Commit Graph

1450 Commits (4c8ccd6dd623089e1934a9d2f9fe44e1ea8a97b3)
 

Author SHA1 Message Date
Josh Bleecher Snyder e98f2c57d6 tsweb: add StdHandlerOpts that accepts an options struct
I'm about to add yet another StdHandler option.
Time to refactor.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
4 years ago
Elias Naur eab6e9ea4e ipn: don't temporarilySetMachineKeyInPersist for Android clients
Without this change, newly installed Android clients crash on startup
with

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x9881b9f8]

goroutine 29 [running]:
tailscale.com/ipn.(*LocalBackend).initMachineKeyLocked.func1(0x50cb1b9c, 0x503c9a00)
	/home/elias/proj/tailscale/ipn/local.go:711 +0x2c
tailscale.com/ipn.(*LocalBackend).initMachineKeyLocked(0x503c9a00, 0x0, 0x0)
	/home/elias/proj/tailscale/ipn/local.go:736 +0x728
tailscale.com/ipn.(*LocalBackend).loadStateLocked(0x503c9a00, 0x988be40e, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0)
	/home/elias/proj/tailscale/ipn/local.go:817 +0x1e8
tailscale.com/ipn.(*LocalBackend).Start(0x503c9a00, 0x0, 0x0, 0x988be40e, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
	/home/elias/proj/tailscale/ipn/local.go:412 +0x200
main.(*backend).Start(...)
	/home/elias/proj/tailscale-android/cmd/tailscale/backend.go:116
main.(*App).runBackend.func3(0x50106340, 0x5000c060, 0x50d9a280)
	/home/elias/proj/tailscale-android/cmd/tailscale/main.go:169 +0x90
created by main.(*App).runBackend
	/home/elias/proj/tailscale-android/cmd/tailscale/main.go:168 +0x27c

Signed-off-by: Elias Naur <mail@eliasnaur.com>
4 years ago
David Anderson 68ddf134d7 wgengine/router/dns: issue ipconfig /registerdns when applying DNS settings.
Amazingly, there doesn't seem to be a documented way of updating network
configuration programmatically in a way that Windows takes notice of.
The naturopathic remedy for this is to invoke ipconfig /registerdns, which
does a variety of harmless things and also invokes the private API that
tells windows to notice new adapter settings. This makes our DNS config
changes stick within a few seconds of us setting them.

If we're invoking a shell command anyway, why futz with the registry at
all? Because netsh has no command for changing the DNS suffix list, and
its commands for setting resolvers requires parsing its output and
keeping track of which server is in what index. Amazingly, twiddling
the registry directly is the less painful option.

Fixes #853.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick 7e1a146e6c cmd/tailscaled: update depaware.txt 4 years ago
Brad Fitzpatrick 2b819ab38c ipn: don't log redundant peer stats so often
It was especially bad on our GUI platforms with a frontend that polls it.

No need to log it every few seconds if it's unchanged. Make it slightly
less allocate-y while I'm here.
4 years ago
Brad Fitzpatrick 8b904b1493 types/logger: fix LogOnChange to pass through format/args to underlying logger
So they don't get interpretted as a format pattern or get rate-limited away
in the wrong way.
4 years ago
Brad Fitzpatrick ff7ddd9d20 ipn/ipnserver: move Windows local disk logging up to the parent process
To capture panics, log.Printf writes to os.Stderr, etc.

Fixes #726
4 years ago
Brad Fitzpatrick 420838f90e log/filelogger: move our Windows disk file writing+rotation package here
It's still Windows-only for now but it's easy to de-Windows-ify when needed.

Moving it out of corp repo and into tailscale/tailscale so we can use
it in ipnserver.BabysitProc.

Updates #726
4 years ago
Brad Fitzpatrick 508f5c3ae0 wgengine/router: fix bug where getInterfaceRoutes always returned an empty list
Regression from f2ce64f0c6 (r43710860)

Fixes #870
4 years ago
Brad Fitzpatrick 38bde61b3d wgengine/router: make Windows firewall configuration async
Updating the Windows firewall is usually reasonably fast, but
sometimes blocks for 20 seconds, 4 minutes, etc. Not sure why.

