|
|
@@ -1,9 +1,7 @@
|
|
|
package logic
|
|
|
|
|
|
import (
|
|
|
- "context"
|
|
|
"errors"
|
|
|
- "fmt"
|
|
|
"net"
|
|
|
"net/netip"
|
|
|
|
|
|
@@ -17,15 +15,8 @@ import (
|
|
|
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
|
|
|
)
|
|
|
|
|
|
-var (
|
|
|
- // PeerUpdateCtx context to send to host peer updates
|
|
|
- PeerUpdateCtx context.Context
|
|
|
- // PeerUpdateStop - the cancel for PeerUpdateCtx
|
|
|
- PeerUpdateStop context.CancelFunc
|
|
|
-)
|
|
|
-
|
|
|
// GetProxyUpdateForHost - gets the proxy update for host
|
|
|
-func GetProxyUpdateForHost(ctx context.Context, host *models.Host) (models.ProxyManagerPayload, error) {
|
|
|
+func GetProxyUpdateForHost(host *models.Host) (models.ProxyManagerPayload, error) {
|
|
|
proxyPayload := models.ProxyManagerPayload{
|
|
|
Action: models.ProxyUpdate,
|
|
|
}
|
|
|
@@ -85,24 +76,12 @@ func GetProxyUpdateForHost(ctx context.Context, host *models.Host) (models.Proxy
|
|
|
return proxyPayload, nil
|
|
|
}
|
|
|
|
|
|
-// ResetPeerUpdateContext - kills any current peer updates and resets the context
|
|
|
-func ResetPeerUpdateContext() {
|
|
|
- if PeerUpdateCtx != nil && PeerUpdateStop != nil {
|
|
|
- PeerUpdateStop() // tell any current peer updates to stop
|
|
|
- }
|
|
|
-
|
|
|
- PeerUpdateCtx, PeerUpdateStop = context.WithCancel(context.Background())
|
|
|
-}
|
|
|
-
|
|
|
// GetPeerUpdateForHost - gets the consolidated peer update for the host from all networks
|
|
|
-func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host, deletedNode *models.Node, deletedClients []models.ExtClient) (models.HostPeerUpdate, error) {
|
|
|
+func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.Node, deletedNode *models.Node, deletedClients []models.ExtClient) (models.HostPeerUpdate, error) {
|
|
|
if host == nil {
|
|
|
return models.HostPeerUpdate{}, errors.New("host is nil")
|
|
|
}
|
|
|
- allNodes, err := GetAllNodes()
|
|
|
- if err != nil {
|
|
|
- return models.HostPeerUpdate{}, err
|
|
|
- }
|
|
|
+
|
|
|
// track which nodes are deleted
|
|
|
// after peer calculation, if peer not in list, add delete config of peer
|
|
|
hostPeerUpdate := models.HostPeerUpdate{
|
|
|
@@ -195,150 +174,145 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host
|
|
|
nodePeerMap = make(map[string]models.PeerRouteInfo)
|
|
|
}
|
|
|
for _, peer := range currentPeers {
|
|
|
- select {
|
|
|
- case <-ctx.Done():
|
|
|
- logger.Log(2, "cancelled peer update for host", host.Name, host.ID.String())
|
|
|
- return models.HostPeerUpdate{}, fmt.Errorf("peer update cancelled")
|
|
|
- default:
|
|
|
- peer := peer
|
|
|
- if peer.ID.String() == node.ID.String() {
|
|
|
- logger.Log(2, "peer update, skipping self")
|
|
|
- //skip yourself
|
|
|
- continue
|
|
|
- }
|
|
|
+ peer := peer
|
|
|
+ if peer.ID.String() == node.ID.String() {
|
|
|
+ logger.Log(2, "peer update, skipping self")
|
|
|
+ //skip yourself
|
|
|
+ continue
|
|
|
+ }
|
|
|
|
|
|
- peerHost, err := GetHost(peer.HostID.String())
|
|
|
- if err != nil {
|
|
|
- logger.Log(1, "no peer host", peer.HostID.String(), err.Error())
|
|
|
