starred/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-04-23 00:58:43 +02:00
Code Issues 98 Packages Projects Releases 10 Wiki Activity

types: include ExitRoutes in HasNetworkChanges

Browse Source 
When exit routes are approved, SubnetRoutes remains empty because exit
routes (0.0.0.0/0, ::/0) are classified separately. Without checking
ExitRoutes, the PolicyManager cache is not invalidated on exit route
approval, causing stale filter rules that lack via grant entries for
autogroup:internet destinations.

Updates #2180
This commit is contained in:
Kristoffer Dalby
2026-03-26 18:21:16 +00:00
parent a76b4bd46c
commit 15c1cfd778
2 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hscontrol/types/node.go
View File

@@ -1030,6 +1030,10 @@ func (nv NodeView) HasNetworkChanges(other NodeView) bool {
return true return true
} }
if !slices.Equal(nv.ExitRoutes(), other.ExitRoutes()) {
return true
}
return false return false
} }

31
hscontrol/types/node_test.go
View File

@@ -958,6 +958,37 @@ func TestHasNetworkChanges(t *testing.T) {
}, },
changed: false, changed: false,
}, },
{
name: "ExitRoutes approved",
old: &Node{
ID: 1,
IPv4: mustIPPtr("100.64.0.1"),
Hostinfo: &tailcfg.Hostinfo{RoutableIPs: []netip.Prefix{netip.MustParsePrefix("0.0.0.0/0"), netip.MustParsePrefix("::/0")}},
},
new: &Node{
ID: 1,
IPv4: mustIPPtr("100.64.0.1"),
Hostinfo: &tailcfg.Hostinfo{RoutableIPs: []netip.Prefix{netip.MustParsePrefix("0.0.0.0/0"), netip.MustParsePrefix("::/0")}},
ApprovedRoutes: []netip.Prefix{netip.MustParsePrefix("0.0.0.0/0"), netip.MustParsePrefix("::/0")},
},
changed: true,
},
{
name: "ExitRoutes unchanged when SubnetRoutes change",
old: &Node{
ID: 1,
IPv4: mustIPPtr("100.64.0.1"),
Hostinfo: &tailcfg.Hostinfo{RoutableIPs: []netip.Prefix{netip.MustParsePrefix("0.0.0.0/0"), netip.MustParsePrefix("::/0"), netip.MustParsePrefix("10.0.0.0/24")}},
ApprovedRoutes: []netip.Prefix{netip.MustParsePrefix("0.0.0.0/0"), netip.MustParsePrefix("::/0")},
},
new: &Node{
ID: 1,
IPv4: mustIPPtr("100.64.0.1"),
Hostinfo: &tailcfg.Hostinfo{RoutableIPs: []netip.Prefix{netip.MustParsePrefix("0.0.0.0/0"), netip.MustParsePrefix("::/0"), netip.MustParsePrefix("10.0.0.0/24")}},
ApprovedRoutes: []netip.Prefix{netip.MustParsePrefix("0.0.0.0/0"), netip.MustParsePrefix("::/0"), netip.MustParsePrefix("10.0.0.0/24")},
},
changed: true,
},
} }
for _, tt := range tests { for _, tt := range tests {