Simplify control flow in RegistrationHandler

This commits tries to dismantle the complicated "if and or" in the
RegistrationHandler by factoring out the "is Registrated" into a root
if.

This, together with some new comments, should hopefully make it a bit
easier to follow what is happening in all the different cases that needs
to be handled when a Node contacts the registration endpoint.
This commit is contained in:
Kristoffer Dalby 2021-11-21 13:59:24 +00:00
parent 8ccc51ae57
commit c4ecc4db91

29
api.go
View file

@ -116,13 +116,12 @@ func (h *Headscale) RegistrationHandler(ctx *gin.Context) {
machine = &newMachine machine = &newMachine
} }
if !machine.Registered && req.Auth.AuthKey != "" { if machine.Registered {
h.handleAuthKey(ctx, machineKey, req, *machine) // If the NodeKey stored in headscale is the same as the key presented in a registration
// request, then we have a node that is either:
return // - Trying to log out (sending a expiry in the past)
} // - A valid, registered machine, looking for the node map
// - Expired machine wanting to reauthenticate
// We have the updated key!
if machine.NodeKey == wgkey.Key(req.NodeKey).HexString() { if machine.NodeKey == wgkey.Key(req.NodeKey).HexString() {
// The client sends an Expiry in the past if the client is requesting to expire the key (aka logout) // The client sends an Expiry in the past if the client is requesting to expire the key (aka logout)
// https://github.com/tailscale/tailscale/blob/main/tailcfg/tailcfg.go#L648 // https://github.com/tailscale/tailscale/blob/main/tailcfg/tailcfg.go#L648
@ -132,12 +131,15 @@ func (h *Headscale) RegistrationHandler(ctx *gin.Context) {
return return
} }
if machine.Registered && !machine.isExpired() { // If machine is not expired, and is register, we have a already accepted this machine,
// let it proceed with a valid registration
if !machine.isExpired() {
h.handleMachineValidRegistration(ctx, machineKey, *machine) h.handleMachineValidRegistration(ctx, machineKey, *machine)
return return
} }
// The machine has expired
h.handleMachineExpired(ctx, machineKey, req, *machine) h.handleMachineExpired(ctx, machineKey, req, *machine)
return return
@ -150,6 +152,14 @@ func (h *Headscale) RegistrationHandler(ctx *gin.Context) {
return return
} }
}
// If the machine has AuthKey set, handle registration via PreAuthKeys
if req.Auth.AuthKey != "" {
h.handleAuthKey(ctx, machineKey, req, *machine)
return
}
h.handleMachineRegistrationNew(ctx, machineKey, req, *machine) h.handleMachineRegistrationNew(ctx, machineKey, req, *machine)
} }
@ -286,8 +296,7 @@ func (h *Headscale) handleMachineLogOut(
Str("machine", machine.Name). Str("machine", machine.Name).
Msg("Client requested logout") Msg("Client requested logout")
machine.Expiry = &reqisterRequest.Expiry // save the expiry so that the machine is marked as expired h.ExpireMachine(&machine)
h.db.Save(&machine)
resp.AuthURL = "" resp.AuthURL = ""
resp.MachineAuthorized = false resp.MachineAuthorized = false