archive
/
tailscale
mirror of https://github.com/tailscale/tailscale/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,343 Commits
615 Branches
143 Tags
98 MiB
main
angott/captive-portal-detection-warnable
irbekrm/sessionrecorder
tomhjp/update-mkctr
adrian/fix-vet-failures
flakes
jonathan/missing_resolvers
naman/tsidp-funnel
angott/dns-warnables
andrew/workgraph
dependabot/github_actions/peter-evans/create-pull-request-6.1.0
agottardo-patch-1
tomhjp/ipv6-egress
bradfitz/resume
irbekrm/operator_linux_only
nickkhyl/posture-sn-override
dependabot/npm_and_yarn/client/web/ws-8.17.1
kradalby/chaos
angott/ignore-some-warnings-startup
kradalby/nl-panic-fix
tomhjp/service-condition-status-dev
dependabot/npm_and_yarn/cmd/tsconnect/braces-3.0.3
release-branch/1.68
irbekrm/fixsubnets
irbekrm/dnstest
irbekrm/fix
icio/tsweb-nested-stdhandler
irbekrm/accept_routes
percy/issue8593
percy/issue8593-prep
jonathan/sugg_exit_node_fix
irbekrm/proxycidrs
release-branch/1.66
icio/public-key-short
clairew/handle-auto-exit-node-value
noncombatant/fix-12186
knyar/install2
will/tsnet-udp
raggi/web-zst-precompress
raggi/gocross-empty-goos-goarch
andrew/dns-fallback
andrew/prom-omit-metrics
dependabot/github_actions/golangci/golangci-lint-action-6.0.1
jwhited/android-packet-vectors
knyar/renew
bradfitz/debug_tstest
clairew/revert-storing-last-suggested
andrew/debug-integration-tests
fran/appc-ensmallen-gh-preset
ox/11854-3-sftp
percy/cherry-pick-2648d475d751b47755958f47a366e300b6b6de0a
ox/corp-19592
ox/11954-3
ox/11854
kevin/Split_Remove_advertised_routes_from_pref
dsnet/logtail-buffer2
bradfitz/dataplane_logs_no_logs_no_support
nickkhyl/ipn-user-identity
irbekrm/extsvcnftableslb
andrew/dns-wrap-errors
release-branch/1.64
noncombatant/safeweb-cleanup
bradfitz/login_retry
patrickod/installer-yml-fixup
release-branch/1.64.0
fran/appc-store-routes-by-source
andrew/controlclient-use-last-addr
enable-exit-node-dst-logs
clairew/peer-node-capability-documentation
revert-11590-catzkorn/penguin
enable-exit-node-dst-logs-2
licenses/corp
dsnet/logpolicy-opts
licenses/android
jonathan/taildrop_path
licenses/cli
release-branch/1.62
clairew/log-dst-exit-node
fran/appc-domain-delte-prototype
irbekrm/maybe_fix_v6
oxtoacart/golden_memory
irbekrm/cherry_fix_panic
oxtoacart/no_indent_status
angott/corp-18441
soniaappasamy/serve-funnel-ui
brafitz/remote-config
andrew/control-key-store
maisem/proxy-1
release-branch/1.60
andrew/netstack-forwarder-debug
oxtoacart/immediately_access_shares
knyar/varz
knyar/install
irbekrm/splitkeys
oxtoacart/automount
angott/sleep-debug-apis
clairew/suggest-non-mullvad-exit-node
tom/tka4
clairew/add-latitude-longitude
irbekrm/operatorversion
oxtoacart/dsnet_codereview_fixes
clairew/client-suggest-node-poc
raggi/rand
flyingsquirrel_bak
will/containerboot-webui
irbekrm/clustermagicdns
noncombatant/add-hello-systemd
catzkorn/jira
release-branch/1.58
kradalby/view-only-type
clairew/add-disco-pong-padding
clairew/receive-icmp-errors
dgentry-b10911
irbekrm/proxyclass2
irbekrm/proxyclass
irbekrm/byocerts
