tailscale

Commit Graph

Author	SHA1	Message	Date
Adrian Dewhurst	04dd6d1dae	control/controlclient: sign RegisterRequest (#1549 ) control/controlclient: sign RegisterRequest Some customers wish to verify eligibility for devices to join their tailnets using machine identity certificates. TLS client certs could potentially fulfill this role but the initial customer for this feature has technical requirements that prevent their use. Instead, the certificate is loaded from the Windows local machine certificate store and uses its RSA public key to sign the RegisterRequest message. There is room to improve the flexibility of this feature in future and it is currently only tested on Windows (although Darwin theoretically works too), but this offers a reasonable starting place for now. Updates tailscale/coral#6 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>	3 years ago
David Anderson	672731ac6f	many: gofmt. Signed-off-by: David Anderson <danderson@tailscale.com>	3 years ago
David Anderson	6521f02ff6	Move DNS flush logic to net/dns. Signed-off-by: David Anderson <danderson@tailscale.com>	3 years ago
David Anderson	9f7f2af008	wgengine/router/dns: move to net/dns. Preparation for merging the APIs and whatnot. Signed-off-by: David Anderson <danderson@tailscale.com>	3 years ago
David Anderson	8432999835	Move wgengine/tsdns to net/dns. Straight move+fixup, no other changes. In prep for merging with wgengine/router/dns. Signed-off-by: David Anderson <danderson@tailscale.com>	3 years ago
Brad Fitzpatrick	81143b6d9a	ipn/ipnlocal: start of peerapi between nodes Also some necessary refactoring of the ipn/ipnstate too. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	dad10fee9c	Revert "cmd/tailscaled: split package main into main shim + package" This reverts commit `b81bd8025b`. Not needed. See: https://github.com/golang/go/wiki/Modules#how-can-i-track-tool-dependencies-for-a-module	3 years ago
Brad Fitzpatrick	82c4cb765c	cmd/tailscaled: split package main into main shim + package So we can empty import the guts of cmd/tailscaled from another module for go mod tidy reasons. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Josh Bleecher Snyder	28af46fb3b	wgengine: pass logger as a separate arg to device.NewDevice Adapt to minor API changes in wireguard-go. And factor out device.DeviceOptions variables. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	3 years ago
Brad Fitzpatrick	b7f0e39bf2	cmd/tailscale: add "tailscale ip [-4] [-6]" command This adds an easy and portable way for us to document how to get your Tailscale IP address. $ tailscale ip 100.74.70.3 fd7a:115c:a1e0:ab12:4843:cd96:624a:4603 $ tailscale ip -4 100.74.70.3 $ tailscale ip -6 fd7a:115c:a1e0:ab12:4843:cd96:624a:4603 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	2384c112c9	net/packet, wgengine/{filter,tstun}: add TSMP ping Fixes #1467 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Josh Bleecher Snyder	4b77eca2de	wgengine/magicsock: check returned error in addTestEndpoint Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	3 years ago
Josh Bleecher Snyder	79f02de55f	go.sum: add entries for upstream wireguard-go Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	3 years ago
Josh Bleecher Snyder	d31eff8473	tstest/natlab: use net.ErrClosed We are now on 1.16. And wgconn.NetErrClosed has been removed upstream. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	3 years ago
Brad Fitzpatrick	c99f260e40	wgengine/magicsock: prefer IPv6 transport if roughly equivalent latency Fixes #1566 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	e2b3d9aa5f	all: s/Magic DNS/MagicDNS/ for consistency Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	77ec80538a	syncs: add Semaphore Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	9643d8b34d	wgengine/magicsock: add an addrLatency type to combine an IPPort+time.Duration Updates #1566 (but no behavior changes as of this change) Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	96dfeb2d7f	wgengine: log tailscale pings Fixes #1561 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	85138d3183	health: track whether any network interface is up Fixes #1562 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	0994a9f7c4	wgengine{,/magicsock}: fix, improve "tailscale ping" to default routes and subnets e.g. $ tailscale ping 1.1.1.1 exit node found but not enabled $ tailscale ping 10.2.200.2 node "tsbfvlan2" found, but not using its 10.2.200.0/24 route $ sudo tailscale up --accept-routes $ tailscale ping 10.2.200.2 pong from tsbfvlan2 (100.124.196.94) via 10.2.200.34:41641 in 1ms $ tailscale ping mon.ts.tailscale.com pong from monitoring (100.88.178.64) via DERP(sfo) in 83ms pong from monitoring (100.88.178.64) via DERP(sfo) in 21ms pong from monitoring (100.88.178.64) via [2604:a880:4:d1::37:d001]:41641 in 22ms This necessarily moves code up from magicsock to wgengine, so we can look at the actual wireguard config. Fixes #1564 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	7e0d12e7cc	wgengine/magicsock: don't update control if only endpoint order changes Updates #1559 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	1eb95c7e32	net/packet, wgengine{,/filter}: remove net/packet IPProto forwarding consts Only use the ones in types/ipproto now. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	01b90df2fa	net/packet, wgengine/filter: support SCTP Add proto to flowtrack.Tuple. Add types/ipproto leaf package to break a cycle. Server-side ACL work remains. Updates #1516 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	90a6fb7ffe	tailcfg: add FilterRule.IPProto Updates #1516 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	32562a82a9	wgengine/magicsock: annotate a few more disco logs as verbose Fixes #1540 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	0406a7436a	cmd/tailscale/cli: use double hypens, make default usage func more clear Mash up some code from ffcli and std's flag package to make a default usage func that's super explicit for those not familiar with the Go style flags. Only show double hyphens in usage text (but still accept both), and show default values, and only show the proper usage of boolean flags. Fixes #1353 Fixes #1529 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
David Anderson	8c0a0450d9	ipn/ipnlocal: allow client access to exit node's public IPs. "public IP" is defined as an IP address configured on the exit node itself that isn't in the list of forbidden ranges (RFC1918, CGNAT, Tailscale). Fixes #1522. Signed-off-by: David Anderson <danderson@tailscale.com>	3 years ago
Brad Fitzpatrick	0a02aaf813	control, ipn, tailcfg: remove golang.org/x/oauth2 dep, add tailcfg.Oauth2Token golang.org/x/oauth2 pulls in App Engine and grpc module dependencies, screwing up builds that depend on this module. Some background on the problem: https://go.googlesource.com/proposal/+/master/design/36460-lazy-module-loading.md Fixes tailscale/corp#1471 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Aleksandar Pesic	7b57310966	net/interfaces: use windows API to get the default route instead of parsing `route print` output Fixes: #1470 Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>	3 years ago
Brad Fitzpatrick	439d70dce2	cmd/tailscale, ipn/localapi: get daemon version from localapi status Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	d0dffe33c0	cmd/tailscale, ipn/localapi: use localapi for status, not IPN acrobatics Yay simpler code. Tested on Linux, macOS and Windows. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	0c3e9722cc	cmd/tailscale/cli: fix typo in comment Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Christine Dodrill	a480b1baa5	logpolicy: set log target on windows based on a registry key (#1542 ) Signed-off-by: Christine Dodrill <xe@tailscale.com>	3 years ago
Brad Fitzpatrick	c19ed37b0f	wgengine/magicsock: mark some legacy debug log output as verbose Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	cc508be603	control/controlclient: remove redundant Hostinfo log The direct client already logs it in JSON form. Then it's immediately logged again in an unformatted dump, so this removes that unformatted one. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	aa79a57f63	wgengine/netstack: use inet.af/netstack, remove 64-bit only limitation This reverts the revert commit `84aba349d9`. And changes us to use inet.af/netstack. Updates #1518 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	a217078f67	go.mod: update golang.org/x/oauth2 go.sum gets a bit wild, but tolerable. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	ec1b31ea83	go.mod: update golang.org/x/{crypto,sync,sys,term,time} These ones don't have large dependency trees. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	a4fa2c5611	go.mod, go.sum: go mod tidy Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
David Anderson	6fb5d4080c	net/portmapper: silently handle PCP NOT_AUTHORIZED responses. Fixes #1525. Signed-off-by: David Anderson <danderson@tailscale.com>	3 years ago
Brad Fitzpatrick	4145bb7148	tailcfg: bump CurrentMapRequestVersion, forgotten earlier In `f45a9e291b` (2021-03-04), I tried to bump CurrentMapRequestVersion to 12 but only documented the meaning of 12 but forgot to actually increase it from 11. Mapver 11 was added in `ea49b1e811` (2021-03-03). Fix this in its own commit so we can cherry-pick it to the 1.6 release branch.	3 years ago
David Anderson	4543e4202f	VERSION.txt: this is 1.7.0.	3 years ago
David Anderson	6f48a8422a	version: remove version-info.sh when cleaning.	3 years ago
David Anderson	84aba349d9	Revert "wgengine/netstack: update gvisor to remove 64-bit only limitation" Breaks our corp repo due to gRPC dependency hell. This reverts commit `d42f8b7f9a`.	3 years ago
Brad Fitzpatrick	e0f2796b43	wgengine: don't diagnose iOS NWPathMonitor connection probe timeouts Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	0f90586da8	wgengine/monitor: skip more route messages on darwin Should help iOS battery life on NEProvider.wake/skip events with useless route updates that shouldn't cause re-STUNs. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	d5fd373f09	net/interfaces: skip IPv6 link-local interfaces like we do for IPv4 We strip them control-side anyway, and we already strip IPv4 link local, so there's no point uploading them. And iOS has a ton of them, which results in somewhat silly amount of traffic in the MapRequest. We'll be doing same-LAN-inter-tailscaled link-local traffic a different way, with same-LAN discovery. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	469613b4c5	version: bump date Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Brad Fitzpatrick	27c4dd9a97	Revert "cmd/tailscaled, ipn/{ipnlocal,ipnserver}: let netstack get access to LocalBackend" This reverts commit `2bc518dcb2`. @namansood didn't end up needing it in his `770aa71ffb`.	3 years ago

1 2 3 4 5 ...

1973 Commits (04dd6d1daec46c635c4397086a03fe9934f404a0) All Branches Search

1973 Commits (04dd6d1daec46c635c4397086a03fe9934f404a0)

All Branches