tailscale

Commit Graph

Author	SHA1	Message	Date
Avery Pennarun	f99f6608ff	Reverse earlier "allow tag without 'tag:' prefix" changes. These accidentally make the tag syntax more flexible than was intended, which will create forward compatibility problems later. Let's go back to the old stricter parser. Revert "cmd/tailscale/cli: fix double tag: prefix in tailscale up" Revert "cmd/tailscale/cli, tailcfg: allow tag without "tag:" prefix in 'tailscale up'" This reverts commit `a702921620`. This reverts commit `cd07437ade`. Affects #861. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
David Anderson	7988f75b87	tailscaled.service: also cleanup prior to starting. Fixes #813. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
David Anderson	427bf2134f	net/packet: rename from wgengine/packet. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
David Anderson	ebd96bf4a9	wgengine/router/dns: use OpenKeyWait to set DNS configuration. Fixes tailscale/corp#839. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	696e160cfc	cmd/tailscale/cli: fix double tag: prefix in tailscale up Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	01ee638cca	Change some os.IsNotExist to errors.Is(err, os.ErrNotExist) for non-os errors. os.IsNotExist doesn't unwrap errors. errors.Is does. The ioutil.ReadFile ones happened to be fine but I changed them so we're consistent with the rule: if the error comes from os, you can use os.IsNotExist, but from any other package, use errors.Is. (errors.Is always would also work, but not worth updating all the code) The motivation here was that we were logging about failure to migrate legacy relay node prefs file on startup, even though the code tried to avoid that. See golang/go#41122	4 years ago
Brad Fitzpatrick	7e1a146e6c	cmd/tailscaled: update depaware.txt	4 years ago
David Anderson	54e6c3a290	version: use OSS repo's version when building. When building with redo, also include the git commit hash from the proprietary repo, so that we have a precise commit that identifies all build info (including Go toolchain version). Add a top-level build script demonstrating to downstream distros how to burn the right information into builds. Adjust `tailscale version` to print commit hashes when available. Fixes #841. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	cd07437ade	cmd/tailscale/cli, tailcfg: allow tag without "tag:" prefix in 'tailscale up' Fixes #861	4 years ago
Brad Fitzpatrick	7c8ca28c74	ipn: use cmd/cloner for Prefs.Clone Also, make cmd/cloner's top-level "func Clone" generation opt-in. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	86c271caba	types/logger: move RusagePrefixLog to logger package, disable by default The RusagePrefixLog is rarely useful, hasn't been useful in a long time, is rarely the measurement we need, and is pretty spammy (and syscall-heavy). Disable it by default. We can enable it when we're debugging memory.	4 years ago
Alex Brainman	f2ce64f0c6	wgengine/router: unfork winipcfg-go package, use upstream Use golang.zx2c4.com/wireguard/windows/tunnel/winipcfg instead of github.com/tailscale/winipcfg-go package. Updates #760 Signed-off-by: Alex Brainman <alex.brainman@gmail.com>	4 years ago
Brad Fitzpatrick	515866d7c6	ipn, ipnserver, cmd/tailscale: add "server mode" support on Windows This partially (but not yet fully) migrates Windows to tailscaled's StateStore storage system. This adds a new bool Pref, ForceDaemon, defined as: // ForceDaemon specifies whether a platform that normally // operates in "client mode" (that is, requires an active user // logged in with the GUI app running) should keep running after the // GUI ends and/or the user logs out. // // The only current applicable platform is Windows. This // forced Windows to go into "server mode" where Tailscale is // running even with no users logged in. This might also be // used for macOS in the future. This setting has no effect // for Linux/etc, which always operate in daemon mode. Then, when ForceDaemon becomes true, we now write use the StateStore to track which user started it in server mode, and store their prefs under that key. The ipnserver validates the connections/identities and informs that LocalBackend which userid is currently in charge. The GUI can then enable/disable server mode at runtime, without using the CLI. But the "tailscale up" CLI was also fixed, so Windows users can use authkeys or ACL tags, etc. Updates #275	4 years ago
