2023-01-27 21:37:20 +00:00
// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause
2022-08-11 18:43:09 +01:00
package ipnlocal
import (
"bytes"
"context"
2023-03-02 21:24:26 +00:00
"crypto/ed25519"
2022-11-25 14:50:15 +00:00
"crypto/rand"
2023-03-02 21:24:26 +00:00
"encoding/base64"
2022-11-16 23:38:25 +00:00
"encoding/binary"
2022-08-11 18:43:09 +01:00
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
2022-11-30 21:04:43 +00:00
"net/netip"
2022-09-07 00:34:16 +01:00
"os"
"path/filepath"
2022-08-11 18:43:09 +01:00
"time"
2023-01-04 18:36:07 +00:00
"tailscale.com/health"
2023-06-28 22:36:01 +01:00
"tailscale.com/health/healthmsg"
2022-11-11 06:29:03 +00:00
"tailscale.com/ipn"
2022-08-11 18:43:09 +01:00
"tailscale.com/ipn/ipnstate"
2022-11-30 21:04:43 +00:00
"tailscale.com/net/tsaddr"
2022-08-11 18:43:09 +01:00
"tailscale.com/tailcfg"
"tailscale.com/tka"
"tailscale.com/types/key"
2022-08-22 22:39:07 +01:00
"tailscale.com/types/netmap"
2022-11-29 00:39:03 +00:00
"tailscale.com/types/persist"
2022-08-11 18:43:09 +01:00
"tailscale.com/types/tkatype"
2022-11-02 20:13:26 +00:00
"tailscale.com/util/mak"
2022-08-11 18:43:09 +01:00
)
2022-10-04 00:07:34 +01:00
// TODO(tom): RPC retry/backoff was broken and has been removed. Fix?
2022-08-11 18:43:09 +01:00
2022-09-15 18:51:23 +01:00
var (
errMissingNetmap = errors . New ( "missing netmap: verify that you are logged in" )
errNetworkLockNotActive = errors . New ( "network-lock is not active" )
2023-03-01 22:14:35 +00:00
tkaCompactionDefaults = tka . CompactionOptions {
MinChain : 24 , // Keep at minimum 24 AUMs since head.
MinAge : 14 * 24 * time . Hour , // Keep 2 weeks of AUMs.
}
2022-09-15 18:51:23 +01:00
)
2022-08-26 17:45:16 +01:00
type tkaState struct {
2022-11-14 12:29:49 +00:00
profile ipn . ProfileID
2022-08-26 17:45:16 +01:00
authority * tka . Authority
storage * tka . FS
2022-11-30 21:04:43 +00:00
filtered [ ] ipnstate . TKAFilteredPeer
2022-08-26 17:45:16 +01:00
}
2022-10-04 18:51:45 +01:00
// tkaFilterNetmapLocked checks the signatures on each node key, dropping
2022-11-02 20:13:26 +00:00
// nodes from the netmap whose signature does not verify.
2022-10-06 19:09:13 +01:00
//
// b.mu must be held.
2022-10-04 18:51:45 +01:00
func ( b * LocalBackend ) tkaFilterNetmapLocked ( nm * netmap . NetworkMap ) {
2023-07-07 16:39:35 +01:00
if b . tka == nil && ! b . capTailnetLock {
2023-01-04 18:36:07 +00:00
health . SetTKAHealth ( nil )
2022-11-30 18:34:59 +00:00
return
2022-10-04 18:51:45 +01:00
}
if b . tka == nil {
2023-01-04 18:36:07 +00:00
health . SetTKAHealth ( nil )
2022-10-04 18:51:45 +01:00
return // TKA not enabled.
}
2022-11-02 20:13:26 +00:00
var toDelete map [ int ] bool // peer index => true
2022-10-04 18:51:45 +01:00
for i , p := range nm . Peers {
2023-08-18 15:57:44 +01:00
if p . UnsignedPeerAPIOnly ( ) {
2022-11-30 18:34:59 +00:00
// Not subject to tailnet lock.
2022-11-02 20:13:26 +00:00
continue
}
2023-08-18 15:57:44 +01:00
keySig := tkatype . MarshaledSignature ( p . KeySignature ( ) . StringCopy ( ) ) // TODO(bradfitz,maisem): this is unfortunate. Change tkatype.MarshaledSignature to a string for viewer?
if len ( keySig ) == 0 {
2023-08-20 03:51:41 +01:00
b . logf ( "Network lock is dropping peer %v(%v) due to missing signature" , p . ID ( ) , p . StableID ( ) )
2022-11-02 20:13:26 +00:00
mak . Set ( & toDelete , i , true )
2022-10-04 18:51:45 +01:00
} else {
2023-08-18 15:57:44 +01:00
if err := b . tka . authority . NodeKeyAuthorized ( p . Key ( ) , keySig ) ; err != nil {
2023-08-20 03:51:41 +01:00
b . logf ( "Network lock is dropping peer %v(%v) due to failed signature check: %v" , p . ID ( ) , p . StableID ( ) , err )
2022-11-02 20:13:26 +00:00
mak . Set ( & toDelete , i , true )
2022-10-04 18:51:45 +01:00
}
}
}
// nm.Peers is ordered, so deletion must be order-preserving.
2022-11-02 20:13:26 +00:00
if len ( toDelete ) > 0 {
2023-08-18 15:57:44 +01:00
peers := make ( [ ] tailcfg . NodeView , 0 , len ( nm . Peers ) )
2022-11-30 21:04:43 +00:00
filtered := make ( [ ] ipnstate . TKAFilteredPeer , 0 , len ( toDelete ) )
2022-11-02 20:13:26 +00:00
for i , p := range nm . Peers {
if ! toDelete [ i ] {
peers = append ( peers , p )
2022-11-30 21:04:43 +00:00
} else {
// Record information about the node we filtered out.
fp := ipnstate . TKAFilteredPeer {
2023-08-18 15:57:44 +01:00
Name : p . Name ( ) ,
ID : p . ID ( ) ,
StableID : p . StableID ( ) ,
TailscaleIPs : make ( [ ] netip . Addr , p . Addresses ( ) . Len ( ) ) ,
NodeKey : p . Key ( ) ,
2022-11-30 21:04:43 +00:00
}
2023-08-18 15:57:44 +01:00
for i := range p . Addresses ( ) . LenIter ( ) {
addr := p . Addresses ( ) . At ( i )
2022-11-30 21:04:43 +00:00
if addr . IsSingleIP ( ) && tsaddr . IsTailscaleIP ( addr . Addr ( ) ) {
fp . TailscaleIPs [ i ] = addr . Addr ( )
}
}
filtered = append ( filtered , fp )
2022-11-02 20:13:26 +00:00
}
2022-10-04 18:51:45 +01:00
}
2022-11-02 20:13:26 +00:00
nm . Peers = peers
2022-11-30 21:04:43 +00:00
b . tka . filtered = filtered
} else {
b . tka . filtered = nil
2022-10-04 18:51:45 +01:00
}
2023-01-04 18:36:07 +00:00
// Check that we ourselves are not locked out, report a health issue if so.
if nm . SelfNode != nil && b . tka . authority . NodeKeyAuthorized ( nm . SelfNode . Key , nm . SelfNode . KeySignature ) != nil {
2023-06-28 22:36:01 +01:00
health . SetTKAHealth ( errors . New ( healthmsg . LockedOut ) )
2023-01-04 18:36:07 +00:00
} else {
health . SetTKAHealth ( nil )
}
2022-10-04 18:51:45 +01:00
}
2022-10-06 19:09:13 +01:00
// tkaSyncIfNeeded examines TKA info reported from the control plane,
2022-09-07 00:34:16 +01:00
// performing the steps necessary to synchronize local tka state.
//
// There are 4 scenarios handled here:
// - Enablement: nm.TKAEnabled but b.tka == nil
2022-09-25 19:29:55 +01:00
// ∴ reach out to /machine/tka/bootstrap to get the genesis AUM, then
2022-09-07 00:34:16 +01:00
// initialize TKA.
