mirror of
https://github.com/jsiebens/ionscale.git
synced 2026-03-31 15:07:49 +01:00
feat: only support tailscale clients >= 1.48
This commit is contained in:
Johan Siebens
@@ -29,6 +29,10 @@ func (h *DNSHandlers) SetDNS(c echo.Context) error {
|
|||||||
return logError(err)
|
return logError(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if req.Version < SupportedCapabilityVersion {
|
||||||
|
return UnsupportedClientVersionError
|
||||||
|
}
|
||||||
|
|
||||||
if h.provider == nil {
|
if h.provider == nil {
|
||||||
return echo.NewHTTPError(http.StatusNotFound)
|
return echo.NewHTTPError(http.StatusNotFound)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -39,13 +39,17 @@ type IDTokenHandlers struct {
|
|||||||
func (h *IDTokenHandlers) FetchToken(c echo.Context) error {
|
func (h *IDTokenHandlers) FetchToken(c echo.Context) error {
|
||||||
ctx := c.Request().Context()
|
ctx := c.Request().Context()
|
||||||
|
|
||||||
keySet, err := h.repository.GetJSONWebKeySet(c.Request().Context())
|
req := &tailcfg.TokenRequest{}
|
||||||
if err != nil {
|
if err := c.Bind(req); err != nil {
|
||||||
return logError(err)
|
return logError(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
req := &tailcfg.TokenRequest{}
|
if req.CapVersion < SupportedCapabilityVersion {
|
||||||
if err := c.Bind(req); err != nil {
|
return UnsupportedClientVersionError
|
||||||
|
}
|
||||||
|
|
||||||
|
keySet, err := h.repository.GetJSONWebKeySet(c.Request().Context())
|
||||||
|
if err != nil {
|
||||||
return logError(err)
|
return logError(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -9,9 +9,13 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
NoiseCapabilityVersion = 28
|
SupportedCapabilityVersion = 68
|
||||||
|
NoiseCapabilityVersion = 28
|
||||||
|
UnsupportedClientVersionMessage = "ionscale only support client version >= 1.48.0, please upgrade your client"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var UnsupportedClientVersionError = echo.NewHTTPError(http.StatusBadRequest, UnsupportedClientVersionMessage)
|
||||||
|
|
||||||
func KeyHandler(keys *config.ServerKeys) echo.HandlerFunc {
|
func KeyHandler(keys *config.ServerKeys) echo.HandlerFunc {
|
||||||
legacyPublicKey := keys.LegacyControlKey.Public()
|
legacyPublicKey := keys.LegacyControlKey.Public()
|
||||||
publicKey := keys.ControlKey.Public()
|
publicKey := keys.ControlKey.Public()
|
||||||
|
|||||||
@@ -46,6 +46,10 @@ func (h *PollNetMapHandler) PollNetMap(c echo.Context) error {
|
|||||||
return logError(err)
|
return logError(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if req.Version < SupportedCapabilityVersion {
|
||||||
|
return UnsupportedClientVersionError
|
||||||
|
}
|
||||||
|
|
||||||
machineKey := h.machineKey.String()
|
machineKey := h.machineKey.String()
|
||||||
nodeKey := req.NodeKey.String()
|
nodeKey := req.NodeKey.String()
|
||||||
|
|
||||||
@@ -59,36 +63,16 @@ func (h *PollNetMapHandler) PollNetMap(c echo.Context) error {
|
|||||||
return echo.NewHTTPError(http.StatusNotFound)
|
return echo.NewHTTPError(http.StatusNotFound)
|
||||||
}
|
}
|
||||||
|
|
||||||
if req.ReadOnly {
|
return h.handlePollNetMap(c, m, req)
|
||||||
return h.handleReadOnly(c, m, req)
|
|
||||||
} else {
|
|
||||||
return h.handleUpdate(c, m, req)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *PollNetMapHandler) handleUpdate(c echo.Context, m *domain.Machine, mapRequest *tailcfg.MapRequest) error {
|
func (h *PollNetMapHandler) handlePollNetMap(c echo.Context, m *domain.Machine, mapRequest *tailcfg.MapRequest) error {
|
||||||
ctx := c.Request().Context()
|
ctx := c.Request().Context()
|
||||||
|
|
||||||
now := time.Now().UTC()
|
now := time.Now().UTC()
|
||||||
|
|
||||||
m.HostInfo = domain.HostInfo(*mapRequest.Hostinfo)
|
|
||||||
m.DiscoKey = mapRequest.DiscoKey.String()
|
|
||||||
m.Endpoints = mapRequest.Endpoints
|
|
||||||
m.LastSeen = &now
|
|
||||||
|
|
||||||
if err := h.repository.SaveMachine(ctx, m); err != nil {
