webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7,472 Commits 3 Branches 0 Tags
723c775dbbb4e4ad8a9a57a032d5a77ddcf37a8b
Commit Graph

7472 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Bleecher Snyder ce6aca13f0 tailcfg: add yet another IsZero method 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-30 17:55:12 -07:00
Josh Bleecher Snyder 070dfa0c3d tailcfg: add more IsZero methods 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-30 17:47:07 -07:00
Josh Bleecher Snyder efb08e4fee all: use IsZero methods 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-30 17:13:41 -07:00
Brad Fitzpatrick c8f257df00 Revert "all: keep UserProfiles a slice instead of a map for longer" 
This reverts commit e5894aba42.

Breaks macOS/iOS build. Reverting per chat with Josh; he'll fix later today.
 2020-09-30 08:43:31 -07:00
Brad Fitzpatrick 90b7293b3b ipn: add/move some constants, update a comment 
And make the StateStore implementations be Stringers, for error messages.
 2020-09-29 20:53:32 -07:00
Josh Bleecher Snyder 1fecf87363 control/controlclient: use wgcfg.PrivateKey.IsZero 
Generated by eg using template:

---

package p

import "github.com/tailscale/wireguard-go/wgcfg"

func before(k wgcfg.PrivateKey) bool { return k == wgcfg.PrivateKey{} }
func after(k wgcfg.PrivateKey) bool  { return k.IsZero() }


Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-29 17:50:40 -07:00
Josh Bleecher Snyder 2b8d2babfa tailcfg: add IsZero methods to UserID and NodeID 
These will be helpful for doing some automated refactoring.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-29 17:38:56 -07:00
Josh Bleecher Snyder e5894aba42 all: keep UserProfiles a slice instead of a map for longer 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-29 11:36:35 -07:00
Josh Bleecher Snyder 4d4ca2e496 control/controlclient: remove Roles fields from client 
They are unused.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-29 11:36:35 -07:00
David Anderson c493e5804f wgengine/router: make v6-ness configurable in test, for consistent results. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2020-09-28 23:47:05 +00:00
Josh Bleecher Snyder d3701417fc tailcfg: fix typo in comment 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-28 14:44:34 -07:00
Brad Fitzpatrick c86761cfd1 Remove tuntap references. We only use TUN. 2020-09-25 13:13:13 -07:00
Brad Fitzpatrick 8b94a769be cmd/tailscaled: use the standard flag page instead of getopt 
Per discussion with @crawshaw. The CLI tool already used std flag anyway.
If either of them, it would've made more sense for the CLI to use getopt.
 2020-09-25 13:12:10 -07:00
Brad Fitzpatrick 94a68a113b go.sum: tidy 2020-09-25 12:44:46 -07:00
Brad Fitzpatrick 01098f41d0 wgengine/tstun: fix typo in comment 2020-09-25 12:24:44 -07:00
Brad Fitzpatrick 73cc2d8f89 wgengine/filter: also silently drop link-local unicast traffic 
Updates #629
 2020-09-25 11:47:38 -07:00
Brad Fitzpatrick 5f807c389e wgengine/filter: drop multicast packets out, don't log about them 
Eventually we'll probably support multicast. For now it's just log spam.

Fixes #629
 2020-09-25 11:27:57 -07:00
Brad Fitzpatrick bbb56f2303 wgengine/router: fix tests on Debian Buster as regular user on machine with IPv6 2020-09-25 11:27:57 -07:00
David Anderson fddbcb0c7b wgengine/router: support various degrees of broken IPv6. 
Gracefully skips touching the v6 NAT table on systems that don't have
it, and doesn't configure IPv6 at all if IPv6 is globally disabled.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2020-09-24 18:37:00 -07:00
David Anderson 0d80904fc2 wgengine/router: set up basic IPv6 routing/firewalling. 
Part of #19.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2020-09-24 18:37:00 -07:00
Josh Bleecher Snyder f0ef561049 wgengine/tsdns: use netns to obtain a socket 
Fixes #789

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-24 15:48:40 -07:00
Josh Bleecher Snyder 6e8328cba5 wgengine/tsdns: replace connections when net link changes (macOS) 
When the network link changes, existing UDP sockets fail immediately
and permanently on macOS.

