TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-25 19:15:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

ipn: send machine key to clients so they can downgrade to 1.0.x if needed

Browse Source 
Fixes #732

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2020-10-21 12:55:03 -07:00 committed by Brad Fitzpatrick
parent e72f480d22
commit d6ad41dcea
1 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
ipn/local.go
View File

@ -10,6 +10,7 @@
"errors"
"fmt"
"os"
"runtime"
"strings"
"sync"
"time"
@ -265,6 +266,11 @@ func (b *LocalBackend) setClientStatus(st controlclient.Status) {
b.prefs.Persist = st.Persist.Clone()
}
}
if temporarilySetMachineKeyInPersist() && b.prefs.Persist != nil &&
b.prefs.Persist.LegacyFrontendPrivateMachineKey.IsZero() {
b.prefs.Persist.LegacyFrontendPrivateMachineKey = b.machinePrivKey
prefsChanged = true
}
if st.NetMap != nil {
b.setNetMapLocked(st.NetMap)
@ -483,6 +489,12 @@ func (b *LocalBackend) Start(opts Options) error {
b.mu.Lock()
prefs := b.prefs.Clone()
if temporarilySetMachineKeyInPersist() && prefs.Persist != nil &&
prefs.Persist.LegacyFrontendPrivateMachineKey.IsZero() {
prefs.Persist.LegacyFrontendPrivateMachineKey = b.machinePrivKey
}
b.mu.Unlock()
blid := b.backendLogID
@ -689,7 +701,16 @@ func (b *LocalBackend) popBrowserAuthNow() {
//
// b.prefs must already be initialized.
// b.mu must be held.
func (b *LocalBackend) initMachineKeyLocked() error {
func (b *LocalBackend) initMachineKeyLocked() (err error) {
if temporarilySetMachineKeyInPersist() {
defer func() {
if err != nil {
return
}
b.prefs.Persist.LegacyFrontendPrivateMachineKey = b.machinePrivKey
}()
}
if !b.machinePrivKey.IsZero() {
// Already set.
return nil
@ -1504,3 +1525,20 @@ func (b *LocalBackend) TestOnlyPublicKeys() (machineKey tailcfg.MachineKey, node
nk := prefs.Persist.PrivateNodeKey.Public()
return tailcfg.MachineKey(mk), tailcfg.NodeKey(nk)
}
// temporarilySetMachineKeyInPersist reports whether we should set
// the machine key in Prefs.Persist.LegacyFrontendPrivateMachineKey
// for the frontend to write out to its preferences for use later.
//
// TODO: remove this in Tailscale 1.3.x (so it effectively always
// returns false). It just exists so users can downgrade from 1.2.x to
// 1.0.x. But eventually we want to stop sending the machine key to
// clients. We can't do that until 1.0.x is no longer supported.
func temporarilySetMachineKeyInPersist() bool {
//lint:ignore S1008 for comments
if runtime.GOOS == "darwin" {
// iOS and macOS users can't downgrade anyway.
return false
}
return true
}