tka: move disablement logic out-of-band from AUMs

It doesn't make a ton of sense for disablement to be communicated as an AUM, because any failure in the AUM or chain mechanism will mean disablement wont function. Instead, tracking of the disablement secrets remains inside the state machine, but actual disablement and communication of the disablement secret is done by the caller. Signed-off-by: Tom DNetto <tom@tailscale.com>
2025-10-09 08:01:31 +00:00 · 2022-08-25 12:47:30 -07:00
parent 7a5cf39d0d
commit f580f4484f
7 changed files with 55 additions and 75 deletions
--- a/tka/aum_test.go
+++ b/tka/aum_test.go
@@ -62,16 +62,16 @@ func TestSerialization(t *testing.T) {
 			[]byte{
 				0xa5, // major type 5 (map), 5 items
 				0x01, // |- major type 0 (int), value 1 (first key, MessageKind)
-				0x05, // |- major type 0 (int), value 2 (first value, AUMUpdateKey)
+				0x04, // |- major type 0 (int), value 4 (first value, AUMUpdateKey)
 				0x02, // |- major type 0 (int), value 2 (second key, PrevAUMHash)
 				0xf6, // |- major type 7 (val), value null (second value, nil)
 				0x04, // |- major type 0 (int), value 4 (third key, KeyID)
 				0x42, // |- major type 2 (byte string), 2 items
 				0x01, //    |- major type 0 (int), value 1 (byte 1)
 				0x02, //    |- major type 0 (int), value 2 (byte 2)
-				0x07, // |- major type 0 (int), value 7 (fourth key, Votes)
+				0x06, // |- major type 0 (int), value 6 (fourth key, Votes)
 				0x02, // |- major type 0 (int), value 2 (forth value, 2)
-				0x08, // |- major type 0 (int), value 8 (fifth key, Meta)
+				0x07, // |- major type 0 (int), value 7 (fifth key, Meta)
 				0xa1, // |- major type 5 (map), 1 item (map[string]string type)
 				0x61, //    |- major type 3 (text string), value 1 (first key, one byte long)
 				0x61, //       |- byte 'a'
@@ -79,23 +79,6 @@ func TestSerialization(t *testing.T) {
 				0x62, //       |- byte 'b'
 			},
 		},
-		{
-			"DisableNL",
-			AUM{MessageKind: AUMDisableNL, PrevAUMHash: []byte{1, 2}, DisablementSecret: []byte{3, 4}},
-			[]byte{
-				0xa3, // major type 5 (map), 3 items
-				0x01, // |- major type 0 (int), value 1 (first key, MessageKind)
-				0x03, // |- major type 0 (int), value 3 (first value, AUMDisableNL)
-				0x02, // |- major type 0 (int), value 2 (second key, PrevAUMHash)
-				0x42, // |- major type 2 (byte string), 2 items (second value)
-				0x01, //    |- major type 0 (int), value 1 (byte 1)
-				0x02, //    |- major type 0 (int), value 2 (byte 2)
-				0x06, // |- major type 0 (int), value 6 (third key, DisablementSecret)
-				0x42, // |- major type 2 (byte string), 2 items (third value)
-				0x03, //    |- major type 0 (int), value 3 (byte 3)
-				0x04, //    |- major type 0 (int), value 4 (byte 4)
-			},
-		},
 		{
 			"Checkpoint",
 			AUM{MessageKind: AUMCheckpoint, PrevAUMHash: []byte{1, 2}, State: &State{
@@ -108,7 +91,7 @@ func TestSerialization(t *testing.T) {
 				append([]byte{
 					0xa3,       // major type 5 (map), 3 items
 					0x01,       // |- major type 0 (int), value 1 (first key, MessageKind)
-					0x06,       // |- major type 0 (int), value 6 (first value, AUMCheckpoint)
+					0x05,       // |- major type 0 (int), value 5 (first value, AUMCheckpoint)
 					0x02,       // |- major type 0 (int), value 2 (second key, PrevAUMHash)
 					0x42,       // |- major type 2 (byte string), 2 items (second value)
 					0x01,       //    |- major type 0 (int), value 1 (byte 1)