starred/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-01-12 04:10:32 +01:00
Code Issues 98 Packages Projects Releases 10 Wiki Activity

Tailscale client fails to re-authenticate using an auth key after logout #232

New Issue
Closed
opened 2025-12-29 01:24:34 +01:00 by adam · 1 comment
adam commented 2025-12-29 01:24:34 +01:00
Owner
Copy Link

Originally created by @mevansam on GitHub (Mar 8, 2022).

Bug description

If a Tailscale client that uses an auth key to authenticate logs out and attempts to re-authenticate using a new key the client hangs and headscale server panics.

To Reproduce

  1. Use a new pre-auth key to authenticate a new Tailscale client with headscale
  2. Client should login successfully.
  3. Log the client out via the Tailscale client.
  4. Create a new pre-auth key and attempt to re-authenticate via the Tailscale client.

Context info

  • Version of headscale used: main/latest
  • Version of tailscale client: 1.22.0
  • OS (e.g. Linux, Mac, Cygwin, WSL, etc.) and version: macOS Big Sur
  • Log output

Headscale Log

2022-03-08T17:08:45Z DBG Machine registration has expired. Sending a authurl to register machine=test-machine
2022-03-08T17:08:45Z DBG Processing auth key for test-machine func=handleAuthKey machine=test-machine
2022-03-08T17:08:45Z DBG Authentication key was valid, proceeding to acquire IP addresses func=handleAuthKey machine=test-machine
2022-03-08T17:08:45Z INF Successfully authenticated via AuthKey func=handleAuthKey ips="fd7a:115c:a1e0::2, 100.64.0.2" machine=test-machine
[GIN] 2022/03/08 - 12:08:45 | 200 |    3.884024ms |   192.168.1.154 | POST     "/machine/221d92c201f65e402666072e3c223d73e1329603a0f8337350d6c9c4cc70fd60"
2022-03-08T17:08:45Z DBG Client map request processed handler=PollNetMap id=221d92c201f65e402666072e3c223d73e1329603a0f8337350d6c9c4cc70fd60 machine=test-machine omitPeers=false readOnly=false stream=true
2022-03-08T17:08:45Z INF Client is ready to access the tailnet handler=PollNetMap machine=test-machine
2022-03-08T17:08:45Z INF Sending initial map handler=PollNetMap machine=test-machine
2022-03-08T17:08:45Z INF Notifying peers handler=PollNetMap machine=test-machine
2022-03-08T17:08:45Z DBG There has been updates since the last successful update to test-machine handler=PollNetMapStream last_state_change=1646759325 last_successful_update=1646759307 machine=test-machine
2022-03-08T17:08:45Z DBG Machine registration has expired. Sending a authurl to register machine=test-machine
2022-03-08T17:08:45Z DBG Processing auth key for test-machine func=handleAuthKey machine=test-machine
2022-03-08T17:08:45Z ERR api.go:545 > Failed authentication via AuthKey error="AuthKey has already been used" func=handleAuthKey machine=test-machine
2022-03-08T17:08:45Z ERR api.go:568 > Failed authentication via AuthKey func=handleAuthKey machine=test-machine

2022/03/08 12:08:47 [Recovery] 2022/03/08 - 12:08:47 panic recovered:
POST /machine/221d92c201f65e402666072e3c223d73e1329603a0f8337350d6c9c4cc70fd60 HTTP/1.1
Host: 192.168.1.154:8080
Content-Length: 1296
User-Agent: Go-http-client/1.1


