types/persist: use new node key type.

Updates #3206

Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
David Anderson 2021-10-28 09:50:58 -07:00
parent 5302e4be96
commit 0c546a28ba
8 changed files with 24 additions and 41 deletions

View File

@ -701,7 +701,7 @@ func (c *Auto) Shutdown() {
// used exclusively in tests. // used exclusively in tests.
func (c *Auto) TestOnlyNodePublicKey() wgkey.Key { func (c *Auto) TestOnlyNodePublicKey() wgkey.Key {
priv := c.direct.GetPersist() priv := c.direct.GetPersist()
return priv.PrivateNodeKey.Public() return priv.PrivateNodeKey.Public().AsWGKey()
} }
func (c *Auto) TestOnlySetAuthKey(authkey string) { func (c *Auto) TestOnlySetAuthKey(authkey string) {

View File

@ -330,7 +330,7 @@ func (c *Direct) doLogin(ctx context.Context, opt loginOpt) (mustRegen bool, new
var oldNodeKey wgkey.Key var oldNodeKey wgkey.Key
switch { switch {
case opt.Logout: case opt.Logout:
tryingNewKey = persist.PrivateNodeKey tryingNewKey = persist.PrivateNodeKey.AsWGPrivate()
case opt.URL != "": case opt.URL != "":
// Nothing. // Nothing.
case regen || persist.PrivateNodeKey.IsZero(): case regen || persist.PrivateNodeKey.IsZero():
@ -344,10 +344,10 @@ func (c *Direct) doLogin(ctx context.Context, opt loginOpt) (mustRegen bool, new
tryingNewKey = key tryingNewKey = key
default: default:
// Try refreshing the current key first // Try refreshing the current key first
tryingNewKey = persist.PrivateNodeKey tryingNewKey = persist.PrivateNodeKey.AsWGPrivate()
} }
if !persist.OldPrivateNodeKey.IsZero() { if !persist.OldPrivateNodeKey.IsZero() {
oldNodeKey = persist.OldPrivateNodeKey.Public() oldNodeKey = persist.OldPrivateNodeKey.Public().AsWGKey()
} }
if tryingNewKey.IsZero() { if tryingNewKey.IsZero() {
@ -468,7 +468,7 @@ func (c *Direct) doLogin(ctx context.Context, opt loginOpt) (mustRegen bool, new
c.mu.Lock() c.mu.Lock()
if resp.AuthURL == "" { if resp.AuthURL == "" {
// key rotation is complete // key rotation is complete
persist.PrivateNodeKey = tryingNewKey persist.PrivateNodeKey = key.NodePrivateFromRaw32(mem.B(tryingNewKey[:]))
} else { } else {
// save it for the retry-with-URL // save it for the retry-with-URL
c.tryingNewKey = tryingNewKey c.tryingNewKey = tryingNewKey
@ -600,7 +600,7 @@ func (c *Direct) sendMapRequest(ctx context.Context, maxPolls int, cb func(*netm
request := &tailcfg.MapRequest{ request := &tailcfg.MapRequest{
Version: tailcfg.CurrentMapRequestVersion, Version: tailcfg.CurrentMapRequestVersion,
KeepAlive: c.keepAlive, KeepAlive: c.keepAlive,
NodeKey: tailcfg.NodeKey(persist.PrivateNodeKey.Public()), NodeKey: tailcfg.NodeKeyFromNodePublic(persist.PrivateNodeKey.Public()),
DiscoKey: c.discoPubKey, DiscoKey: c.discoPubKey,
Endpoints: epStrs, Endpoints: epStrs,
EndpointTypes: epTypes, EndpointTypes: epTypes,
@ -707,7 +707,7 @@ func (c *Direct) sendMapRequest(ctx context.Context, maxPolls int, cb func(*netm
} }
}() }()
sess := newMapSession(persist.PrivateNodeKey) sess := newMapSession(persist.PrivateNodeKey.AsWGPrivate())
sess.logf = c.logf sess.logf = c.logf
sess.vlogf = vlogf sess.vlogf = vlogf
sess.machinePubKey = machinePubKey sess.machinePubKey = machinePubKey

