From 3b0514ef6d62e1f80dd678ac90ca26f521bbb5ce Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Thu, 23 Jul 2020 08:38:14 -0700 Subject: [PATCH] control/controlclient: rename uflags, give it a type, remove dead code --- control/controlclient/netmap.go | 44 +++++++++++---------------------- ipn/local.go | 14 +++++------ 2 files changed, 22 insertions(+), 36 deletions(-) diff --git a/control/controlclient/netmap.go b/control/controlclient/netmap.go index 94ae15bb3..140107c2e 100644 --- a/control/controlclient/netmap.go +++ b/control/controlclient/netmap.go @@ -161,35 +161,21 @@ func (nm *NetworkMap) JSON() string { return string(b) } +// WGConfigFlags is a bitmask of flags to control the behavior of the +// wireguard configuration generation done by NetMap.WGCfg. +type WGConfigFlags int + const ( - UAllowSingleHosts = 1 << iota - UAllowSubnetRoutes - UAllowDefaultRoute - UHackDefaultRoute - - UDefault = 0 + AllowSingleHosts WGConfigFlags = 1 << iota + AllowSubnetRoutes + AllowDefaultRoute + HackDefaultRoute ) -// Several programs need to parse these arguments into uflags, so let's -// centralize it here. -func UFlagsHelper(uroutes, rroutes, droutes bool) int { - uflags := 0 - if uroutes { - uflags |= UAllowSingleHosts - } - if rroutes { - uflags |= UAllowSubnetRoutes - } - if droutes { - uflags |= UAllowDefaultRoute - } - return uflags -} - // TODO(bradfitz): UAPI seems to only be used by the old confnode and // pingnode; delete this when those are deleted/rewritten? -func (nm *NetworkMap) UAPI(uflags int, dnsOverride []wgcfg.IP) string { - wgcfg, err := nm.WGCfg(log.Printf, uflags, dnsOverride) +func (nm *NetworkMap) UAPI(flags WGConfigFlags, dnsOverride []wgcfg.IP) string { + wgcfg, err := nm.WGCfg(log.Printf, flags, dnsOverride) if err != nil { log.Fatalf("WGCfg() failed unexpectedly: %v", err) } @@ -206,7 +192,7 @@ func (nm *NetworkMap) UAPI(uflags int, dnsOverride []wgcfg.IP) string { const EndpointDiscoSuffix = ".disco.tailscale:12345" // WGCfg returns the NetworkMaps's Wireguard configuration. -func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP) (*wgcfg.Config, error) { +func (nm *NetworkMap) WGCfg(logf logger.Logf, flags WGConfigFlags, dnsOverride []wgcfg.IP) (*wgcfg.Config, error) { cfg := &wgcfg.Config{ Name: "tailscale", PrivateKey: nm.PrivateKey, @@ -220,7 +206,7 @@ func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP if Debug.OnlyDisco && peer.DiscoKey.IsZero() { continue } - if (uflags&UAllowSingleHosts) == 0 && len(peer.AllowedIPs) < 2 { + if (flags&AllowSingleHosts) == 0 && len(peer.AllowedIPs) < 2 { logf("wgcfg: %v skipping a single-host peer.", peer.Key.ShortString()) continue } @@ -249,16 +235,16 @@ func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP } for _, allowedIP := range peer.AllowedIPs { if allowedIP.Mask == 0 { - if (uflags & UAllowDefaultRoute) == 0 { + if (flags & AllowDefaultRoute) == 0 { logf("wgcfg: %v skipping default route", peer.Key.ShortString()) continue } - if (uflags & UHackDefaultRoute) != 0 { + if (flags & HackDefaultRoute) != 0 { allowedIP = wgcfg.CIDR{IP: wgcfg.IPv4(10, 0, 0, 0), Mask: 8} logf("wgcfg: %v converting default route => %v", peer.Key.ShortString(), allowedIP.String()) } } else if allowedIP.Mask < 32 { - if (uflags & UAllowSubnetRoutes) == 0 { + if (flags & AllowSubnetRoutes) == 0 { logf("wgcfg: %v skipping subnet route", peer.Key.ShortString()) continue } diff --git a/ipn/local.go b/ipn/local.go index 6a5f8baf5..d4868405b 100644 --- a/ipn/local.go +++ b/ipn/local.go @@ -832,20 +832,20 @@ func (b *LocalBackend) authReconfig() { return } - uflags := controlclient.UDefault + var flags controlclient.WGConfigFlags if uc.RouteAll { - uflags |= controlclient.UAllowDefaultRoute + flags |= controlclient.AllowDefaultRoute // TODO(apenwarr): Make subnet routes a different pref? - uflags |= controlclient.UAllowSubnetRoutes + flags |= controlclient.AllowSubnetRoutes // TODO(apenwarr): Remove this once we sort out subnet routes. // Right now default routes are broken in Windows, but // controlclient doesn't properly send subnet routes. So // let's convert a default route into a subnet route in order // to allow experimentation. - uflags |= controlclient.UHackDefaultRoute + flags |= controlclient.HackDefaultRoute } if uc.AllowSingleHosts { - uflags |= controlclient.UAllowSingleHosts + flags |= controlclient.AllowSingleHosts } dns := nm.DNS @@ -854,7 +854,7 @@ func (b *LocalBackend) authReconfig() { dns = []wgcfg.IP{} dom = []string{} } - cfg, err := nm.WGCfg(b.logf, uflags, dns) + cfg, err := nm.WGCfg(b.logf, flags, dns) if err != nil { b.logf("wgcfg: %v", err) return @@ -864,7 +864,7 @@ func (b *LocalBackend) authReconfig() { if err == wgengine.ErrNoChanges { return } - b.logf("authReconfig: ra=%v dns=%v 0x%02x: %v", uc.RouteAll, uc.CorpDNS, uflags, err) + b.logf("authReconfig: ra=%v dns=%v 0x%02x: %v", uc.RouteAll, uc.CorpDNS, flags, err) } // routerConfig produces a router.Config from a wireguard config,