knyar/worklifeposture
dsnet/httpio
will/webclient-mobile
will/webclient-csrf
irbekrm/static_crd
irbekrm/manifests_crd
maisem/exp-k8s
release-branch/1.44
irbekrm/containerbootdeclarativeconf
kube_exp
irbekrm/conf
raggi/stun-subprocess
andrew/nixos-vm-tests
irbekrm/set_args
andrew/peer-ipv6-addrs
irbekrm/external_services
irbekrm/os
irbekrm/pull_in_certs
dependabot/github_actions/github/codeql-action-3
dependabot/github_actions/actions/upload-artifact-4
irbekrm/kube_build_tags
release-branch/1.56
jwhited/derp-cmm-timestamp
naman/web-client-update-fixes
dependabot/github_actions/actions/setup-go-5
soniaappasamy/use-swr
marwan/displayname
release-branch/1.54
danderson/debug-garden
jwhited/unsafe-exp
clairew/test-wrapper-file
bradfitz/compontent_logs
kradalby-keys-db-interface
kradalby/keys-db-interface
andrew/upnp-unfork
bm/tsoidc
irbekrm/le
knyar/restartmap
kristoffer/editable-tailnet-displayname
raggi/document-deprecated-approach
dsnet/statestore
awly/version-override
bradfitz/silentdisco_knob
richard/15372
raggi/icmplistener
awly/linux-sudoers-local-admin-poc
release-branch/1.52
soniaappasamy/web-auth-restructure
bradfitz/ipx_set_contains
knyar/derpmesh
irbekrm/chartandcli
richard/15037-2
bradfitz/linuxfw_nil_table
richard/15037
bradfitz/tbug
bradfitz/derp_mesh
valscale/meshFix
will/sonia/web-tailscaled
tyler/serve-status
maisem/ni
maisem/hi
rhea/apple-test
dgentry-nix-flake
dgentry-coverage
c761d10
bradfitz/gocross_wantver
awly/ipnlocal-watchnotifications-clientversion
bradfitz/integration_more_tun
bradfitz/recursive_controlknob
dgentry-authkey
dependabot/npm_and_yarn/cmd/tsconnect/postcss-8.4.31
bm/4via6
bradfitz/sessionactivetimeout
release-branch/1.50
rhea/taildrop-resume
andrew/peercap-ipv6-aaaa
irbekrm/k8sipnftheuristics
irbekrm/kubeipnft
irbekrm/k8sipnft
dgentry-istoreos
knyar/posturemac
dependabot/github_actions/tibdex/github-app-token-2.1.0
irbekrm/egress
raggi/restore-extra-records-dns
aaron/win_process_mitigations
danderson/lru-rollback
clairew/mdm-interface
angott/userdefaults-reader
andrew/bump-esbuild
andrew/netns-more-logging
release-branch/1.48
irbekrm/k8s-autopilot
dsnet/viewer-jsonv2
marwan/altmem_stash
irbekrm/k8s-nftables
marwan/postmem
maisem/fix-deadlock
bradfitz/matrix
irbekrm/egress-dns
bradfitz/wait_unpause
bradfitz/calc_state
irbekrm/svc_conditions
soniaappasamy/fix-test-flake
marwan/servedev
soniaappasamy/fix-web-client-lock
raggi/netfilter-runtime
raggi/netfilter-add-modes
marwan/scmem
bradfitz/ignore_ula
clairew/tstime-net
clairew/tstime-wgengine
bradfitz/tkasig_type
shayne/k8s-serve
bradfitz/gui_netmap
macsys-update
catzkorn/netcheckuout
andrew/doctor-conntrack
tsweb/client-ui
valscale/ptb
raggi/gotoolchain
irbekrm/improve_logout
maisem/doc
rhea/egress
noncombatant/large-int-string
release-branch/1.46
andrew/captive-portal-package
s/pmtud
andrew/derp-bound-latency
andrew/health-state
bradfitz/gokrazy_dns
clairew/use-tstime-etc
bradfitz/negdep
raggi/stunc
raggi/gvisor-hostarch-deptest
crawshaw/art-table
irbekrm/fix_logout_loop
clairew/refactor-new-timer
