From c712b4917e4440537944ac601a0cd0dbe2275762 Mon Sep 17 00:00:00 2001 From: Anton Tolchanov Date: Mon, 13 Nov 2023 17:18:55 +0000 Subject: [PATCH] ipn/ipnlocal: restart the map poll when posture checking is enabled Signed-off-by: Anton Tolchanov --- control/controlclient/auto.go | 6 +++--- ipn/ipnlocal/local.go | 11 +++++++++++ 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/control/controlclient/auto.go b/control/controlclient/auto.go index 1dc903376..377a8fa43 100644 --- a/control/controlclient/auto.go +++ b/control/controlclient/auto.go @@ -290,9 +290,9 @@ func (c *Auto) cancelMapCtxLocked() { } } -// restartMap cancels the existing mapPoll and liteUpdates, and then starts a +// RestartMap cancels the existing mapPoll and liteUpdates, and then starts a // new one. -func (c *Auto) restartMap() { +func (c *Auto) RestartMap() { c.mu.Lock() c.cancelMapCtxLocked() synced := c.inMapPoll @@ -397,7 +397,7 @@ func (c *Auto) authRoutine() { c.mu.Unlock() c.sendStatus("authRoutine-success", nil, "", nil) - c.restartMap() + c.RestartMap() bo.BackOff(ctx, nil) } } diff --git a/ipn/ipnlocal/local.go b/ipn/ipnlocal/local.go index cc2131a66..693ae3073 100644 --- a/ipn/ipnlocal/local.go +++ b/ipn/ipnlocal/local.go @@ -3085,6 +3085,17 @@ func (b *LocalBackend) setPrefsLockedOnEntry(caller string, newp *ipn.Prefs) ipn b.authReconfig() } + // Control collects posture identity from a client when a map poll is + // established. While most real clients will have this set via MDM, during + // testing someone might just run `tailscale set --posture-checking=true`, + // and we'd like them to start seeing their serial number in control + // immediately. To do that, if posture checking is getting enabled, we + // re-start the map poll. Not great, but I guess better than asking clients + // to restart the client when they set --posture-checking=true. + if !oldp.PostureChecking() && newp.PostureChecking { + b.ccAuto.RestartMap() + } + b.send(ipn.Notify{Prefs: &prefs}) return prefs }