lzc256
/
tailscale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use State Store Instead of File for Cert Cache 

Fixes Custom IPN State Store Not Used #8254

Signed-off-by: Matthew Brown <matthew@bargrove.com>
pull/8255/head
Matthew Brown 2023-06-02 12:30:57 +01:00
parent d06fac0ede
commit c161a9d35c
No known key found for this signature in database
1 changed files with 3 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
ipn/ipnlocal/cert.go
View File

@ -34,11 +34,8 @@ import (
"golang.org/x/exp/slices" "golang.org/x/exp/slices"
"tailscale.com/atomicfile" "tailscale.com/atomicfile"
"tailscale.com/envknob" "tailscale.com/envknob"
"tailscale.com/hostinfo"
"tailscale.com/ipn" "tailscale.com/ipn"
"tailscale.com/ipn/ipnstate" "tailscale.com/ipn/ipnstate"
"tailscale.com/ipn/store"
"tailscale.com/ipn/store/mem"
"tailscale.com/types/logger" "tailscale.com/types/logger"
"tailscale.com/version" "tailscale.com/version"
"tailscale.com/version/distro" "tailscale.com/version/distro"
@ -154,22 +151,9 @@ type certStore interface {
var errCertExpired = errors.New("cert expired") var errCertExpired = errors.New("cert expired")
func (b *LocalBackend) getCertStore() (certStore, error) { func (b *LocalBackend) getCertStore() (certStore, error) {
switch b.store.(type) { return certStateStore{
case *store.FileStore: StateStore: b.sys.StateStore.Get(),
case *mem.Store: }, nil
default:
if hostinfo.GetEnvType() == hostinfo.Kubernetes {
// We're running in Kubernetes with a custom StateStore,
// use that instead of the cert directory.
// TODO(maisem): expand this to other environments?
return certStateStore{StateStore: b.store}, nil
}
}
dir, err := b.certDir()
if err != nil {
return nil, err
}
return certFileStore{dir: dir}, nil
} }
// certFileStore implements certStore by storing the cert & key files in the named directory. // certFileStore implements certStore by storing the cert & key files in the named directory.