tailscale

Commit Graph

Author	SHA1	Message	Date
David Anderson	8f5b52e571	net/netns: add windows support. Also remove rebinding logic from the windows router. Magicsock will instead rebind based on link change signals. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	3af64765fd	ipn: fix Windows crash from improperly strict assertion	4 years ago
Brad Fitzpatrick	9b07517f18	wgengine: add Engine.SetLinkChangeCallback Start of making the IPN state machine react to link changes and down its DNS & routes if necessary to unblock proxy resolution (e.g. for transitioning from public to corp networks where the corp network has mandatory proxies and WPAD PAC files that can't be resolved while using the DNS/routes configured previously) This change should be a no-op. Just some callback plumbing.	4 years ago
Brad Fitzpatrick	5acbb149a2	ipn/ipnstate: include DNSName in tailscale status --json output	4 years ago
Brad Fitzpatrick	483141094c	cmd/tailscale/cli: add basic 'down' subcommand RELNOTE=yes	4 years ago
Wendi Yu	a3fb422a39	ipn: tag and test for grinder log lines (#711 ) Signed-off-by: Wendi <wendi.yu@yahoo.ca>	4 years ago
Dmytro Shynkevych	a903d6c2ed	tailcfg, tsdns: derive root domains from list of nodes (#708 ) Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Brad Fitzpatrick	84dc891843	cmd/tailscale/cli: add ping subcommand For example: $ tailscale ping -h USAGE ping <hostname-or-IP> FLAGS -c 10 max number of pings to send -stop-once-direct true stop once a direct path is established -verbose false verbose output $ tailscale ping mon.ts.tailscale.com pong from monitoring (100.88.178.64) via DERP(sfo) in 65ms pong from monitoring (100.88.178.64) via DERP(sfo) in 252ms pong from monitoring (100.88.178.64) via [2604:a880:2:d1::36:d001]:41641 in 33ms Fixes #661 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	a275b9d7aa	control/controlclient: use less battery when stopped, stop map requests Updates #604 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Dmytro Shynkevych	934c63115e	ipn: put Magic DNS domains first Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
David Anderson	d64de1ddf7	Revert "cmd/tailscaled: exit gracefully on SIGPIPE" tailscaled receives a SIGPIPE when CLIs disconnect from it. We shouldn't shut down in that case. This reverts commit `43b271cb26`. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
David Anderson	358cd3fd92	ipn: fix incorrect change tracking for packet filter. ORder of operations to trigger a problem: - Start an already authed tailscaled, verify you can ping stuff. - Run `tailscale up`. Notice you can no longer ping stuff. The problem is that `tailscale up` stops the IPN state machine before restarting it, which zeros out the packet filter but _not_ the packet filter hash. Then, upon restarting IPN, the uncleared hash incorrectly makes the code conclude that the filter doesn't need updating, and so we stay with a zero filter (reject everything) for ever. The fix is simply to update the filterHash correctly in all cases, so that running -> stopped -> running correctly changes the filter at every transition. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Dmytro Shynkevych	28e52a0492	all: dns refactor, add Proxied and PerDomain flags from control (#615 ) Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Avery Pennarun	60c00605d3	ipn/setClientStatus: fix inverted prefsChanged check. We need to emit Prefs when it has changed, not when it hasn't. Test is added in our e2e test, separately. Fixes: #620 Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
Dmytro Shynkevych	c7582dc234	ipn: fix netmap change tracking and dns map generation (#609 ) Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Elias Naur	0a42b0a726	ipn: add OSVersion, DeviceModel fields to Prefs and propagate to Hostinfos Needed for Android. Signed-off-by: Elias Naur <mail@eliasnaur.com>	4 years ago
Brad Fitzpatrick	3b0514ef6d	control/controlclient: rename uflags, give it a type, remove dead code	4 years ago
Dmytro Shynkevych	218de6d530	ipn: load hostname in Start. This prevents hostname being forced to os.Hostname despite override when control is contacted for the first time after starting tailscaled. Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Brad Fitzpatrick	de11f90d9d	ipn: remove unused parameter to func LoadPrefs, fix godoc subject	4 years ago
Brad Fitzpatrick	7ba148e54e	cmd/tailscale: make tailscale status -active also filter in -json mode	4 years ago
Dmytro Shynkevych	d9ac2ada45	ipn: add self to dns map Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Dmytro Shynkevych	30bbbe9467	wgengine/router: dns: unify on *BSD, multimode on Linux, Magic DNS (#536 ) Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Elias Naur	6e8f0860af	ipn: add Login backend command for sign-in with token The StartLoginInteractive command is for delegating the sign-in flow to a browser. The Android Gooogle Sign-In SDK inverts the flow by giving the client ID tokens. Add a new backend command for accepting such tokens by exposing the existing controlclient.Client.Login support for OAuth2 tokens. Introduce a custom TokenType to distinguish ID tokens from other OAuth2 tokens. Signed-off-by: Elias Naur <mail@eliasnaur.com>	4 years ago
Dmytro Shynkevych	61abab999e	cmd/tailscaled: graceful shutdown (#534 ) Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Brad Fitzpatrick	a8b95571fb	ipn, control/controlclient: fix some data races More remain. Fixes tailscale/corp#432	4 years ago
Dmytro Shynkevych	67ebba90e1	tsdns: dual resolution mode, IPv6 support (#526 ) This change adds to tsdns the ability to delegate lookups to upstream nameservers. This is crucial for setting Magic DNS as the system resolver. Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Brad Fitzpatrick	6196b7e658	wgengine/magicsock: change API to not permit disco key changes Generate the disco key ourselves and give out the public half instead. Fixes #525	4 years ago
