Commit Graph

95 Commits (883a11f2a80d7798ca9d64d7238c52ab768493b8)

Author SHA1 Message Date
Brad Fitzpatrick 7a01cd27ca net/netstat: remove some unsafe
Just removing any unnecessary unsafe while auditing unsafe usage for #921.
4 years ago
Brad Fitzpatrick cccdd81441 go.mod: update some deps to get past a wireguard-windows checkptr fix 4 years ago
David Anderson ce45f4f3ff wgengine/filter: inline ip6InList into match.
matchIPsOnly gets 5% slower when inlining, despite significantly reduced
memory ops and slightly tighter code.

Part of #19.

Filter/tcp6_syn_in-8     45.5ns ± 1%    42.4ns ± 2%   -6.86%  (p=0.000 n=10+10)
Filter/udp6_in-8          107ns ± 2%      94ns ± 2%  -11.50%  (p=0.000 n=9+10)

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
chungdaniel e7ac9a4b90
tsweb: refactor JSONHandler to take status code from error if it is present (#905)
This change is to make JSONHandler error handling intuitive, as before there would be two sources of HTTP status code when HTTPErrors were generated: one as the first return value of the handler function, and one nested inside the HTTPError. Previously, it took the first return value as the status code, and ignored the code inside the HTTPError. Now, it should expect the first return value to be 0 if there is an error, and it takes the status code of the HTTPError to set as the response code.

Signed-off-by: Daniel Chung <daniel@tailscale.com>
4 years ago
Brad Fitzpatrick f33da73a82 go.sum: update 4 years ago
Brad Fitzpatrick 371f1a9502 go.sum: add a missing entry that Go keeps adding 4 years ago
Alex Brainman f2ce64f0c6 wgengine/router: unfork winipcfg-go package, use upstream
Use golang.zx2c4.com/wireguard/windows/tunnel/winipcfg
instead of github.com/tailscale/winipcfg-go package.

Updates #760

Signed-off-by: Alex Brainman <alex.brainman@gmail.com>
4 years ago
Avery Pennarun 6332bc5e08 controlclient: print http errors if result code != 200.
Turns out for the particular error I was chasing, it actually returns
200 and zero data. But this code mirrors the same check in the map
poll, and is the right thing to do in the name of future debugging.

Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
4 years ago
Josh Bleecher Snyder a5103a4cae all: upgrade to latest version of depaware 4 years ago
Brad Fitzpatrick 94a68a113b go.sum: tidy 4 years ago
Brad Fitzpatrick ec95e901e6 go.sum: update 4 years ago
Brad Fitzpatrick 56a787fff8 go.mod, go.sum: bump wireguard-go 4 years ago
Christina Wen f0e9dcdc0a
wgengine/router: restore /etc/resolv.conf after tailscale down is called
This change is to restore /etc/resolv.conf after tailscale down is called. This is done by setting the dns.Manager before errors occur. Error collection is also added.

Fixes #723
4 years ago
Brad Fitzpatrick 3aeb2e204c go.mod: bump github.com/tailscale/winipcfg-go for some Windows fixes 4 years ago
Josh Bleecher Snyder 3f4d93feb2 go.mod: bump depaware to get diffs out of -check, again
I had to use

go get -u github.com/tailscale/depaware@e09ee10c18249e4bf198e66bbd47babcd502637a

to force it to the correct version; it kept selecting head~1.

Maybe because the branch is called main instead of master?
Maybe because of some delay?
4 years ago
Josh Bleecher Snyder 41f6c78c53 go.mod: bump depaware to get diffs out of -check 4 years ago
Brad Fitzpatrick 158202dbb1 go mod tidy 4 years ago
Brad Fitzpatrick 22ed3c503e
Add depaware.txt files and GitHub checks. (#745)
See https://github.com/tailscale/depaware

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 82a3721661 go.sum: update 4 years ago
Brad Fitzpatrick f915ab6552 net/tshttpproxy: add start of Kerberos Negotiate auth to proxies on Windows
For now only used by a new cmd/tailscale debug --get-url
subcommand. Not yet wired up to the places making HTTP requests.

Updates tailscale/corp#583
4 years ago
Brad Fitzpatrick c5eb57f4d6 net/tshttpproxy: new package, support WPAD/PAC proxies on Windows
Updates tailscale/corp#553

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
David Anderson 1b5b59231b derp: break down received packets by kind (disco vs. wireguard).
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick 87cbc067c2 cmd/tailscale/cli: validate advertised routes' IP address-vs-network bits
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick b840e7dd5b go mod tidy 4 years ago
Josh Bleecher Snyder 1b27eb431a go.mod: update to newly rebased wireguard-go 4 years ago
Brad Fitzpatrick 84f2320972 go.sum: update 4 years ago
Brad Fitzpatrick 43e2efe441 go mod tidy 4 years ago
Brad Fitzpatrick 648268192b go.mod: bump wireguard-go 4 years ago
Brad Fitzpatrick 7cf50f6c84 go.sum: update 4 years ago
Dmytro Shynkevych 3efc29d39d
go.mod: bump netaddr.
Closes #567.

Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
4 years ago
Brad Fitzpatrick cdfea347d0 wgengine: update for tailscale/wireguard-go API changes
* update to new HandshakeDone signature
* use new Device.IpcGetOperationFiltered call to avoid sending allowed_ips

See dd6c1c8fe1
4 years ago
Dmytro Shynkevych 30bbbe9467
wgengine/router: dns: unify on *BSD, multimode on Linux, Magic DNS (#536)
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
4 years ago
Brad Fitzpatrick 6c74065053 wgengine/magicsock, tstest/natlab: start hooking up natlab to magicsock
Also adds ephemeral port support to natlab.

Work in progress.

Pairing with @danderson.
4 years ago
Brad Fitzpatrick edcbb5394e go.sum: update 4 years ago
Dmytro Shynkevych 21d1dbfce0 wgengine/tsdns: local DNS server for testing
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
4 years ago
Dmytro Shynkevych 67ebba90e1
tsdns: dual resolution mode, IPv6 support (#526)
This change adds to tsdns the ability to delegate lookups to upstream nameservers.
This is crucial for setting Magic DNS as the system resolver.

Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
4 years ago
Brad Fitzpatrick 32156330a8 net/interfaces: add func LikelyHomeRouterIP
For discovering where we might direct NAT-PMP/PCP/UPnP queries at in
the future.
4 years ago
Brad Fitzpatrick b9a95e6ce1 go.sum: add missing lines 4 years ago
Brad Fitzpatrick 7883e5c5e7 go.mod: restore staticcheck module, make it stick around, go mod tidy
It kept coming & going as different people ran go mod tidy and others
ran staticcheck.

Make it stop going away with go mod tidy by adding a dep to it.
4 years ago
David Anderson 9cd4e65191 smallzstd: new package that constructs zstd small encoders/decoders.
It's just a config wrapper that passes "use less memory at the
expense of compression" parameters by default, so that we don't
accidentally construct resource-hungry (de)compressors.

Also includes a benchmark that measures the memory cost of the
small variants vs. the stock variants. The savings are significant
on both compressors (~8x less memory) and decompressors (~1.4x less,
not including the savings from the significantly smaller
window on the compression side - with those savings included it's
more like ~140x smaller).

BenchmarkSmallEncoder-8            	   56174	     19354 ns/op	      31 B/op	       0 allocs/op
BenchmarkSmallEncoderWithBuild-8   	    2900	    382940 ns/op	 1746547 B/op	      36 allocs/op
BenchmarkStockEncoder-8            	   48921	     25761 ns/op	     286 B/op	       0 allocs/op
BenchmarkStockEncoderWithBuild-8   	     426	   2630241 ns/op	13843842 B/op	     124 allocs/op
BenchmarkSmallDecoder-8            	  123814	      9344 ns/op	       0 B/op	       0 allocs/op
BenchmarkSmallDecoderWithBuild-8   	   41547	     27455 ns/op	   27694 B/op	      31 allocs/op
BenchmarkStockDecoder-8            	  129832	      9417 ns/op	       1 B/op	       0 allocs/op
BenchmarkStockDecoderWithBuild-8   	   25561	     51751 ns/op	   39607 B/op	      92 allocs/op

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick a477e70632 tstest/natlab: network address allocation
Pairing with @danderson
4 years ago
Brad Fitzpatrick 77d3ef36f4 wgengine/magicsock: hook up discovery messages, upgrade to LAN works
Ping messages now go out somewhat regularly, pong replies are sent,
and pong replies are now partially handled enough to upgrade off DERP
to LAN.

CallMeMaybe packets are sent & received over DERP, but aren't yet
handled. That's next (and regular maintenance timers), and then WAN
should work.

Updates #483
4 years ago
Brad Fitzpatrick 9b8ca219a1 wgengine/magicsock: remove allocs in UDP write, use new netaddr.PutUDPAddr
The allocs were only introduced yesterday with a TODO. Now they're gone again.
4 years ago
Brad Fitzpatrick eb4eb34f37 disco: new package for parsing & marshaling discovery messages
Updates #483
4 years ago
Brad Fitzpatrick d9054da86a wgengine: disambiguate Reconfig logging paths 5 years ago
Brad Fitzpatrick 6757c990a8 Fix staticcheck warning, add Makefile with staticcheck targets, lock in staticcheck version in go.mod 5 years ago
Brad Fitzpatrick 722673f307 Update go4.org/mem, adjust to revised API. 5 years ago
Brad Fitzpatrick c5495288a6 Bump inet.af/netaddr dep for FromStdIP behavior change I want to depend on. 5 years ago
Brad Fitzpatrick e6b84f2159 all: make client use server-provided DERP map, add DERP region support
Instead of hard-coding the DERP map (except for cmd/tailscale netcheck
for now), get it from the control server at runtime.

And make the DERP map support multiple nodes per region with clients
picking the first one that's available. (The server will balance the
order presented to clients for load balancing)

This deletes the stunner package, merging it into the netcheck package
instead, to minimize all the config hooks that would've been
required.

Also fix some test flakes & races.

Fixes #387 (Don't hard-code the DERP map)
Updates #388 (Add DERP region support)
Fixes #399 (wgengine: flaky tests)

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 35a8586f7e go.sum: go mod tidy 5 years ago