Josh Bleecher Snyder	a5103a4cae	all: upgrade to latest version of depaware	4 years ago
Josh Bleecher Snyder	38dda1ea9e	all: update depaware.txt Broken by `8051ecff55`. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Brad Fitzpatrick	90b7293b3b	ipn: add/move some constants, update a comment And make the StateStore implementations be Stringers, for error messages.	4 years ago
Brad Fitzpatrick	8b94a769be	cmd/tailscaled: use the standard flag page instead of getopt Per discussion with @crawshaw. The CLI tool already used std flag anyway. If either of them, it would've made more sense for the CLI to use getopt.	4 years ago
Josh Bleecher Snyder	6e8328cba5	wgengine/tsdns: replace connections when net link changes (macOS) When the network link changes, existing UDP sockets fail immediately and permanently on macOS. The forwarder set up a single UDP conn and never changed it. As a result, any time there was a network link change, all forwarded DNS queries failed. To fix this, create a new connection when send requests fail because of network unreachability. This change is darwin-only, although extended it to other platforms should be straightforward. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Brad Fitzpatrick	3528d28ed1	wgengine/router: move Tailscale's winipcfg additions into wgengine/router Part of unforking our winipcfg-go and using upstream (#760), move our additions into our repo. (We might upstream them later if upstream has interest) Originally these were: @apenwarr: "Add ifc.SyncAddresses() and SyncRoutes()." `609dcf2df5` @bradfitz: "winipcfg: make Interface.AddRoutes do as much as possible, return combined error" `e9f93d53f3` @bradfitz: "prevent unnecessary Interface.SyncAddresses work; normalize IPNets in deltaNets" `decb9ee8e1`	4 years ago
Brad Fitzpatrick	3bdcfa7193	ipn: remove DisableDERP pref We depend on DERP for NAT traversal now[0] so disabling it entirely can't work. What we'll do instead in the future is let people specify alternate/additional DERP servers. And perhaps in the future we could also add a pref for nodes to say when they expect to never need/want to use DERP for data (but allow it for NAT traversal communication). But this isn't the right pref and it doesn't work, so delete it. Fixes #318 [0] https://tailscale.com/blog/how-nat-traversal-works/	4 years ago
Christina Wen	f0e9dcdc0a	wgengine/router: restore /etc/resolv.conf after tailscale down is called This change is to restore /etc/resolv.conf after tailscale down is called. This is done by setting the dns.Manager before errors occur. Error collection is also added. Fixes #723	4 years ago
Josh Bleecher Snyder	7f97cf654d	cmd/microproxy: add -insecure flag This makes it easier to run microproxy locally during development. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Josh Bleecher Snyder	3fa863e6d9	cmd/derper: add missing html.EscapeString calls in /debug page Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Brad Fitzpatrick	931bcd44cb	control/controlclient: report Synology "distro" + its version to control	4 years ago
David Anderson	8f5b52e571	net/netns: add windows support. Also remove rebinding logic from the windows router. Magicsock will instead rebind based on link change signals. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	4f7751e025	Update depaware for previous ipnserver change.	4 years ago
Brad Fitzpatrick	a084c44afc	wgengine, wgengine/router, cmd/tailscale: force netfilter mode off on Synology For now. Get it working again so it's not stuck on 0.98. Subnet relay can come later. Updates #451 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	8b60936913	depaware: update deps	4 years ago