clairew/test-wrapper-write-file
s/tsnetd
bradfitz/countrycode
crawshaw/stunchild
tom/disco
raggi/v6masq
dsnet/syncs-map-range-mutable
release-branch/1.42
raggi/heartbeat-timebomb
raggi/derp-probe-stun-loss
raggi/tsdebugger
tom/derp
andrew/ipn-debug-1.42.0
marwan/portlistrefactor
marwan/noconstructor
angott/allow-thunderbolt-bridge
marwan/polleropts
marwan/noconstructor2
andrew/slicesx-deduplicate
unraid-web
release-branch/1.40
kristoffer/enable-mips-pkgs
s/eq
raggi/atomiccloseonce
raggi/bump-goreleaserv2
marwan/tmp
catzkorn/addrsend
raggi/gofuzz
shayne/funnel_cmd
release-branch/1.38
dgentry/atomicfile
andrew/derp-region-location
tom/tka6
maisem/k8s-cache
azure
andrew/fastjson
crawshaw/lnclose
crawshaw/tsnet1
crawshaw/httpconnect
Xe/tsnet-funnel
dgentry/sniproxy-dns
andrew/util-dnsconfig
andrew/cloudenv-location
release-branch/1.36
aaron/migrate_windows
crawshaw/pidlisten
andrew/router-drop-ula
will/vizerr
danderson/mkversion
crawshaw/activesum
andrew/doctor-scutil
danderson/version-private3
bradfitz/sassy
bradfitz/win_unattended_warning
andrew/hostinfo-HavePortMap
skriptble/ssh-recording-persist
crawshaw/ondemanddomains
danderson/helm
andrew/peer-status-KeyExpiry
bradfitz/noise_debug_more
release-branch/1.34
cloner
danderson/backport
clairew/tsnet_get_own_ip
bradfitz/tidy
raggi/tsweb-compression
bradfitz/fix_ipn_cloner
danderson/bootstrap
will/enforce-hostname
mihaip/delete-all-profiles
release-branch/1.32
shayne/serve_empty_text_handler
bradfitz/hostinfo_ingress_bit
mihaip/logout-async-start
net-audit-log/1.32
bradfitz/set_prefs_locked
mihaip/fas
bradfitz/port_intercept
andrew/net-tsaddr-mapviaaddr
danderson/tsburrito
andrew/tstest-goroutine-ignore
andrew/monitor-link-change
danderson/k8s
andrew/debug-subnet-router
andrew/metrics-distribution
knyar/prober
crawshaw/accumulatorcfg
bradfitz/keyboard-interactive
bradfitz/tailpipe
vm
raggi/accept-routes-filter
nyghtowl/tailnet-name2
buildjet
buildjet-vs-github
andrew/netns-macos-route
walterp-api
andrew/linux-router-v4-disabled
bradfitz/distro_ubuntu
tom/iptables
release-branch/1.30
tom/tka2
andrew/dnscache-debugging-1.22.2
andrew/controlclient-dial
raggi/experiment-queues
bradfitz/u32
ip6tables
catzkorn/derp-benchmark
jwhited/wireguard-go-vectorized-bind
catzkorn/otel-init
bradfitz/appendf
mihaip/js-cli
dsnet/tsweb-499s
bradfitz/deephash_early_exit
crawshaw/xdp
dsnet/logtail-zstd-single-segment
Xe/gitops-pusher-three-version-problem
Xe/gitops-pusher-acl-test-error-output
Xe/gitops-pusher-ffcli
bradfitz/ssh_auth_none_demo
release-branch/1.28
catzkorn/otel-derp
bradfitz/shared_split_dns
nyghtowl/fix-resolved
release-branch/1.26
bradfitz/explicit_empty_test_3808
crawshaw/preservenetinfo
miriah-3808-reset-operator
dsnet/tsnet-logging
mihaip/wasm-taildrop
crawshaw/stunname
bradfitz/wasm_play
bradfitz/dot
bradfitz/tcp_flows
release-branch/1.24
raggi/netstack_fwd_close
bradfitz/netstack_fwd_close
merge-tag
cross-android
bradfitz/kmod
bradfitz/ssh_banner
bradfitz/ping
tom/integration
bradfitz/ssh_policy_earlier
bradfitz/derpy_cast
