archive
/
tailscale
mirror of https://github.com/tailscale/tailscale/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

all: use buildfeature constants in a few more places

Browse Source 
Saves 21 KB.

Updates #12614

Change-Id: I0cd3e735937b0f5c0fcc9f09a24476b1c4ac9a15
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
bradfitz/evsub
Brad Fitzpatrick 2 months ago committed by Brad Fitzpatrick
parent 59a39841c3
commit f42be719de
5 changed files with 63 additions and 29 deletions
Show Stats Download Patch File Download Diff File

2
cmd/stund/depaware.txt
Unescape Escape View File

@ -51,7 +51,7 @@ tailscale.com/cmd/stund dependencies: (generated by github.com/tailscale/depawar
tailscale.com from tailscale.com/version tailscale.com from tailscale.com/version
tailscale.com/envknob from tailscale.com/tsweb+ tailscale.com/envknob from tailscale.com/tsweb+
tailscale.com/feature from tailscale.com/tsweb tailscale.com/feature from tailscale.com/tsweb
tailscale.com/feature/buildfeatures from tailscale.com/feature tailscale.com/feature/buildfeatures from tailscale.com/feature+
tailscale.com/kube/kubetypes from tailscale.com/envknob tailscale.com/kube/kubetypes from tailscale.com/envknob
tailscale.com/metrics from tailscale.com/net/stunserver+ tailscale.com/metrics from tailscale.com/net/stunserver+
tailscale.com/net/netaddr from tailscale.com/net/tsaddr tailscale.com/net/netaddr from tailscale.com/net/tsaddr

18
envknob/envknob.go
Unescape Escape View File

@ -32,6 +32,7 @@ import (
"sync/atomic" "sync/atomic"
"time" "time"
"tailscale.com/feature/buildfeatures"
"tailscale.com/kube/kubetypes" "tailscale.com/kube/kubetypes"
"tailscale.com/types/opt" "tailscale.com/types/opt"
"tailscale.com/version" "tailscale.com/version"
@ -463,7 +464,12 @@ var allowRemoteUpdate = RegisterBool("TS_ALLOW_ADMIN_CONSOLE_REMOTE_UPDATE")
// AllowsRemoteUpdate reports whether this node has opted-in to letting the // AllowsRemoteUpdate reports whether this node has opted-in to letting the
// Tailscale control plane initiate a Tailscale update (e.g. on behalf of an // Tailscale control plane initiate a Tailscale update (e.g. on behalf of an
// admin on the admin console). // admin on the admin console).
func AllowsRemoteUpdate() bool { return allowRemoteUpdate() } func AllowsRemoteUpdate() bool {
if !buildfeatures.HasClientUpdate {
return false
}
return allowRemoteUpdate()
}
// SetNoLogsNoSupport enables no-logs-no-support mode. // SetNoLogsNoSupport enables no-logs-no-support mode.
func SetNoLogsNoSupport() { func SetNoLogsNoSupport() {
@ -474,6 +480,9 @@ func SetNoLogsNoSupport() {
var notInInit atomic.Bool var notInInit atomic.Bool
func assertNotInInit() { func assertNotInInit() {
if !buildfeatures.HasDebug {
return
}
if notInInit.Load() { if notInInit.Load() {
return return
} }
@ -533,6 +542,11 @@ func ApplyDiskConfigError() error { return applyDiskConfigErr }
// for App Store builds // for App Store builds
// - /etc/tailscale/tailscaled-env.txt for tailscaled-on-macOS (homebrew, etc) // - /etc/tailscale/tailscaled-env.txt for tailscaled-on-macOS (homebrew, etc)
func ApplyDiskConfig() (err error) { func ApplyDiskConfig() (err error) {
if runtime.GOOS == "linux" && !(buildfeatures.HasDebug || buildfeatures.HasSynology) {
// This function does nothing on Linux, unless you're
// using TS_DEBUG_ENV_FILE or are on Synology.
return nil
}
var f *os.File var f *os.File
defer func() { defer func() {
if err != nil { if err != nil {
@ -593,7 +607,7 @@ func getPlatformEnvFiles() []string {
filepath.Join(os.Getenv("ProgramData"), "Tailscale", "tailscaled-env.txt"), filepath.Join(os.Getenv("ProgramData"), "Tailscale", "tailscaled-env.txt"),
} }
case "linux": case "linux":
if distro.Get() == distro.Synology { if buildfeatures.HasSynology && distro.Get() == distro.Synology {
return []string{"/etc/tailscale/tailscaled-env.txt"} return []string{"/etc/tailscale/tailscaled-env.txt"}
} }
case "darwin": case "darwin":

