tailscale

Commit Graph

Author	SHA1	Message	Date
Patrick O'Doherty	a05924a9e5	client/web: add Sec-Fetch-Site CSRF protection (#16046 ) RELNOTE=Fix CSRF errors in the client Web UI Replace gorilla/csrf with a Sec-Fetch-Site based CSRF protection middleware that falls back to comparing the Host & Origin headers if no SFS value is passed by the client. Add an -origin override to the web CLI that allows callers to specify the origin at which the web UI will be available if it is hosted behind a reverse proxy or within another application via CGI. Updates #14872 Updates #15065 Signed-off-by: Patrick O'Doherty <patrick@tailscale.com>	8 months ago
Brad Fitzpatrick	54970054a6	cmd/tailscale/cli: suggest using "tailscale set", not "up", to set operator The same message was used for "up" and "down" permission failures, but "set" works better for both. Suggesting "up --operator" for a "down" permission failure was confusing. It's not like the latter command works in one shot anyway. Fixes #16008 Change-Id: I6e4225ef06ce2d8e19c40bece8104e254c2aa525 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	8 months ago
Brad Fitzpatrick	8009ad74a3	cmd/derper, net/tlsdial: fix client's self-signed cert validation This fixes the implementation and test from #15208 which apparently never worked. Ignore the metacert when counting the number of expected certs presented. And fix the test, pulling out the TLSConfig setup code into something shared between the real cmd/derper and the test. Fixes #15579 Change-Id: I90526e38e59f89b480629b415f00587b107de10a Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	8 months ago
Brad Fitzpatrick	48dacf1bf7	cmd/tailscale/cli: omit "file" subcommand if taildrop is omitted from build Updates #15812 Updates #12614 Change-Id: Ic945b26a127ba15399abdaab8fe43b1cfa64d874 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	8 months ago
Brad Fitzpatrick	cf6a593196	cmd/tailscale/cli: rename "--posture-checking" to "--report-posture" For consistency with other flags, per Slack chat. Updates #5902 Change-Id: I7ae1e4c97b37185573926f5fafda82cf8b46f071 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	8 months ago
Anton Tolchanov	fe0090909b	cmd/tailscale/cli: unhide `--posture-checking` flag to `set` Updates #5902 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	8 months ago
James Tucker	b95e8bf4a1	tsweb/varz: export GC CPU fraction gauge We were missing this metric, but it can be important for some workloads. Varz memstats output allocation cost reduced from 30 allocs per invocation to 1 alloc per invocation. Updates tailscale/corp#28033 Signed-off-by: James Tucker <james@tailscale.com> Co-authored-by: Brad Fitzpatrick <bradfitz@tailscale.com>	8 months ago
David Anderson	5399fa159a	net/netmon: publish events to event bus Updates #15160 Signed-off-by: David Anderson <dave@tailscale.com>	9 months ago
M. J. Fromberger	baead61e44	{wgengine,util/portmapper}: add and plumb an event bus (#15359 ) Updates #15160 Change-Id: I2510fb4a8905fb0abe8a8e0c5b81adb15d50a6f8 Signed-off-by: M. J. Fromberger <fromberger@tailscale.com>	9 months ago
M. J. Fromberger	418e19fb5e	portmapper: update NewClient to use a Config argument In preparation for adding more parameters (and later, moving some away), rework the portmapper constructor to accept its arguments on a Config struct rather than positionally. This is a breaking change to the function signature, but one that is very easy to update, and a search of GitHub reveals only six instances of usage outside clones and forks of Tailscale itself, that are not direct copies of the code fixed up here. While we could stub in another constructor, I think it is safe to let those folks do the update in-place, since their usage is already affected by other changes we can't test for anyway. Updates #15160 Change-Id: I9f8a5e12b38885074c98894b7376039261b43f43 Signed-off-by: M. J. Fromberger <fromberger@tailscale.com>	9 months ago
Jordan Whited	e17abbf461	cmd/tailscale,ipn: add relay-server-port "tailscale set" flag and Prefs field (#15594 ) This flag is currently no-op and hidden. The flag does round trip through the related pref. Subsequent commits will tie them to net/udprelay.Server. There is no corresponding "tailscale up" flag, enabling/disabling of the relay server will only be supported via "tailscale set". This is a string flag in order to support disablement via empty string as a port value of 0 means "enable the server and listen on a random unused port". Disablement via empty string also follows existing flag convention, e.g. advertise-routes. Early internal discussions settled on "tailscale set --relay="<port>", but the author felt this was too ambiguous around client vs server, and may cause confusion in the future if we add related flags. Updates tailscale/corp#27502 Signed-off-by: Jordan Whited <jordan@tailscale.com>	9 months ago
