Commit Graph

2280 Commits

Author SHA1 Message Date
Ward Vandewege cb2ea300ad Fix linter errors. 2021-11-27 13:59:39 -05:00
Kristoffer Dalby c38f00fab8 Unmarshal keys in the non-deprecated way 2021-11-26 23:50:42 +00:00
Kristoffer Dalby 0012c76170 Make it easier to run cli integration tests 2021-11-26 23:34:11 +00:00
Kristoffer Dalby cfd53bc4aa Factor wgkey to types/key
This commit converts all the uses of wgkey to the new key interfaces.

It now has specific  machine, node and discovery keys and we now should
use them correctly.

Please note the new logic which strips a key prefix (in utils.go) that
is now standard inside tailscale.

In theory we could put it in the database, but to preserve backwards
compatibility and not spend a lot of resources on accounting for both,
we just strip them.
2021-11-26 23:30:42 +00:00
Kristoffer Dalby 07418140a2 Remove config loading of private key path 2021-11-26 23:29:41 +00:00
Kristoffer Dalby c63c259d31 Switch wgkey for types/key
We dont seem to need the wireguard key anymore, we generate a key on
startup based on the new library and the users fetch it from /key.

Clean up app.go and update docs
2021-11-26 23:28:06 +00:00
Kristoffer Dalby 50b47adaa3 Upgrade tailscale to 1.18 2021-11-26 23:27:09 +00:00
Ward Vandewege b6ae60cc44 The `create-node` subcommand under `debug` needs a 64 character key. 2021-11-26 14:49:51 -05:00
Ward Vandewege d944aa6e79
Merge pull request #237 from cure/preauthkeys-fix-default-expiration
Fix default preauthkey expiration
2021-11-26 11:09:43 -05:00
Kristoffer Dalby 06f05d6cc2
Merge branch 'main' into preauthkeys-fix-default-expiration 2021-11-26 15:46:00 +00:00
Kristoffer Dalby 0819c6515a
Merge pull request #238 from juanfont/kradalby-patch-3 2021-11-26 15:45:38 +00:00
Ward Vandewege c7f3e0632b When creating a preauthkey, the default expiration was passed through as
a nil value, instead of the default value (1h). This resulted in the
preauthkey being created with expiration key '0001-01-01 00:00:00',
which meant the key would not work, because it was already expired.

