comes in.
2021-11-22 19:32:52 +00:00
Kristoffer Dalby
e600ead3e9 Make sure nodes can reauthenticate
This commit fixes an issue where nodes were not able to reauthenticate.
2021-11-22 19:32:11 +00:00
Kristoffer Dalby
200c10e48c Add missing return in oidc.go 2021-11-22 17:22:47 +00:00
Kristoffer Dalby
e8faff4fe2 Use uint64 straight instead of converting 2021-11-22 17:22:22 +00:00
Kristoffer Dalby
5cbd4513a4 Simplify register function if 2021-11-22 17:21:56 +00:00
Kristoffer Dalby
a477c808c7
Merge pull request #230 from lion24/patch-1 2021-11-22 09:47:37 +00:00
Kristoffer Dalby
74044f62f4
Remove anouther potential error leak 2021-11-21 21:54:19 +00:00
Kristoffer Dalby
fcd4d94927
Clean up logging and error handling in oidc
We should never expose errors via web, it gives attackers a lot of info
(Insert OWASP guide).

Also handle error that didnt separate not found gorm issue and other
errors.
2021-11-21 21:51:39 +00:00
Kristoffer Dalby
fac33e46e1
Add long description for expire 2021-11-21 21:35:36 +00:00
Kristoffer Dalby
b152e53b13
Use correct type for nodes command 2021-11-21 21:34:03 +00:00
Kristoffer Dalby
1687e3b03f
Removed unused parameter 2021-11-21 21:29:27 +00:00
Kristoffer Dalby
c2393685f1
Remove expiry update in expiry, we dont want to extend it just because they _try_ to connect 2021-11-21 21:14:40 +00:00
Kristoffer Dalby
fd5f42c2e6
Move handle expired machine to the end of registration 2021-11-21 21:14:13 +00:00
Kristoffer Dalby
bda2d9c3b0 Remove unused param 2021-11-21 14:00:48 +00:00
Kristoffer Dalby
c4ecc4db91 Simplify control flow in RegistrationHandler
This commits tries to dismantle the complicated "if and or" in the
RegistrationHandler by factoring out the "is Registrated" into a root
if.

This, together with some new comments, should hopefully make it a bit
easier to follow what is happening in all the different cases that needs
to be handled when a Node contacts the registration endpoint.
2021-11-21 13:59:24 +00:00
Kristoffer Dalby
8ccc51ae57 Remove special case for authkey
We no longer have weird expire behaviour, so we dont need this case
2021-11-21 13:45:19 +00:00
Kristoffer Dalby
a2b9f3bede Add expire (logout) machine command 2021-11-21 13:40:44 +00:00
Kristoffer Dalby
bd1d1b1a3b Implement ExpireMachine rpc 2021-11-21 13:40:19 +00:00
Kristoffer Dalby
f1c05f8010 Add ExpireMachine spec to rpc 2021-11-21 13:40:04 +00:00
Kristoffer Dalby
f85a77edb5 Remove println statement 2021-11-21 09:48:59 +00:00
Kristoffer Dalby
1c7aff5dd9 Add expired column to machine list command 2021-11-21 09:44:38 +00:00