- return models.HostPeerUpdate{}, err
|
|
|
- }
|
|
|
- peerConfig := wgtypes.PeerConfig{
|
|
|
- PublicKey: peerHost.PublicKey,
|
|
|
- PersistentKeepaliveInterval: &peer.PersistentKeepalive,
|
|
|
- ReplaceAllowedIPs: true,
|
|
|
- }
|
|
|
- if node.IsIngressGateway || node.IsEgressGateway {
|
|
|
- if peer.IsIngressGateway {
|
|
|
- _, extPeerIDAndAddrs, err := getExtPeers(&peer)
|
|
|
- if err == nil {
|
|
|
- for _, extPeerIdAndAddr := range extPeerIDAndAddrs {
|
|
|
- extPeerIdAndAddr := extPeerIdAndAddr
|
|
|
- nodePeerMap[extPeerIdAndAddr.ID] = models.PeerRouteInfo{
|
|
|
- PeerAddr: net.IPNet{
|
|
|
- IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
- Mask: getCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
- },
|
|
|
- PeerKey: extPeerIdAndAddr.ID,
|
|
|
- Allow: true,
|
|
|
- ID: extPeerIdAndAddr.ID,
|
|
|
- }
|
|
|
+ peerHost, err := GetHost(peer.HostID.String())
|
|
|
+ if err != nil {
|
|
|
+ logger.Log(1, "no peer host", peer.HostID.String(), err.Error())
|
|
|
+ return models.HostPeerUpdate{}, err
|
|
|
+ }
|
|
|
+ peerConfig := wgtypes.PeerConfig{
|
|
|
+ PublicKey: peerHost.PublicKey,
|
|
|
+ PersistentKeepaliveInterval: &peer.PersistentKeepalive,
|
|
|
+ ReplaceAllowedIPs: true,
|
|
|
+ }
|
|
|
+ if node.IsIngressGateway || node.IsEgressGateway {
|
|
|
+ if peer.IsIngressGateway {
|
|
|
+ _, extPeerIDAndAddrs, err := getExtPeers(&peer)
|
|
|
+ if err == nil {
|
|
|
+ for _, extPeerIdAndAddr := range extPeerIDAndAddrs {
|
|
|
+ extPeerIdAndAddr := extPeerIdAndAddr
|
|
|
+ nodePeerMap[extPeerIdAndAddr.ID] = models.PeerRouteInfo{
|
|
|
+ PeerAddr: net.IPNet{
|
|
|
+ IP: net.ParseIP(extPeerIdAndAddr.Address),
|
|
|
+ Mask: getCIDRMaskFromAddr(extPeerIdAndAddr.Address),
|
|
|
+ },
|
|
|
+ PeerKey: extPeerIdAndAddr.ID,
|
|
|
+ Allow: true,
|
|
|
+ ID: extPeerIdAndAddr.ID,
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
- if node.IsIngressGateway && peer.IsEgressGateway {
|
|
|
- hostPeerUpdate.IngressInfo.EgressRanges = append(hostPeerUpdate.IngressInfo.EgressRanges,
|
|
|
- peer.EgressGatewayRanges...)
|
|
|
- }
|
|
|
- nodePeerMap[peerHost.PublicKey.String()] = models.PeerRouteInfo{
|
|
|
- PeerAddr: net.IPNet{
|
|
|
- IP: net.ParseIP(peer.PrimaryAddress()),
|
|
|
- Mask: getCIDRMaskFromAddr(peer.PrimaryAddress()),
|
|
|
- },
|
|
|
- PeerKey: peerHost.PublicKey.String(),
|
|
|
- Allow: true,
|
|
|
- ID: peer.ID.String(),
|
|
|
- }
|
|
|
}
|
|
|
- if (node.IsRelayed && node.RelayedBy != peer.ID.String()) || (peer.IsRelayed && peer.RelayedBy != node.ID.String()) {
|
|
|
- // if node is relayed and peer is not the relay, set remove to true
|
|
|
- if _, ok := hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()]; ok {
|
|
|
- continue
|
|
|
- }
|
|
|
- peerConfig.Remove = true
|
|
|
- hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, peerConfig)
|
|
|
- peerIndexMap[peerHost.PublicKey.String()] = len(hostPeerUpdate.Peers) - 1
|
|
|
+ if node.IsIngressGateway && peer.IsEgressGateway {
|
|
|
+ hostPeerUpdate.IngressInfo.EgressRanges = append(hostPeerUpdate.IngressInfo.EgressRanges,
|
|
|
+ peer.EgressGatewayRanges...)