View File

@ -47,7 +47,6 @@
"tailscale.com/types/netmap" "tailscale.com/types/netmap"
"tailscale.com/types/persist" "tailscale.com/types/persist"
"tailscale.com/types/preftype" "tailscale.com/types/preftype"
"tailscale.com/types/wgkey"
"tailscale.com/util/deephash" "tailscale.com/util/deephash"
"tailscale.com/util/dnsname" "tailscale.com/util/dnsname"
"tailscale.com/util/osshare" "tailscale.com/util/osshare"
@ -294,8 +293,8 @@ func (b *LocalBackend) Prefs() *ipn.Prefs {
p := b.prefs.Clone() p := b.prefs.Clone()
if p != nil && p.Persist != nil { if p != nil && p.Persist != nil {
p.Persist.LegacyFrontendPrivateMachineKey = key.MachinePrivate{} p.Persist.LegacyFrontendPrivateMachineKey = key.MachinePrivate{}
p.Persist.PrivateNodeKey = wgkey.Private{} p.Persist.PrivateNodeKey = key.NodePrivate{}
p.Persist.OldPrivateNodeKey = wgkey.Private{} p.Persist.OldPrivateNodeKey = key.NodePrivate{}
} }
return p return p
} }
@ -2684,7 +2683,7 @@ func (b *LocalBackend) TestOnlyPublicKeys() (machineKey key.MachinePublic, nodeK
mk := machinePrivKey.Public() mk := machinePrivKey.Public()
nk := prefs.Persist.PrivateNodeKey.Public() nk := prefs.Persist.PrivateNodeKey.Public()
return mk, tailcfg.NodeKey(nk) return mk, tailcfg.NodeKeyFromNodePublic(nk)
} }
func (b *LocalBackend) WaitingFiles() ([]apitype.WaitingFile, error) { func (b *LocalBackend) WaitingFiles() ([]apitype.WaitingFile, error) {
@ -2774,7 +2773,7 @@ func (b *LocalBackend) SetDNS(ctx context.Context, name, value string) error {
b.mu.Lock() b.mu.Lock()
cc := b.cc cc := b.cc
if prefs := b.prefs; prefs != nil { if prefs := b.prefs; prefs != nil {
req.NodeKey = tailcfg.NodeKey(prefs.Persist.PrivateNodeKey.Public()) req.NodeKey = tailcfg.NodeKeyFromNodePublic(prefs.Persist.PrivateNodeKey.Public())
} }
b.mu.Unlock() b.mu.Unlock()
if cc == nil { if cc == nil {

View File

@ -21,7 +21,6 @@
"tailscale.com/types/logger" "tailscale.com/types/logger"
"tailscale.com/types/netmap" "tailscale.com/types/netmap"
"tailscale.com/types/persist" "tailscale.com/types/persist"
"tailscale.com/types/wgkey"
"tailscale.com/wgengine" "tailscale.com/wgengine"
) )
@ -122,7 +121,7 @@ func (cc *mockControl) populateKeys() (newKeys bool) {
if cc.persist.PrivateNodeKey.IsZero() { if cc.persist.PrivateNodeKey.IsZero() {
cc.logf("Generating a new nodekey.") cc.logf("Generating a new nodekey.")
cc.persist.OldPrivateNodeKey = cc.persist.PrivateNodeKey cc.persist.OldPrivateNodeKey = cc.persist.PrivateNodeKey
cc.persist.PrivateNodeKey, _ = wgkey.NewPrivate() cc.persist.PrivateNodeKey = key.NewNode()
newKeys = true newKeys = true
} }

View File

@ -15,12 +15,13 @@
"testing" "testing"
"time" "time"
"go4.org/mem"
"inet.af/netaddr" "inet.af/netaddr"
"tailscale.com/tailcfg" "tailscale.com/tailcfg"
"tailscale.com/tstest" "tailscale.com/tstest"
"tailscale.com/types/key"
"tailscale.com/types/persist" "tailscale.com/types/persist"
"tailscale.com/types/preftype" "tailscale.com/types/preftype"
"tailscale.com/types/wgkey"
) )
func fieldsOf(t reflect.Type) (fields []string) { func fieldsOf(t reflect.Type) (fields []string) {
@ -404,7 +405,7 @@ func TestPrefsPretty(t *testing.T) {
{ {
Prefs{ Prefs{
Persist: &persist.Persist{ Persist: &persist.Persist{
PrivateNodeKey: wgkey.Private{1: 1}, PrivateNodeKey: key.NodePrivateFromRaw32(mem.B([]byte{1: 1, 31: 0})),
}, },
}, },
"linux", "linux",

