mirrors/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-09-21 13:41:46 +02:00
Code Issues Packages Projects Releases Wiki Activity

ipn/localapi: plumb an event bus through the localapi.Handler (#16892)

Browse Source 
Some of the operations of the local API need an event bus to correctly
instantiate other components (notably including the portmapper).

This commit adds that, and as the parameter list is starting to get a bit long
and hard to read, I took the opportunity to move the arguments to a config
type. Only a few call sites needed to be updated and this API is not intended
for general use, so I did not bother to stage the change.

Updates #15160
Updates #16842

Change-Id: I7b057d71161bd859f5acb96e2f878a34c85be0ef
Signed-off-by: M. J. Fromberger <fromberger@tailscale.com>
This commit is contained in:
M. J. Fromberger 2025-08-18 10:56:17 -07:00 committed by GitHub
parent 02f6030dbd
commit 55698c8511
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 45 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ipn/ipnserver/server.go
View File

@ -199,7 +199,13 @@ func (s *Server) serveHTTP(w http.ResponseWriter, r *http.Request) {
ci = actorWithAccessOverride(actor, string(reason)) ci = actorWithAccessOverride(actor, string(reason))
} }
lah := localapi.NewHandler(ci, lb, s.logf, s.backendLogID) lah := localapi.NewHandler(localapi.HandlerConfig{
Actor: ci,
Backend: lb,
Logf: s.logf,
LogID: s.backendLogID,
EventBus: lb.Sys().Bus.Get(),
})
if actor, ok := ci.(*actor); ok { if actor, ok := ci.(*actor); ok {
lah.PermitRead, lah.PermitWrite = actor.Permissions(lb.OperatorUserID()) lah.PermitRead, lah.PermitWrite = actor.Permissions(lb.OperatorUserID())
lah.PermitCert = actor.CanFetchCerts() lah.PermitCert = actor.CanFetchCerts()

25
ipn/localapi/localapi.go
View File

@ -172,9 +172,26 @@ var (
metrics = map[string]*clientmetric.Metric{} metrics = map[string]*clientmetric.Metric{}
) )
// NewHandler creates a new LocalAPI HTTP handler. All parameters are required. // NewHandler creates a new LocalAPI HTTP handler from the given config.
func NewHandler(actor ipnauth.Actor, b *ipnlocal.LocalBackend, logf logger.Logf, logID logid.PublicID) *Handler { func NewHandler(cfg HandlerConfig) *Handler {
return &Handler{Actor: actor, b: b, logf: logf, backendLogID: logID, clock: tstime.StdClock{}} return &Handler{
Actor: cfg.Actor,
b: cfg.Backend,
logf: cfg.Logf,
backendLogID: cfg.LogID,
clock: tstime.StdClock{},
eventBus: cfg.EventBus,
}
}
// HandlerConfig carries the settings for a local API handler.
// All fields are required.
type HandlerConfig struct {
Actor ipnauth.Actor
Backend *ipnlocal.LocalBackend
Logf logger.Logf
LogID logid.PublicID
EventBus *eventbus.Bus
} }
type Handler struct { type Handler struct {
@ -203,6 +220,7 @@ type Handler struct {
logf logger.Logf logf logger.Logf
backendLogID logid.PublicID backendLogID logid.PublicID
clock tstime.Clock clock tstime.Clock
eventBus *eventbus.Bus // read-only after initialization
} }
func (h *Handler) Logf(format string, args ...any) { func (h *Handler) Logf(format string, args ...any) {
@ -850,6 +868,7 @@ func (h *Handler) serveDebugPortmap(w http.ResponseWriter, r *http.Request) {
NetMon: h.b.NetMon(), NetMon: h.b.NetMon(),
DebugKnobs: debugKnobs, DebugKnobs: debugKnobs,
ControlKnobs: h.b.ControlKnobs(), ControlKnobs: h.b.ControlKnobs(),
EventBus: h.eventBus,
OnChange: func() { OnChange: func() {
logf("portmapping changed.") logf("portmapping changed.")
logf("have mapping: %v", c.HaveMapping()) logf("have mapping: %v", c.HaveMapping())

7
net/portmapper/portmapper.go
View File

@ -209,11 +209,8 @@ func (m *pmpMapping) Release(ctx context.Context) {
// Config carries the settings for a [Client]. // Config carries the settings for a [Client].
type Config struct { type Config struct {
// EventBus, if non-nil, is used for event publication and subscription by // EventBus, which must be non-nil, is used for event publication and
// portmapper clients created from this config. // subscription by portmapper clients created from this config.
//
// TODO(creachadair): As of 2025-03-19 this is optional, but is intended to
// become required non-nil.
EventBus *eventbus.Bus EventBus *eventbus.Bus
// Logf is called to generate text logs for the client. If nil, logger.Discard is used. // Logf is called to generate text logs for the client. If nil, logger.Discard is used.

16
tsnet/tsnet.go
View File

@ -274,7 +274,13 @@ func (s *Server) Loopback() (addr string, proxyCred, localAPICred string, err er
// out the CONNECT code from tailscaled/proxy.go that uses // out the CONNECT code from tailscaled/proxy.go that uses
// httputil.ReverseProxy and adding auth support. // httputil.ReverseProxy and adding auth support.
go func() { go func() {
lah := localapi.NewHandler(ipnauth.Self, s.lb, s.logf, s.logid) lah := localapi.NewHandler(localapi.HandlerConfig{
Actor: ipnauth.Self,
Backend: s.lb,
Logf: s.logf,
LogID: s.logid,
EventBus: s.sys.Bus.Get(),
})
lah.PermitWrite = true lah.PermitWrite = true
lah.PermitRead = true lah.PermitRead = true
lah.RequiredPassword = s.localAPICred lah.RequiredPassword = s.localAPICred
@ -676,7 +682,13 @@ func (s *Server) start() (reterr error) {
go s.printAuthURLLoop() go s.printAuthURLLoop()
// Run the localapi handler, to allow fetching LetsEncrypt certs. // Run the localapi handler, to allow fetching LetsEncrypt certs.
lah := localapi.NewHandler(ipnauth.Self, lb, tsLogf, s.logid) lah := localapi.NewHandler(localapi.HandlerConfig{
Actor: ipnauth.Self,
Backend: lb,
Logf: tsLogf,
LogID: s.logid,
EventBus: sys.Bus.Get(),
})
lah.PermitWrite = true lah.PermitWrite = true
lah.PermitRead = true lah.PermitRead = true