|
|
|
+ }
|
|
|
+ nodePeerMap[peerHost.PublicKey.String()] = models.PeerRouteInfo{
|
|
|
+ PeerAddr: net.IPNet{
|
|
|
+ IP: net.ParseIP(peer.PrimaryAddress()),
|
|
|
+ Mask: getCIDRMaskFromAddr(peer.PrimaryAddress()),
|
|
|
+ },
|
|
|
+ PeerKey: peerHost.PublicKey.String(),
|
|
|
+ Allow: true,
|
|
|
+ ID: peer.ID.String(),
|
|
|
+ }
|
|
|
+ }
|
|
|
+ if (node.IsRelayed && node.RelayedBy != peer.ID.String()) || (peer.IsRelayed && peer.RelayedBy != node.ID.String()) {
|
|
|
+ // if node is relayed and peer is not the relay, set remove to true
|
|
|
+ if _, ok := hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()]; ok {
|
|
|
continue
|
|
|
}
|
|
|
+ peerConfig.Remove = true
|
|
|
+ hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, peerConfig)
|
|
|
+ peerIndexMap[peerHost.PublicKey.String()] = len(hostPeerUpdate.Peers) - 1
|
|
|
+ continue
|
|
|
+ }
|
|
|
|
|
|
- uselocal := false
|
|
|
- if host.EndpointIP.String() == peerHost.EndpointIP.String() {
|
|
|
- // peer is on same network
|
|
|
- // set to localaddress
|
|
|
- uselocal = true
|
|
|
- if node.LocalAddress.IP == nil {
|
|
|
- // use public endpint
|
|
|
- uselocal = false
|
|
|
- }
|
|
|
- if node.LocalAddress.String() == peer.LocalAddress.String() {
|
|
|
- uselocal = false
|
|
|
- }
|
|
|
+ uselocal := false
|
|
|
+ if host.EndpointIP.String() == peerHost.EndpointIP.String() {
|
|
|
+ // peer is on same network
|
|
|
+ // set to localaddress
|
|
|
+ uselocal = true
|
|
|
+ if node.LocalAddress.IP == nil {
|
|
|
+ // use public endpint
|
|
|
+ uselocal = false
|
|
|
}
|
|
|
- peerConfig.Endpoint = &net.UDPAddr{
|
|
|
- IP: peerHost.EndpointIP,
|
|
|
- Port: getPeerWgListenPort(peerHost),
|
|
|
+ if node.LocalAddress.String() == peer.LocalAddress.String() {
|
|
|
+ uselocal = false
|
|
|
}
|
|
|
+ }
|
|
|
+ peerConfig.Endpoint = &net.UDPAddr{
|
|
|
+ IP: peerHost.EndpointIP,
|
|
|
+ Port: getPeerWgListenPort(peerHost),
|
|
|
+ }
|
|
|
|
|
|
- if uselocal {
|
|
|
- peerConfig.Endpoint.IP = peer.LocalAddress.IP
|
|
|
- peerConfig.Endpoint.Port = peerHost.ListenPort
|
|
|
+ if uselocal {
|
|
|
+ peerConfig.Endpoint.IP = peer.LocalAddress.IP
|
|
|
+ peerConfig.Endpoint.Port = peerHost.ListenPort
|
|
|
+ }
|
|
|
+ allowedips := GetAllowedIPs(&node, &peer, nil)
|
|
|
+ if peer.Action != models.NODE_DELETE &&
|
|
|
+ !peer.PendingDelete &&
|
|
|
+ peer.Connected &&
|
|
|
+ nodeacls.AreNodesAllowed(nodeacls.NetworkID(node.Network), nodeacls.NodeID(node.ID.String()), nodeacls.NodeID(peer.ID.String())) &&
|
|
|
+ (deletedNode == nil || (deletedNode != nil && peer.ID.String() != deletedNode.ID.String())) {
|
|
|
+ peerConfig.AllowedIPs = allowedips // only append allowed IPs if valid connection
|
|
|
+ }
|
|
|
+
|
|
|
+ peerProxyPort := GetProxyListenPort(peerHost)
|
|
|
+ var nodePeer wgtypes.PeerConfig
|
|
|
+ if _, ok := hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()]; !ok {
|
|
|
+ hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()] = make(map[string]models.IDandAddr)
|
|
|
+ hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, peerConfig)
|
|
|
+ peerIndexMap[peerHost.PublicKey.String()] = len(hostPeerUpdate.Peers) - 1
|
|
|
+ hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()][peer.ID.String()] = models.IDandAddr{
|
|
|
+ ID: peer.ID.String(),
|
|
|
+ Address: peer.PrimaryAddress(),
|
|
|
+ Name: peerHost.Name,
|
|
|
+ Network: peer.Network,
|
|
|
+ ProxyListenPort: peerProxyPort,
|
|
|
}
|
|
|
- allowedips := GetAllowedIPs(&node, &peer, nil)
|
|
|
- if peer.Action != models.NODE_DELETE &&
|
|
|
- !peer.PendingDelete &&
|
|
|
- peer.Connected &&
|
|
|
- nodeacls.AreNodesAllowed(nodeacls.NetworkID(node.Network), nodeacls.NodeID(node.ID.String()), nodeacls.NodeID(peer.ID.String())) &&
|
|
|
- (deletedNode == nil || (deletedNode != nil && peer.ID.String() != deletedNode.ID.String())) {
|
|
|
- peerConfig.AllowedIPs = allowedips // only append allowed IPs if valid connection
|
|
|
