mirror of
https://github.com/jsiebens/ionscale.git
synced 2026-03-31 15:07:49 +01:00
feat: only support tailscale clients >= 1.48
This commit is contained in:
Johan Siebens
@@ -29,6 +29,10 @@ func (h *DNSHandlers) SetDNS(c echo.Context) error {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
if req.Version < SupportedCapabilityVersion {
|
||||
return UnsupportedClientVersionError
|
||||
}
|
||||
|
||||
if h.provider == nil {
|
||||
return echo.NewHTTPError(http.StatusNotFound)
|
||||
}
|
||||
|
||||
@@ -39,13 +39,17 @@ type IDTokenHandlers struct {
|
||||
func (h *IDTokenHandlers) FetchToken(c echo.Context) error {
|
||||
ctx := c.Request().Context()
|
||||
|
||||
keySet, err := h.repository.GetJSONWebKeySet(c.Request().Context())
|
||||
if err != nil {
|
||||
req := &tailcfg.TokenRequest{}
|
||||
if err := c.Bind(req); err != nil {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
req := &tailcfg.TokenRequest{}
|
||||
if err := c.Bind(req); err != nil {
|
||||
if req.CapVersion < SupportedCapabilityVersion {
|
||||
return UnsupportedClientVersionError
|
||||
}
|
||||
|
||||
keySet, err := h.repository.GetJSONWebKeySet(c.Request().Context())
|
||||
if err != nil {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
|
||||
@@ -9,9 +9,13 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
NoiseCapabilityVersion = 28
|
||||
SupportedCapabilityVersion = 68
|
||||
NoiseCapabilityVersion = 28
|
||||
UnsupportedClientVersionMessage = "ionscale only support client version >= 1.48.0, please upgrade your client"
|
||||
)
|
||||
|
||||
var UnsupportedClientVersionError = echo.NewHTTPError(http.StatusBadRequest, UnsupportedClientVersionMessage)
|
||||
|
||||
func KeyHandler(keys *config.ServerKeys) echo.HandlerFunc {
|
||||
legacyPublicKey := keys.LegacyControlKey.Public()
|
||||
publicKey := keys.ControlKey.Public()
|
||||
|
||||
@@ -46,6 +46,10 @@ func (h *PollNetMapHandler) PollNetMap(c echo.Context) error {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
if req.Version < SupportedCapabilityVersion {
|
||||
return UnsupportedClientVersionError
|
||||
}
|
||||
|
||||
machineKey := h.machineKey.String()
|
||||
nodeKey := req.NodeKey.String()
|
||||
|
||||
@@ -59,36 +63,16 @@ func (h *PollNetMapHandler) PollNetMap(c echo.Context) error {
|
||||
return echo.NewHTTPError(http.StatusNotFound)
|
||||
}
|
||||
|
||||
if req.ReadOnly {
|
||||
return h.handleReadOnly(c, m, req)
|
||||
} else {
|
||||
return h.handleUpdate(c, m, req)
|
||||
}
|
||||
return h.handlePollNetMap(c, m, req)
|
||||
}
|
||||
|
||||
func (h *PollNetMapHandler) handleUpdate(c echo.Context, m *domain.Machine, mapRequest *tailcfg.MapRequest) error {
|
||||
func (h *PollNetMapHandler) handlePollNetMap(c echo.Context, m *domain.Machine, mapRequest *tailcfg.MapRequest) error {
|
||||
ctx := c.Request().Context()
|
||||
|
||||
now := time.Now().UTC()
|
||||
|
||||
m.HostInfo = domain.HostInfo(*mapRequest.Hostinfo)
|
||||
m.DiscoKey = mapRequest.DiscoKey.String()
|
||||
m.Endpoints = mapRequest.Endpoints
|
||||
m.LastSeen = &now
|
||||
|
||||
if err := h.repository.SaveMachine(ctx, m); err != nil {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
tailnetID := m.TailnetID
|
||||
machineID := m.ID
|
||||
|
||||
h.sessionManager.NotifyAll(tailnetID, m.ID)
|
||||
|
||||
if !mapRequest.Stream {
|
||||
return c.String(http.StatusOK, "")
|
||||
}
|
||||
|
||||
mapper := mapping.NewPollNetMapper(mapRequest, m.ID, h.repository, h.sessionManager)
|
||||
|
||||
response, err := h.createMapResponse(mapper, false, mapRequest.Compress)
|
||||
@@ -96,11 +80,26 @@ func (h *PollNetMapHandler) handleUpdate(c echo.Context, m *domain.Machine, mapR
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
if !mapRequest.Stream {
|
||||
m.HostInfo = domain.HostInfo(*mapRequest.Hostinfo)
|
||||
m.DiscoKey = mapRequest.DiscoKey.String()
|
||||
m.Endpoints = mapRequest.Endpoints
|
||||
m.LastSeen = &now
|
||||
|
||||
if err := h.repository.SaveMachine(ctx, m); err != nil {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
h.sessionManager.NotifyAll(tailnetID)
|
||||
|
||||
return c.JSONBlob(http.StatusOK, response)
|
||||
}
|
||||
|
||||
updateChan := make(chan *core.Ping, 20)
|
||||
h.sessionManager.Register(m.TailnetID, m.ID, updateChan)
|
||||
|
||||
// Listen to connection close
|
||||
notify := c.Request().Context().Done()
|
||||
notify := ctx.Done()
|
||||
|
||||
keepAliveResponse, err := h.createKeepAliveResponse(mapRequest)
|
||||
if err != nil {
|
||||
@@ -174,26 +173,6 @@ func (h *PollNetMapHandler) handleUpdate(c echo.Context, m *domain.Machine, mapR
|
||||
}
|
||||
}
|
||||
|
||||
func (h *PollNetMapHandler) handleReadOnly(c echo.Context, m *domain.Machine, request *tailcfg.MapRequest) error {
|
||||
ctx := c.Request().Context()
|
||||
|
||||
m.HostInfo = domain.HostInfo(*request.Hostinfo)
|
||||
m.DiscoKey = request.DiscoKey.String()
|
||||
|
||||
if err := h.repository.SaveMachine(ctx, m); err != nil {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
mapper := mapping.NewPollNetMapper(request, m.ID, h.repository, h.sessionManager)
|
||||
payload, err := h.createMapResponse(mapper, false, request.Compress)
|
||||
if err != nil {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
_, err = c.Response().Write(payload)
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
func (h *PollNetMapHandler) createKeepAliveResponse(request *tailcfg.MapRequest) ([]byte, error) {
|
||||
mapResponse := &tailcfg.MapResponse{
|
||||
KeepAlive: true,
|
||||
|
||||
@@ -45,6 +45,11 @@ func (h *RegistrationHandlers) Register(c echo.Context) error {
|
||||
return logError(err)
|
||||
}
|
||||
|
||||
if req.Version < SupportedCapabilityVersion {
|
||||
response := tailcfg.RegisterResponse{MachineAuthorized: false, Error: UnsupportedClientVersionMessage}
|
||||
return c.JSON(http.StatusOK, response)
|
||||
}
|
||||
|
||||
machineKey := h.machineKey.String()
|
||||
nodeKey := req.NodeKey.String()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user