mirror of
https://github.com/tailscale/tailscale.git
synced 2024-11-29 13:05:46 +00:00
control/controlclient: rename uflags, give it a type, remove dead code
This commit is contained in:
Brad Fitzpatrick
parent
32ecdea157
commit
3b0514ef6d
@ -161,35 +161,21 @@ func (nm *NetworkMap) JSON() string {
|
|||||||
return string(b)
|
return string(b)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// WGConfigFlags is a bitmask of flags to control the behavior of the
|
||||||
|
// wireguard configuration generation done by NetMap.WGCfg.
|
||||||
|
type WGConfigFlags int
|
||||||
|
|
||||||
const (
|
const (
|
||||||
UAllowSingleHosts = 1 << iota
|
AllowSingleHosts WGConfigFlags = 1 << iota
|
||||||
UAllowSubnetRoutes
|
AllowSubnetRoutes
|
||||||
UAllowDefaultRoute
|
AllowDefaultRoute
|
||||||
UHackDefaultRoute
|
HackDefaultRoute
|
||||||
|
|
||||||
UDefault = 0
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// Several programs need to parse these arguments into uflags, so let's
|
|
||||||
// centralize it here.
|
|
||||||
func UFlagsHelper(uroutes, rroutes, droutes bool) int {
|
|
||||||
uflags := 0
|
|
||||||
if uroutes {
|
|
||||||
uflags |= UAllowSingleHosts
|
|
||||||
}
|
|
||||||
if rroutes {
|
|
||||||
uflags |= UAllowSubnetRoutes
|
|
||||||
}
|
|
||||||
if droutes {
|
|
||||||
uflags |= UAllowDefaultRoute
|
|
||||||
}
|
|
||||||
return uflags
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO(bradfitz): UAPI seems to only be used by the old confnode and
|
// TODO(bradfitz): UAPI seems to only be used by the old confnode and
|
||||||
// pingnode; delete this when those are deleted/rewritten?
|
// pingnode; delete this when those are deleted/rewritten?
|
||||||
func (nm *NetworkMap) UAPI(uflags int, dnsOverride []wgcfg.IP) string {
|
func (nm *NetworkMap) UAPI(flags WGConfigFlags, dnsOverride []wgcfg.IP) string {
|
||||||
wgcfg, err := nm.WGCfg(log.Printf, uflags, dnsOverride)
|
wgcfg, err := nm.WGCfg(log.Printf, flags, dnsOverride)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("WGCfg() failed unexpectedly: %v", err)
|
log.Fatalf("WGCfg() failed unexpectedly: %v", err)
|
||||||
}
|
}
|
||||||
@ -206,7 +192,7 @@ func (nm *NetworkMap) UAPI(uflags int, dnsOverride []wgcfg.IP) string {
|
|||||||
const EndpointDiscoSuffix = ".disco.tailscale:12345"
|
const EndpointDiscoSuffix = ".disco.tailscale:12345"
|
||||||
|
|
||||||
// WGCfg returns the NetworkMaps's Wireguard configuration.
|
// WGCfg returns the NetworkMaps's Wireguard configuration.
|
||||||
func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP) (*wgcfg.Config, error) {
|
func (nm *NetworkMap) WGCfg(logf logger.Logf, flags WGConfigFlags, dnsOverride []wgcfg.IP) (*wgcfg.Config, error) {
|
||||||
cfg := &wgcfg.Config{
|
cfg := &wgcfg.Config{
|
||||||
Name: "tailscale",
|
Name: "tailscale",
|
||||||
PrivateKey: nm.PrivateKey,
|
PrivateKey: nm.PrivateKey,
|
||||||
@ -220,7 +206,7 @@ func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP
|
|||||||
if Debug.OnlyDisco && peer.DiscoKey.IsZero() {
|
if Debug.OnlyDisco && peer.DiscoKey.IsZero() {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if (uflags&UAllowSingleHosts) == 0 && len(peer.AllowedIPs) < 2 {
|
if (flags&AllowSingleHosts) == 0 && len(peer.AllowedIPs) < 2 {
|
||||||
logf("wgcfg: %v skipping a single-host peer.", peer.Key.ShortString())
|
logf("wgcfg: %v skipping a single-host peer.", peer.Key.ShortString())
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
@ -249,16 +235,16 @@ func (nm *NetworkMap) WGCfg(logf logger.Logf, uflags int, dnsOverride []wgcfg.IP
|
|||||||
}
|
}
|
||||||
for _, allowedIP := range peer.AllowedIPs {
|