bradfitz/cli_admin
release-branch/1.22
aaron/go-ole-ref
bradfitz/key_rotation_prep
josh/tswebflags
release-branch/1.20
crawshaw/envtype
danderson/tsweb-server
bradfitz/autocert_force
bradfitz/use_netstack_upstream
Xe/winui-bugreport-without-tailscaled
bradfitz/hostinfo_basically_equal
release-branch/1.18
aaron/loglog
aaron/dnsapc
bradfitz/demo_client_hijack
bradfitz/windns
bradfitz/exit_node_forward_dns
bradfitz/1.18.1
Xe/tailtlsproxy
bradfitz/allsrc
josh/peermap
danderson/ebpf
bradfitz/1_16_stress_netmap
danderson/nodekey-move
danderson/nodekey-delete-old
danderson/nodekey-cleanup
danderson/magicsock-discokey
release-branch/1.16
danderson/magicsock-node-key
crawshaw/updatefallback
release-branch/1.14
bradfitz/1.14
bradfitz/updates
josh/immutable-views
bradfitz/portmap_gh_actions
danderson/kernel-tailscale
bradfitz/win_default_route
release-branch/1.12
jknodt/logging
simenghe/add-tsmpping-call
josh/opt-getstatus
Aadi/speedtest-tailscaled
dsnet/admin-cli
bradfitz/portmap_test
jknodt/portmap_test
upnpdebug
jknodt/upnp_reuse
crawshaw/peerdoh
josh/debug-flake
simenghe/pingresult-work
jknodt/derp_flow
tps/tailscaled
jknodt/vms_ref
jknodt/integ_test
josh/fast-time
josh/coarsetime
bradfitz/derp_flow
release-branch/1.10
josh/io_uring
josh/deflake-pipe-again
Xe/testcontrol-v6
jknodt/io-uring
simenghe/admin-ping-test
jknodt/periodic_probe
simenghe/isoping
Xe/private-logcatcher-in-process
simenghe/tcpnodeping
bradfitz/deephash_methods
crawshaw/deephash
josh/de-select-tstun-wrapper
Xe/debug-nixos-build
simenghe/isoping-experiment
crawshaw/dnswslhackery
jknodt/userderp
jknodt/bw_rep2
crawshaw/wslresolvconf
jknodt/upnp
crawshaw/magicdnsalways
simenghe/flakeresolve
rec_in_use_after_5_sec
bradfitz/acme
release-branch/1.8
simenghe/add-httphandlers-ping
simenghe/add-ping-route-testcontrol-mux
simeng-pingtest
Xe/test-install-script-libvirtd
apenwarr/check184
crawshaw/newbackendserver
adding-address-ips-totestcontrolnode
onebinary
Xe/synology-does-actually-work-with-subnet-routes-til
bradfitz/netstack_port_map
bradfitz/demo_pinger
apenwarr/fixes
apenwarr/relogin
josh/NewIPPort
josh/IPWithPort
bradfitz/integration_tests
josh/opt-dp-wip
bradfitz/ping_notes
bradfitz/dropped_by_filter_logspam
bradfitz/netstack_drop_silent
bradfitz/log_rate_test
bradfitz/issue_1840_rebased_tree
bradfitz/issue_1849_rebased_tree
crawshaw/syno
apenwarr/statefix
apenwarr/statetest
josh/wip/endpoint-serialize
apenwarr/ioslogin
rosszurowski/cli-fix-typo
bradfitz/cli_pretty
bradfitz/win_delete_retry
bradfitz/sleep
naman/netstack-request-logging
naman/ephem-expand-range
bradfitz/macos_progress
bradfitz/ip_of
crawshaw/localapi404
crawshaw/movefiles
crawshaw/socket
crawshaw/cgi
naman/netstack-subnet-routing
josh/wip/create-endpoint-no-public-key
Xe/log-target-registry-key
release-branch/1.6
bradfitz/ipv6_link_local_strip
bradfitz/darwin_gw
Xe/disallow-local-ip-for-exit-node
release-branch/1.4
crawshaw/upjson
bradfitz/proposed_1.4.6
bradfitz/derp_steer
crawshaw/tailscalestatus
Xe/reset-logid-on-logout-login
naman/netstack-incoming
