foo

2025-04-20 13:41:41 +00:00 · 2025-04-02 13:29:41 -04:00 · 2025-04-02 13:29:41 -04:00 · 48a12a52e5
commit 48a12a52e5
parent 16d67ca9f9
3 changed files with 14 additions and 3 deletions
--- a/cmd/derper/derper.go
+++ b/cmd/derper/derper.go
@ -510,7 +510,9 @@ func rateLimitedListenAndServeTLS(srv *http.Server, lc *net.ListenConfig) error
 		return err
 	}
 	rln := newRateLimitedListener(ln, rate.Limit(*acceptConnLimit), *acceptConnBurst)
-	expvar.Publish("tls_listener", rln.ExpVar())
+	if expvar.Get("tls_listener") == nil {
+		expvar.Publish("tls_listener", rln.ExpVar())
+	}
 	defer rln.Close()
 	return srv.ServeTLS(rln, "", "")
 }
--- a/derp/derp_server.go
+++ b/derp/derp_server.go
@ -992,6 +992,7 @@ func (c *sclient) run(ctx context.Context) error {

 	c.startStatsLoop(sendCtx)

+	fmt.Printf("Mike %s : %v\n", c.nc.LocalAddr().String(), c.canMesh)
 	for {
 		ft, fl, err := readFrameHeader(c.br)
 		c.debugLogf("read frame type %d len %d err %v", ft, fl, err)
@ -1007,6 +1008,8 @@ func (c *sclient) run(ctx context.Context) error {
 			return fmt.Errorf("client %s: readFrameHeader: %w", c.key.ShortString(), err)
 		}
 		c.s.noteClientActivity(c)
+
+		fmt.Printf("0x%X\n", ft)
 		switch ft {
 		case frameNotePreferred:
 			err = c.handleFrameNotePreferred(ft, fl)
@ -1162,6 +1165,9 @@ func (c *sclient) handleFrameForwardPacket(ft frameType, fl uint32) error {

 // handleFrameSendPacket reads a "send packet" frame from the client.
 func (c *sclient) handleFrameSendPacket(ft frameType, fl uint32) error {
+	if !c.canMesh {
+		return fmt.Errorf("insufficient permissions")
+	}
 	s := c.s

 	dstKey, contents, err := s.recvPacket(c.br, fl)
@ -1352,6 +1358,8 @@ func (s *Server) usingMeshPort(port string) bool {
 		return true
 	}

+	fmt.Printf("Mike %s/%s\n", s.meshPort, port)
+
 	return s.meshPort == port
 }

--- a/prober/derp.go
+++ b/prober/derp.go
@ -291,6 +291,7 @@ func (d *derpProber) probeMesh(from, to string) ProbeClass {
 			}

 			dm := d.lastDERPMap
+			fromN.DERPPort = 8888
 			return derpProbeNodePair(ctx, dm, fromN, toN, d.meshKey)
 		},
 		Class:  "derp_mesh",
@ -720,12 +721,12 @@ func derpProbeBandwidth(ctx context.Context, dm *tailcfg.DERPMap, from, to *tail
 // derpProbeNodePair sends a small packet between two local DERP clients
 // connected to two DERP servers.
 func derpProbeNodePair(ctx context.Context, dm *tailcfg.DERPMap, from, to *tailcfg.DERPNode, meshKey string) (err error) {
-	fromc, err := newConn(ctx, dm, from, true, meshKey)
+	fromc, err := newConn(ctx, dm, from, !to.InsecureForTests, meshKey)
 	if err != nil {
 		return err
 	}
 	defer fromc.Close()
-	toc, err := newConn(ctx, dm, to, true, meshKey)
+	toc, err := newConn(ctx, dm, to, !from.InsecureForTests, meshKey)
 	if err != nil {
 		return err
 	}