webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cmd/tailscale/cli,ipn,all: make peer relay server port a *uint16

Browse Source 
In preparation for exposing its configuration via ipn.ConfigVAlpha,
change {Masked}Prefs.RelayServerPort from *int to *uint16. This takes a
defensive stance against invalid inputs at JSON decode time.

'tailscale set --relay-server-port' is currently the only input to this
pref, and has always sanitized input to fit within a uint16.

Updates tailscale/corp#34591

Signed-off-by: Jordan Whited <jordan@tailscale.com>
This commit is contained in:
Jordan Whited
2025-11-25 15:05:04 -08:00
committed by Jordan Whited
parent 53476ce872
commit 824027305a
9 changed files with 48 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files
feature/relayserver/relayserver.go
+3 -3
View File
@@ -69,7 +69,7 @@ func servePeerRelayDebugSessions(h *localapi.Handler, w http.ResponseWriter, r *
// imported.
func newExtension(logf logger.Logf, sb ipnext.SafeBackend) (ipnext.Extension, error) {
e := &extension{
newServerFn: func(logf logger.Logf, port int, onlyStaticAddrPorts bool) (relayServer, error) {
newServerFn: func(logf logger.Logf, port uint16, onlyStaticAddrPorts bool) (relayServer, error) {
return udprelay.NewServer(logf, port, onlyStaticAddrPorts)
},
logf: logger.WithPrefix(logf, featureName+": "),
@@ -93,7 +93,7 @@ type relayServer interface {
// extension is an [ipnext.Extension] managing the relay server on platforms
// that import this package.
type extension struct {
newServerFn func(logf logger.Logf, port int, onlyStaticAddrPorts bool) (relayServer, error) // swappable for tests
newServerFn func(logf logger.Logf, port uint16, onlyStaticAddrPorts bool) (relayServer, error) // swappable for tests
logf logger.Logf
ec *eventbus.Client
respPub *eventbus.Publisher[magicsock.UDPRelayAllocResp]
@@ -101,7 +101,7 @@ type extension struct {
mu syncs.Mutex // guards the following fields
shutdown bool // true if Shutdown() has been called
rs relayServer // nil when disabled
port *int // ipn.Prefs.RelayServerPort, nil if disabled
port *uint16 // ipn.Prefs.RelayServerPort, nil if disabled
staticEndpoints views.Slice[netip.AddrPort] // ipn.Prefs.RelayServerStaticEndpoints
derpMapView tailcfg.DERPMapView // latest seen over the eventbus
hasNodeAttrDisableRelayServer bool // [tailcfg.NodeAttrDisableRelayServer]
feature/relayserver/relayserver_test.go
+29 -29
View File
@@ -23,15 +23,15 @@ import (
)
func Test_extension_profileStateChanged(t *testing.T) {
prefsWithPortOne := ipn.Prefs{RelayServerPort: ptr.To(1)}
prefsWithPortOne := ipn.Prefs{RelayServerPort: ptr.To(uint16(1))}
prefsWithNilPort := ipn.Prefs{RelayServerPort: nil}
prefsWithPortOneRelayEndpoints := ipn.Prefs{
RelayServerPort: ptr.To(1),
RelayServerPort: ptr.To(uint16(1)),
RelayServerStaticEndpoints: []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:7777")},
}
type fields struct {
port *int
port *uint16
staticEndpoints views.Slice[netip.AddrPort]
rs relayServer
}
@@ -43,7 +43,7 @@ func Test_extension_profileStateChanged(t *testing.T) {
name string
fields fields
args args
wantPort *int
wantPort *uint16
wantRelayServerFieldNonNil bool
wantRelayServerFieldMutated bool
wantEndpoints []netip.AddrPort
@@ -51,28 +51,28 @@ func Test_extension_profileStateChanged(t *testing.T) {
{
name: "no changes non-nil port previously running",
fields: fields{
port: ptr.To(1),
port: ptr.To(uint16(1)),
rs: mockRelayServerNotZeroVal(),
},
args: args{
prefs: prefsWithPortOne.View(),
sameNode: true,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: false,
},
{
name: "set addr ports unchanged port previously running",
fields: fields{
port: ptr.To(1),
port: ptr.To(uint16(1)),
rs: mockRelayServerNotZeroVal(),
},
args: args{
prefs: prefsWithPortOneRelayEndpoints.View(),
sameNode: true,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: false,
wantEndpoints: prefsWithPortOneRelayEndpoints.RelayServerStaticEndpoints,
@@ -87,7 +87,7 @@ func Test_extension_profileStateChanged(t *testing.T) {
prefs: prefsWithPortOneRelayEndpoints.View(),
sameNode: true,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: true,
wantEndpoints: prefsWithPortOneRelayEndpoints.RelayServerStaticEndpoints,
@@ -95,7 +95,7 @@ func Test_extension_profileStateChanged(t *testing.T) {
{
