From 2b9f3319803e74b81f16b5216ab99e70acad24ea Mon Sep 17 00:00:00 2001 From: Pedro Maia Costa <550684+pnmcosta@users.noreply.github.com> Date: Fri, 11 Jul 2025 10:29:10 +0100 Subject: [PATCH] always suffix ephemeral peer name (#4138) --- management/server/peer.go | 43 +++++++++++++++++++++++++-------------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/management/server/peer.go b/management/server/peer.go index a60513b38..21a9579fc 100644 --- a/management/server/peer.go +++ b/management/server/peer.go @@ -236,11 +236,23 @@ func (am *DefaultAccountManager) UpdatePeer(ctx context.Context, accountID, user if peer.Name != update.Name { var newLabel string - newLabel, err = getPeerIPDNSLabel(ctx, transaction, peer.IP, accountID, update.Name) + + newLabel, err = nbdns.GetParsedDomainLabel(update.Name) if err != nil { - return fmt.Errorf("failed to get free DNS label: %w", err) + newLabel = "" + } else { + _, err := transaction.GetPeerIdByLabel(ctx, store.LockingStrengthNone, accountID, update.Name) + if err == nil { + newLabel = "" + } } + if newLabel == "" { + newLabel, err = getPeerIPDNSLabel(peer.IP, update.Name) + if err != nil { + return fmt.Errorf("failed to get free DNS label: %w", err) + } + } peer.Name = update.Name peer.DNSLabel = newLabel peerLabelChanged = true @@ -472,6 +484,7 @@ func (am *DefaultAccountManager) AddPeer(ctx context.Context, setupKey, userID s var groupsToAdd []string var allowExtraDNSLabels bool var accountID string + var isEphemeral bool if addedByUser { user, err := am.Store.GetUserByUserID(ctx, store.LockingStrengthNone, userID) if err != nil { @@ -501,7 +514,7 @@ func (am *DefaultAccountManager) AddPeer(ctx context.Context, setupKey, userID s setupKeyName = sk.Name allowExtraDNSLabels = sk.AllowExtraDNSLabels accountID = sk.AccountID - + isEphemeral = sk.Ephemeral if !sk.AllowExtraDNSLabels && len(peer.ExtraDNSLabels) > 0 { return nil, nil, nil, status.Errorf(status.PreconditionFailed, "couldn't add peer: setup key doesn't allow extra DNS labels") } @@ -573,11 +586,17 @@ func (am *DefaultAccountManager) AddPeer(ctx context.Context, setupKey, userID s } var freeLabel string - freeLabel, err = getPeerIPDNSLabel(ctx, am.Store, freeIP, accountID, peer.Meta.Hostname) - if err != nil { - return nil, nil, nil, fmt.Errorf("failed to get free DNS label: %w", err) + if isEphemeral || attempt > 1 { + freeLabel, err = getPeerIPDNSLabel(freeIP, peer.Meta.Hostname) + if err != nil { + return nil, nil, nil, fmt.Errorf("failed to get free DNS label: %w", err) + } + } else { + freeLabel, err = nbdns.GetParsedDomainLabel(peer.Meta.Hostname) + if err != nil { + return nil, nil, nil, fmt.Errorf("failed to get free DNS label: %w", err) + } } - newPeer.DNSLabel = freeLabel newPeer.IP = freeIP @@ -647,7 +666,7 @@ func (am *DefaultAccountManager) AddPeer(ctx context.Context, setupKey, userID s if isUniqueConstraintError(err) { unlock() unlock = nil - log.WithContext(ctx).Debugf("Failed to add peer in attempt %d, retrying: %v", attempt, err) + log.WithContext(ctx).WithFields(log.Fields{"dns_label": freeLabel, "ip": freeIP}).Tracef("Failed to add peer in attempt %d, retrying: %v", attempt, err) continue } @@ -681,7 +700,7 @@ func (am *DefaultAccountManager) AddPeer(ctx context.Context, setupKey, userID s return am.getValidatedPeerWithMap(ctx, false, accountID, newPeer) } -func getPeerIPDNSLabel(ctx context.Context, tx store.Store, ip net.IP, accountID, peerHostName string) (string, error) { +func getPeerIPDNSLabel(ip net.IP, peerHostName string) (string, error) { ip = ip.To4() dnsName, err := nbdns.GetParsedDomainLabel(peerHostName) @@ -689,12 +708,6 @@ func getPeerIPDNSLabel(ctx context.Context, tx store.Store, ip net.IP, accountID return "", fmt.Errorf("failed to parse peer host name %s: %w", peerHostName, err) } - _, err = tx.GetPeerIdByLabel(ctx, store.LockingStrengthNone, accountID, dnsName) - if err != nil { - //nolint:nilerr - return dnsName, nil - } - return fmt.Sprintf("%s-%d-%d", dnsName, ip[2], ip[3]), nil }