runtime error: invalid memory address or nil pointer dereference
Originally created by @mevansam on GitHub (Mar 8, 2022). **Bug description** If a Tailscale client that uses an auth key to authenticate logs out and attempts to re-authenticate using a new key the client hangs and headscale server panics. **To Reproduce** 1) Use a new pre-auth key to authenticate a new Tailscale client with headscale 2) Client should login successfully. 3) Log the client out via the Tailscale client. 4) Create a new pre-auth key and attempt to re-authenticate via the Tailscale client. **Context info** - Version of headscale used: main/latest - Version of tailscale client: 1.22.0 - OS (e.g. Linux, Mac, Cygwin, WSL, etc.) and version: macOS Big Sur - Log output Headscale Log ``` 2022-03-08T17:08:45Z DBG Machine registration has expired. Sending a authurl to register machine=test-machine 2022-03-08T17:08:45Z DBG Processing auth key for test-machine func=handleAuthKey machine=test-machine 2022-03-08T17:08:45Z DBG Authentication key was valid, proceeding to acquire IP addresses func=handleAuthKey machine=test-machine 2022-03-08T17:08:45Z INF Successfully authenticated via AuthKey func=handleAuthKey ips="fd7a:115c:a1e0::2, 100.64.0.2" machine=test-machine [GIN] 2022/03/08 - 12:08:45 | 200 | 3.884024ms | 192.168.1.154 | POST "/machine/221d92c201f65e402666072e3c223d73e1329603a0f8337350d6c9c4cc70fd60" 2022-03-08T17:08:45Z DBG Client map request processed handler=PollNetMap id=221d92c201f65e402666072e3c223d73e1329603a0f8337350d6c9c4cc70fd60 machine=test-machine omitPeers=false readOnly=false stream=true 2022-03-08T17:08:45Z INF Client is ready to access the tailnet handler=PollNetMap machine=test-machine 2022-03-08T17:08:45Z INF Sending initial map handler=PollNetMap machine=test-machine 2022-03-08T17:08:45Z INF Notifying peers handler=PollNetMap machine=test-machine 2022-03-08T17:08:45Z DBG There has been updates since the last successful update to test-machine handler=PollNetMapStream last_state_change=1646759325 last_successful_update=1646759307 machine=test-machine 2022-03-08T17:08:45Z DBG Machine registration has expired. Sending a authurl to register machine=test-machine 2022-03-08T17:08:45Z DBG Processing auth key for test-machine func=handleAuthKey machine=test-machine 2022-03-08T17:08:45Z ERR api.go:545 > Failed authentication via AuthKey error="AuthKey has already been used" func=handleAuthKey machine=test-machine 2022-03-08T17:08:45Z ERR api.go:568 > Failed authentication via AuthKey func=handleAuthKey machine=test-machine 2022/03/08 12:08:47 [Recovery] 2022/03/08 - 12:08:47 panic recovered: POST /machine/221d92c201f65e402666072e3c223d73e1329603a0f8337350d6c9c4cc70fd60 HTTP/1.1 Host: 192.168.1.154:8080 Content-Length: 1296 User-Agent: Go-http-client/1.1 runtime error: invalid memory address or nil pointer dereference ```
adam added the bug label 2025-12-29 01:24:34 +01:00
adam closed this issue 2025-12-29 01:24:34 +01:00
adam commented 2025-12-29 01:24:35 +01:00
Author
Owner
Copy Link

@mevansam commented on GitHub (Mar 8, 2022):

I have determined the cause is due to the expired machine row after logout being returned when the poll happens instead of the current machine row after re-login. The fix is to filter out expired rows when retrieving the most current version of the machine record.

@mevansam commented on GitHub (Mar 8, 2022): I have determined the cause is due to the expired machine row after logout being returned when the poll happens instead of the current machine row after re-login. The fix is to filter out expired rows when retrieving the most current version of the machine record.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
CLI
DERP
DNS
Nix
OIDC
SSH
bug
database
documentation
duplicate
enhancement
faq
good first issue
grants
help wanted
might-come
needs design doc
needs investigation
no-stale-bot
out of scope
performance
policy 📝
pull-request
Mirrored from GitHub Pull Request
 question
regression
routes
stale
tags
tailscale-feature-gap
well described ❤️
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/headscale#232
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?