Simon Law	7e296923ab	cmd/tailscale: test for new flags in tailscale up `tailscale set` was created to set preferences, which used to be overloaded into `tailscale up`. To move people over to the new command, `up` was supposed to be frozen and no new preference flags would be added. But people forgot, there was no test to warn them, and so new flags were added anyway. TestUpFlagSetIsFrozen complains when new flags are added to `tailscale up`. It doesn’t try all combinations of GOOS, but since the CI builds in every OS, the pull-request tests should cover this. Updates #15460 Signed-off-by: Simon Law <sfllaw@sfllaw.ca>	9 months ago
Brad Fitzpatrick	79ff067db3	cmd/tailscale/cli: prevent all dup flags, not just strings The earlier #15534 prevent some dup string flags. This does it for all flag types. Updates #6813 Change-Id: Iec2871448394ea9a5b604310bdbf7b499434bf01 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	9 months ago
Jason O'Donnell	6088ee311f	cmd/tailscale/cli: return error on duplicate multi-value flags (#15534 ) Some CLI flags support multiple values separated by commas. These flags are intended to be declared only once and will silently ignore subsequent instances. This will now throw an error if multiple instances of advertise-tags and advertise-routes are detected. Fixes #6813 Signed-off-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>	9 months ago
Brad Fitzpatrick	fb96137d79	net/{netx,memnet},all: add netx.DialFunc, move memnet Network impl This adds netx.DialFunc, unifying a type we have a bazillion other places, giving it now a nice short name that's clickable in editors, etc. That highlighted that my earlier move (`03b47a55c7`) of stuff from nettest into netx moved too much: it also dragged along the memnet impl, meaning all users of netx.DialFunc who just wanted netx for the type definition were instead also pulling in all of memnet. So move the memnet implementation netx.Network into memnet, a package we already had. Then use netx.DialFunc in a bunch of places. I'm sure I missed some. And plenty remain in other repos, to be updated later. Updates tailscale/corp#27636 Change-Id: I7296cd4591218e8624e214f8c70dab05fb884e95 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	9 months ago
Brad Fitzpatrick	7dbb21cae8	cmd/tailscale: add tailscale.rc Plan 9 wrapper So we can link tailscale and tailscaled together into one. Updates #5794 Change-Id: I9a8b793c64033827e4188931546cbd64db55982e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	9 months ago
Simon Law	e9324236e8	cmd/tailscale: fix default for `tailscale set --accept-routes` The default values for `tailscale up` and `tailscale set` are supposed to agree for all common flags. But they don’t for `--accept-routes` on Windows and from the Mac OS App Store, because `tailscale up` computes this value based on the operating system: user@host:~$ tailscale up --help 2>&1 \| grep -A1 accept-routes --accept-dns, --accept-dns=false accept DNS configuration from the admin panel (default true) user@host:~$ tailscale set --help 2>&1 \| grep -A1 accept-routes --accept-dns, --accept-dns=false accept DNS configuration from the admin panel Luckily, `tailscale set` uses `ipn.MaskedPrefs`, so the default values don’t logically matter. But someone will get the wrong idea if they trust the `tailscale set --help` documentation. In addition, `ipn.Prefs.RouteAll` defaults to true so it disagrees with both of the flags above. This patch makes `--accept-routes` use the same logic for in both commands by hoisting the logic that was buried in `cmd/tailscale/cli` to `ipn.Prefs.DefaultRouteAll`. Then, all three of defaults can agree. Fixes: #15319 Signed-off-by: Simon Law <sfllaw@sfllaw.ca>	9 months ago
Simon Law	7fc9099cf8	cmd/tailscale: fix default for `tailscale set --accept-dns` The default values for `tailscale up` and `tailscale set` are supposed to agree on all common flags. But they don’t for `--accept-dns`: user@host:~$ tailscale up --help 2>&1 \| grep -A1 accept-dns --accept-dns, --accept-dns=false accept DNS configuration from the admin panel (default true) user@host:~$ tailscale set --help 2>&1 \| grep -A1 accept-dns --accept-dns, --accept-dns=false accept DNS configuration from the admin panel Luckily, `tailscale set` uses `ipn.MaskedPrefs`, so the default values don’t logically matter. But someone will get the wrong idea if they trust the `tailscale set --help` documentation. This patch makes `--accept-dns` default to true in both commands and also introduces `TestSetDefaultsMatchUpDefaults` to prevent any future drift. Fixes: #15319 Signed-off-by: Simon Law <sfllaw@sfllaw.ca>	9 months ago
