remove versions older than 1.56 (#2149)
* remove versions older than 1.56 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * remove code no longer needed for new clients Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * update changelog Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> --------- Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
parent
07b596d3cc
commit
4f2fb65929
|
@ -2,6 +2,8 @@
|
||||||
|
|
||||||
## Next
|
## Next
|
||||||
|
|
||||||
|
- Remove versions older than 1.56 [#2149](https://github.com/juanfont/headscale/pull/2149)
|
||||||
|
- Clean up old code required by old versions
|
||||||
- Improved compatibilty of built-in DERP server with clients connecting over WebSocket.
|
- Improved compatibilty of built-in DERP server with clients connecting over WebSocket.
|
||||||
- Allow nodes to use SSH agent forwarding [#2145](https://github.com/juanfont/headscale/pull/2145)
|
- Allow nodes to use SSH agent forwarding [#2145](https://github.com/juanfont/headscale/pull/2145)
|
||||||
|
|
||||||
|
|
|
@ -244,11 +244,11 @@ func Test_fullMapResponse(t *testing.T) {
|
||||||
PrimaryRoutes: []netip.Prefix{netip.MustParsePrefix("192.168.0.0/24")},
|
PrimaryRoutes: []netip.Prefix{netip.MustParsePrefix("192.168.0.0/24")},
|
||||||
LastSeen: &lastSeen,
|
LastSeen: &lastSeen,
|
||||||
MachineAuthorized: true,
|
MachineAuthorized: true,
|
||||||
Capabilities: []tailcfg.NodeCapability{
|
|
||||||
tailcfg.CapabilityFileSharing,
|
CapMap: tailcfg.NodeCapMap{
|
||||||
tailcfg.CapabilityAdmin,
|
tailcfg.CapabilityFileSharing: []tailcfg.RawMessage{},
|
||||||
tailcfg.CapabilitySSH,
|
tailcfg.CapabilityAdmin: []tailcfg.RawMessage{},
|
||||||
tailcfg.NodeAttrDisableUPnP,
|
tailcfg.CapabilitySSH: []tailcfg.RawMessage{},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -299,11 +299,11 @@ func Test_fullMapResponse(t *testing.T) {
|
||||||
PrimaryRoutes: []netip.Prefix{},
|
PrimaryRoutes: []netip.Prefix{},
|
||||||
LastSeen: &lastSeen,
|
LastSeen: &lastSeen,
|
||||||
MachineAuthorized: true,
|
MachineAuthorized: true,
|
||||||
Capabilities: []tailcfg.NodeCapability{
|
|
||||||
tailcfg.CapabilityFileSharing,
|
CapMap: tailcfg.NodeCapMap{
|
||||||
tailcfg.CapabilityAdmin,
|
tailcfg.CapabilityFileSharing: []tailcfg.RawMessage{},
|
||||||
tailcfg.CapabilitySSH,
|
tailcfg.CapabilityAdmin: []tailcfg.RawMessage{},
|
||||||
tailcfg.NodeAttrDisableUPnP,
|
tailcfg.CapabilitySSH: []tailcfg.RawMessage{},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -114,32 +114,14 @@ func tailNode(
|
||||||
Expired: node.IsExpired(),
|
Expired: node.IsExpired(),
|
||||||
}
|
}
|
||||||
|
|
||||||
// - 74: 2023-09-18: Client understands NodeCapMap
|
tNode.CapMap = tailcfg.NodeCapMap{
|
||||||
if capVer >= 74 {
|
tailcfg.CapabilityFileSharing: []tailcfg.RawMessage{},
|
||||||
tNode.CapMap = tailcfg.NodeCapMap{
|
tailcfg.CapabilityAdmin: []tailcfg.RawMessage{},
|
||||||
tailcfg.CapabilityFileSharing: []tailcfg.RawMessage{},
|
tailcfg.CapabilitySSH: []tailcfg.RawMessage{},
|
||||||
tailcfg.CapabilityAdmin: []tailcfg.RawMessage{},
|
|
||||||
tailcfg.CapabilitySSH: []tailcfg.RawMessage{},
|
|
||||||
}
|
|
||||||
|
|
||||||
if cfg.RandomizeClientPort {
|
|
||||||
tNode.CapMap[tailcfg.NodeAttrRandomizeClientPort] = []tailcfg.RawMessage{}
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
tNode.Capabilities = []tailcfg.NodeCapability{
|
|
||||||
tailcfg.CapabilityFileSharing,
|
|
||||||
tailcfg.CapabilityAdmin,
|
|
||||||
tailcfg.CapabilitySSH,
|
|
||||||
}
|
|
||||||
|
|
||||||
if cfg.RandomizeClientPort {
|
|
||||||
