TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-02-27 10:47:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

derp: add a verifyClients check to the consistency check

Browse Source 
Only implemented for the local tailscaled variant for now.

Updates tailscale/corp#20844

Signed-off-by: James Tucker <james@tailscale.com>
This commit is contained in:
James Tucker 2024-06-17 15:56:46 -07:00 committed by James Tucker
parent 2db2d04a37
commit 87c5ad4c2c
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
derp/derp_server.go
View File

@ -1955,12 +1955,37 @@ func (s *Server) ConsistencyCheck() error {
s.curClients.Value(), s.curClients.Value(),
len(s.clients))) len(s.clients)))
} }
if s.verifyClientsLocalTailscaled {
if err := s.checkVerifyClientsLocalTailscaled(); err != nil {
errs = append(errs, err.Error())
}
}
if len(errs) == 0 { if len(errs) == 0 {
return nil return nil
} }
return errors.New(strings.Join(errs, ", ")) return errors.New(strings.Join(errs, ", "))
} }
// checkVerifyClientsLocalTailscaled checks that a verifyClients call can be made successfully for the derper hosts own node key.
func (s *Server) checkVerifyClientsLocalTailscaled() error {
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
status, err := localClient.StatusWithoutPeers(ctx)
if err != nil {
return fmt.Errorf("localClient.Status: %w", err)
}
info := &clientInfo{
IsProber: true,
}
clientIP := netip.IPv6Loopback()
if err := s.verifyClient(ctx, status.Self.PublicKey, info, clientIP); err != nil {
return fmt.Errorf("verifyClient for self nodekey: %w", err)
}
return nil
}
const minTimeBetweenLogs = 2 * time.Second const minTimeBetweenLogs = 2 * time.Second
// BytesSentRecv records the number of bytes that have been sent since the last traffic check // BytesSentRecv records the number of bytes that have been sent since the last traffic check