Until we understand that's happening, configure it in the background
without blocking the normal control flow.

Updates #785

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick c64718e9a0 ipn/ipnserver: work around os/user.LookupId failure on Windows
If we can't find the mapping from SID ("user ID") -> username, don't
treat that as a fatal. Apparently that happens in the wild for Reasons.
Ignore it for now. It's just a nice-to-have for error messages in the
rare multi-user case.

Updates #869

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
David Anderson 09721fede8 version: fix documentation. 4 years ago
David Anderson 54e6c3a290 version: use OSS repo's version when building.
When building with redo, also include the git commit hash
from the proprietary repo, so that we have a precise commit
that identifies all build info (including Go toolchain version).

Add a top-level build script demonstrating to downstream distros
how to burn the right information into builds.

Adjust `tailscale version` to print commit hashes when available.

Fixes #841.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick a1ccaa9658 .github/workflows: add tests on Windows
Fixes #50

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 4a92fc9dc5 portlist: fix tests on Windows when not running as Administrator
Updates #50
4 years ago
Brad Fitzpatrick 7ac91c15bd net/netcheck: fix tests on Windows
Updates #50
4 years ago
Brad Fitzpatrick fd2a30cd32 wgengine/magicsock: make test pass on Windows and without firewall dialog box
Updates #50
4 years ago
Brad Fitzpatrick cd07437ade cmd/tailscale/cli, tailcfg: allow tag without "tag:" prefix in 'tailscale up'
Fixes #861
4 years ago
Brad Fitzpatrick d6ad41dcea ipn: send machine key to clients so they can downgrade to 1.0.x if needed
Fixes #732

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick e72f480d22 ipn: convert an int to a bool 4 years ago
Brad Fitzpatrick a3f17b8108 control/controlclient: also log active account in netmaps
Updates tailscale/corp#461
4 years ago
Brad Fitzpatrick 999bc93a4d ipn: log active account on change
Updates tailscale/corp#461
4 years ago
Brad Fitzpatrick 66d196326f ipn: rename 'new' variable to 'newp'
Both to avoid shadowing new and because new is a little vague for such
a long method handling multiple new & old things.
4 years ago
Brad Fitzpatrick 5b1d03f016 control/controlclient: remove prior temporary macos debugging
It was an x/net/http2 bug, since fixed.
4 years ago
Brad Fitzpatrick f33da73a82 go.sum: update 4 years ago
Alex Brainman 311899709b version: skip TestMkversion on windows
TestMkversion requires UNIX shell to run mkversion.sh. No such shell
is present on Windows. Just skip the test.

Updates #50

Signed-off-by: Alex Brainman <alex.brainman@gmail.com>
4 years ago
David Anderson 3d34128171 go.mod: update to new wireguard-go. 4 years ago
Brad Fitzpatrick 4f55ebf2d9 tailcfg: add some comments, remove some redundant types in literal 4 years ago
Brad Fitzpatrick c44e244276 control/controlclient: add some temporary debugging for #839 4 years ago
Brad Fitzpatrick 9957c45995 tailcfg: bump, document MapRequest.Version value
Fixes tailscale/corp#634

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 3909c82f3d control/controlclient: rename map debug knob, make it do both request+response
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 6b1d2a5630 ipn: don't set DebugFlags to len 1 slice of empty string [""]
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 691f1d5c1d types/flagtype: fix bug showing the default port value (shown in --help) 4 years ago
David Anderson 62d941dc26 tailcfg: add a DebugFlags field for experiments and debugging.
Also replaces the IPv6Overlay bool with use of DebugFlags, since
it's currently an experimental configuration.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick ac866054c7 wgengine/magicsock: add a backoff on DERP reconnects
Fixes #808
4 years ago
Brad Fitzpatrick 22024a38c3 control/controlclient: log Hostinfo on change
Fixes #830