The forwarder set up a single UDP conn and never changed it.
As a result, any time there was a network link change,
all forwarded DNS queries failed.

To fix this, create a new connection when send requests
fail because of network unreachability.

This change is darwin-only, although extended it to other platforms
should be straightforward.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-24 15:31:27 -07:00
Josh Bleecher Snyder 1fd10061fd wgengine/tsdns: delegate bonjour service rdns requests 
While we're here, parseQuery into a plain function.
This is helpful for fuzzing. (Which I did a bit of. Didn't find anything.)

And clean up a few minor things.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-24 12:26:12 -07:00
Brad Fitzpatrick 2d0ed99672 wgengine, wgengine/router: add a bunch of (temporary?) engine creation logging 
Trying to debug what's slow on a user's machine.

Updates #785
 2020-09-23 15:27:30 -07:00
Brad Fitzpatrick 7c11f71ac5 wgengine/router: ignore errors deleting 169.254.255.255/32 route on Windows 
Updates #785
 2020-09-23 14:01:00 -07:00
David Anderson b7e0ff598a wgengine: don't close tundev in NewUserspaceEngine. 
newUserspaceEngineAdvanced closes the tun device on error already.

Fixes #783.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2020-09-23 19:55:34 +00:00
Brad Fitzpatrick a601a760ba version: add Windows MAJOR,MINOR,BUILD,REVISON value 
Updates #778

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2020-09-22 20:34:57 -07:00
Brad Fitzpatrick 8893c2ee78 net/interfaces, net/netns: move default route interface code to interfaces 
To populate interfaces.State.DefaultRouteInterface.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2020-09-22 19:02:17 -07:00
Brad Fitzpatrick fda9dc8815 net/netns: document Windows socket binding a bit more 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2020-09-22 13:05:26 -07:00
Brad Fitzpatrick 5d8b88be88 control/controlclient, version/distro, wgengine: recognize OpenWrt 
And help out with missing packages.

Thanks to @willangley for tips.

Updates #724
 2020-09-22 10:28:40 -07:00
Brad Fitzpatrick ec95e901e6 go.sum: update 2020-09-22 10:27:21 -07:00
Brad Fitzpatrick 3528d28ed1 wgengine/router: move Tailscale's winipcfg additions into wgengine/router 
Part of unforking our winipcfg-go and using upstream (#760), move our
additions into our repo. (We might upstream them later if upstream has
interest)

Originally these were:

@apenwarr: "Add ifc.SyncAddresses() and SyncRoutes()."
https://github.com/tailscale/winipcfg-go/commit/609dcf2df55fbb76effd430a51b9757676853390

@bradfitz: "winipcfg: make Interface.AddRoutes do as much as possible, return combined error"
https://github.com/tailscale/winipcfg-go/commit/e9f93d53f33a7d2cadbdfa822761b8251af4d4bd

@bradfitz: "prevent unnecessary Interface.SyncAddresses work; normalize IPNets in deltaNets"
https://github.com/tailscale/winipcfg-go/commit/decb9ee8e17028db14c6951413cdd34ab46efca4
 2020-09-22 09:24:10 -07:00
Brad Fitzpatrick 56a787fff8 go.mod, go.sum: bump wireguard-go 2020-09-21 15:22:56 -07:00
Brad Fitzpatrick fb03c60c9e version: bump date 2020-09-21 15:21:05 -07:00
Brad Fitzpatrick 963b927d5b net/tshttpproxy: appease staticcheck 2020-09-21 15:01:30 -07:00
Brad Fitzpatrick fd77268770 wgengine/router: enumerate all interfaces when finding Tailscale adapter by GUID 
Might fix it. I've spent too much time failing to reproduce the issue. This doesn't
seem to make it worse, though (it still runs for me), so I'll include this and
see if it helps others while I still work on a reliable way to reproduce it.

