diff options
| author | Tom DNetto <tom@tailscale.com> | 2022-11-23 11:19:30 -0800 |
|---|---|---|
| committer | Tom <twitchyliquid64@users.noreply.github.com> | 2022-11-28 10:39:04 -0800 |
| commit | 5c8d2fa69598ced697c192c024d9dbf58991ab2f (patch) | |
| tree | c8c86770dcc0aa9315e5ca587fdd63cd76c6aa61 /ipn | |
| parent | e8cc78b1afdd4b7358c39b8cfbfcd7ae7faf3bd3 (diff) | |
| download | tailscale-5c8d2fa69598ced697c192c024d9dbf58991ab2f.tar.xz tailscale-5c8d2fa69598ced697c192c024d9dbf58991ab2f.zip | |
cmd/tailscale,ipn: improve UX of lock init command, cosmetic changes
Signed-off-by: Tom DNetto <tom@tailscale.com>
Diffstat (limited to 'ipn')
| -rw-r--r-- | ipn/ipnlocal/network-lock.go | 13 | ||||
| -rw-r--r-- | ipn/localapi/localapi.go | 7 |
2 files changed, 11 insertions, 9 deletions
diff --git a/ipn/ipnlocal/network-lock.go b/ipn/ipnlocal/network-lock.go index 780043bbb..8346ed7cf 100644 --- a/ipn/ipnlocal/network-lock.go +++ b/ipn/ipnlocal/network-lock.go @@ -403,7 +403,7 @@ func (b *LocalBackend) NetworkLockStatus() *ipnstate.NetworkLockStatus { // needing signatures is returned as a response. // The Finish RPC submits signatures for all these nodes, at which point // Control has everything it needs to atomically enable network lock. -func (b *LocalBackend) NetworkLockInit(keys []tka.Key, disablementValues [][]byte) error { +func (b *LocalBackend) NetworkLockInit(keys []tka.Key, disablementValues [][]byte, supportDisablement []byte) error { if err := b.CanSupportNetworkLock(); err != nil { return err } @@ -471,7 +471,7 @@ func (b *LocalBackend) NetworkLockInit(keys []tka.Key, disablementValues [][]byt } // Finalize enablement by transmitting signature for all nodes to Control. - _, err = b.tkaInitFinish(ourNodeKey, sigs) + _, err = b.tkaInitFinish(ourNodeKey, sigs, supportDisablement) return err } @@ -748,12 +748,13 @@ func (b *LocalBackend) tkaInitBegin(ourNodeKey key.NodePublic, aum tka.AUM) (*ta return a, nil } -func (b *LocalBackend) tkaInitFinish(ourNodeKey key.NodePublic, nks map[tailcfg.NodeID]tkatype.MarshaledSignature) (*tailcfg.TKAInitFinishResponse, error) { +func (b *LocalBackend) tkaInitFinish(ourNodeKey key.NodePublic, nks map[tailcfg.NodeID]tkatype.MarshaledSignature, supportDisablement []byte) (*tailcfg.TKAInitFinishResponse, error) { var req bytes.Buffer if err := json.NewEncoder(&req).Encode(tailcfg.TKAInitFinishRequest{ - Version: tailcfg.CurrentCapabilityVersion, - NodeKey: ourNodeKey, - Signatures: nks, + Version: tailcfg.CurrentCapabilityVersion, + NodeKey: ourNodeKey, + Signatures: nks, + SupportDisablement: supportDisablement, }); err != nil { return nil, fmt.Errorf("encoding request: %v", err) } diff --git a/ipn/localapi/localapi.go b/ipn/localapi/localapi.go index 93170ea3f..ec87b25cc 100644 --- a/ipn/localapi/localapi.go +++ b/ipn/localapi/localapi.go @@ -1161,8 +1161,9 @@ func (h *Handler) serveTKAInit(w http.ResponseWriter, r *http.Request) { } type initRequest struct { - Keys []tka.Key - DisablementValues [][]byte + Keys []tka.Key + DisablementValues [][]byte + SupportDisablement []byte } var req initRequest if err := json.NewDecoder(r.Body).Decode(&req); err != nil { @@ -1170,7 +1171,7 @@ func (h *Handler) serveTKAInit(w http.ResponseWriter, r *http.Request) { return } - if err := h.b.NetworkLockInit(req.Keys, req.DisablementValues); err != nil { + if err := h.b.NetworkLockInit(req.Keys, req.DisablementValues, req.SupportDisablement); err != nil { http.Error(w, "initialization failed: "+err.Error(), http.StatusInternalServerError) return } |
