Clarified why we have a different key

This commit is contained in:
Juan Font Alonso 2022-08-20 00:23:33 +02:00
parent 175dfa1ede
commit f0a8a2857b
2 changed files with 2 additions and 1 deletions

1
app.go
View file

@ -132,6 +132,7 @@ func NewHeadscale(cfg *Config) (*Headscale, error) {
return nil, ErrFailedPrivateKey return nil, ErrFailedPrivateKey
} }
// TS2021 requires to have a different key from the legacy protocol.
noisePrivateKey, err := readOrCreatePrivateKey(cfg.NoisePrivateKeyPath) noisePrivateKey, err := readOrCreatePrivateKey(cfg.NoisePrivateKeyPath)
if err != nil { if err != nil {
return nil, ErrFailedNoisePrivateKey return nil, ErrFailedNoisePrivateKey

View file

@ -56,8 +56,8 @@ func (h *Headscale) KeyHandler(
return return
} }
// TS2021 (Tailscale v2 protocol) requires to have a different key
if clientCapabilityVersion >= NoiseCapabilityVersion { if clientCapabilityVersion >= NoiseCapabilityVersion {
// Tailscale has a different key for the TS2021 protocol
resp := tailcfg.OverTLSPublicKeyResponse{ resp := tailcfg.OverTLSPublicKeyResponse{
LegacyPublicKey: h.privateKey.Public(), LegacyPublicKey: h.privateKey.Public(),
PublicKey: h.noisePrivateKey.Public(), PublicKey: h.noisePrivateKey.Public(),