net/{packet,tstun}: send peerapi port in TSMP pongs

For discovery when an explicit hostname/IP is known. We'll still also send it via control for finding peers by a list. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-08-12 05:37:32 +00:00 · 2021-03-29 15:17:05 -07:00
parent 9659ab81e0
commit 41e4e02e57
8 changed files with 81 additions and 23 deletions
--- a/ipn/ipnlocal/local.go
+++ b/ipn/ipnlocal/local.go
@@ -155,6 +155,17 @@ func NewLocalBackend(logf logger.Logf, logid string, store ipn.StateStore, e wge

 	b.unregisterHealthWatch = health.RegisterWatcher(b.onHealthChange)

+	wiredPeerAPIPort := false
+	if ig, ok := e.(wgengine.InternalsGetter); ok {
+		if tunWrap, _, ok := ig.GetInternals(); ok {
+			tunWrap.PeerAPIPort = b.getPeerAPIPortForTSMPPing
+			wiredPeerAPIPort = true
+		}
+	}
+	if !wiredPeerAPIPort {
+		b.logf("[unexpected] failed to wire up peer API port for engine %T", e)
+	}
+
 	return b, nil
 }

@@ -1330,6 +1341,17 @@ func (b *LocalBackend) SetPrefs(newp *ipn.Prefs) {
 	b.send(ipn.Notify{Prefs: newp})
 }

+func (b *LocalBackend) getPeerAPIPortForTSMPPing(ip netaddr.IP) (port uint16, ok bool) {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+	for _, pln := range b.peerAPIListeners {
+		if pln.ip.BitLen() == ip.BitLen() {
+			return uint16(pln.Port()), true
+		}
+	}
+	return 0, false
+}
+
 func (b *LocalBackend) peerAPIServicesLocked() (ret []tailcfg.Service) {
 	for _, pln := range b.peerAPIListeners {
 		proto := tailcfg.ServiceProto("peerapi4")
@@ -1493,8 +1515,9 @@ func (b *LocalBackend) initPeerAPIListener() {

 	var tunName string
 	if ge, ok := b.e.(wgengine.InternalsGetter); ok {
-		tunDev, _ := ge.GetInternals()
-		tunName, _ = tunDev.Name()
+		if tunWrap, _, ok := ge.GetInternals(); ok {
+			tunName, _ = tunWrap.Name()
+		}
 	}

 	ps := &peerAPIServer{
--- a/ipn/ipnstate/ipnstate.go
+++ b/ipn/ipnstate/ipnstate.go
@@ -418,6 +418,11 @@ type PingResult struct {
 	// It is not currently set for TSMP pings.
 	DERPRegionCode string

+	// PeerAPIPort is set by TSMP ping responses for peers that
+	// are running a peerapi server. This is the port they're
+	// running the server on.
+	PeerAPIPort uint16 `json:",omitempty"`
+
 	// TODO(bradfitz): details like whether port mapping was used on either side? (Once supported)
 }