for _, allowedIP := range peer.AllowedIPs {
|
||||||
if allowedIP.Mask == 0 {
|
if allowedIP.Mask == 0 {
|
||||||
if (uflags & UAllowDefaultRoute) == 0 {
|
if (flags & AllowDefaultRoute) == 0 {
|
||||||
logf("wgcfg: %v skipping default route", peer.Key.ShortString())
|
logf("wgcfg: %v skipping default route", peer.Key.ShortString())
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if (uflags & UHackDefaultRoute) != 0 {
|
if (flags & HackDefaultRoute) != 0 {
|
||||||
allowedIP = wgcfg.CIDR{IP: wgcfg.IPv4(10, 0, 0, 0), Mask: 8}
|
allowedIP = wgcfg.CIDR{IP: wgcfg.IPv4(10, 0, 0, 0), Mask: 8}
|
||||||
logf("wgcfg: %v converting default route => %v", peer.Key.ShortString(), allowedIP.String())
|
logf("wgcfg: %v converting default route => %v", peer.Key.ShortString(), allowedIP.String())
|
||||||
}
|
}
|
||||||
} else if allowedIP.Mask < 32 {
|
} else if allowedIP.Mask < 32 {
|
||||||
if (uflags & UAllowSubnetRoutes) == 0 {
|
if (flags & AllowSubnetRoutes) == 0 {
|
||||||
logf("wgcfg: %v skipping subnet route", peer.Key.ShortString())
|
logf("wgcfg: %v skipping subnet route", peer.Key.ShortString())
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|||||||
14
ipn/local.go
14
ipn/local.go
@ -832,20 +832,20 @@ func (b *LocalBackend) authReconfig() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
uflags := controlclient.UDefault
|
var flags controlclient.WGConfigFlags
|
||||||
if uc.RouteAll {
|
if uc.RouteAll {
|
||||||
uflags |= controlclient.UAllowDefaultRoute
|
flags |= controlclient.AllowDefaultRoute
|
||||||
// TODO(apenwarr): Make subnet routes a different pref?
|
// TODO(apenwarr): Make subnet routes a different pref?
|
||||||
uflags |= controlclient.UAllowSubnetRoutes
|
flags |= controlclient.AllowSubnetRoutes
|
||||||
// TODO(apenwarr): Remove this once we sort out subnet routes.
|
// TODO(apenwarr): Remove this once we sort out subnet routes.
|
||||||
// Right now default routes are broken in Windows, but
|
// Right now default routes are broken in Windows, but
|
||||||
// controlclient doesn't properly send subnet routes. So
|
// controlclient doesn't properly send subnet routes. So
|
||||||
// let's convert a default route into a subnet route in order
|
// let's convert a default route into a subnet route in order
|
||||||
// to allow experimentation.
|
// to allow experimentation.
|
||||||
uflags |= controlclient.UHackDefaultRoute
|
flags |= controlclient.HackDefaultRoute
|
||||||
}
|
}
|
||||||
if uc.AllowSingleHosts {
|
if uc.AllowSingleHosts {
|
||||||
uflags |= controlclient.UAllowSingleHosts
|
flags |= controlclient.AllowSingleHosts
|
||||||
}
|
}
|
||||||
|
|
||||||
dns := nm.DNS
|
dns := nm.DNS
|
||||||
@ -854,7 +854,7 @@ func (b *LocalBackend) authReconfig() {
|
|||||||
dns = []wgcfg.IP{}
|
dns = []wgcfg.IP{}
|
||||||
dom = []string{}
|
dom = []string{}
|
||||||
}
|
}
|
||||||
cfg, err := nm.WGCfg(b.logf, uflags, dns)
|
cfg, err := nm.WGCfg(b.logf, flags, dns)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
b.logf("wgcfg: %v", err)
|
b.logf("wgcfg: %v", err)
|
||||||
return
|
return
|
||||||
@ -864,7 +864,7 @@ func (b *LocalBackend) authReconfig() {
|
|||||||
if err == wgengine.ErrNoChanges {
|
if err == wgengine.ErrNoChanges {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
b.logf("authReconfig: ra=%v dns=%v 0x%02x: %v", uc.RouteAll, uc.CorpDNS, uflags, err)
|
b.logf("authReconfig: ra=%v dns=%v 0x%02x: %v", uc.RouteAll, uc.CorpDNS, flags, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// routerConfig produces a router.Config from a wireguard config,
|
// routerConfig produces a router.Config from a wireguard config,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user