From c6ea9b4b8042f53773bd19e1d63f10a938b12dce Mon Sep 17 00:00:00 2001 From: Laurent Marchaud Date: Fri, 19 Aug 2022 12:38:39 +0200 Subject: [PATCH 1/5] Fix cli registration of expired machines Signed-off-by: Laurent Marchaud --- api.go | 7 +++++++ machine.go | 14 ++++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/api.go b/api.go index 2d55ccd3..1bf3edb3 100644 --- a/api.go +++ b/api.go @@ -346,6 +346,13 @@ func (h *Headscale) RegistrationHandler( // The machine has expired h.handleMachineExpired(writer, req, machineKey, registerRequest, *machine) + machine.Expiry = &time.Time{} + h.registrationCache.Set( + machineKeyStr, + *machine, + registerCacheExpiration, + ) + return } } diff --git a/machine.go b/machine.go index aebfbcef..a877a5f0 100644 --- a/machine.go +++ b/machine.go @@ -24,8 +24,9 @@ const ( ErrMachineNotFoundRegistrationCache = Error( "machine not found in registration cache", ) - ErrCouldNotConvertMachineInterface = Error("failed to convert machine interface") - ErrHostnameTooLong = Error("Hostname too long") + errCouldNotConvertMachineInterface = Error("failed to convert machine interface") + errHostnameTooLong = Error("Hostname too long") + errDifferentRegisteredNamespace = Error("machine was previously registered with a different namespace") MachineGivenNameHashLength = 8 MachineGivenNameTrimSize = 2 ) @@ -789,6 +790,11 @@ func (h *Headscale) RegisterMachineFromAuthCallback( ) } + // Registration of expired machine with different namespace + if registrationMachine.ID != 0 && registrationMachine.NamespaceID != namespace.ID { + return nil, errDifferentRegisteredNamespace + } + registrationMachine.NamespaceID = namespace.ID registrationMachine.RegisterMethod = registrationMethod @@ -796,6 +802,10 @@ func (h *Headscale) RegisterMachineFromAuthCallback( registrationMachine, ) + if err == nil { + h.registrationCache.Delete(machineKeyStr) + } + return machine, err } else { return nil, ErrCouldNotConvertMachineInterface From 0c66590108e6b4084d299d9930f086bead86e1f9 Mon Sep 17 00:00:00 2001 From: Laurent Marchaud Date: Fri, 19 Aug 2022 13:19:37 +0200 Subject: [PATCH 2/5] Update changelog Signed-off-by: Laurent Marchaud --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a7bf028b..e95f139f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -25,6 +25,8 @@ - Improve registration protocol implementation and switch to NodeKey as main identifier [#725](https://github.com/juanfont/headscale/pull/725) - Add ability to connect to PostgreSQL via unix socket [#734](https://github.com/juanfont/headscale/pull/734) +- Fix CLI registration of expired machines [#754](https://github.com/juanfont/headscale/pull/754) + ## 0.16.0 (2022-07-25) **Note:** Take a backup of your database before upgrading. From a31432ee7bffd214013270759c6725f7a35c5d1e Mon Sep 17 00:00:00 2001 From: Laurent Marchaud Date: Fri, 19 Aug 2022 14:14:30 +0200 Subject: [PATCH 3/5] Fix changelog Signed-off-by: Laurent Marchaud --- CHANGELOG.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e95f139f..31654052 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## 0.17.0 (2022-XX-XX) - Add ability to connect to PostgreSQL over TLS/SSL [#745](https://github.com/juanfont/headscale/pull/745) +- Fix CLI registration of expired machines [#754](https://github.com/juanfont/headscale/pull/754) ## 0.16.3 (2022-08-17) @@ -25,8 +26,6 @@ - Improve registration protocol implementation and switch to NodeKey as main identifier [#725](https://github.com/juanfont/headscale/pull/725) - Add ability to connect to PostgreSQL via unix socket [#734](https://github.com/juanfont/headscale/pull/734) -- Fix CLI registration of expired machines [#754](https://github.com/juanfont/headscale/pull/754) - ## 0.16.0 (2022-07-25) **Note:** Take a backup of your database before upgrading. From fca33aacbe13ce54e3118eea599eef87fcb18abe Mon Sep 17 00:00:00 2001 From: Laurent Marchaud Date: Fri, 19 Aug 2022 15:07:01 +0200 Subject: [PATCH 4/5] Fix rebased errors scope in machine.go Signed-off-by: Laurent Marchaud --- machine.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/machine.go b/machine.go index a877a5f0..0f291de7 100644 --- a/machine.go +++ b/machine.go @@ -24,9 +24,9 @@ const ( ErrMachineNotFoundRegistrationCache = Error( "machine not found in registration cache", ) - errCouldNotConvertMachineInterface = Error("failed to convert machine interface") - errHostnameTooLong = Error("Hostname too long") - errDifferentRegisteredNamespace = Error("machine was previously registered with a different namespace") + ErrCouldNotConvertMachineInterface = Error("failed to convert machine interface") + ErrHostnameTooLong = Error("Hostname too long") + ErrDifferentRegisteredNamespace = Error("machine was previously registered with a different namespace") MachineGivenNameHashLength = 8 MachineGivenNameTrimSize = 2 ) @@ -792,7 +792,7 @@ func (h *Headscale) RegisterMachineFromAuthCallback( // Registration of expired machine with different namespace if registrationMachine.ID != 0 && registrationMachine.NamespaceID != namespace.ID { - return nil, errDifferentRegisteredNamespace + return nil, ErrDifferentRegisteredNamespace } registrationMachine.NamespaceID = namespace.ID From e85562268d49323e878d0ac77c3fc1f0b5ce4725 Mon Sep 17 00:00:00 2001 From: Laurent Marchaud Date: Fri, 19 Aug 2022 15:48:35 +0200 Subject: [PATCH 5/5] Switch to using nodeKey instead of machineKey for expired machines registration Signed-off-by: Laurent Marchaud --- api.go | 2 +- machine.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/api.go b/api.go index 1bf3edb3..ac5f2a3f 100644 --- a/api.go +++ b/api.go @@ -348,7 +348,7 @@ func (h *Headscale) RegistrationHandler( machine.Expiry = &time.Time{} h.registrationCache.Set( - machineKeyStr, + NodePublicKeyStripPrefix(registerRequest.NodeKey), *machine, registerCacheExpiration, ) diff --git a/machine.go b/machine.go index 0f291de7..1a48a3e1 100644 --- a/machine.go +++ b/machine.go @@ -803,7 +803,7 @@ func (h *Headscale) RegisterMachineFromAuthCallback( ) if err == nil { - h.registrationCache.Delete(machineKeyStr) + h.registrationCache.Delete(nodeKeyStr) } return machine, err