Redo route code (#2422)

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2025-11-07 21:02:51 -05:00 · 2025-02-26 07:22:55 -08:00
parent 16868190c8
commit 7891378f57
53 changed files with 2977 additions and 6251 deletions
--- a/hscontrol/grpcv1.go
+++ b/hscontrol/grpcv1.go
@@ -6,7 +6,9 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"net/netip"
 	"os"
+	"slices"
 	"sort"
 	"strings"
 	"time"
@@ -18,6 +20,7 @@ import (
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/timestamppb"
 	"gorm.io/gorm"
+	"tailscale.com/net/tsaddr"
 	"tailscale.com/tailcfg"
 	"tailscale.com/types/key"

@@ -326,6 +329,51 @@ func (api headscaleV1APIServer) SetTags(
 	return &v1.SetTagsResponse{Node: node.Proto()}, nil
 }

+func (api headscaleV1APIServer) SetApprovedRoutes(
+	ctx context.Context,
+	request *v1.SetApprovedRoutesRequest,
+) (*v1.SetApprovedRoutesResponse, error) {
+	var routes []netip.Prefix
+	for _, route := range request.GetRoutes() {
+		prefix, err := netip.ParsePrefix(route)
+		if err != nil {
+			return nil, fmt.Errorf("parsing route: %w", err)
+		}
+
+		// If the prefix is an exit route, add both. The client expect both
+		// to annotate the node as an exit node.
+		if prefix == tsaddr.AllIPv4() || prefix == tsaddr.AllIPv6() {
+			routes = append(routes, tsaddr.AllIPv4(), tsaddr.AllIPv6())
+		} else {
+			routes = append(routes, prefix)
+		}
+	}
+	slices.SortFunc(routes, util.ComparePrefix)
+	slices.Compact(routes)
+
+	node, err := db.Write(api.h.db.DB, func(tx *gorm.DB) (*types.Node, error) {
+		err := db.SetApprovedRoutes(tx, types.NodeID(request.GetNodeId()), routes)
+		if err != nil {
+			return nil, err
+		}
+
+		return db.GetNodeByID(tx, types.NodeID(request.GetNodeId()))
+	})
+	if err != nil {
+		return nil, status.Error(codes.InvalidArgument, err.Error())
+	}
+
+	if api.h.primaryRoutes.SetRoutes(node.ID, node.SubnetRoutes()...) {
+		ctx := types.NotifyCtx(ctx, "poll-primary-change", node.Hostname)
+		api.h.nodeNotifier.NotifyAll(ctx, types.UpdateFull())
+	} else {
+		ctx = types.NotifyCtx(ctx, "cli-approveroutes", node.Hostname)
+		api.h.nodeNotifier.NotifyWithIgnore(ctx, types.UpdatePeerChanged(node.ID), node.ID)
+	}
+
+	return &v1.SetApprovedRoutesResponse{Node: node.Proto()}, nil
+}
+
 func validateTag(tag string) error {
 	if strings.Index(tag, "tag:") != 0 {
 		return errors.New("tag must start with the string 'tag:'")
@@ -348,10 +396,7 @@ func (api headscaleV1APIServer) DeleteNode(
 		return nil, err
 	}

-	changedNodes, err := api.h.db.DeleteNode(
-		node,
-		api.h.nodeNotifier.LikelyConnectedMap(),
-	)
+	err = api.h.db.DeleteNode(node)
 	if err != nil {
 		return nil, err
 	}
@@ -359,10 +404,6 @@ func (api headscaleV1APIServer) DeleteNode(
 	ctx = types.NotifyCtx(ctx, "cli-deletenode", node.Hostname)
 	api.h.nodeNotifier.NotifyAll(ctx, types.UpdatePeerRemoved(node.ID))

-	if changedNodes != nil {
-		api.h.nodeNotifier.NotifyAll(ctx, types.UpdatePeerChanged(changedNodes...))
-	}
-
 	return &v1.DeleteNodeResponse{}, nil
 }

@@ -533,100 +574,6 @@ func (api headscaleV1APIServer) BackfillNodeIPs(
 	return &v1.BackfillNodeIPsResponse{Changes: changes}, nil
 }

-func (api headscaleV1APIServer) GetRoutes(
-	ctx context.Context,
-	request *v1.GetRoutesRequest,
-) (*v1.GetRoutesResponse, error) {
-	routes, err := db.Read(api.h.db.DB, func(rx *gorm.DB) (types.Routes, error) {
-		return db.GetRoutes(rx)
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	return &v1.GetRoutesResponse{
-		Routes: types.Routes(routes).Proto(),
-	}, nil
-}
-
-func (api headscaleV1APIServer) EnableRoute(
-	ctx context.Context,
-	request *v1.EnableRouteRequest,
-) (*v1.EnableRouteResponse, error) {
-	update, err := db.Write(api.h.db.DB, func(tx *gorm.DB) (*types.StateUpdate, error) {
-		return db.EnableRoute(tx, request.GetRouteId())
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	if update != nil {
-		ctx := types.NotifyCtx(ctx, "cli-enableroute", "unknown")
-		api.h.nodeNotifier.NotifyAll(
-			ctx, *update)
-	}
-
-	return &v1.EnableRouteResponse{}, nil
-}
-
-func (api headscaleV1APIServer) DisableRoute(
-	ctx context.Context,
-	request *v1.DisableRouteRequest,
-) (*v1.DisableRouteResponse, error) {
-	update, err := db.Write(api.h.db.DB, func(tx *gorm.DB) ([]types.NodeID, error) {
-		return db.DisableRoute(tx, request.GetRouteId(), api.h.nodeNotifier.LikelyConnectedMap())
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	if update != nil {
-		ctx := types.NotifyCtx(ctx, "cli-disableroute", "unknown")
-		api.h.nodeNotifier.NotifyAll(ctx, types.UpdatePeerChanged(update...))
-	}
-
-	return &v1.DisableRouteResponse{}, nil
-}
-
-func (api headscaleV1APIServer) GetNodeRoutes(
-	ctx context.Context,
-	request *v1.GetNodeRoutesRequest,
-) (*v1.GetNodeRoutesResponse, error) {
-	node, err := api.h.db.GetNodeByID(types.NodeID(request.GetNodeId()))
-	if err != nil {
-		return nil, err
-	}
-
-	routes, err := api.h.db.GetNodeRoutes(node)
-	if err != nil {
-		return nil, err
-	}
-
-	return &v1.GetNodeRoutesResponse{
-		Routes: types.Routes(routes).Proto(),
-	}, nil
-}
-
-func (api headscaleV1APIServer) DeleteRoute(
-	ctx context.Context,
-	request *v1.DeleteRouteRequest,
-) (*v1.DeleteRouteResponse, error) {
-	isConnected := api.h.nodeNotifier.LikelyConnectedMap()
-	update, err := db.Write(api.h.db.DB, func(tx *gorm.DB) ([]types.NodeID, error) {
-		return db.DeleteRoute(tx, request.GetRouteId(), isConnected)
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	if update != nil {
-		ctx := types.NotifyCtx(ctx, "cli-deleteroute", "unknown")
-		api.h.nodeNotifier.NotifyAll(ctx, types.UpdatePeerChanged(update...))
-	}
-
-	return &v1.DeleteRouteResponse{}, nil
-}
-
 func (api headscaleV1APIServer) CreateApiKey(
 	ctx context.Context,
 	request *v1.CreateApiKeyRequest,