mkramlich/macos-brew2
naman/netstack-outgoing-udp-test
mkramlich/macos-brew
bradfitz/proposed-1.4.5
peske/ifacewatcher
Xe/hello-vr
crawshaw/filchsync
Xe/derphttp-panic-fix
peske/elnotfound
Xe/rel-144-fix-ipv6-broken-in-tests
bradfitz/darwin_creds
josh/longblock
josh/udp-alloc-less
josh/simplify-filch
josh/remove-ipcgetfilter
Xe/envvar-name-TS
Xe/TS-envvar-name
Xe/do-windows-logserver-better
Xe/log-target-flag
crawshaw/ipuint
bradfitz/hello
bradfitz/linux_v6_off
bradfitz/call_me_maybe_eps
bradfitz/api_docs
alexbrainman/use_wg_dns_code
naman/netstack-use-tailscale-ip
josh/debug-TestLikelyHomeRouterIPSyscallExec
noerror-not-notimp
bradfitz/umaskless_permissions
naman/netstack-bump-version
bradfitz/lite_endpoint_update
c22wen/api-docs
bradfitz/grafana_auth_proxy
crawshaw/dnsguid
nix-shell
release-branch/1.2
bradfitz/acl_tags_in_tailscale_status
bradfitz/expiry_spin
josh/no-goroutine-per-udp-read-2
crawshaw/tailcfg
bradfitz/wgengine_monitor_windows_take2
netstat-unsafe
bradfitz/ipn_empty
bradfitz/win_firewall_async
bradfitz/machine_key
apenwarr/faketun
crawshaw/cloner
crawshaw/jsonhandler
c22wen/route-addr
c22wen/magicsock.go
bradfitz/gvisor_netstack
crawshaw/loadtest
dshynkev/dns-autoset
crawshaw/e2etest
bradfitz/win_wpad_pac
release-branch/1.0
bradfitz/linux_default_route_interface
bradfitz/release-branch-1.0
crawshaw/restartlimit
clone
dshynkev/dns-name
dshynkev/dns-refactor
bradfitz/go_vet
crawshaw/tswebextra
crawshaw/pinger2
lzjluzijie/all_proxy
rate-limiting
lzjluzijie/227_http_proxy
crawshaw/rebind
crawshaw/hostinfo
crawshaw/derp-nokeepalives
crawshaw/derptimeout
crawshaw/derpdial2
crawshaw/derpdial
crawshaw/ipn
crawshaw/e2e_test
crawshaw/ipn2
crawshaw/magicsock
crawshaw/magicsock-infping
crawshaw/spray
crawshaw/br1
v1.68.1
v1.68.0
v1.66.4
v1.66.3
v1.66.2
v1.66.1
v1.66.0
v1.64.2
v1.64.1
v1.64.0
v1.62.1
v1.62.0
v1.60.1
v1.60.0
v1.58.2
v1.58.1
v1.58.0
v1.44.3
v1.56.1
v1.56.0
v1.54.1
v1.54.0
v1.52.1
v1.52.0
v1.50.1
v1.50.0
v1.48.2
v1.48.1
v1.48.0
v1.46.1
v1.46.0
v1.44.2
v1.44.0
v1.42.1
v1.42.0
v1.40.1
v1.40.0
v1.38.4
v1.38.3
v1.38.2
v1.38.1
v1.38.0
v1.36.2
v1.36.1
v1.36.0
v1.34.2
v1.34.1
v1.34.0
v1.32.3
v1.32.2
v1.32.1
v1.32.0
v1.30.2
v1.30.1
v1.30.0
v1.28.0
v1.26.2
v1.26.1
v1.26.0
v1.24.2
v1.24.1
v1.24.0
v1.22.2
v1.22.1
v1.22.0
v1.20.4
v1.20.3
v1.20.2
v1.20.1
v1.20.0
v1.18.2
v1.18.1
v1.18.0
v1.16.2
v1.16.1
v1.16.0
v1.14.6
v1.14.5
v1.14.4
v1.14.3
v1.14.0
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.12.0
v1.10.2
v1.10.1
v1.10.0
v1.8.8
v1.8.7
v1.8.6
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.6.0
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.2.10
v1.2.9
v1.2.8
v1.2.7
v1.2.6
v1.2.5
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.1.0
v1.0.0
v0.100.0
v0.99.1
v0.99.0
v0.98.1
v0.98
v0.98.0
v0.97
v0.96.1
v0.96
coral-gitops
gitops-1.30.0
gitops-1.58.2
nginx-auth-0.1.2
v0.100.0-107
v0.100.0-153
v1.61.0-pre
v1.63.0-pre
v1.65.0-pre
v1.67.0-pre
v1.69.0-pre
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '420838f90e'
${ noResults }
Commit Graph