name: "clear addr ports unchanged port previously running",
fields: fields{
port: ptr.To(1),
port: ptr.To(uint16(1)),
staticEndpoints: views.SliceOf(prefsWithPortOneRelayEndpoints.RelayServerStaticEndpoints),
rs: mockRelayServerNotZeroVal(),
},
@@ -103,7 +103,7 @@ func Test_extension_profileStateChanged(t *testing.T) {
prefs: prefsWithPortOne.View(),
sameNode: true,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: false,
wantEndpoints: nil,
@@ -111,7 +111,7 @@ func Test_extension_profileStateChanged(t *testing.T) {
{
name: "prefs port nil",
fields: fields{
port: ptr.To(1),
port: ptr.To(uint16(1)),
},
args: args{
prefs: prefsWithNilPort.View(),
@@ -124,7 +124,7 @@ func Test_extension_profileStateChanged(t *testing.T) {
{
name: "prefs port nil previously running",
fields: fields{
port: ptr.To(1),
port: ptr.To(uint16(1)),
rs: mockRelayServerNotZeroVal(),
},
args: args{
@@ -138,54 +138,54 @@ func Test_extension_profileStateChanged(t *testing.T) {
{
name: "prefs port changed",
fields: fields{
port: ptr.To(2),
port: ptr.To(uint16(2)),
},
args: args{
prefs: prefsWithPortOne.View(),
sameNode: true,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: true,
},
{
name: "prefs port changed previously running",
fields: fields{
port: ptr.To(2),
port: ptr.To(uint16(2)),
rs: mockRelayServerNotZeroVal(),
},
args: args{
prefs: prefsWithPortOne.View(),
sameNode: true,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: true,
},
{
name: "sameNode false",
fields: fields{
port: ptr.To(1),
port: ptr.To(uint16(1)),
},
args: args{
prefs: prefsWithPortOne.View(),
sameNode: false,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: true,
},
{
name: "sameNode false previously running",
fields: fields{
port: ptr.To(1),
port: ptr.To(uint16(1)),
rs: mockRelayServerNotZeroVal(),
},
args: args{
prefs: prefsWithPortOne.View(),
sameNode: false,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: true,
},
@@ -198,7 +198,7 @@ func Test_extension_profileStateChanged(t *testing.T) {
prefs: prefsWithPortOne.View(),
sameNode: false,
},
wantPort: ptr.To(1),
wantPort: ptr.To(uint16(1)),
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: true,
},
@@ -211,7 +211,7 @@ func Test_extension_profileStateChanged(t *testing.T) {
t.Fatal(err)
}
e := ipne.(*extension)
e.newServerFn = func(logf logger.Logf, port int, onlyStaticAddrPorts bool) (relayServer, error) {
e.newServerFn = func(logf logger.Logf, port uint16, onlyStaticAddrPorts bool) (relayServer, error) {
return &mockRelayServer{}, nil
}
e.port = tt.fields.port
@@ -271,7 +271,7 @@ func Test_extension_handleRelayServerLifetimeLocked(t *testing.T) {
tests := []struct {
name string
shutdown bool
port *int
port *uint16
rs relayServer
hasNodeAttrDisableRelayServer bool
wantRelayServerFieldNonNil bool
@@ -280,7 +280,7 @@ func Test_extension_handleRelayServerLifetimeLocked(t *testing.T) {
{
name: "want running",
shutdown: false,
port: ptr.To(1),
port: ptr.To(uint16(1)),
hasNodeAttrDisableRelayServer: false,
wantRelayServerFieldNonNil: true,
wantRelayServerFieldMutated: true,
@@ -288,7 +288,7 @@ func Test_extension_handleRelayServerLifetimeLocked(t *testing.T) {
{
name: "want running previously running",
shutdown: false,
port: ptr.To(1),
port: ptr.To(uint16(1)),
rs: mockRelayServerNotZeroVal(),
hasNodeAttrDisableRelayServer: false,
wantRelayServerFieldNonNil: true,
@@ -297,7 +297,7 @@ func Test_extension_handleRelayServerLifetimeLocked(t *testing.T) {
{
name: "shutdown true",
shutdown: true,
port: ptr.To(1),
port: ptr.To(uint16(1)),
hasNodeAttrDisableRelayServer: false,
wantRelayServerFieldNonNil: false,
wantRelayServerFieldMutated: false,
@@ -305,7 +305,7 @@ func Test_extension_handleRelayServerLifetimeLocked(t *testing.T) {
{
name: "shutdown true previously running",
shutdown: true,
port: ptr.To(1),
port: ptr.To(uint16(1)),
rs: mockRelayServerNotZeroVal(),
hasNodeAttrDisableRelayServer: false,
wantRelayServerFieldNonNil: false,
@@ -354,7 +354,7 @@ func Test_extension_handleRelayServerLifetimeLocked(t *testing.T) {
t.Fatal(err)
}
e := ipne.(*extension)
e.newServerFn = func(logf logger.Logf, port int, onlyStaticAddrPorts bool) (relayServer, error) {
e.newServerFn = func(logf logger.Logf, port uint16, onlyStaticAddrPorts bool) (relayServer, error) {
return &mockRelayServer{}, nil
}
e.shutdown = tt.shutdown