This commit applies the default expiration time (1h) when a preauthkey
is created without a specific expiration. It also updates an integration
test to make sure this bug does not reoccur.
2021-11-26 10:04:26 -05:00
Kristoffer Dalby 58fd6c4ba5
Revert postgres constant value
changes "postgresql" to "postgres"
2021-11-26 07:13:00 +00:00
Kristoffer Dalby aab4a6043a
Merge branch 'main' into kradalby-patch-2 2021-11-25 08:38:59 +00:00
Kristoffer Dalby a52a4d45c0
Merge pull request #236 from restanrm/fix-derp-example-config
fix(derp-example): change regionid in node
2021-11-25 08:37:45 +00:00
Juan Font 45bc3f7a09
Merge branch 'main' into fix-derp-example-config 2021-11-24 18:57:31 +01:00
Kristoffer Dalby 5620858549
Merge pull request #227 from kradalby/expired-issue 2021-11-24 17:49:33 +00:00
Adrien Raffin-Caboisse f2e273b8a2 fix(derp-example): change regionid in nodes
Using a wrong regionid value lead to non working DERP custom server. No checks are performed for this kind of errors making it difficult to find.
2021-11-24 15:54:22 +01:00
Kristoffer Dalby cec1e86b58 Add missing request arguemnt 2021-11-24 12:16:56 +00:00
Kristoffer Dalby dcbf289470 Rename idKey to machineKey to keep consistency 2021-11-24 12:15:55 +00:00
Kristoffer Dalby fdd64d98c8 Add missing iff to handle expired preauthkey machines 2021-11-24 12:15:32 +00:00
Kristoffer Dalby 9968992be0 Fix prettier 2021-11-24 10:47:20 +00:00
Kristoffer Dalby f50f9ac894 Merge branch 'expired-issue' of github.com:kradalby/headscale into expired-issue 2021-11-24 10:13:49 +00:00
Kristoffer Dalby 2eca344f0e Fix gocritic 2021-11-24 10:13:41 +00:00
Kristoffer Dalby 349264830b
Use .1 2021-11-23 11:27:44 +00:00
Kristoffer Dalby 0b5c29022b
Merge branch 'main' into expired-issue 2021-11-22 20:13:33 +00:00
Kristoffer Dalby 1f1c45a2c0 Fix cli_test 2021-11-22 19:59:44 +00:00
Kristoffer Dalby 68dc2a70db Update neighbours if node is expired or refreshed
In addition, only pass the map of registered and not expired nodes to
clients.
2021-11-22 19:51:16 +00:00
Kristoffer Dalby caf1b1cabc Fix typo 2021-11-22 19:35:24 +00:00
Kristoffer Dalby 021c464148 Add cache for requested expiry times
This commit adds a sentral cache to keep track of clients whom has
requested an expiry time, but were we need to keep hold of it until the
second request comes in.
2021-11-22 19:32:52 +00:00
Kristoffer Dalby e600ead3e9 Make sure nodes can reauthenticate
This commit fixes an issue where nodes were not able to reauthenticate.
2021-11-22 19:32:11 +00:00
Kristoffer Dalby 200c10e48c Add missing return in oidc.go 2021-11-22 17:22:47 +00:00
Kristoffer Dalby e8faff4fe2 Use uint64 straight instead of converting 2021-11-22 17:22:22 +00:00
Kristoffer Dalby 5cbd4513a4 Simplify register function if 2021-11-22 17:21:56 +00:00
Kristoffer Dalby a477c808c7
Merge pull request #230 from lion24/patch-1 2021-11-22 09:47:37 +00:00
Kristoffer Dalby 74044f62f4
Remove anouther potential error leak 2021-11-21 21:54:19 +00:00
Kristoffer Dalby fcd4d94927
Clean up logging and error handling in oidc
We should never expose errors via web, it gives attackers a lot of info
(Insert OWASP guide).

Also handle error that didnt separate not found gorm issue and other
errors.
2021-11-21 21:51:39 +00:00
Kristoffer Dalby fac33e46e1
Add long description for expire 2021-11-21 21:35:36 +00:00
Kristoffer Dalby b152e53b13
Use correct type for nodes command 2021-11-21 21:34:03 +00:00
Kristoffer Dalby 1687e3b03f
Removed unused parameter 2021-11-21 21:29:27 +00:00
Kristoffer Dalby c2393685f1
Remove expiry update in expiry, we dont want to extend it just because they _try_ to connect 2021-11-21 21:14:40 +00:00
Kristoffer Dalby fd5f42c2e6
Move handle expired machine to the end of registration 2021-11-21 21:14:13 +00:00
Kristoffer Dalby bda2d9c3b0 Remove unused param 2021-11-21 14:00:48 +00:00
Kristoffer Dalby c4ecc4db91 Simplify control flow in RegistrationHandler
This commits tries to dismantle the complicated "if and or" in the
RegistrationHandler by factoring out the "is Registrated" into a root
if.

This, together with some new comments, should hopefully make it a bit
easier to follow what is happening in all the different cases that needs
to be handled when a Node contacts the registration endpoint.
2021-11-21 13:59:24 +00:00
Kristoffer Dalby 8ccc51ae57 Remove special case for authkey
We no longer have weird expire behaviour, so we dont need this case
2021-11-21 13:45:19 +00:00
Kristoffer Dalby a2b9f3bede Add expire (logout) machine command 2021-11-21 13:40:44 +00:00
Kristoffer Dalby bd1d1b1a3b Implement ExpireMachine rpc 2021-11-21 13:40:19 +00:00
Kristoffer Dalby f1c05f8010 Add ExpireMachine spec to rpc 2021-11-21 13:40:04 +00:00
Kristoffer Dalby f85a77edb5 Remove println statement 2021-11-21 09:48:59 +00:00
Kristoffer Dalby 1c7aff5dd9 Add expired column to machine list command 2021-11-21 09:44:38 +00:00