From 94aaab042f4b69d08447999d9c919c5287d135ea Mon Sep 17 00:00:00 2001 From: Nate Brown Date: Wed, 3 Nov 2021 21:54:27 -0500 Subject: [PATCH] Fix race between punchback and lighthouse handler reset (#566) --- CHANGELOG.md | 3 +++ lighthouse.go | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5b3e86f..11f8bf8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -45,6 +45,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 will immediately switch to a preferred remote address after the reception of a handshake packet (instead of waiting until 1,000 packets have been sent). (#532) + +- A race condition when `punchy.respond` is enabled and ensures the correct + vpn ip is sent a punch back response in highly queried node. (#566) ## [1.4.0] - 2021-05-11 diff --git a/lighthouse.go b/lighthouse.go index ac555fa..6c07440 100644 --- a/lighthouse.go +++ b/lighthouse.go @@ -632,15 +632,16 @@ func (lhh *LightHouseHandler) handleHostPunchNotification(n *NebulaMeta, vpnIp i // of a double nat or other difficult scenario, this may help establish // a tunnel. if lhh.lh.punchBack { + queryVpnIp := iputil.VpnIp(n.Details.VpnIp) go func() { time.Sleep(time.Second * 5) if lhh.l.Level >= logrus.DebugLevel { - lhh.l.Debugf("Sending a nebula test packet to vpn ip %s", iputil.VpnIp(n.Details.VpnIp)) + lhh.l.Debugf("Sending a nebula test packet to vpn ip %s", queryVpnIp) } //NOTE: we have to allocate a new output buffer here since we are spawning a new goroutine // for each punchBack packet. We should move this into a timerwheel or a single goroutine // managed by a channel. - w.SendMessageToVpnIp(header.Test, header.TestRequest, iputil.VpnIp(n.Details.VpnIp), []byte(""), make([]byte, 12, 12), make([]byte, mtu)) + w.SendMessageToVpnIp(header.Test, header.TestRequest, queryVpnIp, []byte(""), make([]byte, 12, 12), make([]byte, mtu)) }() } }