diff --git a/CHANGELOG.md b/CHANGELOG.md index eee03861..57b3c8ee 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ ## Next + +## 0.25.0 (2025-02-xx) + ### BREAKING - Authentication flow has been rewritten @@ -13,6 +16,8 @@ [#1310](https://github.com/juanfont/headscale/issues/1310)). - A logged out node logging in with the same user will replace the existing node. +- Remove support for Tailscale clients older than 1.62 (Capability version 87) + [#2405](https://github.com/juanfont/headscale/pull/2405) ### Changes diff --git a/hscontrol/app.go b/hscontrol/app.go index c25ca9fc..1d4f3010 100644 --- a/hscontrol/app.go +++ b/hscontrol/app.go @@ -547,6 +547,8 @@ func nodesChangedHook(db *db.HSDatabase, polMan policy.PolicyManager, notif *not // Serve launches the HTTP and gRPC server service Headscale and the API. func (h *Headscale) Serve() error { + capver.CanOldCodeBeCleanedUp() + if profilingEnabled { if profilingPath != "" { err := os.MkdirAll(profilingPath, os.ModePerm) @@ -566,7 +568,7 @@ func (h *Headscale) Serve() error { log.Info(). Caller(). - Str("minimum_version", capver.TailscaleVersion(MinimumCapVersion)). + Str("minimum_version", capver.TailscaleVersion(capver.MinSupportedCapabilityVersion)). Msg("Clients with a lower minimum version will be rejected") // Fetch an initial DERP Map before we start serving diff --git a/hscontrol/capver/capver.go b/hscontrol/capver/capver.go index 8dc7a437..39fe5800 100644 --- a/hscontrol/capver/capver.go +++ b/hscontrol/capver/capver.go @@ -9,6 +9,20 @@ import ( "tailscale.com/util/set" ) +const MinSupportedCapabilityVersion tailcfg.CapabilityVersion = 88 + +// CanOldCodeBeCleanedUp is intended to be called on startup to see if +// there are old code that can ble cleaned up, entries should contain +// a CapVer where something can be cleaned up and a panic if it can. +// This is only intended to catch things in tests. +// +// All uses of Capability version checks should be listed here. +func CanOldCodeBeCleanedUp() { + if MinSupportedCapabilityVersion >= 111 { + panic("LegacyDERP can be cleaned up in tail.go") + } +} + func tailscaleVersSorted() []string { vers := xmaps.Keys(tailscaleToCapVer) sort.Strings(vers) diff --git a/hscontrol/capver/capver_test.go b/hscontrol/capver/capver_test.go index d49aa269..5a9310ac 100644 --- a/hscontrol/capver/capver_test.go +++ b/hscontrol/capver/capver_test.go @@ -15,6 +15,19 @@ func TestTailscaleLatestMajorMinor(t *testing.T) { }{ {3, false, []string{"v1.76", "v1.78", "v1.80"}}, {2, true, []string{"1.78", "1.80"}}, + // Lazy way to see all supported versions + {10, true, []string{ + "1.62", + "1.64", + "1.66", + "1.68", + "1.70", + "1.72", + "1.74", + "1.76", + "1.78", + "1.80", + }}, {0, false, nil}, } diff --git a/hscontrol/noise.go b/hscontrol/noise.go index a8aa6e13..034b2d1f 100644 --- a/hscontrol/noise.go +++ b/hscontrol/noise.go @@ -150,12 +150,8 @@ func (ns *noiseServer) earlyNoise(protocolVersion int, writer io.Writer) error { return nil } -const ( - MinimumCapVersion tailcfg.CapabilityVersion = 82 -) - func isSupportedVersion(version tailcfg.CapabilityVersion) bool { - return version >= MinimumCapVersion + return version >= capver.MinSupportedCapabilityVersion } func rejectUnsupported( @@ -168,9 +164,9 @@ func rejectUnsupported( if !isSupportedVersion(version) { log.Error(). Caller(). - Int("minimum_cap_ver", int(MinimumCapVersion)). + Int("minimum_cap_ver", int(capver.MinSupportedCapabilityVersion)). Int("client_cap_ver", int(version)). - Str("minimum_version", capver.TailscaleVersion(MinimumCapVersion)). + Str("minimum_version", capver.TailscaleVersion(capver.MinSupportedCapabilityVersion)). Str("client_version", capver.TailscaleVersion(version)). Str("node_key", nkey.ShortString()). Str("machine_key", mkey.ShortString()). diff --git a/integration/scenario.go b/integration/scenario.go index 93d1f2af..d8f00566 100644 --- a/integration/scenario.go +++ b/integration/scenario.go @@ -34,19 +34,6 @@ const ( var usePostgresForTest = envknob.Bool("HEADSCALE_INTEGRATION_POSTGRES") -func enabledVersions(vs map[string]bool) []string { - var ret []string - for version, enabled := range vs { - if enabled { - ret = append(ret, version) - } - } - - sort.Sort(sort.Reverse(sort.StringSlice(ret))) - - return ret -} - var ( errNoHeadscaleAvailable = errors.New("no headscale available") errNoUserAvailable = errors.New("no user available")