diff --git a/control/controlclient/auto.go b/control/controlclient/auto.go index fe55f9d46..c9d676597 100644 --- a/control/controlclient/auto.go +++ b/control/controlclient/auto.go @@ -14,11 +14,11 @@ "tailscale.com/logtail/backoff" "tailscale.com/tailcfg" "tailscale.com/types/empty" + "tailscale.com/types/key" "tailscale.com/types/logger" "tailscale.com/types/netmap" "tailscale.com/types/persist" "tailscale.com/types/structs" - "tailscale.com/types/wgkey" ) type LoginGoal struct { @@ -699,9 +699,9 @@ func (c *Auto) Shutdown() { // NodePublicKey returns the node public key currently in use. This is // used exclusively in tests. -func (c *Auto) TestOnlyNodePublicKey() wgkey.Key { +func (c *Auto) TestOnlyNodePublicKey() key.NodePublic { priv := c.direct.GetPersist() - return priv.PrivateNodeKey.Public().AsWGKey() + return priv.PrivateNodeKey.Public() } func (c *Auto) TestOnlySetAuthKey(authkey string) { diff --git a/control/controlclient/direct.go b/control/controlclient/direct.go index 9351dcce5..e74c01c50 100644 --- a/control/controlclient/direct.go +++ b/control/controlclient/direct.go @@ -46,7 +46,6 @@ "tailscale.com/types/netmap" "tailscale.com/types/opt" "tailscale.com/types/persist" - "tailscale.com/types/wgkey" "tailscale.com/util/systemd" "tailscale.com/wgengine/monitor" ) @@ -72,7 +71,7 @@ type Direct struct { serverKey key.MachinePublic persist persist.Persist authKey string - tryingNewKey wgkey.Private + tryingNewKey key.NodePrivate expiry *time.Time // hostinfo is mutated in-place while mu is held. hostinfo *tailcfg.Hostinfo // always non-nil @@ -327,27 +326,22 @@ func (c *Direct) doLogin(ctx context.Context, opt loginOpt) (mustRegen bool, new c.mu.Unlock() } - var oldNodeKey wgkey.Key + var oldNodeKey key.NodePublic switch { case opt.Logout: - tryingNewKey = persist.PrivateNodeKey.AsWGPrivate() + tryingNewKey = persist.PrivateNodeKey case opt.URL != "": // Nothing. case regen || persist.PrivateNodeKey.IsZero(): c.logf("Generating a new nodekey.") persist.OldPrivateNodeKey = persist.PrivateNodeKey - key, err := wgkey.NewPrivate() - if err != nil { - c.logf("login keygen: %v", err) - return regen, opt.URL, err - } - tryingNewKey = key + tryingNewKey = key.NewNode() default: // Try refreshing the current key first - tryingNewKey = persist.PrivateNodeKey.AsWGPrivate() + tryingNewKey = persist.PrivateNodeKey } if !persist.OldPrivateNodeKey.IsZero() { - oldNodeKey = persist.OldPrivateNodeKey.Public().AsWGKey() + oldNodeKey = persist.OldPrivateNodeKey.Public() } if tryingNewKey.IsZero() { @@ -363,8 +357,8 @@ func (c *Direct) doLogin(ctx context.Context, opt loginOpt) (mustRegen bool, new now := time.Now().Round(time.Second) request := tailcfg.RegisterRequest{ Version: 1, - OldNodeKey: tailcfg.NodeKey(oldNodeKey), - NodeKey: tailcfg.NodeKey(tryingNewKey.Public()), + OldNodeKey: tailcfg.NodeKeyFromNodePublic(oldNodeKey), + NodeKey: tailcfg.NodeKeyFromNodePublic(tryingNewKey.Public()), Hostinfo: hostinfo, Followup: opt.URL, Timestamp: &now, @@ -469,7 +463,7 @@ func (c *Direct) doLogin(ctx context.Context, opt loginOpt) (mustRegen bool, new c.mu.Lock() if resp.AuthURL == "" { // key rotation is complete - persist.PrivateNodeKey = key.NodePrivateFromRaw32(mem.B(tryingNewKey[:])) + persist.PrivateNodeKey = tryingNewKey } else { // save it for the retry-with-URL c.tryingNewKey = tryingNewKey @@ -708,7 +702,7 @@ func (c *Direct) sendMapRequest(ctx context.Context, maxPolls int, cb func(*netm } }() - sess := newMapSession(persist.PrivateNodeKey.AsWGPrivate()) + sess := newMapSession(persist.PrivateNodeKey) sess.logf = c.logf sess.vlogf = vlogf sess.machinePubKey = machinePubKey diff --git a/control/controlclient/map.go b/control/controlclient/map.go index 874a0c6e6..502770387 100644 --- a/control/controlclient/map.go +++ b/control/controlclient/map.go @@ -10,13 +10,11 @@ "sort" "strconv" - "go4.org/mem" "inet.af/netaddr" "tailscale.com/tailcfg" "tailscale.com/types/key" "tailscale.com/types/logger" "tailscale.com/types/netmap" - "tailscale.com/types/wgkey" "tailscale.com/wgengine/filter" ) @@ -30,7 +28,7 @@ // one MapRequest). type mapSession struct { // Immutable fields. - privateNodeKey wgkey.Private + privateNodeKey key.NodePrivate logf logger.Logf vlogf logger.Logf machinePubKey key.MachinePublic @@ -52,7 +50,7 @@ type mapSession struct { netMapBuilding *netmap.NetworkMap } -func newMapSession(privateNodeKey wgkey.Private) *mapSession { +func newMapSession(privateNodeKey key.NodePrivate) *mapSession { ms := &mapSession{ privateNodeKey: privateNodeKey, logf: logger.Discard, @@ -112,8 +110,8 @@ func (ms *mapSession) netmapForResponse(resp *tailcfg.MapResponse) *netmap.Netwo } nm := &netmap.NetworkMap{ - NodeKey: tailcfg.NodeKey(ms.privateNodeKey.Public()), - PrivateKey: key.NodePrivateFromRaw32(mem.B(ms.privateNodeKey[:])), + NodeKey: tailcfg.NodeKeyFromNodePublic(ms.privateNodeKey.Public()), + PrivateKey: ms.privateNodeKey, MachineKey: ms.machinePubKey, Peers: resp.Peers, UserProfiles: make(map[tailcfg.UserID]tailcfg.UserProfile), diff --git a/control/controlclient/map_test.go b/control/controlclient/map_test.go index 4c416564a..a2e4ec55c 100644 --- a/control/controlclient/map_test.go +++ b/control/controlclient/map_test.go @@ -13,8 +13,8 @@ "time" "tailscale.com/tailcfg" + "tailscale.com/types/key" "tailscale.com/types/netmap" - "tailscale.com/types/wgkey" ) func TestUndeltaPeers(t *testing.T) { @@ -170,11 +170,7 @@ func formatNodes(nodes []*tailcfg.Node) string { } func newTestMapSession(t *testing.T) *mapSession { - k, err := wgkey.NewPrivate() - if err != nil { - t.Fatal(err) - } - return newMapSession(k) + return newMapSession(key.NewNode()) } func TestNetmapForResponse(t *testing.T) {