Brad Fitzpatrick	a975e86bb8	wgengine/magicsock: add new endpoint type used for discovery-supporting peers This adds a new magicsock endpoint type only used when both sides support discovery (that is, are advertising a discovery key). Otherwise the old code is used. So far the new code only communicates over DERP as proof that the new code paths are wired up. None of the actually discovery messaging is implemented yet. Support for discovery (generating and advertising a key) are still behind an environment variable for now. Updates #483	4 years ago
Brad Fitzpatrick	fe50cd0c48	ipn, wgengine: plumb NetworkMap down to magicsock Now we can have magicsock make decisions based on tailcfg.Debug settings sent by the server. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	5bc29e7388	ipn: add missing locking in LocalBackend.NetMap Looks like it's only used by tests.	4 years ago
Brad Fitzpatrick	666d404066	ipn: put discovery key generation behind an environment flag for now Later we'll want to use the presence of a discovery key as a signal that the node knows how to participate in discovery. Currently the code generates keys and sends them to the control server but doesn't do anything with them, which is a bad state to stay in lest we release this code and end up with nodes in the future that look like they're functional with the new discovery protocol but aren't. So for now, make this opt-in as a debug option for now, until the rest of it is in. Updates #483	4 years ago
Dmytro Shynkevych	00ca17edf4	ipn: fix race in enterState Signed-Off-By: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Brad Fitzpatrick	53fb25fc2f	all: generate discovery key, plumb it around Not actually used yet. Updates #483	4 years ago
David Anderson	0ecaf7b5ed	control/controlclient: make netmap generation use rate-limited logger.	4 years ago
Dmytro Shynkevych	c12d87c54b	Fix concurrency issues in controlclient, ipn, types/logger (#456 ) Signed-Off-By: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Dmytro Shynkevych	07e02ec9d3	wgengine/tsdns: add test and prevent useless updates (#449 ) Signed-Off-By: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Dmytro Shynkevych	511840b1f6	tsdns: initial implementation of a Tailscale DNS resolver (#396 ) Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Elias Naur	364a8508b2	ipn: add Hostname override to Prefs Overriding the hostname is required for Android, where os.Hostname is often just "localhost". Updates #409 Signed-off-by: Elias Naur <mail@eliasnaur.com>	4 years ago
Avery Pennarun	f0b6ba78e8	wgengine: don't pass nil router.Config objects. These are hard for swift to decode in the iOS app. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
Brad Fitzpatrick	004780b312	ipn: restore LiveDERPs assignment in LocalBackend.parseWgStatus Updates #421 (likely fixes it; need to do an iOS build to be sure)	4 years ago
Avery Pennarun	34c30eaea0	router_linux: use only baseline 'ip rule' features that exist in old kernels. This removes the use of suppress_ifgroup and fwmark "x/y" notation, which are, among other things, not available in busybox and centos6. We also use the return codes from the 'ip' program instead of trying to parse its output. I also had to remove the previous hack that routed all of 100.64.0.0/10 by default, because that would add the /10 route into the 'main' route table instead of the new table 88, which is no good. It was a terrible hack anyway; if we wanted to capture that route, we should have captured it explicitly as a subnet route, not as part of the addr. Note however that this change affects all platforms, so hopefully there won't be any surprises elsewhere. Fixes #405 Updates #320, #144 Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
David Anderson	2b74236567	ipn: move e2e_test back to corp repo. It depends on corp things, so can't run here anyway. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	e6b84f2159	all: make client use server-provided DERP map, add DERP region support Instead of hard-coding the DERP map (except for cmd/tailscale netcheck for now), get it from the control server at runtime. And make the DERP map support multiple nodes per region with clients picking the first one that's available. (The server will balance the order presented to clients for load balancing) This deletes the stunner package, merging it into the netcheck package instead, to minimize all the config hooks that would've been required. Also fix some test flakes & races. Fixes #387 (Don't hard-code the DERP map) Updates #388 (Add DERP region support) Fixes #399 (wgengine: flaky tests) Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
David Anderson	e8b3a5e7a1	wgengine/filter: implement a destination IP pre-filter. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Avery Pennarun	3ed2124356	ipn: Resolve some resource leaks in test. Updates tailscale/corp#255. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
Avery Pennarun	ea8f92b312	ipn/local: get rid of some straggling calls to the log module. Use b.logf() instead. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
David Anderson	c97c45f268	ipn: sprinkle documentation and clarity rewrites through LocalBackend. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Wendi Yu	bb55694c95	wgengine: log node IDs when peers are added/removed (#381 ) Also stop logging data sent/received from nodes we're not connected to (ie all those `x`s being logged in the `peers: ` line) Signed-off-by: Wendi <wendi.yu@yahoo.ca>	4 years ago
David Anderson	0fe262f093	ipn: plumb NetfilterMode all the way out to the CLI. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
David Anderson	292606a975	wgengine/router: support multiple levels of netfilter involvement. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago

1 2 3

105 Commits (8f5b52e5715f9216a3a9574df7ee8576d02c65b1)