additional tests

coadler · coadler · commit 3557c11131e3 · 2024-04-10T21:59:08.000Z
diff --git a/tailnet/configmaps.go b/tailnet/configmaps.go
@@ -217,7 +217,9 @@ func (c *configMaps) netMapLocked() *netmap.NetworkMap {
 func (c *configMaps) peerConfigLocked() []*tailcfg.Node {
 	out := make([]*tailcfg.Node, 0, len(c.peers))
 	for _, p := range c.peers {
-		if !p.readyForHandshake {
+		// Don't add nodes that we havent received a READY_FOR_HANDSHAKE for
+		// yet, if we want to wait for them.
+		if !p.readyForHandshake && c.waitForHandshake {
 			continue
 		}
 		n := p.node.Clone()
@@ -373,7 +375,7 @@ func (c *configMaps) updatePeerLocked(update *proto.CoordinateResponse_PeerUpdat
 		return false
 	}
 	logger := c.logger.With(slog.F("peer_id", id))
-	lc, ok := c.peers[id]
+	lc, peerOk := c.peers[id]
 	var node *tailcfg.Node
 	if update.Kind == proto.CoordinateResponse_PeerUpdate_NODE {
 		// If no preferred DERP is provided, we can't reach the node.
@@ -387,7 +389,7 @@ func (c *configMaps) updatePeerLocked(update *proto.CoordinateResponse_PeerUpdat
 			return false
 		}
 		logger = logger.With(slog.F("key_id", node.Key.ShortString()), slog.F("node", node))
-		peerStatus, ok := status.Peer[node.Key]
+		peerStatus, statusOk := status.Peer[node.Key]
 		// Starting KeepAlive messages at the initialization of a connection
 		// causes a race condition. If we send the handshake before the peer has
 		// our node, we'll have to wait for 5 seconds before trying again.
@@ -397,11 +399,10 @@ func (c *configMaps) updatePeerLocked(update *proto.CoordinateResponse_PeerUpdat
 		// SSH connections don't send packets while idle, so we use keep alives
 		// to avoid random hangs while we set up the connection again after
 		// inactivity.
-		// TODO: tie this into waitForHandshake (upstack PR)
-		node.KeepAlive = ok && peerStatus.Active
+		node.KeepAlive = (statusOk && peerStatus.Active) || (peerOk && lc.node.KeepAlive)
 	}
 	switch {
-	case !ok && update.Kind == proto.CoordinateResponse_PeerUpdate_NODE:
+	case !peerOk && update.Kind == proto.CoordinateResponse_PeerUpdate_NODE:
 		// new!
 		var lastHandshake time.Time
 		if ps, ok := status.Peer[node.Key]; ok {
@@ -425,7 +426,7 @@ func (c *configMaps) updatePeerLocked(update *proto.CoordinateResponse_PeerUpdat
 		// since we just got this node, we don't know if it's ready for
 		// handshakes yet.
 		return lc.readyForHandshake
-	case ok && update.Kind == proto.CoordinateResponse_PeerUpdate_NODE:
+	case peerOk && update.Kind == proto.CoordinateResponse_PeerUpdate_NODE:
 		// update
 		node.Created = lc.node.Created
 		dirty = !lc.node.Equal(node) && lc.readyForHandshake
@@ -434,20 +435,22 @@ func (c *configMaps) updatePeerLocked(update *proto.CoordinateResponse_PeerUpdat
 		lc.resetTimer()
 		logger.Debug(context.Background(), "node update to existing peer", slog.F("dirty", dirty))
 		return dirty
-	case ok && update.Kind == proto.CoordinateResponse_PeerUpdate_READY_FOR_HANDSHAKE:
+	case peerOk && update.Kind == proto.CoordinateResponse_PeerUpdate_READY_FOR_HANDSHAKE:
 		wasReady := lc.readyForHandshake
 		lc.readyForHandshake = true
 		if lc.readyForHandshakeTimer != nil {
 			lc.readyForHandshakeTimer.Stop()
+			lc.readyForHandshakeTimer = nil
 		}
+		lc.node.KeepAlive = true
 		logger.Debug(context.Background(), "peer ready for handshake")
 		return !wasReady
-	case !ok && update.Kind == proto.CoordinateResponse_PeerUpdate_READY_FOR_HANDSHAKE:
+	case !peerOk && update.Kind == proto.CoordinateResponse_PeerUpdate_READY_FOR_HANDSHAKE:
 		// TODO: should we keep track of ready for handshake messages we get
 		// from unknown nodes?
 		logger.Debug(context.Background(), "got peer ready for handshake for unknown peer")
 		return false
-	case !ok:
+	case !peerOk:
 		// disconnected or lost, but we don't have the node. No op
 		logger.Debug(context.Background(), "skipping update for peer we don't recognize")
 		return false
@@ -596,6 +599,7 @@ func (c *configMaps) peerReadyForHandshakeTimeout(peerID uuid.UUID) {
 		lc.readyForHandshakeTimer = nil
 		lc.readyForHandshake = true
 		if !wasReady {
+			c.netmapDirty = true
 			c.Broadcast()
 		}
 	}
diff --git a/tailnet/configmaps_internal_test.go b/tailnet/configmaps_internal_test.go
@@ -185,6 +185,52 @@ func TestConfigMaps_updatePeers_new(t *testing.T) {
 	_ = testutil.RequireRecvCtx(ctx, t, done)
 }
 