// - Disablement: !nm.TKAEnabled but b.tka != nil
2022-09-25 19:29:55 +01:00
// ∴ reach out to /machine/tka/bootstrap to read the disablement secret,
2022-09-07 00:34:16 +01:00
// then verify and clear tka local state.
// - Sync needed: b.tka.Head != nm.TKAHead
// ∴ complete multi-step synchronization flow.
// - Everything up to date: All other cases.
// ∴ no action necessary.
//
2022-10-06 19:09:13 +01:00
// tkaSyncIfNeeded immediately takes b.takeSyncLock which is held throughout,
// and may take b.mu as required.
2022-11-11 06:29:03 +00:00
func ( b * LocalBackend ) tkaSyncIfNeeded ( nm * netmap . NetworkMap , prefs ipn . PrefsView ) error {
2022-10-06 19:09:13 +01:00
b . tkaSyncLock . Lock ( ) // take tkaSyncLock to make this function an exclusive section.
defer b . tkaSyncLock . Unlock ( )
b . mu . Lock ( ) // take mu to protect access to synchronized fields.
defer b . mu . Unlock ( )
2023-07-07 16:39:35 +01:00
if b . tka == nil && ! b . capTailnetLock {
2022-11-30 18:34:59 +00:00
return nil
}
2023-06-21 18:22:06 +01:00
if b . tka != nil || nm . TKAEnabled {
b . logf ( "tkaSyncIfNeeded: enabled=%v, head=%v" , nm . TKAEnabled , nm . TKAHead )
}
2022-11-30 18:34:59 +00:00
2022-11-11 06:29:03 +00:00
ourNodeKey := prefs . Persist ( ) . PublicNodeKey ( )
2022-09-07 00:34:16 +01:00
isEnabled := b . tka != nil
wantEnabled := nm . TKAEnabled
2022-11-15 23:03:11 +00:00
didJustEnable := false
2022-09-07 00:34:16 +01:00
if isEnabled != wantEnabled {
var ourHead tka . AUMHash
if b . tka != nil {
ourHead = b . tka . authority . Head ( )
}
// Regardless of whether we are moving to disabled or enabled, we
// need information from the tka bootstrap endpoint.
b . mu . Unlock ( )
2022-09-21 21:27:58 +01:00
bs , err := b . tkaFetchBootstrap ( ourNodeKey , ourHead )
2022-09-07 00:34:16 +01:00
b . mu . Lock ( )
if err != nil {
2022-09-27 20:30:04 +01:00
return fmt . Errorf ( "fetching bootstrap: %w" , err )
2022-09-07 00:34:16 +01:00
}
if wantEnabled && ! isEnabled {
2022-11-29 00:39:03 +00:00
if err := b . tkaBootstrapFromGenesisLocked ( bs . GenesisAUM , prefs . Persist ( ) ) ; err != nil {
2022-09-27 20:30:04 +01:00
return fmt . Errorf ( "bootstrap: %w" , err )
2022-09-07 00:34:16 +01:00
}
isEnabled = true
2022-11-15 23:03:11 +00:00
didJustEnable = true
2022-09-07 00:34:16 +01:00
} else if ! wantEnabled && isEnabled {
2022-10-27 21:40:31 +01:00
if err := b . tkaApplyDisablementLocked ( bs . DisablementSecret ) ; err != nil {
// We log here instead of returning an error (which itself would be
// logged), so that sync will continue even if control gives us an
// incorrect disablement secret.
b . logf ( "Disablement failed, leaving TKA enabled. Error: %v" , err )
2022-09-07 00:34:16 +01:00
} else {
2022-10-27 21:40:31 +01:00
isEnabled = false
2023-01-04 18:36:07 +00:00
health . SetTKAHealth ( nil )
2022-09-07 00:34:16 +01:00
}
} else {
2023-06-21 18:22:06 +01:00
return fmt . Errorf ( "[bug] unreachable invariant of wantEnabled w/ isEnabled" )
2022-09-07 00:34:16 +01:00
}
}
2022-11-15 23:03:11 +00:00
// We always transmit the sync RPCs if TKA was just enabled.
// This informs the control plane that our TKA state is now
// initialized to the transmitted TKA head hash.
if isEnabled && ( b . tka . authority . Head ( ) != nm . TKAHead || didJustEnable ) {
2022-09-27 20:30:04 +01:00
if err := b . tkaSyncLocked ( ourNodeKey ) ; err != nil {
return fmt . Errorf ( "tka sync: %w" , err )
}
}
return nil
}
func toSyncOffer ( head string , ancestors [ ] string ) ( tka . SyncOffer , error ) {
var out tka . SyncOffer
if err := out . Head . UnmarshalText ( [ ] byte ( head ) ) ; err != nil {
return tka . SyncOffer { } , fmt . Errorf ( "head.UnmarshalText: %v" , err )
}
out . Ancestors = make ( [ ] tka . AUMHash , len ( ancestors ) )
for i , a := range ancestors {
if err := out . Ancestors [ i ] . UnmarshalText ( [ ] byte ( a ) ) ; err != nil {
return tka . SyncOffer { } , fmt . Errorf ( "ancestor[%d].UnmarshalText: %v" , i , err )
}
}
return out , nil
}
// tkaSyncLocked synchronizes TKA state with control. b.mu must be held
// and tka must be initialized. b.mu will be stepped out of (and back into)
// during network RPCs.
2022-10-06 19:09:13 +01:00
//
// b.mu must be held.
2022-09-27 20:30:04 +01:00
func ( b * LocalBackend ) tkaSyncLocked ( ourNodeKey key . NodePublic ) error {
offer , err := b . tka . authority . SyncOffer ( b . tka . storage )
if err != nil {
return fmt . Errorf ( "offer: %w" , err )
}
b . mu . Unlock ( )
offerResp , err := b . tkaDoSyncOffer ( ourNodeKey , offer )
b . mu . Lock ( )
if err != nil {
return fmt . Errorf ( "offer RPC: %w" , err )
}
controlOffer , err := toSyncOffer ( offerResp . Head , offerResp . Ancestors )
if err != nil {
return fmt . Errorf ( "control offer: %v" , err )
}
if controlOffer . Head == offer . Head {
// We are up to date.
return nil
}
// Compute missing AUMs before we apply any AUMs from the control-plane,
// so we still submit AUMs to control even if they are not part of the
// active chain.
toSendAUMs , err := b . tka . authority . MissingAUMs ( b . tka . storage , controlOffer )
if err != nil {
return fmt . Errorf ( "computing missing AUMs: %w" , err )
}
// If we got this far, then we are not up to date. Either the control-plane
// has updates for us, or we have updates for the control plane.
//
// TODO(tom): Do we want to keep processing even if the Inform fails? Need
// to think through if theres holdback concerns here or not.
if len ( offerResp . MissingAUMs ) > 0 {
aums := make ( [ ] tka . AUM , len ( offerResp . MissingAUMs ) )
for i , a := range offerResp . MissingAUMs {
if err := aums [ i ] . Unserialize ( a ) ; err != nil {
return fmt . Errorf ( "MissingAUMs[%d]: %v" , i , err )
}
}
if err := b . tka . authority . Inform ( b . tka . storage , aums ) ; err != nil {
return fmt . Errorf ( "inform failed: %v" , err )
}
}
2022-10-27 21:40:31 +01:00
// NOTE(tom): We always send this RPC so control knows what TKA
// head we landed at.
head := b . tka . authority . Head ( )
2022-09-27 20:30:04 +01:00
b . mu . Unlock ( )
2022-10-27 21:40:31 +01:00
sendResp , err := b . tkaDoSyncSend ( ourNodeKey , head , toSendAUMs , false )
2022-09-27 20:30:04 +01:00
b . mu . Lock ( )
if err != nil {
return fmt . Errorf ( "send RPC: %v" , err )
}
var remoteHead tka . AUMHash
if err := remoteHead . UnmarshalText ( [ ] byte ( sendResp . Head ) ) ; err != nil {
return fmt . Errorf ( "head unmarshal: %v" , err )
}
if remoteHead != b . tka . authority . Head ( ) {
b . logf ( "TKA desync: expected consensus after sync but our head is %v and the control plane's is %v" , b . tka . authority . Head ( ) , remoteHead )
2022-09-07 00:34:16 +01:00
}
return nil
}
2022-10-27 21:40:31 +01:00
// tkaApplyDisablementLocked checks a disablement secret and locally disables
// TKA (if correct). An error is returned if disablement failed.
