ipn/ipnlocal: ensure b.mu is always unlocked in (*LocalBackend).authReconfig

Updates tailscale/corp#27502 (caused a deadlock in a test while working on it)

Signed-off-by: Nick Khyl <nickk@tailscale.com>
This commit is contained in:
Nick Khyl 2025-06-16 17:49:03 -05:00
parent 735f15cb49
commit 0f7e7c333a
No known key found for this signature in database

View File

@ -4857,19 +4857,34 @@ func (b *LocalBackend) readvertiseAppConnectorRoutes() {
// updates are not currently blocked, based on the cached netmap and
// user prefs.
func (b *LocalBackend) authReconfig() {
var (
blocked bool
prefs ipn.PrefsView
hasPAC bool
cn *nodeBackend
nm *netmap.NetworkMap
disableSubnetsIfPAC bool
dohURL string
dohURLOK bool
dcfg *dns.Config
closing bool
)
func() { // make sure b.mu gets unlocked if anything below panics
b.mu.Lock()
blocked := b.blocked
prefs := b.pm.CurrentPrefs()
cn := b.currentNode()
nm := cn.NetMap()
hasPAC := b.prevIfState.HasPAC()
disableSubnetsIfPAC := cn.SelfHasCap(tailcfg.NodeAttrDisableSubnetsIfPAC)
dohURL, dohURLOK := cn.exitNodeCanProxyDNS(prefs.ExitNodeID())
dcfg := cn.dnsConfigForNetmap(prefs, b.keyExpired, b.logf, version.OS())
defer b.mu.Unlock()
blocked = b.blocked
prefs = b.pm.CurrentPrefs()
cn = b.currentNode()
nm = cn.NetMap()
hasPAC = b.prevIfState.HasPAC()
disableSubnetsIfPAC = cn.SelfHasCap(tailcfg.NodeAttrDisableSubnetsIfPAC)
dohURL, dohURLOK = cn.exitNodeCanProxyDNS(prefs.ExitNodeID())
dcfg = cn.dnsConfigForNetmap(prefs, b.keyExpired, b.logf, version.OS())
// If the current node is an app connector, ensure the app connector machine is started
b.reconfigAppConnectorLocked(nm, prefs)
closing := b.shutdownCalled
b.mu.Unlock()
closing = b.shutdownCalled
}()
if closing {
b.logf("[v1] authReconfig: skipping because in shutdown")