+func TestConfigMaps_updatePeers_new_waitForHandshake_neverConfigures(t *testing.T) {
+	t.Parallel()
+	ctx := testutil.Context(t, testutil.WaitShort)
+	logger := slogtest.Make(t, nil).Leveled(slog.LevelDebug)
+	fEng := newFakeEngineConfigurable()
+	nodePrivateKey := key.NewNode()
+	nodeID := tailcfg.NodeID(5)
+	discoKey := key.NewDisco()
+	uut := newConfigMaps(logger, fEng, nodeID, nodePrivateKey, discoKey.Public())
+	defer uut.close()
+	uut.setWaitForHandshake(true)
+	start := time.Date(2024, time.January, 1, 8, 0, 0, 0, time.UTC)
+	mClock := clock.NewMock()
+	mClock.Set(start)
+	uut.clock = mClock
+
+	p1ID := uuid.UUID{1}
+	p1Node := newTestNode(1)
+	p1n, err := NodeToProto(p1Node)
+	require.NoError(t, err)
+
+	// it should not send the peer to the netmap
+	requireNeverConfigures(ctx, t, &uut.phased)
+
+	go func() {
+		<-fEng.status
+		fEng.statusDone <- struct{}{}
+	}()
+
+	u1 := []*proto.CoordinateResponse_PeerUpdate{
+		{
+			Id:   p1ID[:],
+			Kind: proto.CoordinateResponse_PeerUpdate_NODE,
+			Node: p1n,
+		},
+	}
+	uut.updatePeers(u1)
+
+	done := make(chan struct{})
+	go func() {
+		defer close(done)
+		uut.close()
+	}()
+	_ = testutil.RequireRecvCtx(ctx, t, done)
+}
+
 func TestConfigMaps_updatePeers_new_waitForHandshake(t *testing.T) {
 	t.Parallel()
 	ctx := testutil.Context(t, testutil.WaitShort)
@@ -196,6 +242,10 @@ func TestConfigMaps_updatePeers_new_waitForHandshake(t *testing.T) {
 	uut := newConfigMaps(logger, fEng, nodeID, nodePrivateKey, discoKey.Public())
 	defer uut.close()
 	uut.setWaitForHandshake(true)
+	start := time.Date(2024, time.January, 1, 8, 0, 0, 0, time.UTC)
+	mClock := clock.NewMock()
+	mClock.Set(start)
+	uut.clock = mClock
 
 	p1ID := uuid.UUID{1}
 	p1Node := newTestNode(1)
@@ -254,6 +304,66 @@ func TestConfigMaps_updatePeers_new_waitForHandshake(t *testing.T) {
 	_ = testutil.RequireRecvCtx(ctx, t, done)
 }
 
+func TestConfigMaps_updatePeers_new_waitForHandshake_timeout(t *testing.T) {
+	t.Parallel()
+	ctx := testutil.Context(t, testutil.WaitShort)
+	logger := slogtest.Make(t, nil).Leveled(slog.LevelDebug)
+	fEng := newFakeEngineConfigurable()
+	nodePrivateKey := key.NewNode()
+	nodeID := tailcfg.NodeID(5)
+	discoKey := key.NewDisco()
+	uut := newConfigMaps(logger, fEng, nodeID, nodePrivateKey, discoKey.Public())
+	defer uut.close()
+	uut.setWaitForHandshake(true)
+	start := time.Date(2024, time.March, 29, 8, 0, 0, 0, time.UTC)
+	mClock := clock.NewMock()
+	mClock.Set(start)
+	uut.clock = mClock
+
+	p1ID := uuid.UUID{1}
+	p1Node := newTestNode(1)
+	p1n, err := NodeToProto(p1Node)
+	require.NoError(t, err)
+
+	go func() {
+		<-fEng.status
+		fEng.statusDone <- struct{}{}
+	}()
+
+	u1 := []*proto.CoordinateResponse_PeerUpdate{
+		{
+			Id:   p1ID[:],
+			Kind: proto.CoordinateResponse_PeerUpdate_NODE,
+			Node: p1n,
+		},
+	}
+	uut.updatePeers(u1)
+
+	mClock.Add(5 * time.Second)
+
+	// it should now send the peer to the netmap
+
+	nm := testutil.RequireRecvCtx(ctx, t, fEng.setNetworkMap)
+	r := testutil.RequireRecvCtx(ctx, t, fEng.reconfig)
+
+	require.Len(t, nm.Peers, 1)
+	n1 := getNodeWithID(t, nm.Peers, 1)
+	require.Equal(t, "127.3.3.40:1", n1.DERP)
+	require.Equal(t, p1Node.Endpoints, n1.Endpoints)
+	require.False(t, n1.KeepAlive)
+
+	// we rely on nmcfg.WGCfg() to convert the netmap to wireguard config, so just
+	// require the right number of peers.
+	require.Len(t, r.wg.Peers, 1)
+
+	done := make(chan struct{})
+	go func() {
+		defer close(done)
+		uut.close()
+	}()
+	_ = testutil.RequireRecvCtx(ctx, t, done)
+}
+
 func TestConfigMaps_updatePeers_same(t *testing.T) {
 	t.Parallel()
 	ctx := testutil.Context(t, testutil.WaitShort)