//
// b.mu must be held & TKA must be initialized.
func ( b * LocalBackend ) tkaApplyDisablementLocked ( secret [ ] byte ) error {
if b . tka . authority . ValidDisablement ( secret ) {
2022-11-14 12:29:49 +00:00
if err := os . RemoveAll ( b . chonkPathLocked ( ) ) ; err != nil {
2022-10-27 21:40:31 +01:00
return err
}
b . tka = nil
return nil
}
return errors . New ( "incorrect disablement secret" )
}
2022-11-14 12:29:49 +00:00
// chonkPathLocked returns the absolute path to the directory in which TKA
2022-09-07 00:34:16 +01:00
// state (the 'tailchonk') is stored.
2022-12-05 04:07:03 +00:00
//
// b.mu must be held.
2022-11-14 12:29:49 +00:00
func ( b * LocalBackend ) chonkPathLocked ( ) string {
return filepath . Join ( b . TailscaleVarRoot ( ) , "tka-profiles" , string ( b . pm . CurrentProfile ( ) . ID ) )
2022-09-07 00:34:16 +01:00
}
// tkaBootstrapFromGenesisLocked initializes the local (on-disk) state of the
// tailnet key authority, based on the given genesis AUM.
//
// b.mu must be held.
2022-11-29 00:39:03 +00:00
func ( b * LocalBackend ) tkaBootstrapFromGenesisLocked ( g tkatype . MarshaledAUM , persist persist . PersistView ) error {
2022-09-15 18:51:23 +01:00
if err := b . CanSupportNetworkLock ( ) ; err != nil {
return err
2022-09-07 00:34:16 +01:00
}
var genesis tka . AUM
if err := genesis . Unserialize ( g ) ; err != nil {
return fmt . Errorf ( "reading genesis: %v" , err )
}
2022-11-29 00:39:03 +00:00
if persist . Valid ( ) && persist . DisallowedTKAStateIDs ( ) . Len ( ) > 0 {
if genesis . State == nil {
return errors . New ( "invalid genesis: missing State" )
}
bootstrapStateID := fmt . Sprintf ( "%d:%d" , genesis . State . StateID1 , genesis . State . StateID2 )
for i := 0 ; i < persist . DisallowedTKAStateIDs ( ) . Len ( ) ; i ++ {
stateID := persist . DisallowedTKAStateIDs ( ) . At ( i )
if stateID == bootstrapStateID {
return fmt . Errorf ( "TKA with stateID of %q is disallowed on this node" , stateID )
}
}
}
2022-11-14 12:29:49 +00:00
chonkDir := b . chonkPathLocked ( )
if err := os . Mkdir ( filepath . Dir ( chonkDir ) , 0755 ) ; err != nil && ! os . IsExist ( err ) {
return fmt . Errorf ( "creating chonk root dir: %v" , err )
}
2022-09-07 00:34:16 +01:00
if err := os . Mkdir ( chonkDir , 0755 ) ; err != nil && ! os . IsExist ( err ) {
return fmt . Errorf ( "mkdir: %v" , err )
}
chonk , err := tka . ChonkDir ( chonkDir )
if err != nil {
return fmt . Errorf ( "chonk: %v" , err )
}
authority , err := tka . Bootstrap ( chonk , genesis )
if err != nil {
return fmt . Errorf ( "tka bootstrap: %v" , err )
}
b . tka = & tkaState {
2022-11-14 12:29:49 +00:00
profile : b . pm . CurrentProfile ( ) . ID ,
2022-09-07 00:34:16 +01:00
authority : authority ,
storage : chonk ,
}
return nil
}
2022-09-15 18:51:23 +01:00
// CanSupportNetworkLock returns nil if tailscaled is able to operate
2022-08-11 18:43:09 +01:00
// a local tailnet key authority (and hence enforce network lock).
2022-09-15 18:51:23 +01:00
func ( b * LocalBackend ) CanSupportNetworkLock ( ) error {
2022-08-11 18:43:09 +01:00
if b . tka != nil {
2022-09-15 18:51:23 +01:00
// If the TKA is being used, it is supported.
return nil
2022-08-11 18:43:09 +01:00
}
2022-09-15 18:51:23 +01:00
if b . TailscaleVarRoot ( ) == "" {
return errors . New ( "network-lock is not supported in this configuration, try setting --statedir" )
2022-08-11 18:43:09 +01:00
}
2022-09-15 18:51:23 +01:00
// There's a var root (aka --statedir), so if network lock gets
// initialized we have somewhere to store our AUMs. That's all
// we need.
return nil
2022-08-11 18:43:09 +01:00
}
// NetworkLockStatus returns a structure describing the state of the
// tailnet key authority, if any.
func ( b * LocalBackend ) NetworkLockStatus ( ) * ipnstate . NetworkLockStatus {
2022-10-05 19:42:30 +01:00
b . mu . Lock ( )
defer b . mu . Unlock ( )
2022-11-14 12:29:49 +00:00
var (
nodeKey * key . NodePublic
nlPriv key . NLPrivate
)
2022-11-29 20:00:40 +00:00
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) && ! p . Persist ( ) . PrivateNodeKey ( ) . IsZero ( ) {
2022-11-03 17:25:20 +00:00
nkp := p . Persist ( ) . PublicNodeKey ( )
nodeKey = & nkp
2022-11-29 20:00:40 +00:00
nlPriv = p . Persist ( ) . NetworkLockKey ( )
2022-11-03 17:25:20 +00:00
}
2022-11-14 12:29:49 +00:00
if nlPriv . IsZero ( ) {
return & ipnstate . NetworkLockStatus {
Enabled : false ,
NodeKey : nodeKey ,
}
}
2022-08-11 18:43:09 +01:00
if b . tka == nil {
return & ipnstate . NetworkLockStatus {
Enabled : false ,
2022-11-03 17:25:20 +00:00
NodeKey : nodeKey ,
2022-11-14 12:29:49 +00:00
PublicKey : nlPriv . Public ( ) ,
2022-08-11 18:43:09 +01:00
}
}
var head [ 32 ] byte
2022-08-26 17:45:16 +01:00
h := b . tka . authority . Head ( )
2022-08-11 18:43:09 +01:00
copy ( head [ : ] , h [ : ] )
2022-11-03 17:25:20 +00:00
var selfAuthorized bool
if b . netMap != nil {
selfAuthorized = b . tka . authority . NodeKeyAuthorized ( b . netMap . SelfNode . Key , b . netMap . SelfNode . KeySignature ) == nil
}
keys := b . tka . authority . Keys ( )
outKeys := make ( [ ] ipnstate . TKAKey , len ( keys ) )
for i , k := range keys {
outKeys [ i ] = ipnstate . TKAKey {
Key : key . NLPublicFromEd25519Unsafe ( k . Public ) ,
Metadata : k . Meta ,
Votes : k . Votes ,
}
}
2022-11-30 21:04:43 +00:00
filtered := make ( [ ] * ipnstate . TKAFilteredPeer , len ( b . tka . filtered ) )
for i := 0 ; i < len ( filtered ) ; i ++ {
filtered [ i ] = b . tka . filtered [ i ] . Clone ( )
}
2023-05-24 21:36:25 +01:00
stateID1 , _ := b . tka . authority . StateIDs ( )
2022-08-11 18:43:09 +01:00
return & ipnstate . NetworkLockStatus {
2022-11-03 17:25:20 +00:00
Enabled : true ,
Head : & head ,
2022-11-14 12:29:49 +00:00
PublicKey : nlPriv . Public ( ) ,
2022-11-03 17:25:20 +00:00
NodeKey : nodeKey ,
NodeKeySigned : selfAuthorized ,
TrustedKeys : outKeys ,
2022-11-30 21:04:43 +00:00
FilteredPeers : filtered ,
2023-05-24 21:36:25 +01:00
StateID : stateID1 ,
2022-08-11 18:43:09 +01:00
}
}
// NetworkLockInit enables network-lock for the tailnet, with the tailnets'
// key authority initialized to trust the provided keys.