tNode.Capabilities = append(tNode.Capabilities, tailcfg.NodeAttrRandomizeClientPort)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// - 72: 2023-08-23: TS-2023-006 UPnP issue fixed; UPnP can now be used again
|
if cfg.RandomizeClientPort {
|
||||||
if capVer < 72 {
|
tNode.CapMap[tailcfg.NodeAttrRandomizeClientPort] = []tailcfg.RawMessage{}
|
||||||
tNode.Capabilities = append(tNode.Capabilities, tailcfg.NodeAttrDisableUPnP)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if node.IsOnline == nil || !*node.IsOnline {
|
if node.IsOnline == nil || !*node.IsOnline {
|
||||||
|
|
|
@ -72,9 +72,11 @@ func TestTailNode(t *testing.T) {
|
||||||
Tags: []string{},
|
Tags: []string{},
|
||||||
PrimaryRoutes: []netip.Prefix{},
|
PrimaryRoutes: []netip.Prefix{},
|
||||||
MachineAuthorized: true,
|
MachineAuthorized: true,
|
||||||
Capabilities: []tailcfg.NodeCapability{
|
|
||||||
"https://tailscale.com/cap/file-sharing", "https://tailscale.com/cap/is-admin",
|
CapMap: tailcfg.NodeCapMap{
|
||||||
"https://tailscale.com/cap/ssh", "debug-disable-upnp",
|
tailcfg.CapabilityFileSharing: []tailcfg.RawMessage{},
|
||||||
|
tailcfg.CapabilityAdmin: []tailcfg.RawMessage{},
|
||||||
|
tailcfg.CapabilitySSH: []tailcfg.RawMessage{},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
wantErr: false,
|
wantErr: false,
|
||||||
|
@ -166,11 +168,10 @@ func TestTailNode(t *testing.T) {
|
||||||
LastSeen: &lastSeen,
|
LastSeen: &lastSeen,
|
||||||
MachineAuthorized: true,
|
MachineAuthorized: true,
|
||||||
|
|
||||||
Capabilities: []tailcfg.NodeCapability{
|
CapMap: tailcfg.NodeCapMap{
|
||||||
tailcfg.CapabilityFileSharing,
|
tailcfg.CapabilityFileSharing: []tailcfg.RawMessage{},
|
||||||
tailcfg.CapabilityAdmin,
|
tailcfg.CapabilityAdmin: []tailcfg.RawMessage{},
|
||||||
tailcfg.CapabilitySSH,
|
tailcfg.CapabilitySSH: []tailcfg.RawMessage{},
|
||||||
tailcfg.NodeAttrDisableUPnP,
|
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
wantErr: false,
|
wantErr: false,
|
||||||
|
|
|
@ -37,11 +37,6 @@ var (
|
||||||
Name: "mapresponse_updates_received_total",
|
Name: "mapresponse_updates_received_total",
|
||||||
Help: "total count of mapresponse updates received on update channel",
|
Help: "total count of mapresponse updates received on update channel",
|
||||||
}, []string{"type"})
|
}, []string{"type"})
|
||||||
mapResponseWriteUpdatesInStream = promauto.NewCounterVec(prometheus.CounterOpts{
|
|
||||||
Namespace: prometheusNamespace,
|
|
||||||
Name: "mapresponse_write_updates_in_stream_total",
|
|
||||||
Help: "total count of writes that occurred in a stream session, pre-68 nodes",
|
|
||||||
}, []string{"status"})
|
|
||||||
mapResponseEndpointUpdates = promauto.NewCounterVec(prometheus.CounterOpts{
|
mapResponseEndpointUpdates = promauto.NewCounterVec(prometheus.CounterOpts{
|
||||||
Namespace: prometheusNamespace,
|
Namespace: prometheusNamespace,
|
||||||
Name: "mapresponse_endpoint_updates_total",
|
Name: "mapresponse_endpoint_updates_total",
|
||||||
|
|
|
@ -166,7 +166,7 @@ func (ns *noiseServer) earlyNoise(protocolVersion int, writer io.Writer) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
const (
|
const (
|
||||||
MinimumCapVersion tailcfg.CapabilityVersion = 61
|
MinimumCapVersion tailcfg.CapabilityVersion = 82
|
||||||
)
|
)
|
||||||
|
|
||||||
// NoisePollNetMapHandler takes care of /machine/:id/map using the Noise protocol
|
// NoisePollNetMapHandler takes care of /machine/:id/map using the Noise protocol
|
||||||
|
@ -182,15 +182,6 @@ func (ns *noiseServer) NoisePollNetMapHandler(
|
||||||
writer http.ResponseWriter,
|
writer http.ResponseWriter,
|
||||||
req *http.Request,
|
req *http.Request,
|
||||||
) {
|
) {
|
||||||
log.Trace().