+ hostPeerUpdate.HostNetworkInfo[peerHost.PublicKey.String()] = models.HostNetworkInfo{
|
|
|
+ Interfaces: peerHost.Interfaces,
|
|
|
+ ProxyListenPort: peerProxyPort,
|
|
|
}
|
|
|
-
|
|
|
- peerProxyPort := GetProxyListenPort(peerHost)
|
|
|
- var nodePeer wgtypes.PeerConfig
|
|
|
- if _, ok := hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()]; !ok {
|
|
|
- hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()] = make(map[string]models.IDandAddr)
|
|
|
- hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, peerConfig)
|
|
|
- peerIndexMap[peerHost.PublicKey.String()] = len(hostPeerUpdate.Peers) - 1
|
|
|
- hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()][peer.ID.String()] = models.IDandAddr{
|
|
|
- ID: peer.ID.String(),
|
|
|
- Address: peer.PrimaryAddress(),
|
|
|
- Name: peerHost.Name,
|
|
|
- Network: peer.Network,
|
|
|
- ProxyListenPort: peerProxyPort,
|
|
|
- }
|
|
|
- hostPeerUpdate.HostNetworkInfo[peerHost.PublicKey.String()] = models.HostNetworkInfo{
|
|
|
- Interfaces: peerHost.Interfaces,
|
|
|
- ProxyListenPort: peerProxyPort,
|
|
|
- }
|
|
|
- nodePeer = peerConfig
|
|
|
- } else {
|
|
|
- peerAllowedIPs := hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]].AllowedIPs
|
|
|
- peerAllowedIPs = append(peerAllowedIPs, peerConfig.AllowedIPs...)
|
|
|
- hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]].AllowedIPs = peerAllowedIPs
|
|
|
- hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]].Remove = false
|
|
|
- hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()][peer.ID.String()] = models.IDandAddr{
|
|
|
- ID: peer.ID.String(),
|
|
|
- Address: peer.PrimaryAddress(),
|
|
|
- Name: peerHost.Name,
|
|
|
- Network: peer.Network,
|
|
|
- ProxyListenPort: GetProxyListenPort(peerHost),
|
|
|
- }
|
|
|
- hostPeerUpdate.HostNetworkInfo[peerHost.PublicKey.String()] = models.HostNetworkInfo{
|
|
|
- Interfaces: peerHost.Interfaces,
|
|
|
- ProxyListenPort: peerProxyPort,
|
|
|
- }
|
|
|
- nodePeer = hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]]
|
|
|
+ nodePeer = peerConfig
|
|
|
+ } else {
|
|
|
+ peerAllowedIPs := hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]].AllowedIPs
|
|
|
+ peerAllowedIPs = append(peerAllowedIPs, peerConfig.AllowedIPs...)
|
|
|
+ hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]].AllowedIPs = peerAllowedIPs
|
|
|
+ hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]].Remove = false
|
|
|
+ hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()][peer.ID.String()] = models.IDandAddr{
|
|
|
+ ID: peer.ID.String(),
|
|
|
+ Address: peer.PrimaryAddress(),
|
|
|
+ Name: peerHost.Name,
|
|
|
+ Network: peer.Network,
|
|
|
+ ProxyListenPort: GetProxyListenPort(peerHost),
|
|
|
}
|
|
|
+ hostPeerUpdate.HostNetworkInfo[peerHost.PublicKey.String()] = models.HostNetworkInfo{
|
|
|
+ Interfaces: peerHost.Interfaces,
|
|
|
+ ProxyListenPort: peerProxyPort,
|
|
|
+ }
|
|
|
+ nodePeer = hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]]
|
|
|
+ }
|
|
|
|
|
|
- if node.Network == network { // add to peers map for metrics
|
|
|
- hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = models.IDandAddr{
|
|
|
- ID: peer.ID.String(),
|
|
|
- Address: peer.PrimaryAddress(),
|
|
|
- Name: peerHost.Name,
|
|
|
- Network: peer.Network,
|
|
|
- ProxyListenPort: peerHost.ProxyListenPort,
|
|
|
- }
|
|
|
- hostPeerUpdate.NodePeers = append(hostPeerUpdate.NodePeers, nodePeer)
|
|
|
+ if node.Network == network { // add to peers map for metrics
|
|
|
+ hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = models.IDandAddr{
|
|
|
+ ID: peer.ID.String(),
|
|
|
+ Address: peer.PrimaryAddress(),
|
|
|
+ Name: peerHost.Name,
|
|
|
+ Network: peer.Network,
|
|
|
+ ProxyListenPort: peerHost.ProxyListenPort,
|
|
|
}
|
|
|
+ hostPeerUpdate.NodePeers = append(hostPeerUpdate.NodePeers, nodePeer)
|
|
|
}
|
|
|
+ //}
|
|
|
}
|
|
|
var extPeers []wgtypes.PeerConfig
|
|
|
var extPeerIDAndAddrs []models.IDandAddr
|
Alex Feiszli