//
// Initialization involves two RPCs with control, termed 'begin' and 'finish'.
// The Begin RPC transmits the genesis Authority Update Message, which
// encodes the initial state of the authority, and the list of all nodes
// needing signatures is returned as a response.
// The Finish RPC submits signatures for all these nodes, at which point
// Control has everything it needs to atomically enable network lock.
2022-11-23 19:19:30 +00:00
func ( b * LocalBackend ) NetworkLockInit ( keys [ ] tka . Key , disablementValues [ ] [ ] byte , supportDisablement [ ] byte ) error {
2022-09-15 18:51:23 +01:00
if err := b . CanSupportNetworkLock ( ) ; err != nil {
return err
2022-08-11 18:43:09 +01:00
}
2022-09-21 21:27:58 +01:00
var ourNodeKey key . NodePublic
2022-11-14 12:29:49 +00:00
var nlPriv key . NLPrivate
2022-09-21 21:27:58 +01:00
b . mu . Lock ( )
2022-11-30 18:34:59 +00:00
2023-07-07 16:39:35 +01:00
if ! b . capTailnetLock {
2022-11-30 18:34:59 +00:00
b . mu . Unlock ( )
2023-07-07 16:39:35 +01:00
return errors . New ( "not permitted to enable tailnet lock" )
2022-11-30 18:34:59 +00:00
}
2022-11-29 20:00:40 +00:00
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) && ! p . Persist ( ) . PrivateNodeKey ( ) . IsZero ( ) {
2022-11-09 05:58:10 +00:00
ourNodeKey = p . Persist ( ) . PublicNodeKey ( )
2022-11-29 20:00:40 +00:00
nlPriv = p . Persist ( ) . NetworkLockKey ( )
2022-09-21 21:27:58 +01:00
}
b . mu . Unlock ( )
2022-11-14 12:29:49 +00:00
if ourNodeKey . IsZero ( ) || nlPriv . IsZero ( ) {
2022-09-21 21:27:58 +01:00
return errors . New ( "no node-key: is tailscale logged in?" )
2022-08-22 22:39:07 +01:00
}
2022-11-16 23:38:25 +00:00
var entropy [ 16 ] byte
if _ , err := rand . Read ( entropy [ : ] ) ; err != nil {
return err
}
2022-08-11 18:43:09 +01:00
// Generates a genesis AUM representing trust in the provided keys.
// We use an in-memory tailchonk because we don't want to commit to
// the filesystem until we've finished the initialization sequence,
// just in case something goes wrong.
_ , genesisAUM , err := tka . Create ( & tka . Mem { } , tka . State {
Keys : keys ,
2022-10-27 21:40:31 +01:00
// TODO(tom): s/tka.State.DisablementSecrets/tka.State.DisablementValues
// This will center on consistent nomenclature:
// - DisablementSecret: value needed to disable.
// - DisablementValue: the KDF of the disablement secret, a public value.
DisablementSecrets : disablementValues ,
2022-11-16 23:38:25 +00:00
StateID1 : binary . LittleEndian . Uint64 ( entropy [ : 8 ] ) ,
StateID2 : binary . LittleEndian . Uint64 ( entropy [ 8 : ] ) ,
2022-11-14 12:29:49 +00:00
} , nlPriv )
2022-08-11 18:43:09 +01:00
if err != nil {
return fmt . Errorf ( "tka.Create: %v" , err )
}
b . logf ( "Generated genesis AUM to initialize network lock, trusting the following keys:" )
for i , k := range genesisAUM . State . Keys {
2022-11-30 20:30:44 +00:00
b . logf ( " - key[%d] = tlpub:%x with %d votes" , i , k . Public , k . Votes )
2022-08-11 18:43:09 +01:00
}
// Phase 1/2 of initialization: Transmit the genesis AUM to Control.
2022-09-21 21:27:58 +01:00
initResp , err := b . tkaInitBegin ( ourNodeKey , genesisAUM )
2022-08-11 18:43:09 +01:00
if err != nil {
return fmt . Errorf ( "tka init-begin RPC: %w" , err )
}
// Our genesis AUM was accepted but before Control turns on enforcement of
// node-key signatures, we need to sign keys for all the existing nodes.
// If we don't get these signatures ahead of time, everyone will loose
// connectivity because control won't have any signatures to send which
// satisfy network-lock checks.
2022-08-22 22:42:16 +01:00
sigs := make ( map [ tailcfg . NodeID ] tkatype . MarshaledSignature , len ( initResp . NeedSignatures ) )
for _ , nodeInfo := range initResp . NeedSignatures {
2022-11-14 12:29:49 +00:00
nks , err := signNodeKey ( nodeInfo , nlPriv )
2022-08-11 18:43:09 +01:00
if err != nil {
return fmt . Errorf ( "generating signature: %v" , err )
}
2022-08-22 22:42:16 +01:00
sigs [ nodeInfo . NodeID ] = nks . Serialize ( )
2022-08-11 18:43:09 +01:00
}
// Finalize enablement by transmitting signature for all nodes to Control.
2022-11-23 19:19:30 +00:00
_ , err = b . tkaInitFinish ( ourNodeKey , sigs , supportDisablement )
2022-08-11 18:43:09 +01:00
return err
}
2022-10-04 00:07:34 +01:00
// Only use is in tests.
func ( b * LocalBackend ) NetworkLockVerifySignatureForTest ( nks tkatype . MarshaledSignature , nodeKey key . NodePublic ) error {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return errNetworkLockNotActive
}
return b . tka . authority . NodeKeyAuthorized ( nodeKey , nks )
}
// Only use is in tests.
func ( b * LocalBackend ) NetworkLockKeyTrustedForTest ( keyID tkatype . KeyID ) bool {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
panic ( "network lock not initialized" )
}
return b . tka . authority . KeyTrusted ( keyID )
}
2022-11-29 00:39:03 +00:00
// NetworkLockForceLocalDisable shuts down TKA locally, and denylists the current
// TKA from being initialized locally in future.
func ( b * LocalBackend ) NetworkLockForceLocalDisable ( ) error {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return errNetworkLockNotActive
}
id1 , id2 := b . tka . authority . StateIDs ( )
stateID := fmt . Sprintf ( "%d:%d" , id1 , id2 )
newPrefs := b . pm . CurrentPrefs ( ) . AsStruct ( ) . Clone ( ) // .Persist should always be initialized here.
newPrefs . Persist . DisallowedTKAStateIDs = append ( newPrefs . Persist . DisallowedTKAStateIDs , stateID )
if err := b . pm . SetPrefs ( newPrefs . View ( ) ) ; err != nil {
return fmt . Errorf ( "saving prefs: %w" , err )
}
if err := os . RemoveAll ( b . chonkPathLocked ( ) ) ; err != nil {
return fmt . Errorf ( "deleting TKA state: %w" , err )
}
b . tka = nil
return nil
}
2022-10-31 23:47:51 +00:00
// NetworkLockSign signs the given node-key and submits it to the control plane.