Brad Fitzpatrick	984cd1cab0	cmd/tailscale: add CLI debug command to do raw LocalAPI requests This adds a portable way to do a raw LocalAPI request without worrying about the Unix-vs-macOS-vs-Windows ways of hitting the LocalAPI server. (It was already possible but tedious with 'tailscale debug local-creds') Updates tailscale/corp#24690 Change-Id: I0828ca55edaedf0565c8db192c10f24bebb95f1b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
David Anderson	daa5635ba6	tsweb: split promvarz into an optional dependency Allows the use of tsweb without pulling in all of the heavy prometheus client libraries, protobuf and so on. Updates #15160 Signed-off-by: David Anderson <dave@tailscale.com>	10 months ago
Brad Fitzpatrick	836c01258d	go.toolchain.branch: update to Go 1.24 (#15016 ) * go.toolchain.branch: update to Go 1.24 Updates #15015 Change-Id: I29c934ec17e60c3ac3264f30fbbe68fc21422f4d Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> * cmd/testwrapper: fix for go1.24 Updates #15015 Signed-off-by: Paul Scott <paul@tailscale.com> * go.mod,Dockerfile: bump to Go 1.24 Also bump golangci-lint to a version that was built with 1.24 Updates #15015 Signed-off-by: Andrew Lytvynov <awly@tailscale.com> --------- Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> Signed-off-by: Paul Scott <paul@tailscale.com> Signed-off-by: Andrew Lytvynov <awly@tailscale.com> Co-authored-by: Paul Scott <paul@tailscale.com> Co-authored-by: Andrew Lytvynov <awly@tailscale.com>	11 months ago
Percy Wegmann	4f0222388a	cmd,tsnet,internal/client: create internal shim to deprecated control plane API Even after we remove the deprecated API, we will want to maintain a minimal API for internal use, in order to avoid importing the external tailscale.com/client/tailscale/v2 package. This shim exposes only the necessary parts of the deprecated API for internal use, which gains us the following: 1. It removes deprecation warnings for internal use of the API. 2. It gives us an inventory of which parts we will want to keep for internal use. Updates tailscale/corp#22748 Signed-off-by: Percy Wegmann <percy@tailscale.com>	11 months ago
kari-ts	4c3c04a413	ipn, tailscale/cli: add TaildropTargetStatus and remove race with FileTargets (#15017 ) Introduce new TaildropTargetStatus in PeerStatus Refactor getTargetStableID to solely rely on Status() instead of calling FileTargets(). This removes a possible race condition between the two calls and provides more detailed failure information if a peer can't receive files. Updates tailscale/tailscale#14393 Signed-off-by: kari-ts <kari@tailscale.com>	11 months ago
Brad Fitzpatrick	27f8e2e31d	go.mod: bump x/* deps Notably, this pulls in https://go.googlesource.com/net/+/2dab271ff1b7396498746703d88fefcddcc5cec7 for golang/go#71557. Updates #8043 Change-Id: I3637dbf27b90423dd4d54d147f12688b51f3ce36 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	11 months ago
Sandro Jäckel	08a96a86af	cmd/tailscale: make ssh command work when tailscaled is built with the ts_include_cli tag Fixes #12125 Signed-off-by: Sandro Jäckel <sandro.jaeckel@gmail.com>	11 months ago
Brad Fitzpatrick	05ac21ebe4	all: use new LocalAPI client package location It was moved in `f57fa3cbc3`. Updates tailscale/corp#22748 Change-Id: I19f965e6bded1d4c919310aa5b864f2de0cd6220 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	11 months ago
Percy Wegmann	f57fa3cbc3	client,localclient: move localclient.go to client/local package Updates tailscale/corp#22748 Signed-off-by: Percy Wegmann <percy@tailscale.com>	11 months ago
Nick Khyl	17ca2b7721	cmd/tailscale/cli: update tailscale down to accept an optional --reason If specified, the reason is sent via the LocalAPI for auditing purposes. Updates tailscale/corp#26146 Signed-off-by: Nick Khyl <nickk@tailscale.com>	11 months ago
Andrea Gottardo	8ee72cd33c	cli/funnel: fix comment typo (#14840 ) Updates #cleanup Signed-off-by: Andrea Gottardo <andrea@gottardo.me>	11 months ago