8
ipn/ipnauth/ipnauth.go
Unescape Escape View File

@ -15,6 +15,7 @@ import (
"strconv" "strconv"
"tailscale.com/envknob" "tailscale.com/envknob"
"tailscale.com/feature/buildfeatures"
"tailscale.com/ipn" "tailscale.com/ipn"
"tailscale.com/safesocket" "tailscale.com/safesocket"
"tailscale.com/types/logger" "tailscale.com/types/logger"
@ -77,6 +78,13 @@ type ConnIdentity struct {
// It's suitable for passing to LookupUserFromID (os/user.LookupId) on any // It's suitable for passing to LookupUserFromID (os/user.LookupId) on any
// operating system. // operating system.
func (ci *ConnIdentity) WindowsUserID() ipn.WindowsUserID { func (ci *ConnIdentity) WindowsUserID() ipn.WindowsUserID {
if !buildfeatures.HasDebug && runtime.GOOS != "windows" {
// This function is only implemented on non-Windows for simulating
// Windows in tests. But that test (per comments below) is broken
// anyway. So disable this testing path in non-debug builds
// and just do the thing that optimizes away.
return ""
}
if envknob.GOOS() != "windows" { if envknob.GOOS() != "windows" {
return "" return ""
} }

4
ipn/ipnauth/policy.go
Unescape Escape View File

@ -8,6 +8,7 @@ import (
"fmt" "fmt"
"tailscale.com/client/tailscale/apitype" "tailscale.com/client/tailscale/apitype"
"tailscale.com/feature/buildfeatures"
"tailscale.com/ipn" "tailscale.com/ipn"
"tailscale.com/tailcfg" "tailscale.com/tailcfg"
"tailscale.com/util/syspolicy/pkey" "tailscale.com/util/syspolicy/pkey"
@ -51,6 +52,9 @@ func (a actorWithPolicyChecks) CheckProfileAccess(profile ipn.LoginProfileView,
// TODO(nickkhyl): unexport it when we move [ipn.Actor] implementations from [ipnserver] // TODO(nickkhyl): unexport it when we move [ipn.Actor] implementations from [ipnserver]
// and corp to this package. // and corp to this package.
func CheckDisconnectPolicy(actor Actor, profile ipn.LoginProfileView, reason string, auditFn AuditLogFunc) error { func CheckDisconnectPolicy(actor Actor, profile ipn.LoginProfileView, reason string, auditFn AuditLogFunc) error {
if !buildfeatures.HasSystemPolicy {
return nil
}
if alwaysOn, _ := policyclient.Get().GetBoolean(pkey.AlwaysOn, false); !alwaysOn { if alwaysOn, _ := policyclient.Get().GetBoolean(pkey.AlwaysOn, false); !alwaysOn {
return nil return nil
} }