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 7c8ca28c74 ipn: use cmd/cloner for Prefs.Clone
Also, make cmd/cloner's top-level "func Clone" generation opt-in.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 6cc6e251a9 logpolicy: add debug knob to force logging time to terminal 4 years ago
Brad Fitzpatrick 86c271caba types/logger: move RusagePrefixLog to logger package, disable by default
The RusagePrefixLog is rarely useful, hasn't been useful in a long
time, is rarely the measurement we need, and is pretty spammy (and
syscall-heavy). Disable it by default. We can enable it when we're
debugging memory.
4 years ago
David Anderson ff0cf6340a wgengine/router: fix configuration of loopback netfilter rules for v6.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 5c35c35e7f tsaddr: add helpers for the Tailscale IPv6 range, and 4to6 conversion.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson c6dbd24f67 tailcfg: add a field to advertise support for IPv6 tailscale config.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick 7a2a3955d3 logtail/filch: skip a broken test on Windows
Add a TODO with some notes about why it's skipped for now.

Updates #50
4 years ago
Brad Fitzpatrick a6c34bdc28 control/controlclient: also include our own profile (for when no self-owned peers)
Fix from regression in previous commit
(0e3048d8e0) that was caught by e2e
tests.

In that previous commit, the user's own profile was omitted from the
NetworkMap in the case where the user only had one node.
4 years ago
Brad Fitzpatrick 0e3048d8e0 control/controlclient: support delta userprofiles from control
I was going to make support for this advertised from the client, but
turns out only "tailscale status" even uses the UserProfiles field and
fails gracefully (omits that field) if a user profile for a user is
missing, so I think we can just reuse the DeltaPeers field from the
client to ask the control server to also delta encode the user
profiles.

For the few users running 1.1.x (unstable) versions between DeltaPeers
support (1.1.82) and this (~1.1.541), they'll just sometimes have
missing names in "tailscale status --json" or "tailscale status --web"
(the only places the UserProfile is used).
4 years ago
Brad Fitzpatrick 82f2fdc194 control/controlclient: adjust some logging point names
The previous code read too explicitly like log.Printf("I am here1"),
log.Printf("I am here2"). It still is with this change, but prettier, and
less subject to code rearranging order.
4 years ago
Brad Fitzpatrick 1fd9958e9d ipn: wait for initial portpoll result before starting controlclient
We were creating the controlclient and starting the portpoll concurrently,
which frequently resulted in the first controlclient connection being canceled
by the firsdt portpoll result ~milliseconds later, resulting in another
HTTP request.

Instead, wait a bit for the first portpoll result so it's much less likely to
interrupt our controlclient connection.

Updates tailscale/corp#557
4 years ago
Brad Fitzpatrick 1819f6f8c8 control/controlclient: set MapRequest.ReadOnly on initial empty endpoint request
On startup, clients do a MapRequest with empty endpoints while they
learn the DERP map to discover the STUN servers they then query to
learn their endpoints.

Set MapRequest.ReadOnly on those initial queries to not broadcast the
empty endpoints out to peers. The read results will come a half second
later (or less).

Updates tailscale/corp#557
4 years ago
Brad Fitzpatrick 105a820622 wgengine/magicsock: skip an endpoint update at start-up
At startup the client doesn't yet have the DERP map so can't do STUN
queries against DERP servers, so it only knows it local interface
addresses, not its STUN-mapped addresses.

We were reporting the interface-local addresses to control, getting
the DERP map, and then immediately reporting the full set of
updates. That was an extra HTTP request to control, but worse: it was
an extra broadcast from control out to all the peers in the network.

Now, skip the initial update if there are no stun results and we don't
have a DERP map.

More work remains optimizing start-up requests/map updates, but this
is a start.

Updates tailscale/corp#557
4 years ago
Brad Fitzpatrick 551e1e99e9 net/netns: don't bind to device for localhost connections
Fixes derphttp test failures on Windows (for #50).
4 years ago