|
|
||||||
Str("handler", "NoisePollNetMap").
|
|
||||||
Msg("PollNetMapHandler called")
|
|
||||||
|
|
||||||
log.Trace().
|
|
||||||
Any("headers", req.Header).
|
|
||||||
Caller().
|
|
||||||
Msg("Headers")
|
|
||||||
|
|
||||||
body, _ := io.ReadAll(req.Body)
|
body, _ := io.ReadAll(req.Body)
|
||||||
|
|
||||||
mapRequest := tailcfg.MapRequest{}
|
mapRequest := tailcfg.MapRequest{}
|
||||||
|
@ -204,6 +195,14 @@ func (ns *noiseServer) NoisePollNetMapHandler(
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Trace().
|
||||||
|
Caller().
|
||||||
|
Str("handler", "NoisePollNetMap").
|
||||||
|
Any("headers", req.Header).
|
||||||
|
Str("node", mapRequest.Hostinfo.Hostname).
|
||||||
|
Int("capver", int(mapRequest.Version)).
|
||||||
|
Msg("PollNetMapHandler called")
|
||||||
|
|
||||||
// Reject unsupported versions
|
// Reject unsupported versions
|
||||||
if mapRequest.Version < MinimumCapVersion {
|
if mapRequest.Version < MinimumCapVersion {
|
||||||
log.Info().
|
log.Info().
|
||||||
|
|
|
@ -214,21 +214,6 @@ func (m *mapSession) serveLongPoll() {
|
||||||
m.infof("node has disconnected, mapSession: %p, chan: %p", m, m.ch)
|
m.infof("node has disconnected, mapSession: %p, chan: %p", m, m.ch)
|
||||||
}()
|
}()
|
||||||
|
|
||||||
// From version 68, all streaming requests can be treated as read only.
|
|
||||||
// TODO: Remove when we drop support for 1.48
|
|
||||||
if m.capVer < 68 {
|
|
||||||
// Error has been handled/written to client in the func
|
|
||||||
// return
|
|
||||||
err := m.handleSaveNode()
|
|
||||||
if err != nil {
|
|
||||||
mapResponseWriteUpdatesInStream.WithLabelValues("error").Inc()
|
|
||||||
|
|
||||||
m.close()
|
|
||||||
return
|
|
||||||
}
|
|
||||||
mapResponseWriteUpdatesInStream.WithLabelValues("ok").Inc()
|
|
||||||
}
|
|
||||||
|
|
||||||
// Set up the client stream
|
// Set up the client stream
|
||||||
m.h.pollNetMapStreamWG.Add(1)
|
m.h.pollNetMapStreamWG.Add(1)
|
||||||
defer m.h.pollNetMapStreamWG.Done()
|
defer m.h.pollNetMapStreamWG.Done()
|
||||||
|
@ -549,72 +534,6 @@ func (m *mapSession) handleEndpointUpdate() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// handleSaveNode saves node updates in the maprequest _streaming_
|
|
||||||
// path and is mostly the same code as in handleEndpointUpdate.
|
|
||||||
// It is not attempted to be deduplicated since it will go away
|
|
||||||
// when we stop supporting older than 68 which removes updates
|
|
||||||
// when the node is streaming.
|
|
||||||
func (m *mapSession) handleSaveNode() error {
|
|
||||||
m.tracef("saving node update from stream session")
|
|
||||||
|
|
||||||
change := m.node.PeerChangeFromMapRequest(m.req)
|
|
||||||
|
|
||||||
// A stream is being set up, the node is Online
|
|
||||||
online := true
|
|
||||||
change.Online = &online
|
|
||||||
|
|
||||||
m.node.ApplyPeerChange(&change)
|
|
||||||
|
|
||||||
sendUpdate, routesChanged := hostInfoChanged(m.node.Hostinfo, m.req.Hostinfo)
|
|
||||||
m.node.Hostinfo = m.req.Hostinfo
|
|
||||||
|
|
||||||
// If there is no changes and nothing to save,
|
|
||||||
// return early.