60
ipn/ipnlocal/local.go
Unescape Escape View File

@ -1135,7 +1135,7 @@ func (b *LocalBackend) Shutdown() {
} }
func (b *LocalBackend) awaitNoGoroutinesInTest() { func (b *LocalBackend) awaitNoGoroutinesInTest() {
if !testenv.InTest() { if !buildfeatures.HasDebug || !testenv.InTest() {
return return
} }
ctx, cancel := context.WithTimeout(context.Background(), 8*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 8*time.Second)
@ -1836,6 +1836,9 @@ var preferencePolicies = []preferencePolicyInfo{
// //
// b.mu must be held. // b.mu must be held.
func (b *LocalBackend) applySysPolicyLocked(prefs *ipn.Prefs) (anyChange bool) { func (b *LocalBackend) applySysPolicyLocked(prefs *ipn.Prefs) (anyChange bool) {
if !buildfeatures.HasSystemPolicy {
return false
}
if controlURL, err := b.polc.GetString(pkey.ControlURL, prefs.ControlURL); err == nil && prefs.ControlURL != controlURL { if controlURL, err := b.polc.GetString(pkey.ControlURL, prefs.ControlURL); err == nil && prefs.ControlURL != controlURL {
prefs.ControlURL = controlURL prefs.ControlURL = controlURL
anyChange = true anyChange = true
@ -5328,7 +5331,7 @@ func (b *LocalBackend) routerConfig(cfg *wgcfg.Config, prefs ipn.PrefsView, oneC
NetfilterKind: netfilterKind, NetfilterKind: netfilterKind,
} }
if distro.Get() == distro.Synology { if buildfeatures.HasSynology && distro.Get() == distro.Synology {
// Issue 1995: we don't use iptables on Synology. // Issue 1995: we don't use iptables on Synology.
rs.NetfilterMode = preftype.NetfilterOff rs.NetfilterMode = preftype.NetfilterOff
} }
@ -5339,7 +5342,7 @@ func (b *LocalBackend) routerConfig(cfg *wgcfg.Config, prefs ipn.PrefsView, oneC
// likely to break some functionality, but if the user expressed a // likely to break some functionality, but if the user expressed a
// preference for routing remotely, we want to avoid leaking // preference for routing remotely, we want to avoid leaking
// traffic at the expense of functionality. // traffic at the expense of functionality.
if prefs.ExitNodeID() != "" || prefs.ExitNodeIP().IsValid() { if buildfeatures.HasUseExitNode && (prefs.ExitNodeID() != "" || prefs.ExitNodeIP().IsValid()) {
var default4, default6 bool var default4, default6 bool
for _, route := range rs.Routes { for _, route := range rs.Routes {
switch route { switch route {
@ -5411,7 +5414,7 @@ func (b *LocalBackend) applyPrefsToHostinfoLocked(hi *tailcfg.Hostinfo, prefs ip
hi.RoutableIPs = prefs.AdvertiseRoutes().AsSlice() hi.RoutableIPs = prefs.AdvertiseRoutes().AsSlice()
hi.RequestTags = prefs.AdvertiseTags().AsSlice() hi.RequestTags = prefs.AdvertiseTags().AsSlice()
hi.ShieldsUp = prefs.ShieldsUp() hi.ShieldsUp = prefs.ShieldsUp()
hi.AllowsUpdate = envknob.AllowsRemoteUpdate() || prefs.AutoUpdate().Apply.EqualBool(true) hi.AllowsUpdate = buildfeatures.HasClientUpdate && (envknob.AllowsRemoteUpdate() || prefs.AutoUpdate().Apply.EqualBool(true))
b.metrics.advertisedRoutes.Set(float64(tsaddr.WithoutExitRoute(prefs.AdvertiseRoutes()).Len())) b.metrics.advertisedRoutes.Set(float64(tsaddr.WithoutExitRoute(prefs.AdvertiseRoutes()).Len()))
@ -6076,18 +6079,22 @@ func (b *LocalBackend) setNetMapLocked(nm *netmap.NetworkMap) {
b.health.SetControlHealth(nil) b.health.SetControlHealth(nil)
} }
if nm.HasCap(tailcfg.NodeAttrLinuxMustUseIPTables) { if runtime.GOOS == "linux" && buildfeatures.HasOSRouter {
b.capForcedNetfilter = "iptables" if nm.HasCap(tailcfg.NodeAttrLinuxMustUseIPTables) {
} else if nm.HasCap(tailcfg.NodeAttrLinuxMustUseNfTables) { b.capForcedNetfilter = "iptables"
b.capForcedNetfilter = "nftables" } else if nm.HasCap(tailcfg.NodeAttrLinuxMustUseNfTables) {
} else { b.capForcedNetfilter = "nftables"
b.capForcedNetfilter = "" // empty string means client can auto-detect } else {
b.capForcedNetfilter = "" // empty string means client can auto-detect
}
} }
b.MagicConn().SetSilentDisco(b.ControlKnobs().SilentDisco.Load()) b.MagicConn().SetSilentDisco(b.ControlKnobs().SilentDisco.Load())
b.MagicConn().SetProbeUDPLifetime(b.ControlKnobs().ProbeUDPLifetime.Load()) b.MagicConn().SetProbeUDPLifetime(b.ControlKnobs().ProbeUDPLifetime.Load())
b.setDebugLogsByCapabilityLocked(nm) if buildfeatures.HasDebug {
b.setDebugLogsByCapabilityLocked(nm)
}
// See the netns package for documentation on what this capability does. // See the netns package for documentation on what this capability does.
netns.SetBindToInterfaceByRoute(nm.HasCap(tailcfg.CapabilityBindToInterfaceByRoute)) netns.SetBindToInterfaceByRoute(nm.HasCap(tailcfg.CapabilityBindToInterfaceByRoute))
@ -6104,25 +6111,26 @@ func (b *LocalBackend) setNetMapLocked(nm *netmap.NetworkMap) {
} }
} }
if nm == nil { if buildfeatures.HasAdvertiseRoutes {
// If there is no netmap, the client is going into a "turned off" if nm == nil {
// state so reset the metrics. // If there is no netmap, the client is going into a "turned off"
b.metrics.approvedRoutes.Set(0) // state so reset the metrics.
return b.metrics.approvedRoutes.Set(0)
} } else if nm.SelfNode.Valid() {
var approved float64
if nm.SelfNode.Valid() { for _, route := range nm.SelfNode.AllowedIPs().All() {
var approved float64 if !views.SliceContains(nm.SelfNode.Addresses(), route) && !tsaddr.IsExitRoute(route) {
for _, route := range nm.SelfNode.AllowedIPs().All() { approved++
if !views.SliceContains(nm.SelfNode.Addresses(), route) && !tsaddr.IsExitRoute(route) { }
approved++
} }
b.metrics.approvedRoutes.Set(approved)
} }
b.metrics.approvedRoutes.Set(approved)
} }
if f, ok := hookSetNetMapLockedDrive.GetOk(); ok { if buildfeatures.HasDrive && nm != nil {
f(b, nm) if f, ok := hookSetNetMapLockedDrive.GetOk(); ok {
f(b, nm)
}
} }
} }

Write Preview
Loading…
Cancel
Save