Commit Graph

38 Commits (bd5ef3fd68d6cef35f80242cb240b0e5d290c7ac)

Author SHA1 Message Date
Brad Fitzpatrick cff9e2a772 cmd/tailscale: fix netstack init, call SetLocalBackend
The netstack code on Android was never told about the LocalBackend,
so the peerapi interception wasn't working.

Fixes tailscale/tailscale#4449
Fixes tailscale/tailscale#4293

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
3 years ago
Denton Gentry 5868fdb7b0 go.mod: update OSS from HEAD.
Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Brad Fitzpatrick 9d801a42d7 Add secret Run Exit Node option when "debug" is searched for.
And bump tailscale dep, to bring in new ipn.Prefs API and wire up
ExitDNS for Android.

This change has no visible behavior change to anybody unless they
search for "debug" and then hit the "..." menu.

Updates tailscale/tailscale#1738

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
3 years ago
Brad Fitzpatrick ed29f4b3d2 cmd/tailscale: add "Bug report" item to menu
Signed-off-by: Brad Fitzpatrick <brad@danga.com>
3 years ago
Denton Gentry 184250167b
Merge branch 'main' into dns 3 years ago
Denton Gentry ca696b116c Update opensource repository 3 years ago
Denton Gentry 5c9cec0064 retrieve current DNS servers.
Add getDnsConfigAsString() to retrieve the current DNS
configuration from the Android platform. This implements
several mechanisms to retrieve DNS information, suitable
for different Android versions:

Android 7 and later use ConnectivityManager getAllNetworks(),
then iterate over each network to retrieve DNS servers and
search domains using the LinkProperties.

Android 6 and earlier can only retrieve the currently active
interface using ConnectivityManager getActiveNetwork(), but have
two additional fallback options which leverage the system
properties available in older Android releases.

--------

Also changed how LinkChange notification works, switching from
the older BroadcastReceiver of a ConnectivityManager Intent to
the newer ConnectivityManager.registerNetworkCallback. We need
this because the onAvailable event is too early, we get notified
that LTE is up before its DNS servers have been set. We need
to wait for the onLinkPropertiesChanged event instead, which is
only available with registerNetworkCallback.

Fixes https://github.com/tailscale/tailscale/issues/2116
Updates https://github.com/tailscale/tailscale/issues/988

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Denton Gentry 729bf9a356 backend: use logpolicy.NewLogtailTransport
Allows use of bootstrap DNS and of a built-in ISRG X1 root
certificate.

Fixes https://github.com/tailscale/tailscale/issues/3046
3 years ago
Brad Fitzpatrick d0b4a09e59 fix name of NewUserspaceEngine in error/comment
It was renamed some time ago.
3 years ago
Brad Fitzpatrick ac8ec020b8 Update to Tailscale 1.10.
Updates tailscale/tailscale#2102
Updates tailscale/tailscale#1809
3 years ago
Denton Gentry 90351e7392 backend: Send DNS config through CallbackRouter.
Using NewNoopManager avoided the errors from trying to overwrite
/etc/resolv.conf, but still didn't fully work. Route DNS config
through the CallbackRouter.

Fixes https://github.com/tailscale/tailscale/issues/1956

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
4 years ago
Elias Naur 9ba4a01a4e cmd/tailscale: remove tstun.Wrapper
NewUserspaceEngine wraps our TUN device already.

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Denton Gentry ec8133a972 backend: use dns.NewNoopManager.
Android updates its DNS config in updateTUN() when in response
to several different channels from the backend.

There is not an Android-specific NewOSConfigurator, we end
up pulling in the Linux NewOSConfigurator:
https://github.com/tailscale/tailscale/blob/main/net/dns/manager_linux.go

The Linux DNS manager expects to be able to write to /etc/resolv.conf,
which does not work on Android and causes errors in updating DNS config.

Instead, allocate dns.NewNoopManager to disable the DNS manager, and
rely on the updateTUN() code to handle DNS.

Fixes https://github.com/tailscale/tailscale/issues/1956

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
4 years ago
Elias Naur 06e461d703 go.*,cmd/tailscale: upgrade to tailscale.com v1.8.3
Updates tailscale/tailscale#1695

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 05212e770b cmd/tailscale: don't configure logtail for low memory
logtail in low memory configuration truncates log lines to ~254 bytes.

Fixes tailscale/tailscale#1625

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 56362cc61a cmd/tailscale,go.*: upgrade to latest tailscale
Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur ba38a9bb59 jni,cmd/tailscale: replace jni.EnvFor with explicit conversion
The EnvFor converted an uintptr to a pointer value, which is not
guaranteed to work in general. This change removes EnvFor and pushes the
potentially unsafe conversion to users of the jni package.

