fix: add error checking in acl and poll

If aclPolicy is not defined, in updateAclPolicy, return an error.
This commit is contained in:
Adrien Raffin-Caboisse 2022-02-21 20:06:31 +01:00
parent 211fe4034a
commit 50af44bc2f
2 changed files with 13 additions and 8 deletions

View file

@ -86,6 +86,10 @@ func (h *Headscale) UpdateACLRules() error {
func (h *Headscale) generateACLRules() ([]tailcfg.FilterRule, error) { func (h *Headscale) generateACLRules() ([]tailcfg.FilterRule, error) {
rules := []tailcfg.FilterRule{} rules := []tailcfg.FilterRule{}
if h.aclPolicy == nil {
return nil, errEmptyPolicy
}
machines, err := h.ListAllMachines() machines, err := h.ListAllMachines()
if err != nil { if err != nil {
return nil, err return nil, err

17
poll.go
View file

@ -95,15 +95,16 @@ func (h *Headscale) PollNetMapHandler(ctx *gin.Context) {
now := time.Now().UTC() now := time.Now().UTC()
// update ACLRules with peer informations (to update server tags if necessary) // update ACLRules with peer informations (to update server tags if necessary)
err = h.UpdateACLRules() if h.aclPolicy != nil {
if err != nil { err = h.UpdateACLRules()
log.Error(). if err != nil {
Caller(). log.Error().
Str("func", "handleAuthKey"). Caller().
Str("machine", machine.Name). Str("func", "handleAuthKey").
Err(err) Str("machine", machine.Name).
Err(err)
}
} }
// From Tailscale client: // From Tailscale client:
// //
// ReadOnly is whether the client just wants to fetch the MapResponse, // ReadOnly is whether the client just wants to fetch the MapResponse,