View File

@ -10,7 +10,6 @@
"tailscale.com/types/key" "tailscale.com/types/key"
"tailscale.com/types/structs" "tailscale.com/types/structs"
"tailscale.com/types/wgkey"
) )
//go:generate go run tailscale.com/cmd/cloner -type=Persist -output=persist_clone.go //go:generate go run tailscale.com/cmd/cloner -type=Persist -output=persist_clone.go
@ -31,8 +30,8 @@ type Persist struct {
// this field, lest the frontend persist it to disk. // this field, lest the frontend persist it to disk.
LegacyFrontendPrivateMachineKey key.MachinePrivate `json:"PrivateMachineKey"` LegacyFrontendPrivateMachineKey key.MachinePrivate `json:"PrivateMachineKey"`
PrivateNodeKey wgkey.Private PrivateNodeKey key.NodePrivate
OldPrivateNodeKey wgkey.Private // needed to request key rotation OldPrivateNodeKey key.NodePrivate // needed to request key rotation
Provider string Provider string
LoginName string LoginName string
} }
@ -55,7 +54,7 @@ func (p *Persist) Equals(p2 *Persist) bool {
func (p *Persist) Pretty() string { func (p *Persist) Pretty() string {
var ( var (
mk key.MachinePublic mk key.MachinePublic
ok, nk wgkey.Key ok, nk key.NodePublic
) )
if !p.LegacyFrontendPrivateMachineKey.IsZero() { if !p.LegacyFrontendPrivateMachineKey.IsZero() {
mk = p.LegacyFrontendPrivateMachineKey.Public() mk = p.LegacyFrontendPrivateMachineKey.Public()
@ -66,12 +65,6 @@ func (p *Persist) Pretty() string {
if !p.PrivateNodeKey.IsZero() { if !p.PrivateNodeKey.IsZero() {
nk = p.PrivateNodeKey.Public() nk = p.PrivateNodeKey.Public()
} }
ss := func(k wgkey.Key) string {
if k.IsZero() {
return ""
}
return k.ShortString()
}
return fmt.Sprintf("Persist{lm=%v, o=%v, n=%v u=%#v}", return fmt.Sprintf("Persist{lm=%v, o=%v, n=%v u=%#v}",
mk.ShortString(), ss(ok), ss(nk), p.LoginName) mk.ShortString(), ok.ShortString(), nk.ShortString(), p.LoginName)
} }

View File

@ -10,7 +10,6 @@
import ( import (
"tailscale.com/types/key" "tailscale.com/types/key"
"tailscale.com/types/structs" "tailscale.com/types/structs"
"tailscale.com/types/wgkey"
) )
// Clone makes a deep copy of Persist. // Clone makes a deep copy of Persist.
@ -28,8 +27,8 @@ func (src *Persist) Clone() *Persist {
var _PersistCloneNeedsRegeneration = Persist(struct { var _PersistCloneNeedsRegeneration = Persist(struct {
_ structs.Incomparable _ structs.Incomparable
LegacyFrontendPrivateMachineKey key.MachinePrivate LegacyFrontendPrivateMachineKey key.MachinePrivate
PrivateNodeKey wgkey.Private PrivateNodeKey key.NodePrivate
OldPrivateNodeKey wgkey.Private OldPrivateNodeKey key.NodePrivate
Provider string Provider string
LoginName string LoginName string
}{}) }{})

View File

@ -9,7 +9,6 @@
"testing" "testing"
"tailscale.com/types/key" "tailscale.com/types/key"
"tailscale.com/types/wgkey"
) )
func fieldsOf(t reflect.Type) (fields []string) { func fieldsOf(t reflect.Type) (fields []string) {
@ -28,15 +27,8 @@ func TestPersistEqual(t *testing.T) {
have, persistHandles) have, persistHandles)
} }
newPrivate := func() wgkey.Private {
k, err := wgkey.NewPrivate()
if err != nil {
panic(err)
}
return k
}
m1 := key.NewMachine() m1 := key.NewMachine()
k1 := newPrivate() k1 := key.NewNode()
tests := []struct { tests := []struct {
a, b *Persist a, b *Persist
want bool want bool
@ -59,7 +51,7 @@ func TestPersistEqual(t *testing.T) {
{ {
&Persist{PrivateNodeKey: k1}, &Persist{PrivateNodeKey: k1},
&Persist{PrivateNodeKey: newPrivate()}, &Persist{PrivateNodeKey: key.NewNode()},
false, false,
}, },
{ {
@ -70,7 +62,7 @@ func TestPersistEqual(t *testing.T) {
{ {
&Persist{OldPrivateNodeKey: k1}, &Persist{OldPrivateNodeKey: k1},
&Persist{OldPrivateNodeKey: newPrivate()}, &Persist{OldPrivateNodeKey: key.NewNode()},
false, false,
}, },
{ {