diff options
| author | James 'zofrex' Sanderson <jsanderson@tailscale.com> | 2024-01-04 18:29:04 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-04 17:29:04 +0000 |
| commit | 10c595d962a43fa1c01642e1ea295b7eb98e74a6 (patch) | |
| tree | b7ba26a09030fe57552ecfb8d7bb7531115a0bc9 /control/controlknobs/controlknobs.go | |
| parent | 3a9450bc06061bbc5813fb27951c6bd6b7e4d351 (diff) | |
| download | tailscale-10c595d962a43fa1c01642e1ea295b7eb98e74a6.tar.xz tailscale-10c595d962a43fa1c01642e1ea295b7eb98e74a6.zip | |
ipn/ipnlocal: refresh node key without blocking if cap enabled (#10529)
Updates tailscale/corp#16016
Signed-off-by: James Sanderson <jsanderson@tailscale.com>
Co-authored-by: Maisem Ali <maisem@tailscale.com>
Diffstat (limited to 'control/controlknobs/controlknobs.go')
| -rw-r--r-- | control/controlknobs/controlknobs.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/control/controlknobs/controlknobs.go b/control/controlknobs/controlknobs.go index fddffde3e..f9ed69812 100644 --- a/control/controlknobs/controlknobs.go +++ b/control/controlknobs/controlknobs.go @@ -64,6 +64,11 @@ type Knobs struct { // LinuxForceNfTables is whether the node should use nftables for Linux // netfiltering, unless overridden by the user. LinuxForceNfTables atomic.Bool + + // SeamlessKeyRenewal is whether to enable the alpha functionality of + // renewing node keys without breaking connections. + // http://go/seamless-key-renewal + SeamlessKeyRenewal atomic.Bool } // UpdateFromNodeAttributes updates k (if non-nil) based on the provided self @@ -89,6 +94,7 @@ func (k *Knobs) UpdateFromNodeAttributes(selfNodeAttrs []tailcfg.NodeCapability, silentDisco = has(tailcfg.NodeAttrSilentDisco) forceIPTables = has(tailcfg.NodeAttrLinuxMustUseIPTables) forceNfTables = has(tailcfg.NodeAttrLinuxMustUseNfTables) + seamlessKeyRenewal = has(tailcfg.NodeAttrSeamlessKeyRenewal) ) if has(tailcfg.NodeAttrOneCGNATEnable) { @@ -109,6 +115,7 @@ func (k *Knobs) UpdateFromNodeAttributes(selfNodeAttrs []tailcfg.NodeCapability, k.SilentDisco.Store(silentDisco) k.LinuxForceIPTables.Store(forceIPTables) k.LinuxForceNfTables.Store(forceNfTables) + k.SeamlessKeyRenewal.Store(seamlessKeyRenewal) } // AsDebugJSON returns k as something that can be marshalled with json.Marshal @@ -130,5 +137,6 @@ func (k *Knobs) AsDebugJSON() map[string]any { "SilentDisco": k.SilentDisco.Load(), "LinuxForceIPTables": k.LinuxForceIPTables.Load(), "LinuxForceNfTables": k.LinuxForceNfTables.Load(), + "SeamlessKeyRenewal": k.SeamlessKeyRenewal.Load(), } } |