MCPcopy
hub / github.com/slackhq/nebula / handleHostUpdateNotification

Method handleHostUpdateNotification

lighthouse.go:1239–1308  ·  view source on GitHub ↗
(n *NebulaMeta, fromVpnAddrs []netip.Addr, w EncWriter)

Source from the content-addressed store, hash-verified

1237}
1238
1239func (lhh *LightHouseHandler) handleHostUpdateNotification(n *NebulaMeta, fromVpnAddrs []netip.Addr, w EncWriter) {
1240 if !lhh.lh.amLighthouse {
1241 if lhh.l.Level >= logrus.DebugLevel {
1242 lhh.l.Debugln("I am not a lighthouse, do not take host updates: ", fromVpnAddrs)
1243 }
1244 return
1245 }
1246
1247 // not using GetVpnAddrAndVersion because we don't want to error on a blank detailsVpnAddr
1248 var detailsVpnAddr netip.Addr
1249 var useVersion cert.Version
1250 if n.Details.OldVpnAddr != 0 { //v1 always sets this field
1251 b := [4]byte{}
1252 binary.BigEndian.PutUint32(b[:], n.Details.OldVpnAddr)
1253 detailsVpnAddr = netip.AddrFrom4(b)
1254 useVersion = cert.Version1
1255 } else if n.Details.VpnAddr != nil { //this field is "optional" in v2, but if it's set, we should enforce it
1256 detailsVpnAddr = protoAddrToNetAddr(n.Details.VpnAddr)
1257 useVersion = cert.Version2
1258 } else {
1259 detailsVpnAddr = netip.Addr{}
1260 useVersion = cert.Version2
1261 }
1262
1263 //Simple check that the host sent this not someone else, if detailsVpnAddr is filled
1264 if detailsVpnAddr.IsValid() && !slices.Contains(fromVpnAddrs, detailsVpnAddr) {
1265 if lhh.l.Level >= logrus.DebugLevel {
1266 lhh.l.WithField("vpnAddrs", fromVpnAddrs).WithField("answer", detailsVpnAddr).Debugln("Host sent invalid update")
1267 }
1268 return
1269 }
1270
1271 relays := n.Details.GetRelays()
1272
1273 lhh.lh.Lock()
1274 am := lhh.lh.unlockedGetRemoteList(fromVpnAddrs)
1275 am.Lock()
1276 lhh.lh.Unlock()
1277
1278 am.unlockedSetV4(fromVpnAddrs[0], fromVpnAddrs[0], n.Details.V4AddrPorts, lhh.lh.unlockedShouldAddV4)
1279 am.unlockedSetV6(fromVpnAddrs[0], fromVpnAddrs[0], n.Details.V6AddrPorts, lhh.lh.unlockedShouldAddV6)
1280 am.unlockedSetRelay(fromVpnAddrs[0], relays)
1281 am.Unlock()
1282
1283 n = lhh.resetMeta()
1284 n.Type = NebulaMeta_HostUpdateNotificationAck
1285 switch useVersion {
1286 case cert.Version1:
1287 if !fromVpnAddrs[0].Is4() {
1288 lhh.l.WithField("vpnAddrs", fromVpnAddrs).Error("Can not send HostUpdateNotificationAck for a ipv6 vpn ip in a v1 message")
1289 return
1290 }
1291 vpnAddrB := fromVpnAddrs[0].As4()
1292 n.Details.OldVpnAddr = binary.BigEndian.Uint32(vpnAddrB[:])
1293 case cert.Version2:
1294 // do nothing, we want to send a blank message
1295 default:
1296 lhh.l.WithField("useVersion", useVersion).Error("invalid protocol version")

Callers 1

HandleRequestMethod · 0.95

Calls 11

resetMetaMethod · 0.95
protoAddrToNetAddrFunction · 0.85
GetRelaysMethod · 0.80
unlockedGetRemoteListMethod · 0.80
unlockedSetV4Method · 0.80
unlockedSetV6Method · 0.80
unlockedSetRelayMethod · 0.80
metricTxMethod · 0.80
SendMessageToVpnAddrMethod · 0.65
ErrorMethod · 0.45
MarshalToMethod · 0.45

Tested by

no test coverage detected