1343 Commits (420838f90e76ce592038bb086c6113ef03e594f6)
 

Author SHA1 Message Date
Brad Fitzpatrick 420838f90e log/filelogger: move our Windows disk file writing+rotation package here 
It's still Windows-only for now but it's easy to de-Windows-ify when needed.

Moving it out of corp repo and into tailscale/tailscale so we can use
it in ipnserver.BabysitProc.

Updates #726
 4 years ago
Brad Fitzpatrick 508f5c3ae0 wgengine/router: fix bug where getInterfaceRoutes always returned an empty list 
Regression from f2ce64f0c6 (r43710860)

Fixes #870
 4 years ago
Brad Fitzpatrick 38bde61b3d wgengine/router: make Windows firewall configuration async 
Updating the Windows firewall is usually reasonably fast, but
sometimes blocks for 20 seconds, 4 minutes, etc. Not sure why.

Until we understand that's happening, configure it in the background
without blocking the normal control flow.

Updates #785

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
Brad Fitzpatrick c64718e9a0 ipn/ipnserver: work around os/user.LookupId failure on Windows 
If we can't find the mapping from SID ("user ID") -> username, don't
treat that as a fatal. Apparently that happens in the wild for Reasons.
Ignore it for now. It's just a nice-to-have for error messages in the
rare multi-user case.

Updates #869

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
David Anderson 09721fede8 version: fix documentation. 4 years ago
David Anderson 54e6c3a290 version: use OSS repo's version when building. 
When building with redo, also include the git commit hash
from the proprietary repo, so that we have a precise commit
that identifies all build info (including Go toolchain version).

Add a top-level build script demonstrating to downstream distros
how to burn the right information into builds.

Adjust `tailscale version` to print commit hashes when available.

Fixes #841.

Signed-off-by: David Anderson <danderson@tailscale.com>
 4 years ago
Brad Fitzpatrick a1ccaa9658 .github/workflows: add tests on Windows 
Fixes #50

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
Brad Fitzpatrick 4a92fc9dc5 portlist: fix tests on Windows when not running as Administrator 
Updates #50
 4 years ago
Brad Fitzpatrick 7ac91c15bd net/netcheck: fix tests on Windows 
Updates #50
 4 years ago
Brad Fitzpatrick fd2a30cd32 wgengine/magicsock: make test pass on Windows and without firewall dialog box 
Updates #50
 4 years ago
Brad Fitzpatrick cd07437ade cmd/tailscale/cli, tailcfg: allow tag without "tag:" prefix in 'tailscale up' 
Fixes #861
 4 years ago
Brad Fitzpatrick d6ad41dcea ipn: send machine key to clients so they can downgrade to 1.0.x if needed 
Fixes #732

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
Brad Fitzpatrick e72f480d22 ipn: convert an int to a bool 4 years ago
Brad Fitzpatrick a3f17b8108 control/controlclient: also log active account in netmaps 
Updates tailscale/corp#461
 4 years ago
Brad Fitzpatrick 999bc93a4d ipn: log active account on change 
Updates tailscale/corp#461
 4 years ago
Brad Fitzpatrick 66d196326f ipn: rename 'new' variable to 'newp' 
Both to avoid shadowing new and because new is a little vague for such
a long method handling multiple new & old things.
 4 years ago
Brad Fitzpatrick 5b1d03f016 control/controlclient: remove prior temporary macos debugging 
It was an x/net/http2 bug, since fixed.
 4 years ago
Brad Fitzpatrick f33da73a82 go.sum: update 4 years ago
Alex Brainman 311899709b version: skip TestMkversion on windows 
TestMkversion requires UNIX shell to run mkversion.sh. No such shell
is present on Windows. Just skip the test.