// rotationPublic, if specified, must be an ed25519 public key.
func ( b * LocalBackend ) NetworkLockSign ( nodeKey key . NodePublic , rotationPublic [ ] byte ) error {
ourNodeKey , sig , err := func ( nodeKey key . NodePublic , rotationPublic [ ] byte ) ( key . NodePublic , tka . NodeKeySignature , error ) {
b . mu . Lock ( )
defer b . mu . Unlock ( )
2022-11-14 12:29:49 +00:00
var nlPriv key . NLPrivate
2022-11-29 20:00:40 +00:00
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) {
nlPriv = p . Persist ( ) . NetworkLockKey ( )
2022-11-14 12:29:49 +00:00
}
if nlPriv . IsZero ( ) {
return key . NodePublic { } , tka . NodeKeySignature { } , errMissingNetmap
}
2022-10-31 23:47:51 +00:00
if b . tka == nil {
return key . NodePublic { } , tka . NodeKeySignature { } , errNetworkLockNotActive
}
2022-11-14 12:29:49 +00:00
if ! b . tka . authority . KeyTrusted ( nlPriv . KeyID ( ) ) {
2022-10-31 23:47:51 +00:00
return key . NodePublic { } , tka . NodeKeySignature { } , errors . New ( "this node is not trusted by network lock" )
}
p , err := nodeKey . MarshalBinary ( )
if err != nil {
return key . NodePublic { } , tka . NodeKeySignature { } , err
}
sig := tka . NodeKeySignature {
SigKind : tka . SigDirect ,
2022-11-14 12:29:49 +00:00
KeyID : nlPriv . KeyID ( ) ,
2022-10-31 23:47:51 +00:00
Pubkey : p ,
WrappingPubkey : rotationPublic ,
}
2022-11-14 12:29:49 +00:00
sig . Signature , err = nlPriv . SignNKS ( sig . SigHash ( ) )
2022-10-31 23:47:51 +00:00
if err != nil {
return key . NodePublic { } , tka . NodeKeySignature { } , fmt . Errorf ( "signature failed: %w" , err )
}
2022-11-09 05:58:10 +00:00
return b . pm . CurrentPrefs ( ) . Persist ( ) . PublicNodeKey ( ) , sig , nil
2022-10-31 23:47:51 +00:00
} ( nodeKey , rotationPublic )
if err != nil {
return err
}
b . logf ( "Generated network-lock signature for %v, submitting to control plane" , nodeKey )
if _ , err := b . tkaSubmitSignature ( ourNodeKey , sig . Serialize ( ) ) ; err != nil {
return err
}
return nil
}
2022-09-15 18:51:23 +01:00
// NetworkLockModify adds and/or removes keys in the tailnet's key authority.
func ( b * LocalBackend ) NetworkLockModify ( addKeys , removeKeys [ ] tka . Key ) ( err error ) {
defer func ( ) {
if err != nil {
err = fmt . Errorf ( "modify network-lock keys: %w" , err )
}
} ( )
b . mu . Lock ( )
defer b . mu . Unlock ( )
2022-11-14 20:09:12 +00:00
var ourNodeKey key . NodePublic
2022-11-29 20:00:40 +00:00
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) && ! p . Persist ( ) . PrivateNodeKey ( ) . IsZero ( ) {
2022-11-14 20:09:12 +00:00
ourNodeKey = p . Persist ( ) . PublicNodeKey ( )
}
if ourNodeKey . IsZero ( ) {
return errors . New ( "no node-key: is tailscale logged in?" )
}
2022-11-14 12:29:49 +00:00
var nlPriv key . NLPrivate
2022-11-29 20:00:40 +00:00
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) {
nlPriv = p . Persist ( ) . NetworkLockKey ( )
2022-11-14 12:29:49 +00:00
}
if nlPriv . IsZero ( ) {
return errMissingNetmap
}
2022-09-15 18:51:23 +01:00
if b . tka == nil {
return errNetworkLockNotActive
}
2022-12-05 06:55:57 +00:00
if ! b . tka . authority . KeyTrusted ( nlPriv . KeyID ( ) ) {
return errors . New ( "this node does not have a trusted tailnet lock key" )
}
2022-09-15 18:51:23 +01:00
2022-11-14 12:29:49 +00:00
updater := b . tka . authority . NewUpdater ( nlPriv )
2022-09-15 18:51:23 +01:00
for _ , addKey := range addKeys {
if err := updater . AddKey ( addKey ) ; err != nil {
return err
}
}
for _ , removeKey := range removeKeys {
2023-01-03 17:39:55 +00:00
keyID , err := removeKey . ID ( )
if err != nil {
return err
}
if err := updater . RemoveKey ( keyID ) ; err != nil {
2022-09-15 18:51:23 +01:00
return err
}
}
aums , err := updater . Finalize ( b . tka . storage )
if err != nil {
return err
}
if len ( aums ) == 0 {
return nil
}
2022-10-27 21:40:31 +01:00
head := b . tka . authority . Head ( )
2022-10-04 00:07:34 +01:00
b . mu . Unlock ( )
2022-10-27 21:40:31 +01:00
resp , err := b . tkaDoSyncSend ( ourNodeKey , head , aums , true )
2022-10-04 00:07:34 +01:00
b . mu . Lock ( )
2022-09-15 18:51:23 +01:00
if err != nil {
return err
}
2022-10-04 00:07:34 +01:00
var controlHead tka . AUMHash
if err := controlHead . UnmarshalText ( [ ] byte ( resp . Head ) ) ; err != nil {
return err
}
2022-09-15 18:51:23 +01:00
lastHead := aums [ len ( aums ) - 1 ] . Hash ( )
2022-10-04 00:07:34 +01:00
if controlHead != lastHead {
2022-09-15 18:51:23 +01:00
return errors . New ( "central tka head differs from submitted AUM, try again" )
}
return nil
}
2022-10-27 21:40:31 +01:00
// NetworkLockDisable disables network-lock using the provided disablement secret.
func ( b * LocalBackend ) NetworkLockDisable ( secret [ ] byte ) error {
var (
ourNodeKey key . NodePublic
head tka . AUMHash
err error
)
b . mu . Lock ( )
2022-11-29 20:00:40 +00:00
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) && ! p . Persist ( ) . PrivateNodeKey ( ) . IsZero ( ) {
2022-11-09 05:58:10 +00:00
ourNodeKey = p . Persist ( ) . PublicNodeKey ( )
2022-10-27 21:40:31 +01:00
}
if b . tka == nil {
err = errNetworkLockNotActive
} else {
head = b . tka . authority . Head ( )
if ! b . tka . authority . ValidDisablement ( secret ) {
err = errors . New ( "incorrect disablement secret" )
}
}
b . mu . Unlock ( )
if err != nil {
return err
}
if ourNodeKey . IsZero ( ) {
return errors . New ( "no node-key: is tailscale logged in?" )
}
_ , err = b . tkaDoDisablement ( ourNodeKey , head , secret )
return err
}
2022-11-14 23:04:10 +00:00
// NetworkLockLog returns the changelog of TKA state up to maxEntries in size.
func ( b * LocalBackend ) NetworkLockLog ( maxEntries int ) ( [ ] ipnstate . NetworkLockUpdate , error ) {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return nil , errNetworkLockNotActive
}
var out [ ] ipnstate . NetworkLockUpdate
cursor := b . tka . authority . Head ( )
for i := 0 ; i < maxEntries ; i ++ {
aum , err := b . tka . storage . AUM ( cursor )
if err != nil {
if err == os . ErrNotExist {
break
}
return out , fmt . Errorf ( "reading AUM: %w" , err )
}
update := ipnstate . NetworkLockUpdate {
Hash : cursor ,
Change : aum . MessageKind . String ( ) ,
Raw : aum . Serialize ( ) ,
}
out = append ( out , update )
parent , hasParent := aum . Parent ( )
if ! hasParent {
break
}
cursor = parent
}
return out , nil
}
2023-03-01 20:47:29 +00:00
// NetworkLockAffectedSigs returns the signatures which would be invalidated
// by removing trust in the specified KeyID.
func ( b * LocalBackend ) NetworkLockAffectedSigs ( keyID tkatype . KeyID ) ( [ ] tkatype . MarshaledSignature , error ) {
var (
ourNodeKey key . NodePublic
err error
)
b . mu . Lock ( )
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) && ! p . Persist ( ) . PrivateNodeKey ( ) . IsZero ( ) {
ourNodeKey = p . Persist ( ) . PublicNodeKey ( )
}
if b . tka == nil {
err = errNetworkLockNotActive
}
b . mu . Unlock ( )
if err != nil {
return nil , err
}
resp , err := b . tkaReadAffectedSigs ( ourNodeKey , keyID )
if err != nil {
return nil , err
}
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return nil , errNetworkLockNotActive
}
// Confirm for ourselves tha the signatures would actually be invalidated
// by removal of trusted in the specified key.
