mirror of
https://github.com/tailscale/tailscale.git
synced 2025-01-07 08:07:42 +00:00
ipn/ipnlocal: fix checks for node-key presence in TKA logic
Found by tests in another repo. TKA code wasn't always checking enough to be sure a node-key was set for the current state. Signed-off-by: Tom DNetto <tom@tailscale.com>
This commit is contained in:
parent
0cc65b4bbe
commit
42855d219b
@ -330,7 +330,7 @@ func (b *LocalBackend) NetworkLockStatus() *ipnstate.NetworkLockStatus {
|
||||
defer b.mu.Unlock()
|
||||
|
||||
var nodeKey *key.NodePublic
|
||||
if p := b.pm.CurrentPrefs(); p.Valid() {
|
||||
if p := b.pm.CurrentPrefs(); p.Valid() && p.Persist() != nil && !p.Persist().PrivateNodeKey.IsZero() {
|
||||
nkp := p.Persist().PublicNodeKey()
|
||||
nodeKey = &nkp
|
||||
}
|
||||
@ -388,7 +388,7 @@ func (b *LocalBackend) NetworkLockInit(keys []tka.Key, disablementValues [][]byt
|
||||
|
||||
var ourNodeKey key.NodePublic
|
||||
b.mu.Lock()
|
||||
if p := b.pm.CurrentPrefs(); p.Valid() {
|
||||
if p := b.pm.CurrentPrefs(); p.Valid() && p.Persist() != nil && !p.Persist().PrivateNodeKey.IsZero() {
|
||||
ourNodeKey = p.Persist().PublicNodeKey()
|
||||
}
|
||||
b.mu.Unlock()
|
||||
@ -516,6 +516,14 @@ func (b *LocalBackend) NetworkLockModify(addKeys, removeKeys []tka.Key) (err err
|
||||
b.mu.Lock()
|
||||
defer b.mu.Unlock()
|
||||
|
||||
var ourNodeKey key.NodePublic
|
||||
if p := b.pm.CurrentPrefs(); p.Valid() && p.Persist() != nil && !p.Persist().PrivateNodeKey.IsZero() {
|
||||
ourNodeKey = p.Persist().PublicNodeKey()
|
||||
}
|
||||
if ourNodeKey.IsZero() {
|
||||
return errors.New("no node-key: is tailscale logged in?")
|
||||
}
|
||||
|
||||
if err := b.CanSupportNetworkLock(); err != nil {
|
||||
return err
|
||||
}
|
||||
@ -545,7 +553,6 @@ func (b *LocalBackend) NetworkLockModify(addKeys, removeKeys []tka.Key) (err err
|
||||
return nil
|
||||
}
|
||||
|
||||
ourNodeKey := b.pm.CurrentPrefs().Persist().PublicNodeKey()
|
||||
head := b.tka.authority.Head()
|
||||
b.mu.Unlock()
|
||||
resp, err := b.tkaDoSyncSend(ourNodeKey, head, aums, true)
|
||||
@ -580,7 +587,7 @@ func (b *LocalBackend) NetworkLockDisable(secret []byte) error {
|
||||
)
|
||||
|
||||
b.mu.Lock()
|
||||
if p := b.pm.CurrentPrefs(); p.Valid() {
|
||||
if p := b.pm.CurrentPrefs(); p.Valid() && p.Persist() != nil && !p.Persist().PrivateNodeKey.IsZero() {
|
||||
ourNodeKey = p.Persist().PublicNodeKey()
|
||||
}
|
||||
if b.tka == nil {
|
||||
|
Loading…
x
Reference in New Issue
Block a user