yejingchen	6f10fe8ab1	cmd/tailscale: add warning to help text of `--force-reauth` (#14778 ) The warning text is adapted from https://tailscale.com/kb/1028/key-expiry#renewing-keys-for-an-expired-device . There is already https://github.com/tailscale/tailscale/pull/7575 which presents a warning when connected over Tailscale, however the detection is done by checking SSH environment variables, which are absent within systemd's run0. That means `--force-reauth` will happily bring down Tailscale connection, leaving the user in despair. Changing only the help text is by no means a complete solution, but hopefully it will stop users from blindly trying it out, and motivate them to search for a proper solution. : https://www.freedesktop.org/software/systemd/man/devel/run0.html Updates #3849 Signed-off-by: yejingchen <ye.jingchen@gmail.com>	11 months ago
Brad Fitzpatrick	8c925899e1	go.mod: bump depaware, add --internal flag to stop hiding internal packages The hiding of internal packages has hidden things I wanted to see a few times now. Stop hiding them. This makes depaware.txt output a bit longer, but not too much. Plus we only really look at it with diffs & greps anyway; it's not like anybody reads the whole thing. Updates #12614 Change-Id: I868c89eeeddcaaab63e82371651003629bc9bda8 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	11 months ago
Brad Fitzpatrick	68a66ee81b	feature/capture: move packet capture to feature/*, out of iOS + CLI We had the debug packet capture code + Lua dissector in the CLI + the iOS app. Now we don't, with tests to lock it in. As a bonus, tailscale.com/net/packet and tailscale.com/net/flowtrack no longer appear in the CLI's binary either. A new build tag ts_omit_capture disables the packet capture code and was added to build_dist.sh's --extra-small mode. Updates #12614 Change-Id: I79b0628c0d59911bd4d510c732284d97b0160f10 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	12 months ago
Brad Fitzpatrick	61bea75092	cmd/tailscale: fix, test some recent doc inconsistencies `3dabea0fc2` added some docs with inconsistent usage docs. This fixes them, and adds a test. It also adds some other tests and fixes other verb tense inconsistencies. Updates tailscale/corp#25278 Change-Id: I94c2a8940791bddd7c35c1c3d5fb791a317370c2 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	12 months ago
Andrea Gottardo	3dabea0fc2	cmd/tailscale: define CLI tools to manipulate macOS network and system extensions (#14727 ) Updates tailscale/corp#25278 Adds definitions for new CLI commands getting added in v1.80. Refactors some pre-existing CLI commands within the `configure` tree to clean up code. Signed-off-by: Andrea Gottardo <andrea@gottardo.me>	12 months ago
Adrian Dewhurst	0fa7b4a236	tailcfg: add ServiceName Rather than using a string everywhere and needing to clarify that the string should have the svc: prefix, create a separate type for Service names. Updates tailscale/corp#24607 Change-Id: I720e022f61a7221644bb60955b72cacf42f59960 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>	12 months ago
Brad Fitzpatrick	8b65598614	util/slicesx: add AppendNonzero By request of @agottardo. Updates #cleanup Change-Id: I2f02314eb9533b1581e47b66b45b6fb8ac257bb7 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	12 months ago
Brad Fitzpatrick	150cd30b1d	ipn/ipnlocal: also use LetsEncrypt-baked-in roots for cert validation We previously baked in the LetsEncrypt x509 root CA for our tlsdial package. This moves that out into a new "bakedroots" package and is now also shared by ipn/ipnlocal's cert validation code (validCertPEM) that decides whether it's time to fetch a new cert. Otherwise, a machine without LetsEncrypt roots locally in its system roots is unable to use tailscale cert/serve and fetch certs. Fixes #14690 Change-Id: Ic88b3bdaabe25d56b9ff07ada56a27e3f11d7159 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	12 months ago
Brad Fitzpatrick	e12b2a7267	cmd/tailscale/cli: clean up how optional commands get registered Both @agottardo and I tripped over this today. Updates #cleanup Change-Id: I64380a03bfc952b9887b1512dbcadf26499ff1cd Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	12 months ago
Aaron Klotz	fcf90260ce	atomicfile: use ReplaceFile on Windows so that attributes and ACLs are preserved I moved the actual rename into separate, GOOS-specific files. On non-Windows, we do a simple os.Rename. On Windows, we first try ReplaceFile with a fallback to os.Rename if the target file does not exist. ReplaceFile is the recommended way to rename the file in this use case, as it preserves attributes and ACLs set on the target file. Updates #14428 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	12 months ago
Brad Fitzpatrick	414a01126a	go.mod: bump mdlayher/netlink and u-root/uio to use Go 1.21 NativeEndian This finishes the work started in #14616. Updates #8632 Change-Id: I4dc07d45b1e00c3db32217c03b21b8b1ec19e782 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	12 months ago