for i , sigBytes := range resp . Signatures {
var sig tka . NodeKeySignature
if err := sig . Unserialize ( sigBytes ) ; err != nil {
return nil , fmt . Errorf ( "failed decoding signature %d: %w" , i , err )
}
sigKeyID , err := sig . UnverifiedAuthorizingKeyID ( )
if err != nil {
return nil , fmt . Errorf ( "extracting SigID from signature %d: %w" , i , err )
}
if ! bytes . Equal ( keyID , sigKeyID ) {
return nil , fmt . Errorf ( "got signature with keyID %X from request for %X" , sigKeyID , keyID )
}
var nodeKey key . NodePublic
if err := nodeKey . UnmarshalBinary ( sig . Pubkey ) ; err != nil {
return nil , fmt . Errorf ( "failed decoding pubkey for signature %d: %w" , i , err )
}
if err := b . tka . authority . NodeKeyAuthorized ( nodeKey , sigBytes ) ; err != nil {
return nil , fmt . Errorf ( "signature %d is not valid: %w" , i , err )
}
}
return resp . Signatures , nil
}
2023-07-18 23:13:36 +01:00
// NetworkLockGenerateRecoveryAUM generates an AUM which retroactively removes trust in the
// specified keys. This AUM is signed by the current node and returned.
//
// If forkFrom is specified, it is used as the parent AUM to fork from. If the zero value,
// the parent AUM is determined automatically.
func ( b * LocalBackend ) NetworkLockGenerateRecoveryAUM ( removeKeys [ ] tkatype . KeyID , forkFrom tka . AUMHash ) ( * tka . AUM , error ) {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return nil , errNetworkLockNotActive
}
var nlPriv key . NLPrivate
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) {
nlPriv = p . Persist ( ) . NetworkLockKey ( )
}
if nlPriv . IsZero ( ) {
return nil , errMissingNetmap
}
aum , err := b . tka . authority . MakeRetroactiveRevocation ( b . tka . storage , removeKeys , nlPriv . KeyID ( ) , forkFrom )
if err != nil {
return nil , err
}
// Sign it ourselves.
aum . Signatures , err = nlPriv . SignAUM ( aum . SigHash ( ) )
if err != nil {
return nil , fmt . Errorf ( "signing failed: %w" , err )
}
return aum , nil
}
// NetworkLockCosignRecoveryAUM co-signs the provided recovery AUM and returns
// the updated structure.
//
// The recovery AUM provided should be the output from a previous call to
// NetworkLockGenerateRecoveryAUM or NetworkLockCosignRecoveryAUM.
func ( b * LocalBackend ) NetworkLockCosignRecoveryAUM ( aum * tka . AUM ) ( * tka . AUM , error ) {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return nil , errNetworkLockNotActive
}
var nlPriv key . NLPrivate
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) {
nlPriv = p . Persist ( ) . NetworkLockKey ( )
}
if nlPriv . IsZero ( ) {
return nil , errMissingNetmap
}
for _ , sig := range aum . Signatures {
if bytes . Equal ( sig . KeyID , nlPriv . KeyID ( ) ) {
return nil , errors . New ( "this node has already signed this recovery AUM" )
}
}
// Sign it ourselves.
sigs , err := nlPriv . SignAUM ( aum . SigHash ( ) )
if err != nil {
return nil , fmt . Errorf ( "signing failed: %w" , err )
}
aum . Signatures = append ( aum . Signatures , sigs ... )
return aum , nil
}
func ( b * LocalBackend ) NetworkLockSubmitRecoveryAUM ( aum * tka . AUM ) error {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return errNetworkLockNotActive
}
var ourNodeKey key . NodePublic
if p := b . pm . CurrentPrefs ( ) ; p . Valid ( ) && p . Persist ( ) . Valid ( ) && ! p . Persist ( ) . PrivateNodeKey ( ) . IsZero ( ) {
ourNodeKey = p . Persist ( ) . PublicNodeKey ( )
}
if ourNodeKey . IsZero ( ) {
return errors . New ( "no node-key: is tailscale logged in?" )
}
b . mu . Unlock ( )
_ , err := b . tkaDoSyncSend ( ourNodeKey , aum . Hash ( ) , [ ] tka . AUM { * aum } , false )
b . mu . Lock ( )
return err
}
2023-03-02 21:24:26 +00:00
var tkaSuffixEncoder = base64 . RawStdEncoding
// NetworkLockWrapPreauthKey wraps a pre-auth key with information to
// enable unattended bringup in the locked tailnet.
//
// The provided trusted tailnet-lock key is used to sign
// a SigCredential structure, which is encoded along with the
// private key and appended to the pre-auth key.
func ( b * LocalBackend ) NetworkLockWrapPreauthKey ( preauthKey string , tkaKey key . NLPrivate ) ( string , error ) {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return "" , errNetworkLockNotActive
}
pub , priv , err := ed25519 . GenerateKey ( nil ) // nil == crypto/rand
if err != nil {
return "" , err
}
sig := tka . NodeKeySignature {
SigKind : tka . SigCredential ,
KeyID : tkaKey . KeyID ( ) ,
WrappingPubkey : pub ,
}
sig . Signature , err = tkaKey . SignNKS ( sig . SigHash ( ) )
if err != nil {
return "" , fmt . Errorf ( "signing failed: %w" , err )
}
b . logf ( "Generated network-lock credential signature using %s" , tkaKey . Public ( ) . CLIString ( ) )
return fmt . Sprintf ( "%s--TL%s-%s" , preauthKey , tkaSuffixEncoder . EncodeToString ( sig . Serialize ( ) ) , tkaSuffixEncoder . EncodeToString ( priv ) ) , nil
}
2023-06-13 19:39:23 +01:00
// NetworkLockVerifySigningDeeplink asks the authority to verify the given deeplink
// URL. See the comment for ValidateDeeplink for details.
