mirror of
https://github.com/tailscale/tailscale.git
synced 2025-03-14 01:11:01 +00:00
ipn/ipnlocal: stop sending machine key to frontends
We were going to remove this in Tailscale 1.3 but forgot. This means Tailscale 1.8 users won't be able to downgrade to Tailscale 1.0, but that's fine. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
parent
1c98c5f103
commit
1f583a895e
@ -396,11 +396,6 @@ func (b *LocalBackend) setClientStatus(st controlclient.Status) {
|
||||
b.prefs.Persist = st.Persist.Clone()
|
||||
}
|
||||
}
|
||||
if temporarilySetMachineKeyInPersist() && b.prefs.Persist != nil &&
|
||||
b.prefs.Persist.LegacyFrontendPrivateMachineKey.IsZero() {
|
||||
b.prefs.Persist.LegacyFrontendPrivateMachineKey = b.machinePrivKey
|
||||
prefsChanged = true
|
||||
}
|
||||
if st.NetMap != nil {
|
||||
if b.findExitNodeIDLocked(st.NetMap) {
|
||||
prefsChanged = true
|
||||
@ -665,12 +660,6 @@ func (b *LocalBackend) Start(opts ipn.Options) error {
|
||||
|
||||
b.mu.Lock()
|
||||
prefs := b.prefs.Clone()
|
||||
|
||||
if temporarilySetMachineKeyInPersist() && prefs.Persist != nil &&
|
||||
prefs.Persist.LegacyFrontendPrivateMachineKey.IsZero() {
|
||||
prefs.Persist.LegacyFrontendPrivateMachineKey = b.machinePrivKey
|
||||
}
|
||||
|
||||
b.mu.Unlock()
|
||||
|
||||
blid := b.backendLogID
|
||||
@ -970,17 +959,6 @@ func (b *LocalBackend) popBrowserAuthNow() {
|
||||
// b.stateKey should be set too, but just for nicer log messages.
|
||||
// b.mu must be held.
|
||||
func (b *LocalBackend) initMachineKeyLocked() (err error) {
|
||||
if temporarilySetMachineKeyInPersist() {
|
||||
defer func() {
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
if b.prefs != nil && b.prefs.Persist != nil {
|
||||
b.prefs.Persist.LegacyFrontendPrivateMachineKey = b.machinePrivKey
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
if !b.machinePrivKey.IsZero() {
|
||||
// Already set.
|
||||
return nil
|
||||
@ -1991,23 +1969,6 @@ func (b *LocalBackend) TestOnlyPublicKeys() (machineKey tailcfg.MachineKey, node
|
||||
return tailcfg.MachineKey(mk), tailcfg.NodeKey(nk)
|
||||
}
|
||||
|
||||
// temporarilySetMachineKeyInPersist reports whether we should set
|
||||
// the machine key in Prefs.Persist.LegacyFrontendPrivateMachineKey
|
||||
// for the frontend to write out to its preferences for use later.
|
||||
//
|
||||
// TODO: remove this in Tailscale 1.3.x (so it effectively always
|
||||
// returns false). It just exists so users can downgrade from 1.2.x to
|
||||
// 1.0.x. But eventually we want to stop sending the machine key to
|
||||
// clients. We can't do that until 1.0.x is no longer supported.
|
||||
func temporarilySetMachineKeyInPersist() bool {
|
||||
switch runtime.GOOS {
|
||||
case "darwin", "ios", "android":
|
||||
// iOS, macOS, Android users can't downgrade anyway.
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func (b *LocalBackend) WaitingFiles() ([]WaitingFile, error) {
|
||||
b.mu.Lock()
|
||||
apiSrv := b.peerAPIServer
|
||||
|
Loading…
x
Reference in New Issue
Block a user