wgengine/magicksock: clear LastTSMPDiscoAdvertisement when rotating disco keys

Updates #12639 Signed-off-by: Claus Lensbøl <claus@tailscale.com>
2025-12-22 16:46:29 +00:00 · 2025-12-15 15:45:42 -05:00
parent e07c7b296b
commit 2f03518e3c
1 changed files with 5 additions and 1 deletions
--- a/wgengine/magicsock/magicsock.go
+++ b/wgengine/magicsock/magicsock.go
@@ -1243,7 +1243,8 @@ func (c *Conn) DiscoPublicKey() key.DiscoPublic {

 // RotateDiscoKey generates a new discovery key pair and updates the connection
 // to use it. This invalidates all existing disco sessions and will cause peers
-// to re-establish discovery sessions with the new key.
+// to re-establish discovery sessions with the new key. Addtionally, the
+// lastTSMPDiscoAdvertisement on all endpoints is reset to 0.
 //
 // This is primarily for debugging and testing purposes, a future enhancement
 // should provide a mechanism for seamless rotation by supporting short term use
@@ -1264,6 +1265,9 @@ func (c *Conn) RotateDiscoKey() {
 	if connCtx != nil {
 		c.ReSTUN("disco-key-rotation")
 	}
+	for _, endpoint := range c.peerMap.byEpAddr {
+		endpoint.ep.lastTSMPDiscoAdvertisement = 0
+	}
 }

 // determineEndpoints returns the machine's endpoint addresses. It does a STUN