Updates #50

Signed-off-by: Alex Brainman <alex.brainman@gmail.com>
 4 years ago
David Anderson 3d34128171 go.mod: update to new wireguard-go. 4 years ago
Brad Fitzpatrick 4f55ebf2d9 tailcfg: add some comments, remove some redundant types in literal 4 years ago
Brad Fitzpatrick c44e244276 control/controlclient: add some temporary debugging for #839 4 years ago
Brad Fitzpatrick 9957c45995 tailcfg: bump, document MapRequest.Version value 
Fixes tailscale/corp#634

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
Brad Fitzpatrick 3909c82f3d control/controlclient: rename map debug knob, make it do both request+response 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
Brad Fitzpatrick 6b1d2a5630 ipn: don't set DebugFlags to len 1 slice of empty string [""] 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
Brad Fitzpatrick 691f1d5c1d types/flagtype: fix bug showing the default port value (shown in --help) 4 years ago
David Anderson 62d941dc26 tailcfg: add a DebugFlags field for experiments and debugging. 
Also replaces the IPv6Overlay bool with use of DebugFlags, since
it's currently an experimental configuration.

Signed-off-by: David Anderson <danderson@tailscale.com>
 4 years ago
Brad Fitzpatrick ac866054c7 wgengine/magicsock: add a backoff on DERP reconnects 
Fixes #808
 4 years ago
Brad Fitzpatrick 22024a38c3 control/controlclient: log Hostinfo on change 
Fixes #830

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
Brad Fitzpatrick 7c8ca28c74 ipn: use cmd/cloner for Prefs.Clone 
Also, make cmd/cloner's top-level "func Clone" generation opt-in.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 4 years ago
Brad Fitzpatrick 6cc6e251a9 logpolicy: add debug knob to force logging time to terminal 4 years ago
Brad Fitzpatrick 86c271caba types/logger: move RusagePrefixLog to logger package, disable by default 
The RusagePrefixLog is rarely useful, hasn't been useful in a long
time, is rarely the measurement we need, and is pretty spammy (and
syscall-heavy). Disable it by default. We can enable it when we're
debugging memory.
 4 years ago
David Anderson ff0cf6340a wgengine/router: fix configuration of loopback netfilter rules for v6. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 4 years ago
David Anderson 5c35c35e7f tsaddr: add helpers for the Tailscale IPv6 range, and 4to6 conversion. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 4 years ago
David Anderson c6dbd24f67 tailcfg: add a field to advertise support for IPv6 tailscale config. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 4 years ago
Brad Fitzpatrick 7a2a3955d3 logtail/filch: skip a broken test on Windows 
Add a TODO with some notes about why it's skipped for now.

Updates #50
 4 years ago
Brad Fitzpatrick a6c34bdc28 control/controlclient: also include our own profile (for when no self-owned peers) 
Fix from regression in previous commit
(0e3048d8e0) that was caught by e2e
tests.

In that previous commit, the user's own profile was omitted from the
NetworkMap in the case where the user only had one node.
 4 years ago
Brad Fitzpatrick 0e3048d8e0 control/controlclient: support delta userprofiles from control 
I was going to make support for this advertised from the client, but
turns out only "tailscale status" even uses the UserProfiles field and
fails gracefully (omits that field) if a user profile for a user is
missing, so I think we can just reuse the DeltaPeers field from the
client to ask the control server to also delta encode the user
profiles.

For the few users running 1.1.x (unstable) versions between DeltaPeers
support (1.1.82) and this (~1.1.541), they'll just sometimes have
missing names in "tailscale status --json" or "tailscale status --web"
(the only places the UserProfile is used).
 4 years ago
Brad Fitzpatrick 82f2fdc194 control/controlclient: adjust some logging point names 
The previous code read too explicitly like log.Printf("I am here1"),
log.Printf("I am here2"). It still is with this change, but prettier, and
less subject to code rearranging order.
 4 years ago
Brad Fitzpatrick 1fd9958e9d ipn: wait for initial portpoll result before starting controlclient 
We were creating the controlclient and starting the portpoll concurrently,
which frequently resulted in the first controlclient connection being canceled
by the firsdt portpoll result ~milliseconds later, resulting in another
HTTP request.

Instead, wait a bit for the first portpoll result so it's much less likely to
interrupt our controlclient connection.

