From 105c5453661f75ca3e80fcd6fc11778d8a1e68d9 Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Mon, 29 Nov 2021 10:57:21 -0800 Subject: [PATCH] cmd/tailscale/cli: don't complain about --accept-routes true->false on Synology Fixes #3176 Change-Id: I844883e741dccfa5e7771c853180e9f65fb7f7a4 Signed-off-by: Brad Fitzpatrick --- cmd/tailscale/cli/cli_test.go | 35 +++++++++++++++++++++++++++++++++++ cmd/tailscale/cli/up.go | 6 ++++++ 2 files changed, 41 insertions(+) diff --git a/cmd/tailscale/cli/cli_test.go b/cmd/tailscale/cli/cli_test.go index 1af9cc3b1..867ff9a6f 100644 --- a/cmd/tailscale/cli/cli_test.go +++ b/cmd/tailscale/cli/cli_test.go @@ -20,6 +20,7 @@ import ( "tailscale.com/tstest" "tailscale.com/types/persist" "tailscale.com/types/preftype" + "tailscale.com/version/distro" ) // geese is a collection of gooses. It need not be complete. @@ -57,6 +58,7 @@ func TestCheckForAccidentalSettingReverts(t *testing.T) { curExitNodeIP netaddr.IP curUser string // os.Getenv("USER") on the client side goos string // empty means "linux" + distro distro.Distro want string }{ @@ -427,6 +429,38 @@ func TestCheckForAccidentalSettingReverts(t *testing.T) { }, want: accidentalUpPrefix + " --netfilter-mode=off --accept-dns=false", }, + { + // Issue 3176: on Synology, don't require --accept-routes=false because user + // migth've had old an install, and we don't support --accept-routes anyway. + name: "synology_permit_omit_accept_routes", + flags: []string{"--hostname=foo"}, + curPrefs: &ipn.Prefs{ + ControlURL: "https://login.tailscale.com", + CorpDNS: true, + AllowSingleHosts: true, + RouteAll: true, + NetfilterMode: preftype.NetfilterOn, + }, + goos: "linux", + distro: distro.Synology, + want: "", + }, + { + // Same test case as "synology_permit_omit_accept_routes" above, but + // on non-Synology distro. + name: "not_synology_dont_permit_omit_accept_routes", + flags: []string{"--hostname=foo"}, + curPrefs: &ipn.Prefs{ + ControlURL: "https://login.tailscale.com", + CorpDNS: true, + AllowSingleHosts: true, + RouteAll: true, + NetfilterMode: preftype.NetfilterOn, + }, + goos: "linux", + distro: "", // not Synology + want: accidentalUpPrefix + " --hostname=foo --accept-routes", + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { @@ -447,6 +481,7 @@ func TestCheckForAccidentalSettingReverts(t *testing.T) { goos: goos, flagSet: flagSet, curExitNodeIP: tt.curExitNodeIP, + distro: tt.distro, }); err != nil { got = err.Error() } diff --git a/cmd/tailscale/cli/up.go b/cmd/tailscale/cli/up.go index ed0dbfce0..5d2916f27 100644 --- a/cmd/tailscale/cli/up.go +++ b/cmd/tailscale/cli/up.go @@ -380,6 +380,7 @@ func runUp(ctx context.Context, args []string) error { env := upCheckEnv{ goos: effectiveGOOS(), + distro: distro.Get(), user: os.Getenv("USER"), flagSet: upFlagSet, upArgs: upArgs, @@ -622,6 +623,7 @@ type upCheckEnv struct { upArgs upArgsT backendState string curExitNodeIP netaddr.IP + distro distro.Distro } // checkForAccidentalSettingReverts (the "up checker") checks for @@ -672,6 +674,10 @@ func checkForAccidentalSettingReverts(newPrefs, curPrefs *ipn.Prefs, env upCheck if flagName == "login-server" && ipn.IsLoginServerSynonym(valCur) && ipn.IsLoginServerSynonym(valNew) { continue } + if flagName == "accept-routes" && valNew == false && env.goos == "linux" && env.distro == distro.Synology { + // Issue 3176. Old prefs had 'RouteAll: true' on disk, so ignore that. + continue + } missing = append(missing, fmtFlagValueArg(flagName, valCur)) } if len(missing) == 0 {