Anton Tolchanov	e4385f1c02	cmd/tailscale/cli: add --posture-checking to tailscale up This will prevent `tailscale up` from resetting the posture checking client pref. Fixes #12154 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	12 months ago
Michael Stapelberg	64ab0ddff1	cmd/tailscale/cli: only exit silently if len(args) == 0 This amends commit `b7e48058c8`. That commit broke all documented ways of starting Tailscale on gokrazy: https://gokrazy.org/packages/tailscale/ — both Option A (tailscale up) and Option B (tailscale up --auth-key) rely on the tailscale CLI working. I verified that the tailscale CLI just prints it help when started without arguments, i.e. it does not stay running and is not restarted. I verified that the tailscale CLI successfully exits when started with tailscale up --auth-key, regardless of whether the node has joined the tailnet yet or not. I verified that the tailscale CLI successfully waits and exits when started with tailscale up, as expected. fixes https://github.com/gokrazy/gokrazy/issues/286 Signed-off-by: Michael Stapelberg <michael@stapelberg.de>	12 months ago
Will Norris	60daa2adb8	all: fix golangci-lint errors These erroneously blocked a recent PR, which I fixed by simply re-running CI. But we might as well fix them anyway. These are mostly `printf` to `print` and a couple of `!=` to `!Equal()` Updates #cleanup Signed-off-by: Will Norris <will@tailscale.com>	1 year ago
Brad Fitzpatrick	5da772c670	cmd/tailscale/cli: fix TestUpdatePrefs on macOS It was failing about an unaccepted risk ("mac-app-connector") because it was checking runtime.GOOS ("darwin") instead of the test's env.goos string value ("linux", which doesn't have the warning). Fixes #14544 Change-Id: I470d86a6ad4bb18e1dd99d334538e56556147835 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	1e2e319e7d	util/slicesx: add MapKeys and MapValues from golang.org/x/exp/maps Importing the ~deprecated golang.org/x/exp/maps as "xmaps" to not shadow the std "maps" was getting ugly. And using slices.Collect on an iterator is verbose & allocates more. So copy (x)maps.Keys+Values into our slicesx package instead. Updates #cleanup Updates #12912 Updates #14514 (pulled out of that change) Change-Id: I5e68d12729934de93cf4a9cd87c367645f86123a Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
James Tucker	aa04f61d5e	net/netcheck: adjust HTTPS latency check to connection time and avoid data race The go-httpstat package has a data race when used with connections that are performing happy-eyeballs connection setups as we are in the DERP client. There is a long-stale PR upstream to address this, however revisiting the purpose of this code suggests we don't really need httpstat here. The code populates a latency table that may be used to compare to STUN latency, which is a lightweight RTT check. Switching out the reported timing here to simply the request HTTP request RTT avoids the problematic package. Fixes tailscale/corp#25095 Signed-off-by: James Tucker <james@tailscale.com>	1 year ago
Percy Wegmann	06a82f416f	cmd,{get-authkey,tailscale}: remove unnecessary scope qualifier from OAuth clients OAuth clients that were used to generate an auth_key previously specified the scope 'device'. 'device' is not an actual scope, the real scope is 'devices'. The resulting OAuth token ended up including all scopes from the specified OAuth client, so the code was able to successfully create auth_keys. It's better not to hardcode a scope here anyway, so that we have the flexibility of changing which scope(s) are used in the future without having to update old clients. Since the qualifier never actually did anything, this commit simply removes it. Updates tailscale/corp#24934 Signed-off-by: Percy Wegmann <percy@tailscale.com>	1 year ago
James Tucker	7f9ebc0a83	cmd/tailscale,net/netcheck: add debug feature to force preferred DERP This provides an interface for a user to force a preferred DERP outcome for all future netchecks that will take precedence unless the forced region is unreachable. The option does not persist and will be lost when the daemon restarts. Updates tailscale/corp#18997 Updates tailscale/corp#24755 Signed-off-by: James Tucker <james@tailscale.com>	1 year ago
Nick Khyl	a62f7183e4	cmd/tailscale/cli: fix format string Updates #12687 Signed-off-by: Nick Khyl <nickk@tailscale.com>	1 year ago
Andrea Gottardo	e3c6ca43d3	cli: present risk warning when setting up app connector on macOS (#14181 )	1 year ago

1 2 3 4 5 ...

976 Commits (3e08eab21e204bc3568762c2b49e0e1ab9ebf4b4)