wgengine: update for tailscale/wireguard-go API changes
* update to new HandshakeDone signature
* use new Device.IpcGetOperationFiltered call to avoid sending allowed_ips
See dd6c1c8fe1
This commit is contained in:
parent
44baa3463f
commit
cdfea347d0
2
go.mod
2
go.mod
|
@ -21,7 +21,7 @@ require (
|
||||||
github.com/pborman/getopt v0.0.0-20190409184431-ee0cd42419d3
|
github.com/pborman/getopt v0.0.0-20190409184431-ee0cd42419d3
|
||||||
github.com/peterbourgon/ff/v2 v2.0.0
|
github.com/peterbourgon/ff/v2 v2.0.0
|
||||||
github.com/tailscale/winipcfg-go v0.0.0-20200413171540-609dcf2df55f
|
github.com/tailscale/winipcfg-go v0.0.0-20200413171540-609dcf2df55f
|
||||||
github.com/tailscale/wireguard-go v0.0.0-20200710044538-9320f191f6b1
|
github.com/tailscale/wireguard-go v0.0.0-20200716032321-dd6c1c8fe14c
|
||||||
github.com/tcnksm/go-httpstat v0.2.0
|
github.com/tcnksm/go-httpstat v0.2.0
|
||||||
github.com/toqueteos/webbrowser v1.2.0
|
github.com/toqueteos/webbrowser v1.2.0
|
||||||
go4.org/mem v0.0.0-20200706164138-185c595c3ecc
|
go4.org/mem v0.0.0-20200706164138-185c595c3ecc
|
||||||
|
|
2
go.sum
2
go.sum
|
@ -89,6 +89,8 @@ github.com/tailscale/winipcfg-go v0.0.0-20200413171540-609dcf2df55f h1:uFj5bslHs
|
||||||
github.com/tailscale/winipcfg-go v0.0.0-20200413171540-609dcf2df55f/go.mod h1:x880GWw5fvrl2DVTQ04ttXQD4DuppTt1Yz6wLibbjNE=
|
github.com/tailscale/winipcfg-go v0.0.0-20200413171540-609dcf2df55f/go.mod h1:x880GWw5fvrl2DVTQ04ttXQD4DuppTt1Yz6wLibbjNE=
|
||||||
github.com/tailscale/wireguard-go v0.0.0-20200710044538-9320f191f6b1 h1:zMEeWu/X0l+xFnsbri69miflb3HIKoLwedZHD5xx6Mk=
|
github.com/tailscale/wireguard-go v0.0.0-20200710044538-9320f191f6b1 h1:zMEeWu/X0l+xFnsbri69miflb3HIKoLwedZHD5xx6Mk=
|
||||||
github.com/tailscale/wireguard-go v0.0.0-20200710044538-9320f191f6b1/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
|
github.com/tailscale/wireguard-go v0.0.0-20200710044538-9320f191f6b1/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
|
||||||
|
github.com/tailscale/wireguard-go v0.0.0-20200716032321-dd6c1c8fe14c h1:45GoTCd7XoVVet8ws6q1p8DBvWz3tDrUZ60030+Y+C4=
|
||||||
|
github.com/tailscale/wireguard-go v0.0.0-20200716032321-dd6c1c8fe14c/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
|
||||||
github.com/tcnksm/go-httpstat v0.2.0 h1:rP7T5e5U2HfmOBmZzGgGZjBQ5/GluWUylujl0tJ04I0=
|
github.com/tcnksm/go-httpstat v0.2.0 h1:rP7T5e5U2HfmOBmZzGgGZjBQ5/GluWUylujl0tJ04I0=
|
||||||
github.com/tcnksm/go-httpstat v0.2.0/go.mod h1:s3JVJFtQxtBEBC9dwcdTTXS9xFnM3SXAZwPG41aurT8=
|
github.com/tcnksm/go-httpstat v0.2.0/go.mod h1:s3JVJFtQxtBEBC9dwcdTTXS9xFnM3SXAZwPG41aurT8=
|
||||||
github.com/toqueteos/webbrowser v1.2.0 h1:tVP/gpK69Fx+qMJKsLE7TD8LuGWPnEV71wBN9rrstGQ=
|
github.com/toqueteos/webbrowser v1.2.0 h1:tVP/gpK69Fx+qMJKsLE7TD8LuGWPnEV71wBN9rrstGQ=
|
||||||
|
|
|
@ -12,7 +12,6 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"log"
|
"log"
|
||||||
"net"
|
|
||||||
"os"
|
"os"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
"runtime"
|
"runtime"
|
||||||
|
@ -233,7 +232,7 @@ func newUserspaceEngineAdvanced(conf EngineConfig) (_ Engine, reterr error) {
|
||||||
|
|
||||||
opts := &device.DeviceOptions{
|
opts := &device.DeviceOptions{
|
||||||
Logger: &logger,
|
Logger: &logger,
|
||||||
HandshakeDone: func(peerKey wgcfg.Key, allowedIPs []net.IPNet) {
|
HandshakeDone: func(peerKey wgcfg.Key, peer *device.Peer, deviceAllowedIPs *device.AllowedIPs) {
|
||||||
// Send an unsolicited status event every time a
|
// Send an unsolicited status event every time a
|
||||||
// handshake completes. This makes sure our UI can
|
// handshake completes. This makes sure our UI can
|
||||||
// update quickly as soon as it connects to a peer.
|
// update quickly as soon as it connects to a peer.
|
||||||
|
@ -247,6 +246,7 @@ func newUserspaceEngineAdvanced(conf EngineConfig) (_ Engine, reterr error) {
|
||||||
// Ping every single-IP that peer routes.
|
// Ping every single-IP that peer routes.
|
||||||
// These synthetic packets are used to traverse NATs.
|
// These synthetic packets are used to traverse NATs.
|
||||||
var ips []wgcfg.IP
|
var ips []wgcfg.IP
|
||||||
|
allowedIPs := deviceAllowedIPs.EntriesForPeer(peer)
|
||||||
for _, ipNet := range allowedIPs {
|
for _, ipNet := range allowedIPs {
|
||||||
if ones, bits := ipNet.Mask.Size(); ones == bits && ones != 0 {
|
if ones, bits := ipNet.Mask.Size(); ones == bits && ones != 0 {
|
||||||
var ip wgcfg.IP
|
var ip wgcfg.IP
|
||||||
|
@ -666,7 +666,12 @@ func (e *userspaceEngine) getStatus() (*Status, error) {
|
||||||
bw := bufio.NewWriterSize(pw, lineLen)
|
bw := bufio.NewWriterSize(pw, lineLen)
|
||||||
// TODO(apenwarr): get rid of silly uapi stuff for in-process comms
|
// TODO(apenwarr): get rid of silly uapi stuff for in-process comms
|
||||||
// FIXME: get notified of status changes instead of polling.
|
// FIXME: get notified of status changes instead of polling.
|
||||||
if err := e.wgdev.IpcGetOperation(bw); err != nil {
|
filter := device.IPCGetFilter{
|
||||||
|
// The allowed_ips are somewhat expensive to compute and they're
|
||||||
|
// unused below; request that they not be sent instead.
|
||||||
|
FilterAllowedIPs: true,
|
||||||
|
}
|
||||||
|
if err := e.wgdev.IpcGetOperationFiltered(bw, filter); err != nil {
|
||||||
errc <- fmt.Errorf("IpcGetOperation: %w", err)
|
errc <- fmt.Errorf("IpcGetOperation: %w", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue