tailscale

Commit Graph

Author	SHA1	Message	Date
Jordan Whited	24dd19c9a0	tstest/integration{/testcontrol}: add peer relay integration test (#17103 ) Updates tailscale/corp#30903 Signed-off-by: Jordan Whited <jordan@tailscale.com>	3 months ago
Brad Fitzpatrick	8b48f3847d	net/netmon, wgengine/magicsock: simplify LinkChangeLogLimiter signature Remove the need for the caller to hold on to and call an unregister function. Both two callers (one real, one test) already have a context they can use. Use context.AfterFunc instead. There are no observable side effects from scheduling too late if the goroutine doesn't run sync. Updates #17148 Change-Id: Ie697dae0e797494fa8ef27fbafa193bfe5ceb307 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Alex Chan	5c24f0ed80	wgengine/magicsock: send a valid payload in TestNetworkDownSendErrors This test ostensibly checks whether we record an error metric if a packet is dropped because the network is down, but the network connectivity is irrelevant -- the send error is actually because the arguments to Send() are invalid: RebindingUDPConn.WriteWireGuardBatchTo: [unexpected] offset (0) != Geneve header length (8) This patch changes the test so we try to send a valid packet, and we verify this by sending it once before taking the network down. The new error is: magicsock: network down which is what we're trying to test. We then test sending an invalid payload as a separate test case. Updates tailscale/corp#22075 Signed-off-by: Alex Chan <alexc@tailscale.com>	3 months ago
Jordan Whited	998a667cd5	wgengine/magicsock: don't add DERP addrs to endpointState (#17147 ) endpointState is used for tracking UDP direct connection candidate addresses. If it contains a DERP addr, then direct connection path discovery will always send a wasteful disco ping over it. Additionally, CLI "tailscale ping" via peer relay will race over DERP, leading to a misleading result if pong arrives via DERP first. Disco pongs arriving via DERP never influence path selection. Disco ping/pong via DERP only serves "tailscale ping" reporting. Updates #17121 Signed-off-by: Jordan Whited <jordan@tailscale.com>	3 months ago
Brad Fitzpatrick	09dfd94613	cmd/omitsize: fix the --features flag When you say --features=foo,bar, that was supposed to mean to only show features "foo" and "bar" in the table. But it was also being used as the set of all features that are omittable, which was wrong, leading to misleading numbers when --features was non-empty. Updates #12614 Change-Id: Idad2fa67fb49c39454032e84a3dede967890fdf5 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Aaron Klotz	4bb03609bc	tool/gocross: ensure child process error codes are propagated on non-Unix The Unix implementation of doExec propagates error codes by virtue of the fact that it does an execve; the replacement binary will return the exit code. On non-Unix, we need to simulate these semantics by checking for an ExitError and, when present, passing that value on to os.Exit. We also add error handling to the doExec call for the benefit of handling any errors where doExec fails before being able to execute the desired binary. Updates https://github.com/tailscale/corp/issues/29940 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	3 months ago
Brad Fitzpatrick	6fb316f5ed	feature/buildfeatures: split const bools out of the featuretags package, add Has prefix This renames the package+symbols in the earlier `17ffa80138` to be in their own package ("buildfeatures") and start with the word "Has" like "if buildfeatures.HasFoo {". Updates #12614 Change-Id: I510e5f65993e5b76a0e163e3aa4543755213cbf6 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Patrick O'Doherty	510830ca7a	tailcfg: add HardwareAttestationKey to MapRequest (#17102 ) Extend the client state management to generate a hardware attestation key if none exists. Extend MapRequest with HardwareAttestationKey{,Signature} fields that optionally contain the public component of the hardware attestation key and a signature of the node's node key using it. This will be used by control to associate hardware attesation keys with node identities on a TOFU basis. Updates tailscale/corp#31269 Signed-off-by: Patrick O'Doherty <patrick@tailscale.com>	3 months ago
Brad Fitzpatrick	17ffa80138	feature/featuretags: add auto-generated constants for all modular features So code (in upcoming PRs) can test for the build tags with consts and get dead code elimination from the compiler+linker. Updates #12614 Change-Id: If6160453ffd01b798f09894141e7631a93385941 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Will Norris	082c6a25b0	client/systray: only send clipboard notification on success Fixes #14430 Change-Id: Ia101a4a3005adb9118051b3416f5a64a4a45987d Signed-off-by: Will Norris <will@tailscale.com>	3 months ago
Claus Lensbøl	b816fd7117	control/controlclient: introduce eventbus messages instead of callbacks (#16956 ) This is a small introduction of the eventbus into controlclient that communicates with mainly ipnlocal. While ipnlocal is a complicated part of the codebase, the subscribers here are from the perspective of ipnlocal already called async. Updates #15160 Signed-off-by: Claus Lensbøl <claus@tailscale.com>	3 months ago
David Bond	782c16c513	k8s-operator: reset service status before append (#17120 ) This commit fixes an issue within the service reconciler where we end up in a constant reconciliation loop. When reconciling, the loadbalancer status is appended to but not reset between each reconciliation, leading to an ever growing slice of duplicate statuses. Fixes https://github.com/tailscale/tailscale/issues/17105 Fixes https://github.com/tailscale/tailscale/issues/17107 Signed-off-by: David Bond <davidsbond93@gmail.com>	3 months ago
Brad Fitzpatrick	7d2101f352	cmd/omitsize: add flag to disable the removal table And remove a bogus omit feature from feature/featuretags. Updates #12614 Change-Id: I0a08183fb75c73ae75b6fd4216d134e352dcf5a0 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Brad Fitzpatrick	0cc1b2ff76	cmd/derper: add start of ACE support Updates tailscale/corp#32168 Updates tailscale/corp#32226 Change-Id: Ia46abcaa09dcfd53bf8d4699909537bacf84d57a Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Brad Fitzpatrick	3a49b7464c	all: add ts_omit_tailnetlock as a start of making it build-time modular Updates #17115 Change-Id: I6b083c0db4c4d359e49eb129d626b7f128f0a9d2 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Brad Fitzpatrick	0e3d942e39	feature/featuretags: move list of omit-able features to a Go package Updates #12614 Change-Id: I4012c33095c6a7ccf80ad36dbab5cedbae5b3d47 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
David Bond	cfb2ca724b	tsnet: expose logtail's Logf method (#17057 ) This commit adds a new method to the tsnet.Server type named `Logger` that returns the underlying logtail instance's Logf method. This is intended to be used within the Kubernetes operator to wrap its existing logger in a way such that operator specific logs can also be sent to control for support & debugging purposes. Updates https://github.com/tailscale/corp/issues/32037 Signed-off-by: David Bond <davidsbond93@gmail.com>	3 months ago
Brad Fitzpatrick	a1dcf12b67	feature/drive: start factoring out Taildrive, add ts_omit_drive build tag As of this commit (per the issue), the Taildrive code remains where it was, but in new files that are protected by the new ts_omit_drive build tag. Future commits will move it. Updates #17058 Change-Id: Idf0a51db59e41ae8da6ea2b11d238aefc48b219e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Brad Fitzpatrick	82c5024f03	net/netns: fix controlLogf doc Its doc said its signature matched a std signature, but it used Tailscale-specific types. Nowadays it's the caller (func control) that curries the logf/netmon and returns the std-matching signature. Updates #cleanup (while answering a question on Slack) Change-Id: Ic99de41fc6a1c720575a7f33c564d0bcfd9a2c30 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Brad Fitzpatrick	921d77062e	cmd/omitsize: add tool to dump build sizes Updates #12614 Change-Id: I8f85d7275bc8eecedbabe6631b50e1cf70791d2d Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Will Hannah	1be9c6b23e	VERSION.txt: this is v1.89.0 (#17099 ) Signed-off-by: Will Hannah <willh@tailscale.com>	3 months ago
Will Hannah	49aa798d18	VERSION.txt: this is v1.88.0 (#17098 ) Signed-off-by: Will Hannah <willh@tailscale.com>	3 months ago
Jordan Whited	fb9d9ba86e	wgengine/magicsock: add TS_DEBUG_NEVER_DIRECT_UDP debug knob (#17094 ) Updates tailscale/corp#30903 Signed-off-by: Jordan Whited <jordan@tailscale.com>	3 months ago
Jordan Whited	32bfd72752	tstest/integration/testcontrol: propagate CapVer (#17093 ) To support integration testing of client features that rely on it, e.g. peer relay. Updates tailscale/corp#30903 Signed-off-by: Jordan Whited <jordan@tailscale.com>	3 months ago
Jordan Whited	6feb6f3c75	wgengine/magicsock: add relayManager event logs (#17091 ) These are gated behind magicsock component debug logging. Updates tailscale/corp#30818 Signed-off-by: Jordan Whited <jordan@tailscale.com>	3 months ago
Tom Proctor	1ec3d20d10	cmd/k8s-operator: simplify scope of e2e tests (#17076 ) Removes ACL edits from e2e tests in favour of trying to simplify the tests and separate the actual test logic from the environment setup logic as much as possible. Also aims to fit in with the requirements that will generally be filled anyway for most devs working on the operator; in particular using tags that fit in with our documentation. Updates tailscale/corp#32085 Change-Id: I7659246e39ec0b7bcc4ec0a00c6310f25fe6fac2 Signed-off-by: Tom Proctor <tomhjp@users.noreply.github.com>	3 months ago
Jordan Whited	2d9d869d3d	wgengine/magicsock: fix debug disco printing of alloc resp disco keys (#17087 ) Updates tailscale/corp#30818 Signed-off-by: Jordan Whited <jordan@tailscale.com>	3 months ago
Jordan Whited	09bfee2e06	disco: add missing message types to MessageSummary (#17081 ) Updates tailscale/corp#30818 Signed-off-by: Jordan Whited <jordan@tailscale.com>	3 months ago
nikiUppal-TS	88d7db33da	cmd/tailscale: use tailnet display name on cli (#17079 ) Updates cli to use tailnet display name Updates tailscale/corp#32108 Signed-off-by: nikiUppal-TS <nikita@tailscale.com>	3 months ago
Nick O'Neill	77250a301a	ipn/ipnlocal, types: plumb tailnet display name cap through to network profile (#17045 ) Updates tailscale/corp#30456 Signed-off-by: Nick O'Neill <nick@tailscale.com>	3 months ago
Brad Fitzpatrick	f1ded84454	cmd/tailscaled: add disabled debug file to force reflect for binary size experiments This adds a file that's not compiled by default that exists just to make it easier to do binary size checks, probing what a binary would be like if it included reflect methods (as used by html/template, etc). As an example, once tailscaled uses reflect.Type.MethodByName(non-const-string) anywhere, the build jumps up by 14.5 MB: $ GOOS=linux GOARCH=amd64 ./tool/go build -tags=ts_include_cli,ts_omit_webclient,ts_omit_systray,ts_omit_debugeventbus -o before ./cmd/tailscaled $ GOOS=linux GOARCH=amd64 ./tool/go build -tags=ts_include_cli,ts_omit_webclient,ts_omit_systray,ts_omit_debugeventbus,ts_debug_forcereflect -o after ./cmd/tailscaled $ ls -l before after -rwxr-xr-x@ 1 bradfitz staff 41011861 Sep 9 07:28 before -rwxr-xr-x@ 1 bradfitz staff 55610948 Sep 9 07:29 after This is particularly pronounced with large deps like the AWS SDK. If you compare using ts_omit_aws: -rwxr-xr-x@ 1 bradfitz staff 38284771 Sep 9 07:40 no-aws-no-reflect -rwxr-xr-x@ 1 bradfitz staff 45546491 Sep 9 07:41 no-aws-with-reflect That means adding AWS to a non-reflect binary adds 2.7 MB but adding AWS to a reflect binary adds 10 MB. Updates #17063 Updates #12614 Change-Id: I18e9b77c9cf33565ce5bba65ac5584fa9433f7fb Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Alex Chan	f4ae81e015	tsnet: remove APIClient() which is deprecated and now unused (#17073 ) Updates tailscale/corp#22748 Signed-off-by: Alex Chan <alexc@tailscale.com>	3 months ago
Brad Fitzpatrick	3e4b0c1516	cmd/tailscale, ipn/ipnlocal: add ts_omit_webclient Fixes #17063 Updates #12614 Change-Id: I0a189f6a4d1c4558351e3195839867725774fa96 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Brad Fitzpatrick	ffc82ad820	util/eventbus: add ts_omit_debugeventbus Updates #17063 Change-Id: Ibc98dd2088f82c829effa71f72f3e2a5abda5038 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Brad Fitzpatrick	6f9f190f4d	go.toolchain.rev: bump to Go 1.25.1 Updates #17064 Change-Id: Ibbca837e0921fe9f82fc931dde8bb51b017e4e48 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
License Updater	2da52dce7a	licenses: update license notices Signed-off-by: License Updater <noreply+license-updater@tailscale.com>	3 months ago
Alex Chan	71cb6d4cbd	cmd/tailscale/cli, derp: use client/local instead of deprecated client/tailscale (#17061 ) * cmd/tailscale/cli: use client/local instead of deprecated client/tailscale Updates tailscale/corp#22748 Signed-off-by: Alex Chan <alexc@tailscale.com> * derp: use client/local instead of deprecated client/tailscale Updates tailscale/corp#22748 Signed-off-by: Alex Chan <alexc@tailscale.com> --------- Signed-off-by: Alex Chan <alexc@tailscale.com>	3 months ago
Brad Fitzpatrick	1cb855fb36	util/expvarx: deflake TestSafeFuncHappyPath with synctest I probably could've deflaked this without synctest, but might as well use it now that Go 1.25 has it. Fixes #15348 Change-Id: I81c9253fcb7eada079f3e943ab5f1e29ba8e8e31 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Alex Chan	14adf5b717	utils/expvarx, tstest/integration: mark two tests as known flaky (#17052 ) * utils/expvarx: mark TestSafeFuncHappyPath as known flaky Updates #15348 Signed-off-by: Alex Chan <alexc@tailscale.com> * tstest/integration: mark TestCollectPanic as known flaky Updates #15865 Signed-off-by: Alex Chan <alexc@tailscale.com> --------- Signed-off-by: Alex Chan <alexc@tailscale.com>	3 months ago
Alex Chan	ff8900583c	cmd/tailscale/cli: fix the spelling of "routes" (#17039 ) Updates #cleanup Signed-off-by: Alex Chan <alexc@tailscale.com>	3 months ago
Anton Tolchanov	ed6aa50bd5	prober: include current probe results in run-probe text response It was a bit confusing that provided history did not include the current probe results. Updates tailscale/corp#20583 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	3 months ago
James Tucker	a29545e9cc	wgengine/magicsock: log the peer failing disco writes are intended for Updates tailscale/corp#31762 Signed-off-by: James Tucker <james@tailscale.com>	3 months ago
Mike O'Driscoll	23297da10d	cmd/tailscale/cli: add new line for set --webclient (#17043 ) Fixes #17042 Signed-off-by: Mike O'Driscoll <mikeo@tailscale.com>	3 months ago
James Sanderson	046b8830c7	ipn/ipnlocal: add state change test for key expiry Updates tailscale/corp#31478 Signed-off-by: James Sanderson <jsanderson@tailscale.com>	3 months ago
Brad Fitzpatrick	46369f06af	util/syspolicy/policyclient: always use no-op policyclient in tests by default We should never use the real syspolicy implementation in tests by default. (the machine's configuration shouldn't affect tests) You either specify a test policy, or you get a no-op one. Updates #16998 Change-Id: I3350d392aad11573a5ad7caab919bb3bbaecb225 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
Brad Fitzpatrick	b034f7cca9	ipn/ipnlocal, util/syspolicy: convert last RegisterWellKnownSettingsForTest caller, remove Updates #16998 Change-Id: I735d75129a97a929092e9075107e41cdade18944 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
David Bond	624cdd2961	cmd/containerboot: do not reset state on non-existant secret (#17021 ) This commit modifies containerboot's state reset process to handle the state secret not existing. During other parts of the boot process we gracefully handle the state secret not being created yet, but missed that check within `resetContainerbootState` Fixes https://github.com/tailscale/tailscale/issues/16804 Signed-off-by: David Bond <davidsbond93@gmail.com>	3 months ago
Brad Fitzpatrick	d8ac539bf9	util/syspolicy: remove handler, other dead code Fixes #17022 Change-Id: I6a0f6488ae3ea75c5844dfcba68e1e8024e930be Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 months ago
David Bond	04f00339b6	cmd/k8s-operator: update connector example (#17020 ) This commit modifies the connector example to use the new hostname prefix and replicas fields Signed-off-by: David Bond <davidsbond93@gmail.com>	3 months ago
Jonathan Nobels	a2f2ac6ba1	ipn/local: fix deadlock in initial suggested exit node query (#17025 ) updates tailscale/corp#26369 b.mu is locked here. We need to use suggestExitNodeLocked. Signed-off-by: Jonathan Nobels <jonathan@tailscale.com>	3 months ago

1 2 3 4 5 ...

9524 Commits (24dd19c9a01235363f20b762fbf3b83a7d488313) All Branches Search

9524 Commits (24dd19c9a01235363f20b762fbf3b83a7d488313)

All Branches