mirror of
https://github.com/tailscale/tailscale.git
synced 2024-12-01 22:15:51 +00:00
235309adc4
This moves the NetworkLock key from a dedicated StateKey to be part of the persist.Persist struct. This struct is stored as part for ipn.Prefs and is also the place where we store the NodeKey. It also moves the ChonkDir from "/tka" to "/tka-profile/<profile-id>". The rename was intentional to be able to delete the "/tka" dir if it exists. This means that we will have a unique key per profile, and a unique directory per profile. Note: `tailscale logout` will delete the entire profile, including any keys. It currently does not delete the ChonkDir. Signed-off-by: Maisem Ali <maisem@tailscale.com>
91 lines
2.7 KiB
Go
91 lines
2.7 KiB
Go
// Copyright (c) 2021 Tailscale Inc & AUTHORS All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// Package persist contains the Persist type.
|
|
package persist
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"tailscale.com/tailcfg"
|
|
"tailscale.com/types/key"
|
|
"tailscale.com/types/structs"
|
|
)
|
|
|
|
//go:generate go run tailscale.com/cmd/viewer -type=Persist
|
|
|
|
// Persist is the JSON type stored on disk on nodes to remember their
|
|
// settings between runs. This is stored as part of ipn.Prefs and is
|
|
// persisted per ipn.LoginProfile.
|
|
type Persist struct {
|
|
_ structs.Incomparable
|
|
|
|
// LegacyFrontendPrivateMachineKey is here temporarily
|
|
// (starting 2020-09-28) during migration of Windows users'
|
|
// machine keys from frontend storage to the backend. On the
|
|
// first LocalBackend.Start call, the backend will initialize
|
|
// the real (backend-owned) machine key from the frontend's
|
|
// provided value (if non-zero), picking a new random one if
|
|
// needed. This field should be considered read-only from GUI
|
|
// frontends. The real value should not be written back in
|
|
// this field, lest the frontend persist it to disk.
|
|
LegacyFrontendPrivateMachineKey key.MachinePrivate `json:"PrivateMachineKey"`
|
|
|
|
PrivateNodeKey key.NodePrivate
|
|
OldPrivateNodeKey key.NodePrivate // needed to request key rotation
|
|
Provider string
|
|
LoginName string
|
|
UserProfile tailcfg.UserProfile
|
|
NetworkLockKey key.NLPrivate
|
|
}
|
|
|
|
// PublicNodeKey returns the public key for the node key.
|
|
func (p *Persist) PublicNodeKey() key.NodePublic {
|
|
return p.PrivateNodeKey.Public()
|
|
}
|
|
|
|
// PublicNodeKey returns the public key for the node key.
|
|
func (p PersistView) PublicNodeKey() key.NodePublic {
|
|
return p.ж.PublicNodeKey()
|
|
}
|
|
|
|
func (p PersistView) Equals(p2 PersistView) bool {
|
|
return p.ж.Equals(p2.ж)
|
|
}
|
|
|
|
func (p *Persist) Equals(p2 *Persist) bool {
|
|
if p == nil && p2 == nil {
|
|
return true
|
|
}
|
|
if p == nil || p2 == nil {
|
|
return false
|
|
}
|
|
|
|
return p.LegacyFrontendPrivateMachineKey.Equal(p2.LegacyFrontendPrivateMachineKey) &&
|
|
p.PrivateNodeKey.Equal(p2.PrivateNodeKey) &&
|
|
p.OldPrivateNodeKey.Equal(p2.OldPrivateNodeKey) &&
|
|
p.Provider == p2.Provider &&
|
|
p.LoginName == p2.LoginName &&
|
|
p.UserProfile == p2.UserProfile &&
|
|
p.NetworkLockKey.Equal(p2.NetworkLockKey)
|
|
}
|
|
|
|
func (p *Persist) Pretty() string {
|
|
var (
|
|
mk key.MachinePublic
|
|
ok, nk key.NodePublic
|
|
)
|
|
if !p.LegacyFrontendPrivateMachineKey.IsZero() {
|
|
mk = p.LegacyFrontendPrivateMachineKey.Public()
|
|
}
|
|
if !p.OldPrivateNodeKey.IsZero() {
|
|
ok = p.OldPrivateNodeKey.Public()
|
|
}
|
|
if !p.PrivateNodeKey.IsZero() {
|
|
nk = p.PublicNodeKey()
|
|
}
|
|
return fmt.Sprintf("Persist{lm=%v, o=%v, n=%v u=%#v}",
|
|
mk.ShortString(), ok.ShortString(), nk.ShortString(), p.LoginName)
|
|
}
|