Updates tailscale/corp#474
 2020-09-21 14:52:52 -07:00
Brad Fitzpatrick 5bcac4eaac net/tshttpproxy: add GetProxyForURL negative cache 
Otherwise when PAC server is down, we log, and each log entry is a new
HTTP request (from logtail) and a new GetProxyForURL call, which again
logs, non-stop. This is also nicer to the WinHTTP service.

Then also hook up link change notifications to the cache to reset it
if there's a chance the network might work sooner.
 2020-09-21 14:05:28 -07:00
Josh Bleecher Snyder 4cc0ed67f9 tailcfg: add MachineKey.IsZero 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-09-21 12:19:59 -07:00
Brad Fitzpatrick 64a24e796b wgengine/tstun: fix 32-bit alignment again 2020-09-18 08:18:38 -07:00
Brad Fitzpatrick afb2be71de wgengine: add two missing TUN close calls 2020-09-18 08:04:15 -07:00
Brad Fitzpatrick abe095f036 wgengine/tstun: make Close safe for concurrent use 2020-09-18 08:03:10 -07:00
Brad Fitzpatrick 3bdcfa7193 ipn: remove DisableDERP pref 
We depend on DERP for NAT traversal now[0] so disabling it entirely can't
work.

What we'll do instead in the future is let people specify
alternate/additional DERP servers. And perhaps in the future we could
also add a pref for nodes to say when they expect to never need/want
to use DERP for data (but allow it for NAT traversal communication).

But this isn't the right pref and it doesn't work, so delete it.

Fixes #318

[0] https://tailscale.com/blog/how-nat-traversal-works/
 2020-09-18 07:44:01 -07:00
Christina Wen f0e9dcdc0a wgengine/router: restore /etc/resolv.conf after tailscale down is called 
This change is to restore /etc/resolv.conf after tailscale down is called. This is done by setting the dns.Manager before errors occur. Error collection is also added.

Fixes #723
 2020-09-17 16:40:22 -04:00
Brad Fitzpatrick 904a91038a tailcfg: add MapRequest.ReadOnly and OmitPeers; remove DebugForceDisco 
DebugForceDisco was a development & safety knob during the the transition
to discovery. It's no longer needed.

Add MapRequest.ReadOnly to prevent clients needing to do two
peer-spamming MapRequest at start-up.

This only adds the field, not the use of the field. (The control server
needs to support it first.)

Updates tailscale/corp#557

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2020-09-17 12:07:49 -07:00
Brad Fitzpatrick c41947903a ipn: don't log if legacy prefs don't exist (the normal case these days) 2020-09-17 08:00:45 -07:00
David Crawshaw 815bf017fc tsweb: when unwrapping HTTPError, record the user-facing message also in the log 
There's often some useful piece of information in there not already
repeated in the internal error.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
 2020-09-17 10:12:48 -04:00
David Crawshaw dea3ef0597 tsweb: make JSONHandlerFunc implement ReturnHandler, not http.Handler 
This way something is capable of logging errors on the server.

Fixes #766

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
 2020-09-17 09:07:32 -04:00
Brad Fitzpatrick 3aeb2e204c go.mod: bump github.com/tailscale/winipcfg-go for some Windows fixes 2020-09-16 14:49:00 -07:00
Brad Fitzpatrick acafe9811f wgengine/router: run netsh advfirewall less, rename, document setFirewall 2020-09-16 14:42:37 -07:00
Christina Wen 48fbe93e72 wgengine/magicsock: clarify pre-disco 'tailscale ping' error message 
This change clarifies the error message when a user pings a peer that is using an outdated version of Tailscale.
 2020-09-16 11:54:00 -04:00