|
|
||||||
if peerChangeEmpty(change) || !sendUpdate {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check if the Hostinfo of the node has changed.
|
|
||||||
// If it has changed, check if there has been a change to
|
|
||||||
// the routable IPs of the host and update update them in
|
|
||||||
// the database. Then send a Changed update
|
|
||||||
// (containing the whole node object) to peers to inform about
|
|
||||||
// the route change.
|
|
||||||
// If the hostinfo has changed, but not the routes, just update
|
|
||||||
// hostinfo and let the function continue.
|
|
||||||
if routesChanged {
|
|
||||||
var err error
|
|
||||||
_, err = m.h.db.SaveNodeRoutes(m.node)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
if m.h.ACLPolicy != nil {
|
|
||||||
// update routes with peer information
|
|
||||||
err := m.h.db.EnableAutoApprovedRoutes(m.h.ACLPolicy, m.node)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := m.h.db.DB.Save(m.node).Error; err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx := types.NotifyCtx(context.Background(), "pre-68-update-while-stream", m.node.Hostname)
|
|
||||||
m.h.nodeNotifier.NotifyWithIgnore(
|
|
||||||
ctx,
|
|
||||||
types.StateUpdate{
|
|
||||||
Type: types.StatePeerChanged,
|
|
||||||
ChangeNodes: []types.NodeID{m.node.ID},
|
|
||||||
Message: "called from handlePoll -> pre-68-update-while-stream",
|
|
||||||
},
|
|
||||||
m.node.ID)
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (m *mapSession) handleReadOnlyRequest() {
|
func (m *mapSession) handleReadOnlyRequest() {
|
||||||
m.tracef("Client asked for a lite update, responding without peers")
|
m.tracef("Client asked for a lite update, responding without peers")
|
||||||
|
|
||||||
|
|
|
@ -53,21 +53,23 @@ var (
|
||||||
tailscaleVersions2021 = map[string]bool{
|
tailscaleVersions2021 = map[string]bool{
|
||||||
"head": true,
|
"head": true,
|
||||||
"unstable": true,
|
"unstable": true,
|
||||||
"1.70": true, // CapVer: not checked
|
"1.74": true, // CapVer: 106
|
||||||
"1.68": true, // CapVer: not checked
|
"1.72": true, // CapVer: 104
|
||||||
"1.66": true, // CapVer: not checked
|
"1.70": true, // CapVer: 102
|
||||||
"1.64": true, // CapVer: not checked
|
"1.68": true, // CapVer: 97
|
||||||
"1.62": true, // CapVer: not checked
|
"1.66": true, // CapVer: 95
|
||||||
"1.60": true, // CapVer: not checked
|
"1.64": true, // CapVer: 90
|
||||||
"1.58": true, // CapVer: not checked
|
"1.62": true, // CapVer: 88
|
||||||
"1.56": true, // CapVer: 82
|
"1.60": true, // CapVer: 87
|
||||||
"1.54": true, // CapVer: 79
|
"1.58": true, // CapVer: 85
|
||||||
"1.52": true, // CapVer: 79
|
"1.56": true, // Oldest supported version, CapVer: 82
|
||||||
"1.50": true, // CapVer: 74
|
"1.54": false, // CapVer: 79
|
||||||
"1.48": true, // CapVer: 68
|
"1.52": false, // CapVer: 79
|
||||||
"1.46": true, // CapVer: 65
|
"1.50": false, // CapVer: 74
|
||||||
|
"1.48": false, // CapVer: 68
|
||||||
|
"1.46": false, // CapVer: 65
|
||||||
"1.44": false, // CapVer: 63
|
"1.44": false, // CapVer: 63
|
||||||
"1.42": false, // Oldest supported version, CapVer: 61
|
"1.42": false, // CapVer: 61
|
||||||
"1.40": false, // CapVer: 61
|
"1.40": false, // CapVer: 61
|
||||||
"1.38": false, // CapVer: 58
|
"1.38": false, // CapVer: 58
|
||||||
"1.36": false, // CapVer: 56
|
"1.36": false, // CapVer: 56
|
||||||
|
|
Loading…
Reference in New Issue