Updates tailscale/corp#557
 4 years ago
Brad Fitzpatrick 1819f6f8c8 control/controlclient: set MapRequest.ReadOnly on initial empty endpoint request 
On startup, clients do a MapRequest with empty endpoints while they
learn the DERP map to discover the STUN servers they then query to
learn their endpoints.

Set MapRequest.ReadOnly on those initial queries to not broadcast the
empty endpoints out to peers. The read results will come a half second
later (or less).

Updates tailscale/corp#557
 4 years ago
Brad Fitzpatrick 105a820622 wgengine/magicsock: skip an endpoint update at start-up 
At startup the client doesn't yet have the DERP map so can't do STUN
queries against DERP servers, so it only knows it local interface
addresses, not its STUN-mapped addresses.

We were reporting the interface-local addresses to control, getting
the DERP map, and then immediately reporting the full set of
updates. That was an extra HTTP request to control, but worse: it was
an extra broadcast from control out to all the peers in the network.

Now, skip the initial update if there are no stun results and we don't
have a DERP map.

More work remains optimizing start-up requests/map updates, but this
is a start.

Updates tailscale/corp#557
 4 years ago
Brad Fitzpatrick 551e1e99e9 net/netns: don't bind to device for localhost connections 
Fixes derphttp test failures on Windows (for #50).
 4 years ago
Brad Fitzpatrick 746f03669c wgengine: fix lazy wireguard config bug when disco keys change 
There was a bug with the lazy wireguard config code where, if the
minimum set of peers to tell wireguard didn't change, we skipped
calling userspaceEngine.updateActivityMapsLocked which updated
the various data structures that matched incoming traffic to later
reconfigure the minimum config.

That meant if an idle peer restarted and changed discovery keys, we
skipped updating our maps of disco keys/IPs that would caused us to
lazily inflate the config for that peer later if/when it did send
traffic.
 4 years ago
Brad Fitzpatrick 2076a50862 wgengine/magicsock: finish a comment sentence that ended prematurely 4 years ago
Brad Fitzpatrick 371f1a9502 go.sum: add a missing entry that Go keeps adding 4 years ago
Alex Brainman f2ce64f0c6 wgengine/router: unfork winipcfg-go package, use upstream 
Use golang.zx2c4.com/wireguard/windows/tunnel/winipcfg
instead of github.com/tailscale/winipcfg-go package.

Updates #760

Signed-off-by: Alex Brainman <alex.brainman@gmail.com>
 4 years ago
Brad Fitzpatrick 515866d7c6 ipn, ipnserver, cmd/tailscale: add "server mode" support on Windows 
This partially (but not yet fully) migrates Windows to tailscaled's
StateStore storage system.

This adds a new bool Pref, ForceDaemon, defined as:

// ForceDaemon specifies whether a platform that normally
// operates in "client mode" (that is, requires an active user
// logged in with the GUI app running) should keep running after the
// GUI ends and/or the user logs out.
//
// The only current applicable platform is Windows. This
// forced Windows to go into "server mode" where Tailscale is
// running even with no users logged in. This might also be
// used for macOS in the future. This setting has no effect
// for Linux/etc, which always operate in daemon mode.

Then, when ForceDaemon becomes true, we now write use the StateStore
to track which user started it in server mode, and store their prefs
under that key.

The ipnserver validates the connections/identities and informs that
LocalBackend which userid is currently in charge.

The GUI can then enable/disable server mode at runtime, without using
the CLI.

But the "tailscale up" CLI was also fixed, so Windows users can use
authkeys or ACL tags, etc.

Updates #275
 4 years ago
Josh Bleecher Snyder d027cd81df tailcfg: restore Roles field to UserProfile 4 years ago
Brad Fitzpatrick 638127530b ipn/ipnserver: prevent use by multiple Windows users, add HTML status page 
It was previously possible for two different Windows users to connect
to the IPN server at once, but it didn't really work. They mostly
stepped on each other's toes and caused chaos.

Now only one can control it, but it can be active for everybody else.

Necessary dependency step for Windows server/headless mode (#275)

While here, finish wiring up the HTTP status page on Windows, now that
all the dependent pieces are available.
 4 years ago