Brad Fitzpatrick	22ed3c503e	Add depaware.txt files and GitHub checks. (#745 ) See https://github.com/tailscale/depaware Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Josh Bleecher Snyder	7bd89359c9	cmd/cloner: generate a package-level Clone function This Clone function knows how to clone any types for which it has generated Clone methods. This allows callers to efficiently clone an inbound interface{} that might contain one of these types. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Josh Bleecher Snyder	99d223130c	cmd/cloner: fix found type detection This was causing any type to be reported as found, as long as there were any type decls at all. Oops. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Josh Bleecher Snyder	2352690bde	cmd/cloner: ensure cloner gets re-run when structs change If you change a struct and don't re-run cloner, your Cloner method might be inaccurate, leading to bad things. To prevent this, write out the struct as it is at the moment that cloner is caller, and attempt a conversion from that type. If the struct gets changed in any way, this conversion will fail. This will yield false positives: If you change a non-pointer field, you will be forced to re-run cloner, even though the actual generated code won't change. I think this is an acceptable cost: It is a minor annoyance, which will prevent real bugs. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Brad Fitzpatrick	468bb3afce	cmd/tailscale/cli: add debug -derp mode	4 years ago
Brad Fitzpatrick	1e0be5a458	tshttp, derphttp: send Proxy-Authorization, not Authorization, to proxies Whoops. But weirdly, sending Authorization sometimes worked?	4 years ago
halulu	3af2d671e6	cmd/tailscale/cli: add new flag --force-reauth to up subcommand (#717 ) Signed-off-by: Halulu <lzjluzijie@gmail.com>	4 years ago
halulu	bd37e40d2b	cmd/tailscale/cli: status exit when disconnected (#720 ) cmd/tailscale/cli: make status report stopped status, exit non-zero Fixes #714	4 years ago
Brad Fitzpatrick	483141094c	cmd/tailscale/cli: add basic 'down' subcommand RELNOTE=yes	4 years ago
halulu	f27a57911b	cmd/tailscale: add derp and endpoints status (#703 ) cmd/tailscale: add local node's information to status output (by default) RELNOTE=yes Updates #477 Signed-off-by: Halulu <lzjluzijie@gmail.com>	4 years ago
Brad Fitzpatrick	f915ab6552	net/tshttpproxy: add start of Kerberos Negotiate auth to proxies on Windows For now only used by a new cmd/tailscale debug --get-url subcommand. Not yet wired up to the places making HTTP requests. Updates tailscale/corp#583	4 years ago
Brad Fitzpatrick	5e0375808b	cmd/tailscale/cli: fix vet warning And add vet to the "make check" target, like the CI has.	4 years ago
Brad Fitzpatrick	1be6c6dd70	cmd/tailscale/cli: add hidden debug subcommand	4 years ago
Brad Fitzpatrick	e415991256	derp, derp/derphttp: remove one RTT from DERP setup * advertise server's DERP public key following its ServerHello * have client look for that DEPR public key in the response PeerCertificates * let client advertise it's going into a "fast start" mode if it finds it * modify server to support that fast start mode, just not sending the HTTP response header Cuts down another round trip, bringing the latency of being able to write our first DERP frame from SF to Bangalore from ~725ms (3 RTT) to ~481ms (2 RTT: TCP and TLS). Fixes #693 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	771e9541c7	cmd/tailscale/cli: appease staticcheck	4 years ago
Brad Fitzpatrick	adf4f3cce0	cmd/tailscale/cli: make netcheck sort regions, show full region names	4 years ago
David Anderson	c2b63ba363	cmd/microproxy: add a quick hack for some malformed variables. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	4e63a4fda3	cmd/tailscale/cli: remove already done TODO	4 years ago
Brad Fitzpatrick	84dc891843	cmd/tailscale/cli: add ping subcommand For example: $ tailscale ping -h USAGE ping <hostname-or-IP> FLAGS -c 10 max number of pings to send -stop-once-direct true stop once a direct path is established -verbose false verbose output $ tailscale ping mon.ts.tailscale.com pong from monitoring (100.88.178.64) via DERP(sfo) in 65ms pong from monitoring (100.88.178.64) via DERP(sfo) in 252ms pong from monitoring (100.88.178.64) via [2604:a880:2:d1::36:d001]:41641 in 33ms Fixes #661 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	87cbc067c2	cmd/tailscale/cli: validate advertised routes' IP address-vs-network bits Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Josh Bleecher Snyder	b23f2263c1	derp: add server version to /debug, expvars This will make it easier for a human to tell what version is deployed, for (say) correlating line numbers in profiles or panics to corresponding source code. It'll also let us observe version changes in prometheus. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Brad Fitzpatrick	6818bb843d	Update README, remove old relaynode dredge	4 years ago

1 2 3 4 5

204 Commits (258b680bc561a2ec4e29b9afbf511b0d0d65a902)