Fixes tailscale/tailscale#1195

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 61d9733b24 jni,cmd/tailscale: replace jni.JVMFor with direct cast
The JVMFor function converted an uintptr to a pointer, which is not
guaranteed to work in general. This change removes JVMFor, forcing the
unsafe conversion to the user of the jni packge.

Updates tailscale/tailscale#1195

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
David Anderson b1395cfefb cmd/tailscale: update to network engine that supports IPv6.
Part of tailscale/tailscale#1158.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Elias Naur 33a953fb21 cmd/tailscale: only refresh VPN tunnel if configuration changed
This used to work, but a later ChromeOS workaround closed and cleared the last
configuration before comparing it with the new.

Fixes tailscale/tailscale#966

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 25168130a7 cmd/tailscale,go.*: update to tailscale 1.2
Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 1003774193 cmd/tailscale,go.*: fix network hangs on Huawei devices
Bump the tailscale.com module version to get the Android fallback
for determining the default network device,

25b021388b

Updates tailscale/tailscale#471

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 758e5691da cmd/tailscale: mask route addresses to please VpnService.Builder.addRoute
Update inet.af/netaddr for IPPrefix.Masked.

Fixes tailscale/tailscale#645

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 454c59a4e5 cmd/tailscale: add detail to VpnService.Builder cosntruction errors
Updates tailscale/tailscale#645

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 943bded910 cmd/tailscale: don't duplicate log output
logtail.Log by default writes log output to stderr, but stderr is taken over by
filch's ReplaceStderr, resulting in duplicate logs sent to Tailscale.
ReplaceStderr is useful for capturing stack dumps from panics.

Configure logtail to route logs to the Android logger, which stops the
duplicate logging and replaces an existing MultiWriter setup for the same
purpose.

Reduce the scope of the logtail logger while here.

Fixes tailscale/tailscale#646

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur a7dfea267c cmd/tailscale: fallback back to Google DNS on ChromeOS
Contrary to the VpnService.Builder documentation, ChromeOS doesn't
automatically fall back to the underlying network nameservers when
none are provided.

Updates tailscale/tailscale#431

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 7211e6db1b cmd/tailscale: tee log output to both Tailscale and the Android log
Updates tailscale/tailscale#471

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 93afdf1e5d cmd/tailscale: bump tailscale version
Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 19ed532519 cmd/tailscale: don't set up VPN for invalid configurations
Fixes tailscale/tailscale#507

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur df1d8b338b cmd/tailscale: implement Google ID sign-in
Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur a39b174ed8 cmd/tailscale: don't set up logging twice
Updates tailscale/tailscale#500

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur f88e8f6f8c cmd/tailscale: bump tailscale.com version
Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
Elias Naur 28c8a2e1e5 go.mod: change the module name to github.com/tailscale/tailscale-android
Makes it go-gettable.

Signed-off-by: Elias Naur <mail@eliasnaur.com>
5 years ago
Elias Naur 31b3c725c8 cmd/tailscale: reset cached config when failing to set up VPN tunnel
Add a bit of logging while here.

Signed-off-by: Elias Naur <mail@eliasnaur.com>
5 years ago
Elias Naur 271d40978e java/com/tailscale/ipn: explicitly allow IPv4 and IPv6 traffic
The VPNService.Builder object blocks traffic to IP families for which no
route, local address, nor DNS are defined. The Tailscale tunnel doesn't
cover all traffic, so both IP families should be kept open.

Updates tailscale/tailscale#453 (maybe fixes it)
Updates tailscale/tailscale#431 (another DNS problem)

Signed-off-by: Elias Naur <mail@eliasnaur.com>
5 years ago
Elias Naur c290ccf388 cmd/tailscale: note that seamless VPN tunnel handover works on Android
But not on ChromeOS, and I haven't found a robust way to detect
ChromeOS.

Signed-off-by: Elias Naur <mail@eliasnaur.com>
5 years ago
Elias Naur 8dbac874eb cmd/tailscale: disable smooth tunnel handovers for ChromeOS
ChromeOS doesn't seem to correctly apply new tunnel settings if
another tunnel is already active. Instead, close any existing
tunnel before creating another.

Updates tailscale/tailscale#431

Signed-off-by: Elias Naur <mail@eliasnaur.com>
5 years ago
Elias Naur 5109987e18 all: initial commit
Signed-off-by: Elias Naur <mail@eliasnaur.com>
5 years ago