func ( b * LocalBackend ) NetworkLockVerifySigningDeeplink ( url string ) tka . DeeplinkValidationResult {
b . mu . Lock ( )
defer b . mu . Unlock ( )
if b . tka == nil {
return tka . DeeplinkValidationResult { IsValid : false , Error : errNetworkLockNotActive . Error ( ) }
}
return b . tka . authority . ValidateDeeplink ( url )
}
2022-08-22 22:42:16 +01:00
func signNodeKey ( nodeInfo tailcfg . TKASignInfo , signer key . NLPrivate ) ( * tka . NodeKeySignature , error ) {
p , err := nodeInfo . NodePublic . MarshalBinary ( )
2022-08-11 18:43:09 +01:00
if err != nil {
return nil , err
}
sig := tka . NodeKeySignature {
2022-08-22 22:42:16 +01:00
SigKind : tka . SigDirect ,
KeyID : signer . KeyID ( ) ,
Pubkey : p ,
2022-08-29 21:53:33 +01:00
WrappingPubkey : nodeInfo . RotationPubkey ,
2022-08-11 18:43:09 +01:00
}
sig . Signature , err = signer . SignNKS ( sig . SigHash ( ) )
if err != nil {
return nil , fmt . Errorf ( "signature failed: %w" , err )
}
return & sig , nil
}
2022-09-21 21:27:58 +01:00
func ( b * LocalBackend ) tkaInitBegin ( ourNodeKey key . NodePublic , aum tka . AUM ) ( * tailcfg . TKAInitBeginResponse , error ) {
2022-08-11 18:43:09 +01:00
var req bytes . Buffer
if err := json . NewEncoder ( & req ) . Encode ( tailcfg . TKAInitBeginRequest {
2022-09-21 21:27:58 +01:00
Version : tailcfg . CurrentCapabilityVersion ,
NodeKey : ourNodeKey ,
2022-08-11 18:43:09 +01:00
GenesisAUM : aum . Serialize ( ) ,
} ) ; err != nil {
return nil , fmt . Errorf ( "encoding request: %v" , err )
}
ctx , cancel := context . WithTimeout ( context . Background ( ) , time . Minute )
defer cancel ( )
2022-10-04 00:07:34 +01:00
req2 , err := http . NewRequestWithContext ( ctx , "GET" , "https://unused/machine/tka/init/begin" , & req )
if err != nil {
return nil , fmt . Errorf ( "req: %w" , err )
}
res , err := b . DoNoiseRequest ( req2 )
if err != nil {
return nil , fmt . Errorf ( "resp: %w" , err )
}
if res . StatusCode != 200 {
body , _ := io . ReadAll ( res . Body )
2022-08-11 18:43:09 +01:00
res . Body . Close ( )
2022-10-04 00:07:34 +01:00
return nil , fmt . Errorf ( "request returned (%d): %s" , res . StatusCode , string ( body ) )
2022-08-11 18:43:09 +01:00
}
2022-10-04 00:07:34 +01:00
a := new ( tailcfg . TKAInitBeginResponse )
2022-10-27 21:40:31 +01:00
err = json . NewDecoder ( & io . LimitedReader { R : res . Body , N : 10 * 1024 * 1024 } ) . Decode ( a )
2022-10-04 00:07:34 +01:00
res . Body . Close ( )
if err != nil {
return nil , fmt . Errorf ( "decoding JSON: %w" , err )
}
return a , nil
2022-08-11 18:43:09 +01:00
}
2022-11-23 19:19:30 +00:00
func ( b * LocalBackend ) tkaInitFinish ( ourNodeKey key . NodePublic , nks map [ tailcfg . NodeID ] tkatype . MarshaledSignature , supportDisablement [ ] byte ) ( * tailcfg . TKAInitFinishResponse , error ) {
2022-08-11 18:43:09 +01:00
var req bytes . Buffer
if err := json . NewEncoder ( & req ) . Encode ( tailcfg . TKAInitFinishRequest {
2022-11-23 19:19:30 +00:00
Version : tailcfg . CurrentCapabilityVersion ,
NodeKey : ourNodeKey ,
Signatures : nks ,
SupportDisablement : supportDisablement ,
2022-08-11 18:43:09 +01:00
} ) ; err != nil {
return nil , fmt . Errorf ( "encoding request: %v" , err )
}
ctx , cancel := context . WithTimeout ( context . Background ( ) , time . Minute )
defer cancel ( )
2022-10-04 00:07:34 +01:00
req2 , err := http . NewRequestWithContext ( ctx , "GET" , "https://unused/machine/tka/init/finish" , & req )
if err != nil {
return nil , fmt . Errorf ( "req: %w" , err )
}
res , err := b . DoNoiseRequest ( req2 )
if err != nil {
return nil , fmt . Errorf ( "resp: %w" , err )
2022-08-11 18:43:09 +01:00
}
2022-10-04 00:07:34 +01:00
if res . StatusCode != 200 {
body , _ := io . ReadAll ( res . Body )
res . Body . Close ( )
return nil , fmt . Errorf ( "request returned (%d): %s" , res . StatusCode , string ( body ) )
}
a := new ( tailcfg . TKAInitFinishResponse )
2022-10-27 21:40:31 +01:00
err = json . NewDecoder ( & io . LimitedReader { R : res . Body , N : 1024 * 1024 } ) . Decode ( a )
2022-10-04 00:07:34 +01:00
res . Body . Close ( )
if err != nil {
return nil , fmt . Errorf ( "decoding JSON: %w" , err )
}
return a , nil
2022-08-11 18:43:09 +01:00
}
2022-09-07 00:34:16 +01:00
// tkaFetchBootstrap sends a /machine/tka/bootstrap RPC to the control plane
// over noise. This is used to get values necessary to enable or disable TKA.
2022-09-21 21:27:58 +01:00
func ( b * LocalBackend ) tkaFetchBootstrap ( ourNodeKey key . NodePublic , head tka . AUMHash ) ( * tailcfg . TKABootstrapResponse , error ) {
2022-09-07 00:34:16 +01:00
bootstrapReq := tailcfg . TKABootstrapRequest {
2022-09-21 21:27:58 +01:00
Version : tailcfg . CurrentCapabilityVersion ,
NodeKey : ourNodeKey ,
2022-09-07 00:34:16 +01:00
}
if ! head . IsZero ( ) {
head , err := head . MarshalText ( )
if err != nil {
return nil , fmt . Errorf ( "head.MarshalText failed: %v" , err )
}
bootstrapReq . Head = string ( head )
}
var req bytes . Buffer
if err := json . NewEncoder ( & req ) . Encode ( bootstrapReq ) ; err != nil {
return nil , fmt . Errorf ( "encoding request: %v" , err )
}
ctx , cancel := context . WithTimeout ( context . Background ( ) , time . Minute )
defer cancel ( )
if err := ctx . Err ( ) ; err != nil {
return nil , fmt . Errorf ( "ctx: %w" , err )
}
req2 , err := http . NewRequestWithContext ( ctx , "GET" , "https://unused/machine/tka/bootstrap" , & req )
if err != nil {
return nil , fmt . Errorf ( "req: %w" , err )
}
res , err := b . DoNoiseRequest ( req2 )
if err != nil {
return nil , fmt . Errorf ( "resp: %w" , err )
}
if res . StatusCode != 200 {
body , _ := io . ReadAll ( res . Body )
res . Body . Close ( )
return nil , fmt . Errorf ( "request returned (%d): %s" , res . StatusCode , string ( body ) )
}
a := new ( tailcfg . TKABootstrapResponse )
2022-10-27 21:40:31 +01:00
err = json . NewDecoder ( & io . LimitedReader { R : res . Body , N : 1024 * 1024 } ) . Decode ( a )
2022-09-07 00:34:16 +01:00
res . Body . Close ( )
if err != nil {
return nil , fmt . Errorf ( "decoding JSON: %w" , err )
}
return a , nil
}
2022-09-27 20:30:04 +01:00
func fromSyncOffer ( offer tka . SyncOffer ) ( head string , ancestors [ ] string , err error ) {
headBytes , err := offer . Head . MarshalText ( )
if err != nil {
return "" , nil , fmt . Errorf ( "head.MarshalText: %v" , err )
}
ancestors = make ( [ ] string , len ( offer . Ancestors ) )
for i , ancestor := range offer . Ancestors {
hash , err := ancestor . MarshalText ( )
if err != nil {
return "" , nil , fmt . Errorf ( "ancestor[%d].MarshalText: %v" , i , err )
}
ancestors [ i ] = string ( hash )
}
return string ( headBytes ) , ancestors , nil
}
// tkaDoSyncOffer sends a /machine/tka/sync/offer RPC to the control plane
// over noise. This is the first of two RPCs implementing tka synchronization.
func ( b * LocalBackend ) tkaDoSyncOffer ( ourNodeKey key . NodePublic , offer tka . SyncOffer ) ( * tailcfg . TKASyncOfferResponse , error ) {
head , ancestors , err := fromSyncOffer ( offer )
if err != nil {
return nil , fmt . Errorf ( "encoding offer: %v" , err )
}
syncReq := tailcfg . TKASyncOfferRequest {
Version : tailcfg . CurrentCapabilityVersion ,
NodeKey : ourNodeKey ,
Head : head ,
Ancestors : ancestors ,
}
var req bytes . Buffer
if err := json . NewEncoder ( & req ) . Encode ( syncReq ) ; err != nil {
return nil , fmt . Errorf ( "encoding request: %v" , err )
}
ctx , cancel := context . WithTimeout ( context . Background ( ) , time . Minute )
defer cancel ( )
req2 , err := http . NewRequestWithContext ( ctx , "GET" , "https://unused/machine/tka/sync/offer" , & req )
if err != nil {
return nil , fmt . Errorf ( "req: %w" , err )
}
res , err := b . DoNoiseRequest ( req2 )
if err != nil {
return nil , fmt . Errorf ( "resp: %w" , err )
}
if res . StatusCode != 200 {
body , _ := io . ReadAll ( res . Body )
res . Body . Close ( )
return nil , fmt . Errorf ( "request returned (%d): %s" , res . StatusCode , string ( body ) )
}
a := new ( tailcfg . TKASyncOfferResponse )
2022-10-27 21:40:31 +01:00
err = json . NewDecoder ( & io . LimitedReader { R : res . Body , N : 10 * 1024 * 1024 } ) . Decode ( a )
2022-09-27 20:30:04 +01:00
res . Body . Close ( )
if err != nil {
return nil , fmt . Errorf ( "decoding JSON: %w" , err )
}
return a , nil
}
// tkaDoSyncSend sends a /machine/tka/sync/send RPC to the control plane
// over noise. This is the second of two RPCs implementing tka synchronization.