|
|
||||||
return logError(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
tailnetID := m.TailnetID
|
tailnetID := m.TailnetID
|
||||||
machineID := m.ID
|
machineID := m.ID
|
||||||
|
|
||||||
h.sessionManager.NotifyAll(tailnetID, m.ID)
|
|
||||||
|
|
||||||
if !mapRequest.Stream {
|
|
||||||
return c.String(http.StatusOK, "")
|
|
||||||
}
|
|
||||||
|
|
||||||
mapper := mapping.NewPollNetMapper(mapRequest, m.ID, h.repository, h.sessionManager)
|
mapper := mapping.NewPollNetMapper(mapRequest, m.ID, h.repository, h.sessionManager)
|
||||||
|
|
||||||
response, err := h.createMapResponse(mapper, false, mapRequest.Compress)
|
response, err := h.createMapResponse(mapper, false, mapRequest.Compress)
|
||||||
@@ -96,11 +80,26 @@ func (h *PollNetMapHandler) handleUpdate(c echo.Context, m *domain.Machine, mapR
|
|||||||
return logError(err)
|
return logError(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !mapRequest.Stream {
|
||||||
|
m.HostInfo = domain.HostInfo(*mapRequest.Hostinfo)
|
||||||
|
m.DiscoKey = mapRequest.DiscoKey.String()
|
||||||
|
m.Endpoints = mapRequest.Endpoints
|
||||||
|
m.LastSeen = &now
|
||||||
|
|
||||||
|
if err := h.repository.SaveMachine(ctx, m); err != nil {
|
||||||
|
return logError(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
h.sessionManager.NotifyAll(tailnetID)
|
||||||
|
|
||||||
|
return c.JSONBlob(http.StatusOK, response)
|
||||||
|
}
|
||||||
|
|
||||||
updateChan := make(chan *core.Ping, 20)
|
updateChan := make(chan *core.Ping, 20)
|
||||||
h.sessionManager.Register(m.TailnetID, m.ID, updateChan)
|
h.sessionManager.Register(m.TailnetID, m.ID, updateChan)
|
||||||
|
|
||||||
// Listen to connection close
|
// Listen to connection close
|
||||||
notify := c.Request().Context().Done()
|
notify := ctx.Done()
|
||||||
|
|
||||||
keepAliveResponse, err := h.createKeepAliveResponse(mapRequest)
|
keepAliveResponse, err := h.createKeepAliveResponse(mapRequest)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -174,26 +173,6 @@ func (h *PollNetMapHandler) handleUpdate(c echo.Context, m *domain.Machine, mapR
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *PollNetMapHandler) handleReadOnly(c echo.Context, m *domain.Machine, request *tailcfg.MapRequest) error {
|
|
||||||
ctx := c.Request().Context()
|
|
||||||
|
|
||||||
m.HostInfo = domain.HostInfo(*request.Hostinfo)
|
|
||||||
m.DiscoKey = request.DiscoKey.String()
|
|
||||||
|
|
||||||
if err := h.repository.SaveMachine(ctx, m); err != nil {
|
|
||||||
return logError(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
mapper := mapping.NewPollNetMapper(request, m.ID, h.repository, h.sessionManager)
|
|
||||||
payload, err := h.createMapResponse(mapper, false, request.Compress)
|
|
||||||
if err != nil {
|
|
||||||
return logError(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
_, err = c.Response().Write(payload)
|
|
||||||
return logError(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (h *PollNetMapHandler) createKeepAliveResponse(request *tailcfg.MapRequest) ([]byte, error) {
|
func (h *PollNetMapHandler) createKeepAliveResponse(request *tailcfg.MapRequest) ([]byte, error) {
|
||||||
mapResponse := &tailcfg.MapResponse{
|
mapResponse := &tailcfg.MapResponse{
|
||||||
KeepAlive: true,
|
KeepAlive: true,
|
||||||
|
|||||||
@@ -45,6 +45,11 @@ func (h *RegistrationHandlers) Register(c echo.Context) error {
|
|||||||
return logError(err)
|
return logError(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if req.Version < SupportedCapabilityVersion {
|
||||||
|
response := tailcfg.RegisterResponse{MachineAuthorized: false, Error: UnsupportedClientVersionMessage}
|
||||||
|
return c.JSON(http.StatusOK, response)
|
||||||
|
}
|
||||||
|
|
||||||
machineKey := h.machineKey.String()
|
machineKey := h.machineKey.String()
|
||||||
nodeKey := req.NodeKey.String()
|
nodeKey := req.NodeKey.String()
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user