TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-23 03:17:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

wgengine/wgcfg: recover from mismatched PublicKey/Endpoints

Browse Source 
In rare circumstances (tailscale/corp#3016), the PublicKey
and Endpoints can diverge.

This by itself doesn't cause any harm, but our early exit
in response did, because it prevented us from recovering from it.

Remove the early exit.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
This commit is contained in:
Josh Bleecher Snyder
2021-11-10 18:42:16 -08:00
committed by Josh Bleecher Snyder
parent 9fc4e876e3
commit 85184a58ed
7 changed files with 27 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
wgengine/wgcfg/config.go
View File

@@ -28,6 +28,11 @@ type Peer struct {
DiscoKey key.DiscoPublic // present only so we can handle restarts within wgengine, not passed to WireGuard
AllowedIPs []netaddr.IPPrefix
PersistentKeepalive uint16
// wireguard-go's endpoint for this peer. It should always equal Peer.PublicKey.
// We represent it explicitly so that we can detect if they diverge and recover.
// There is no need to set WGEndpoint explicitly when constructing a Peer by hand.
// It is only populated when reading Peers from wireguard-go.
WGEndpoint key.NodePublic
}
// PeerWithKey returns the Peer with key k and reports whether it was found.