2022-10-27 21:40:31 +01:00
func ( b * LocalBackend ) tkaDoSyncSend ( ourNodeKey key . NodePublic , head tka . AUMHash , aums [ ] tka . AUM , interactive bool ) ( * tailcfg . TKASyncSendResponse , error ) {
headBytes , err := head . MarshalText ( )
if err != nil {
return nil , fmt . Errorf ( "head.MarshalText: %w" , err )
}
2022-09-27 20:30:04 +01:00
sendReq := tailcfg . TKASyncSendRequest {
Version : tailcfg . CurrentCapabilityVersion ,
NodeKey : ourNodeKey ,
2022-10-27 21:40:31 +01:00
Head : string ( headBytes ) ,
2022-09-27 20:30:04 +01:00
MissingAUMs : make ( [ ] tkatype . MarshaledAUM , len ( aums ) ) ,
2022-10-04 00:07:34 +01:00
Interactive : interactive ,
2022-09-27 20:30:04 +01:00
}
for i , a := range aums {
sendReq . MissingAUMs [ i ] = a . Serialize ( )
}
var req bytes . Buffer
if err := json . NewEncoder ( & req ) . Encode ( sendReq ) ; err != nil {
return nil , fmt . Errorf ( "encoding request: %v" , err )
}
ctx , cancel := context . WithTimeout ( context . Background ( ) , time . Minute )
defer cancel ( )
req2 , err := http . NewRequestWithContext ( ctx , "GET" , "https://unused/machine/tka/sync/send" , & req )
if err != nil {
return nil , fmt . Errorf ( "req: %w" , err )
}
res , err := b . DoNoiseRequest ( req2 )
if err != nil {
return nil , fmt . Errorf ( "resp: %w" , err )
}
if res . StatusCode != 200 {
body , _ := io . ReadAll ( res . Body )
res . Body . Close ( )
return nil , fmt . Errorf ( "request returned (%d): %s" , res . StatusCode , string ( body ) )
}
a := new ( tailcfg . TKASyncSendResponse )
2022-10-27 21:40:31 +01:00
err = json . NewDecoder ( & io . LimitedReader { R : res . Body , N : 10 * 1024 * 1024 } ) . Decode ( a )
res . Body . Close ( )
if err != nil {
return nil , fmt . Errorf ( "decoding JSON: %w" , err )
}
return a , nil
}
func ( b * LocalBackend ) tkaDoDisablement ( ourNodeKey key . NodePublic , head tka . AUMHash , secret [ ] byte ) ( * tailcfg . TKADisableResponse , error ) {
headBytes , err := head . MarshalText ( )
if err != nil {
return nil , fmt . Errorf ( "head.MarshalText: %w" , err )
}
var req bytes . Buffer
if err := json . NewEncoder ( & req ) . Encode ( tailcfg . TKADisableRequest {
Version : tailcfg . CurrentCapabilityVersion ,
NodeKey : ourNodeKey ,
Head : string ( headBytes ) ,
DisablementSecret : secret ,
} ) ; err != nil {
return nil , fmt . Errorf ( "encoding request: %v" , err )
}
ctx , cancel := context . WithTimeout ( context . Background ( ) , time . Minute )
defer cancel ( )
req2 , err := http . NewRequestWithContext ( ctx , "GET" , "https://unused/machine/tka/disable" , & req )
if err != nil {
return nil , fmt . Errorf ( "req: %w" , err )
}
res , err := b . DoNoiseRequest ( req2 )
if err != nil {
return nil , fmt . Errorf ( "resp: %w" , err )
}
if res . StatusCode != 200 {
body , _ := io . ReadAll ( res . Body )
res . Body . Close ( )
return nil , fmt . Errorf ( "request returned (%d): %s" , res . StatusCode , string ( body ) )
}
a := new ( tailcfg . TKADisableResponse )
err = json . NewDecoder ( & io . LimitedReader { R : res . Body , N : 1024 * 1024 } ) . Decode ( a )
2022-09-27 20:30:04 +01:00
res . Body . Close ( )
if err != nil {
return nil , fmt . Errorf ( "decoding JSON: %w" , err )
}
return a , nil
}
2022-10-31 23:47:51 +00:00
func ( b * LocalBackend ) tkaSubmitSignature ( ourNodeKey key . NodePublic , sig tkatype . MarshaledSignature ) ( * tailcfg . TKASubmitSignatureResponse , error ) {
var req bytes . Buffer
if err := json . NewEncoder ( & req ) . Encode ( tailcfg . TKASubmitSignatureRequest {
Version : tailcfg . CurrentCapabilityVersion ,
NodeKey : ourNodeKey ,
Signature : sig ,
} ) ; err != nil {
return nil , fmt . Errorf ( "encoding request: %v" , err )
}
ctx , cancel := context . WithTimeout ( context . Background ( ) , time . Minute )
defer cancel ( )
req2 , err := http . NewRequestWithContext ( ctx , "GET" , "https://unused/machine/tka/sign" , & req )
if err != nil {
return nil , fmt . Errorf ( "req: %w" , err )
}
res , err := b . DoNoiseRequest ( req2 )
if err != nil {
return nil , fmt . Errorf ( "resp: %w" , err )
}
if res . StatusCode != 200 {
body , _ := io . ReadAll ( res . Body )
res . Body . Close ( )
return nil , fmt . Errorf ( "request returned (%d): %s" , res . StatusCode , string ( body ) )
}
a := new ( tailcfg . TKASubmitSignatureResponse )
err = json . NewDecoder ( & io . LimitedReader { R : res . Body , N : 1024 * 1024 } ) . Decode ( a )
res . Body . Close ( )
if err != nil {
return nil , fmt . Errorf ( "decoding JSON: %w" , err )
}
return a , nil
}
2023-03-01 20:47:29 +00:00
func ( b * LocalBackend ) tkaReadAffectedSigs ( ourNodeKey key . NodePublic , key tkatype . KeyID ) ( * tailcfg . TKASignaturesUsingKeyResponse , error ) {
var encodedReq bytes . Buffer
if err := json . NewEncoder ( & encodedReq ) . Encode ( tailcfg . TKASignaturesUsingKeyRequest {
Version : tailcfg . CurrentCapabilityVersion ,
NodeKey : ourNodeKey ,
KeyID : key ,
} ) ; err != nil {
return nil , fmt . Errorf ( "encoding request: %v" , err )
}
ctx , cancel := context . WithTimeout ( context . Background ( ) , time . Minute )
defer cancel ( )
req , err := http . NewRequestWithContext ( ctx , "GET" , "https://unused/machine/tka/affected-sigs" , & encodedReq )
if err != nil {
return nil , fmt . Errorf ( "req: %w" , err )
}
resp , err := b . DoNoiseRequest ( req )
if err != nil {
return nil , fmt . Errorf ( "resp: %w" , err )
}
if resp . StatusCode != 200 {
body , _ := io . ReadAll ( resp . Body )
resp . Body . Close ( )
return nil , fmt . Errorf ( "request returned (%d): %s" , resp . StatusCode , string ( body ) )
}
a := new ( tailcfg . TKASignaturesUsingKeyResponse )
err = json . NewDecoder ( & io . LimitedReader { R : resp . Body , N : 1024 * 1024 } ) . Decode ( a )
resp . Body . Close ( )
if err != nil {
return nil , fmt . Errorf ( "decoding JSON: %w" , err )
}
return a , nil
}